Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911EA27/6A8BD08C446F11ED9095D565C4F9AE02/3F2E65045F0811EDB42DC97FC4F9AE02.roa
File: 3F2E65045F0811EDB42DC97FC4F9AE02.roa (raw, json)
Hash identifier: IgAv5ZJEhwoH7uEYAUCxosir/fX/9UUdUT7CtlM0EKU=
Subject key identifier: FF:D4:39:45:8F:FC:7B:8F:18:32:58:24:92:21:6D:66:C1:62:11:F9
Certificate issuer: /CN=A911EA27/serialNumber=BC862141309716C0E4DC37DFFF33E5AB0C554AD0
Certificate serial: 017E
Authority key identifier: BC:86:21:41:30:97:16:C0:E4:DC:37:DF:FF:33:E5:AB:0C:55:4A:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vIYhQTCXFsDk3Dff_zPlqwxVStA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911EA27/6A8BD08C446F11ED9095D565C4F9AE02/3F2E65045F0811EDB42DC97FC4F9AE02.roa
Signing time: Thu 03 Oct 2024 02:36:55 +0000
ROA not before: Thu 03 Oct 2024 02:36:55 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 150314
IP address blocks: 2001:df1:48c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911EA27/6A8BD08C446F11ED9095D565C4F9AE02/vIYhQTCXFsDk3Dff_zPlqwxVStA.crl
rsync://rpki.apnic.net/member_repository/A911EA27/6A8BD08C446F11ED9095D565C4F9AE02/vIYhQTCXFsDk3Dff_zPlqwxVStA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vIYhQTCXFsDk3Dff_zPlqwxVStA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 01:49:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 382 (0x17e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911EA27
Validity
Not Before: Oct 3 02:36:55 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=66fe0346-7ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:67:55:4f:9a:d9:56:65:d9:e4:0e:17:81:9f:
20:30:a9:33:7e:57:fa:c7:5d:97:c9:91:15:a5:1b:
98:b3:22:df:ce:69:85:c6:4b:54:36:c6:b4:82:c0:
d9:f3:cb:91:d5:14:48:a1:f8:22:77:b9:47:6d:e7:
06:dc:32:bd:7f:1e:9e:8a:5b:0a:9d:fe:2f:b3:1f:
1c:a0:f6:3d:e1:05:b9:94:47:6f:7e:2b:04:d9:97:
dc:5b:be:ec:bd:43:4e:a1:c0:79:08:27:02:df:55:
cd:4f:1b:fa:93:45:7d:18:d8:8d:2c:3e:d2:9b:0c:
59:8c:d8:98:58:0b:42:5c:ef:36:78:43:74:af:5f:
40:7e:01:98:e9:3e:3a:13:f3:0d:e4:59:04:c6:9c:
cd:55:fb:ca:2e:a9:34:15:36:93:47:48:53:f0:c8:
a4:1c:71:8f:ea:16:d6:a3:75:9c:c0:3d:a8:f4:ba:
01:18:67:af:bf:d7:38:43:49:ea:32:62:06:c0:fd:
ea:4e:5b:1c:f2:2c:cf:67:35:04:4b:45:a5:ce:f8:
ec:9f:b6:56:e7:b7:14:0b:44:72:15:ff:1f:b5:33:
f7:5f:36:07:82:f5:6a:44:b3:82:7c:ad:3c:55:c4:
49:51:23:6c:38:b7:28:c5:30:5a:51:d4:a2:95:a2:
fe:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:D4:39:45:8F:FC:7B:8F:18:32:58:24:92:21:6D:66:C1:62:11:F9
X509v3 Authority Key Identifier:
keyid:BC:86:21:41:30:97:16:C0:E4:DC:37:DF:FF:33:E5:AB:0C:55:4A:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911EA27/6A8BD08C446F11ED9095D565C4F9AE02/vIYhQTCXFsDk3Dff_zPlqwxVStA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vIYhQTCXFsDk3Dff_zPlqwxVStA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911EA27/6A8BD08C446F11ED9095D565C4F9AE02/3F2E65045F0811EDB42DC97FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df1:48c0::/48
Signature Algorithm: sha256WithRSAEncryption
12:83:e3:12:e4:e3:4a:30:38:be:27:3d:c8:d2:64:36:d6:6e:
3b:d0:21:e5:98:f1:77:e5:e4:38:85:78:d1:44:63:ad:61:2d:
95:51:92:5e:f7:22:bd:c8:02:b9:9a:df:7a:15:07:1a:cd:08:
4b:f7:3e:85:8a:63:d9:84:db:c0:c2:cf:a0:fe:c8:96:44:1b:
af:fd:41:c6:74:44:91:01:1c:71:81:fe:dd:06:74:d7:0e:c3:
c1:02:dc:ff:18:8f:07:87:ef:e5:af:79:d2:ba:95:27:79:b9:
4d:88:03:f2:38:ac:bd:0a:b8:af:60:97:b9:64:2d:25:ad:90:
71:0a:5b:40:93:ca:74:c3:2a:ec:eb:68:1e:e0:fc:90:1f:09:
d4:f8:dc:cb:1c:88:86:1a:c1:84:f6:46:57:6a:7e:af:90:e6:
82:ae:bb:eb:a8:30:29:e2:c6:de:5e:f8:55:01:83:48:a4:95:
b1:31:8a:9f:70:71:6b:d9:15:a6:ed:ff:12:ba:70:98:23:21:
b3:e5:c6:6c:0f:fc:98:c9:8b:08:57:b9:11:2c:16:4c:c6:58:
e5:20:a5:b9:8e:5d:95:08:aa:7d:d4:bf:a9:8a:40:73:3c:08:
3b:0d:6b:56:e1:1d:2c:3b:52:f5:a5:7d:2a:9d:d0:0d:17:7c:
0b:62:b0:38
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAX4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUVBMjcxMTAvBgNVBAUTKEJDODYyMTQxMzA5NzE2QzBFNERDMzdERkZGMzNFNUFC
MEM1NTRBRDAwHhcNMjQxMDAzMDIzNjU1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZlMDM0Ni03ZmY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwmdVT5rZVmXZ5A4XgZ8gMKkzflf6x12XyZEVpRuYsyLfzmmFxktUNsa0gsDZ
88uR1RRIofgid7lHbecG3DK9fx6eilsKnf4vsx8coPY94QW5lEdvfisE2ZfcW77s
vUNOocB5CCcC31XNTxv6k0V9GNiNLD7SmwxZjNiYWAtCXO82eEN0r19AfgGY6T46
E/MN5FkExpzNVfvKLqk0FTaTR0hT8MikHHGP6hbWo3WcwD2o9LoBGGevv9c4Q0nq
MmIGwP3qTlsc8izPZzUES0Wlzvjsn7ZW57cUC0RyFf8ftTP3XzYHgvVqRLOCfK08
VcRJUSNsOLcoxTBaUdSilaL+dwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFP/UOUWP
/HuPGDJYJJIhbWbBYhH5MB8GA1UdIwQYMBaAFLyGIUEwlxbA5Nw33/8z5asMVUrQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRUEyNy82QThCRDA4QzQ0
NkYxMUVEOTA5NUQ1NjVDNEY5QUUwMi92SVloUVRDWEZzRGszRGZmX3pQbHF3eFZT
dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZJWWhRVENYRnNEazNEZmZfelBscXd4VlN0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUVBMjcvNkE4QkQwOEM0NDZGMTFFRDkwOTVENTY1QzRGOUFFMDIvM0YyRTY1MDQ1
RjA4MTFFREI0MkRDOTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3xSMAwDQYJKoZIhvcNAQELBQADggEBABKD4xLk40ow
OL4nPcjSZDbWbjvQIeWY8Xfl5DiFeNFEY61hLZVRkl73Ir3IArma33oVBxrNCEv3
PoWKY9mE28DCz6D+yJZEG6/9QcZ0RJEBHHGB/t0GdNcOw8EC3P8YjweH7+WvedK6
lSd5uU2IA/I4rL0KuK9gl7lkLSWtkHEKW0CTynTDKuzraB7g/JAfCdT43MsciIYa
wYT2Rldqfq+Q5oKuu+uoMCnixt5e+FUBg0iklbExip9wcWvZFabt/xK6cJgjIbPl
xmwP/JjJiwhXuREsFkzGWOUgpbmOXZUIqn3Uv6mKQHM8CDsNa1bhHSw7UvWlfSqd
0A0XfAtisDg=
-----END CERTIFICATE-----
Generated at Fri Apr 11 07:01:47 2025 by rpki-client