Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C356/671B7DA6401D11EB8E0CCB5EC4F9AE02/68894B22402811EB91B49250C4F9AE02.roa
File: 68894B22402811EB91B49250C4F9AE02.roa (raw, json)
Hash identifier: IQPXsBjrCF2xQwF3Cbjloney1bFO9XCueS1DA232hlU=
Subject key identifier: 88:D0:FD:8B:60:A2:2D:B3:58:AD:B1:A3:0F:9A:BC:AC:98:1E:E4:9B
Certificate issuer: /CN=A911C356/serialNumber=6ADE0ED742D8C5AFA1333B90358C06B3FE876883
Certificate serial: 06CC
Authority key identifier: 6A:DE:0E:D7:42:D8:C5:AF:A1:33:3B:90:35:8C:06:B3:FE:87:68:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/at4O10LYxa-hMzuQNYwGs_6HaIM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C356/671B7DA6401D11EB8E0CCB5EC4F9AE02/68894B22402811EB91B49250C4F9AE02.roa
Signing time: Tue 31 Dec 2024 21:51:07 +0000
ROA not before: Tue 31 Dec 2024 21:51:07 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 24068
IP address blocks: 202.133.81.0/24 maxlen: 24
202.133.82.0/24 maxlen: 24
202.133.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911C356/671B7DA6401D11EB8E0CCB5EC4F9AE02/at4O10LYxa-hMzuQNYwGs_6HaIM.crl
rsync://rpki.apnic.net/member_repository/A911C356/671B7DA6401D11EB8E0CCB5EC4F9AE02/at4O10LYxa-hMzuQNYwGs_6HaIM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/at4O10LYxa-hMzuQNYwGs_6HaIM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 21:39:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1740 (0x6cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C356, serialNumber=6ADE0ED742D8C5AFA1333B90358C06B3FE876883
Validity
Not Before: Dec 31 21:51:07 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6774674a-7ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:06:fe:46:e9:b9:1e:91:75:2d:28:9b:13:2d:
60:48:2a:e4:9d:37:c5:d5:00:e0:a1:1c:87:11:63:
99:b0:e5:aa:6b:90:87:9b:10:c7:b6:20:d1:cb:5f:
08:7b:b8:b1:8c:a7:cd:fa:66:e8:57:6c:70:be:d1:
8d:c5:d6:8d:ce:54:de:7c:06:29:1a:71:e6:e1:87:
b4:ab:27:1a:51:8a:49:ba:f1:f1:e9:ba:78:05:bc:
c9:4d:3e:5e:ea:b7:8f:3b:fb:7c:ea:41:66:87:a3:
52:89:6e:a9:7c:ae:30:e6:ec:17:46:e6:40:23:dc:
98:ff:ed:7b:b3:d3:42:1f:01:cf:9d:a9:66:f5:59:
90:51:1b:41:51:1d:5d:39:ab:b7:6c:31:fb:ac:1a:
fb:b6:cf:ab:ed:fc:c2:3a:0d:95:f7:ce:ea:10:96:
90:21:fe:e7:70:fc:c7:3b:08:80:a4:da:ac:f4:a2:
7c:17:85:48:bb:08:c0:ec:a4:36:f5:33:6c:e5:bc:
0f:1a:8b:77:7c:86:ae:5a:69:96:98:6f:6e:a9:26:
a1:d6:a5:fd:40:61:1f:35:06:15:2c:db:e1:e9:d8:
8a:59:05:06:5c:44:b9:ea:11:12:22:f8:ea:b9:ef:
72:fc:a1:1e:21:90:6d:f7:b8:f6:79:8d:70:5b:b4:
82:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D0:FD:8B:60:A2:2D:B3:58:AD:B1:A3:0F:9A:BC:AC:98:1E:E4:9B
X509v3 Authority Key Identifier:
keyid:6A:DE:0E:D7:42:D8:C5:AF:A1:33:3B:90:35:8C:06:B3:FE:87:68:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C356/671B7DA6401D11EB8E0CCB5EC4F9AE02/at4O10LYxa-hMzuQNYwGs_6HaIM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/at4O10LYxa-hMzuQNYwGs_6HaIM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C356/671B7DA6401D11EB8E0CCB5EC4F9AE02/68894B22402811EB91B49250C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.133.81.0-202.133.83.255
Signature Algorithm: sha256WithRSAEncryption
db:a5:8d:a6:99:8a:de:52:c9:1b:d7:1c:f6:9f:19:38:1f:2e:
be:2b:51:02:d2:14:b9:89:33:0b:6b:9b:35:4a:27:f2:9d:25:
31:2a:fa:3d:58:0f:d7:5b:9f:93:f1:cf:11:c2:da:9a:d6:5e:
64:1a:14:39:40:1a:ff:59:95:1d:56:1b:b8:ef:02:78:6a:49:
fb:5e:2a:e5:8d:db:c3:4d:7a:25:bf:dc:a0:5e:88:b8:20:a4:
70:bc:67:39:80:d1:2d:71:ab:1b:6f:20:43:72:65:0f:09:17:
91:f5:e0:c6:56:6e:bd:76:e8:04:91:c3:65:1d:67:54:ca:4d:
e0:17:31:da:f7:4a:a3:2a:3d:e0:73:22:73:09:eb:cf:0e:39:
8c:32:c0:15:c6:12:cb:62:47:66:ff:bf:e0:22:36:9e:36:e2:
16:73:64:a8:37:bd:fc:05:aa:25:be:09:05:82:3f:a9:42:fd:
3f:be:73:02:36:f6:a9:3d:92:9b:02:66:ce:97:6a:64:d0:e1:
7a:85:f3:53:be:9d:97:0d:94:5f:5f:8d:94:87:d2:39:10:53:
10:f7:30:3a:e7:bd:86:e8:ba:f3:e4:a4:53:60:8b:1e:c5:d2:
b3:81:eb:56:56:2e:49:4c:c1:d0:e8:7b:37:8c:94:68:de:a3:
6c:5f:82:43
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBswwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMzNTYxMTAvBgNVBAUTKDZBREUwRUQ3NDJEOEM1QUZBMTMzM0I5MDM1OEMwNkIz
RkU4NzY4ODMwHhcNMjQxMjMxMjE1MTA3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0Njc0YS03Y2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwgb+Rum5HpF1LSibEy1gSCrknTfF1QDgoRyHEWOZsOWqa5CHmxDHtiDRy18I
e7ixjKfN+mboV2xwvtGNxdaNzlTefAYpGnHm4Ye0qycaUYpJuvHx6bp4BbzJTT5e
6rePO/t86kFmh6NSiW6pfK4w5uwXRuZAI9yY/+17s9NCHwHPnalm9VmQURtBUR1d
Oau3bDH7rBr7ts+r7fzCOg2V987qEJaQIf7ncPzHOwiApNqs9KJ8F4VIuwjA7KQ2
9TNs5bwPGot3fIauWmmWmG9uqSah1qX9QGEfNQYVLNvh6diKWQUGXES56hESIvjq
ue9y/KEeIZBt97j2eY1wW7SCywIDAQABo4ICnTCCApkwHQYDVR0OBBYEFIjQ/Ytg
oi2zWK2xow+avKyYHuSbMB8GA1UdIwQYMBaAFGreDtdC2MWvoTM7kDWMBrP+h2iD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzM1Ni82NzFCN0RBNjQw
MUQxMUVCOEUwQ0NCNUVDNEY5QUUwMi9hdDRPMTBMWXhhLWhNenVRTll3R3NfNkhh
SU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2F0NE8xMExZeGEtaE16dVFOWXdHc182SGFJTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMzNTYvNjcxQjdEQTY0MDFEMTFFQjhFMENDQjVFQzRGOUFFMDIvNjg4OTRCMjI0
MDI4MTFFQjkxQjQ5MjUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAMqFUQMEAsqFUDANBgkqhkiG9w0BAQsFAAOCAQEA26WN
ppmK3lLJG9cc9p8ZOB8uvitRAtIUuYkzC2ubNUon8p0lMSr6PVgP11ufk/HPEcLa
mtZeZBoUOUAa/1mVHVYbuO8CeGpJ+14q5Y3bw016Jb/coF6IuCCkcLxnOYDRLXGr
G28gQ3JlDwkXkfXgxlZuvXboBJHDZR1nVMpN4Bcx2vdKoyo94HMicwnrzw45jDLA
FcYSy2JHZv+/4CI2njbiFnNkqDe9/AWqJb4JBYI/qUL9P75zAjb2qT2SmwJmzpdq
ZNDheoXzU76dlw2UX1+NlIfSORBTEPcwOue9hui68+SkU2CLHsXSs4HrVlYuSUzB
0Oh7N4yUaN6jbF+CQw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 05:53:01 2025 by rpki-client