Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/3E9F53C0A57711EAB2F52B2CC4F9AE02.roa
File: 3E9F53C0A57711EAB2F52B2CC4F9AE02.roa (raw, json)
Hash identifier: e7zDDov11JCBn6iOfgz7E7SYErzUY0Kc8T1oGkGpfCQ=
Subject key identifier: 06:08:B0:BA:06:E8:9A:CB:1F:2C:32:8D:84:94:D9:72:5A:BC:89:DA
Certificate issuer: /CN=A9129E3A/serialNumber=5A96D4EC3D352494D9239D52AF35AC104DA12F9D
Certificate serial: 34B6
Authority key identifier: 5A:96:D4:EC:3D:35:24:94:D9:23:9D:52:AF:35:AC:10:4D:A1:2F:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WpbU7D01JJTZI51SrzWsEE2hL50.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/3E9F53C0A57711EAB2F52B2CC4F9AE02.roa
Signing time: Fri 24 Jan 2025 14:50:28 +0000
ROA not before: Fri 24 Jan 2025 14:50:28 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 131600
IP address blocks: 202.3.184.0/24 maxlen: 24
202.153.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/WpbU7D01JJTZI51SrzWsEE2hL50.crl
rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/WpbU7D01JJTZI51SrzWsEE2hL50.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WpbU7D01JJTZI51SrzWsEE2hL50.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 14:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13494 (0x34b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129E3A
Validity
Not Before: Jan 24 14:50:28 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6793a8b4-7b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d6:96:77:ba:85:d9:fb:38:27:06:e0:33:78:
c3:07:3c:e9:92:af:cb:43:0a:78:fa:26:29:c9:01:
de:d8:21:f2:17:32:f3:b0:f6:3b:09:27:c3:53:49:
10:08:1a:04:63:e7:60:08:08:cf:34:c7:7d:b7:00:
e1:c4:96:78:9e:10:72:33:67:4b:1c:fa:59:f3:54:
a0:65:a3:25:24:c5:6f:8d:49:90:8c:d0:9c:c2:9f:
46:c2:24:8b:a2:27:d4:fa:4e:2d:38:e2:6c:57:d4:
bc:8b:d6:b1:c4:e0:31:cd:99:2a:a6:9d:fc:20:bb:
cb:a1:cf:df:75:c4:8a:11:be:e9:d5:13:e2:b4:8f:
ff:22:8f:c8:21:05:7f:19:82:c5:b2:46:3d:94:c3:
71:ff:1b:2b:5c:42:b6:d3:91:ac:10:fa:eb:e6:21:
72:fb:b9:f6:d3:13:4f:56:bf:8f:19:22:e6:7b:ef:
5d:9a:e0:08:52:83:3d:a8:1a:b5:e1:39:36:ee:d0:
bd:2d:5d:38:4f:8c:bc:b7:75:99:12:b2:26:5e:6a:
33:b0:64:61:dc:36:b7:2b:10:9d:b4:98:13:d5:b7:
bb:90:57:1c:33:81:e9:00:eb:99:93:a3:55:03:03:
2d:4a:6c:bd:80:d5:e2:2e:fe:21:21:db:03:13:3d:
19:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:08:B0:BA:06:E8:9A:CB:1F:2C:32:8D:84:94:D9:72:5A:BC:89:DA
X509v3 Authority Key Identifier:
keyid:5A:96:D4:EC:3D:35:24:94:D9:23:9D:52:AF:35:AC:10:4D:A1:2F:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/WpbU7D01JJTZI51SrzWsEE2hL50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WpbU7D01JJTZI51SrzWsEE2hL50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/3E9F53C0A57711EAB2F52B2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.3.184.0/24
202.153.163.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:ee:cd:c0:b8:c9:19:65:65:87:40:2d:1a:eb:73:f1:4c:70:
61:70:56:4b:4a:ad:d3:02:7e:6d:23:48:95:58:74:b8:bc:52:
5d:87:78:11:f1:df:37:a2:3d:91:58:14:6e:64:8b:8c:25:f2:
72:5e:e9:28:e2:d9:ff:db:be:2b:f7:8c:5b:2d:85:4a:eb:15:
8e:a8:74:45:dd:29:24:92:2e:ba:14:38:19:24:dd:1e:10:4f:
ca:4d:1b:ee:6c:11:78:e1:d1:62:d8:b9:cb:2a:ff:7a:f1:e8:
c0:79:4c:05:d0:f5:cd:cf:69:bf:11:ef:05:97:89:af:5d:d0:
fd:09:b1:1d:75:f0:8a:99:ae:63:28:f0:31:18:55:40:32:b1:
dc:4e:5c:34:f7:7c:90:ce:2c:ba:03:53:ec:c8:9e:76:76:ec:
cf:40:1e:a3:ce:7a:db:f0:b6:35:1c:23:f6:6c:74:de:f2:14:
06:2b:a0:d7:6e:76:d5:1e:e6:02:fd:58:87:7e:5f:76:d8:2d:
09:2e:9c:25:25:7e:9d:50:87:93:6d:99:95:ce:aa:b3:93:b5:
57:59:4f:3b:3a:bc:09:ca:24:86:62:a4:81:8e:8b:d3:87:a9:
c9:03:24:5b:7e:c3:2d:dd:04:a6:3f:a7:5c:57:15:d9:44:9c:
ac:bf:c2:b3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNLYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjlFM0ExMTAvBgNVBAUTKDVBOTZENEVDM0QzNTI0OTREOTIzOUQ1MkFGMzVBQzEw
NERBMTJGOUQwHhcNMjUwMTI0MTQ1MDI4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkzYThiNC03YjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt9aWd7qF2fs4JwbgM3jDBzzpkq/LQwp4+iYpyQHe2CHyFzLzsPY7CSfDU0kQ
CBoEY+dgCAjPNMd9twDhxJZ4nhByM2dLHPpZ81SgZaMlJMVvjUmQjNCcwp9GwiSL
oifU+k4tOOJsV9S8i9axxOAxzZkqpp38ILvLoc/fdcSKEb7p1RPitI//Io/IIQV/
GYLFskY9lMNx/xsrXEK205GsEPrr5iFy+7n20xNPVr+PGSLme+9dmuAIUoM9qBq1
4Tk27tC9LV04T4y8t3WZErImXmozsGRh3Da3KxCdtJgT1be7kFccM4HpAOuZk6NV
AwMtSmy9gNXiLv4hIdsDEz0ZuwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAYIsLoG
6JrLHywyjYSU2XJavInaMB8GA1UdIwQYMBaAFFqW1Ow9NSSU2SOdUq81rBBNoS+d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOUUzQS8xOTdFQzBCNjFE
ODYxMUUyQUJFRjIyREQwOEIwMkNEMi9XcGJVN0QwMUpKVFpJNTFTcnpXc0VFMmhM
NTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dwYlU3RDAxSkpUWkk1MVNyeldzRUUyaEw1MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjlFM0EvMTk3RUMwQjYxRDg2MTFFMkFCRUYyMkREMDhCMDJDRDIvM0U5RjUzQzBB
NTc3MTFFQUIyRjUyQjJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADKA7gDBADKmaMwDQYJKoZIhvcNAQELBQADggEBAKPuzcC4
yRllZYdALRrrc/FMcGFwVktKrdMCfm0jSJVYdLi8Ul2HeBHx3zeiPZFYFG5ki4wl
8nJe6Sji2f/bviv3jFsthUrrFY6odEXdKSSSLroUOBkk3R4QT8pNG+5sEXjh0WLY
ucsq/3rx6MB5TAXQ9c3Pab8R7wWXia9d0P0JsR118IqZrmMo8DEYVUAysdxOXDT3
fJDOLLoDU+zInnZ27M9AHqPOetvwtjUcI/ZsdN7yFAYroNdudtUe5gL9WId+X3bY
LQkunCUlfp1Qh5NtmZXOqrOTtVdZTzs6vAnKJIZipIGOi9OHqckDJFt+wy3dBKY/
p1xXFdlEnKy/wrM=
-----END CERTIFICATE-----
Generated at Thu Apr 10 07:00:21 2025 by rpki-client