Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912B129/4B3CEEB4933D11EE8A950253C4F9AE02/A5F4A536933D11EEA6B4A653C4F9AE02.roa
File: A5F4A536933D11EEA6B4A653C4F9AE02.roa (raw, json)
Hash identifier: DbgMB8s7KygdLMJgPknQvmcZtX/iz+EumL1JuajpP5E=
Subject key identifier: 85:62:7A:55:F9:07:B6:FB:0D:90:87:D0:71:FA:C2:AA:B4:53:41:E2
Certificate issuer: /CN=A912B129/serialNumber=2C8D1A58056ED188FE8580E70D1DE50F4C3DA270
Certificate serial: AF
Authority key identifier: 2C:8D:1A:58:05:6E:D1:88:FE:85:80:E7:0D:1D:E5:0F:4C:3D:A2:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LI0aWAVu0Yj-hYDnDR3lD0w9onA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912B129/4B3CEEB4933D11EE8A950253C4F9AE02/A5F4A536933D11EEA6B4A653C4F9AE02.roa
Signing time: Sun 03 Nov 2024 04:18:30 +0000
ROA not before: Sun 03 Nov 2024 04:18:30 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 55832
IP address blocks: 45.64.16.0/24 maxlen: 24
45.64.17.0/24 maxlen: 24
45.64.18.0/24 maxlen: 24
45.64.19.0/24 maxlen: 24
103.14.181.0/24 maxlen: 24
103.14.182.0/24 maxlen: 24
103.14.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912B129/4B3CEEB4933D11EE8A950253C4F9AE02/LI0aWAVu0Yj-hYDnDR3lD0w9onA.crl
rsync://rpki.apnic.net/member_repository/A912B129/4B3CEEB4933D11EE8A950253C4F9AE02/LI0aWAVu0Yj-hYDnDR3lD0w9onA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LI0aWAVu0Yj-hYDnDR3lD0w9onA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 03:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175 (0xaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912B129, serialNumber=2C8D1A58056ED188FE8580E70D1DE50F4C3DA270
Validity
Not Before: Nov 3 04:18:30 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6726f996-a873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2c:5d:f3:df:5c:dc:e9:e9:76:66:7c:5a:d4:
78:77:cf:2d:6a:f5:a4:ad:4f:62:29:7f:2a:e6:d6:
ca:4d:26:65:72:5b:6e:ca:66:db:0b:e9:84:a9:10:
1f:e9:f8:ba:b9:c8:67:0c:e2:79:7b:c3:9b:f4:6d:
8d:ca:cc:5f:bf:0b:cf:3e:1a:20:e0:37:29:37:de:
e6:a8:7d:05:8c:05:3e:43:a3:82:a6:ac:cf:cd:e4:
63:db:d7:92:4f:93:aa:29:e3:02:c4:0a:06:71:da:
b7:39:b1:5d:60:48:91:d9:4e:2d:e3:43:42:bf:0f:
27:d9:69:51:c9:1e:bd:a1:59:80:0b:58:81:63:5e:
42:bd:72:9b:ef:89:56:7d:82:da:60:8c:d3:bf:40:
14:f6:56:99:fe:41:c1:6e:61:6e:75:be:0a:02:e8:
8e:36:45:1b:99:05:13:cf:89:f6:80:4d:ca:1b:3b:
18:cd:a2:89:29:69:a9:46:f5:28:c3:9d:00:ce:1c:
fa:4a:b9:aa:e5:06:22:e5:a6:b8:0d:0e:67:3d:bb:
d0:d4:80:e3:1c:53:09:39:17:3a:57:20:96:5f:4b:
cc:95:4d:e0:5d:22:17:01:8c:0f:e1:b8:b0:dc:6a:
69:9a:1f:65:dc:df:91:55:eb:71:92:b7:d2:8e:01:
57:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:62:7A:55:F9:07:B6:FB:0D:90:87:D0:71:FA:C2:AA:B4:53:41:E2
X509v3 Authority Key Identifier:
keyid:2C:8D:1A:58:05:6E:D1:88:FE:85:80:E7:0D:1D:E5:0F:4C:3D:A2:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912B129/4B3CEEB4933D11EE8A950253C4F9AE02/LI0aWAVu0Yj-hYDnDR3lD0w9onA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LI0aWAVu0Yj-hYDnDR3lD0w9onA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B129/4B3CEEB4933D11EE8A950253C4F9AE02/A5F4A536933D11EEA6B4A653C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.16.0/22
103.14.181.0-103.14.183.255
Signature Algorithm: sha256WithRSAEncryption
00:09:fe:94:a8:eb:a4:59:af:f9:d1:31:87:df:f9:9b:a0:cc:
59:df:72:c6:31:62:9e:03:1d:1e:13:29:44:dd:34:18:ae:3b:
06:b0:34:85:fa:43:35:58:0d:a0:9b:19:77:74:58:34:9a:8e:
5c:7c:c7:de:fd:f9:54:df:e9:07:55:6e:57:8c:79:9c:0f:e5:
10:dd:9f:45:39:75:12:29:d0:4c:fd:2f:5d:4e:1b:27:b6:a1:
f4:18:6e:43:2f:2d:53:19:44:66:d8:48:63:ef:cd:a6:1d:31:
1f:cf:9e:b8:e7:93:70:4b:33:8e:2b:b3:df:99:fc:13:16:a5:
04:db:a5:84:65:4a:a0:3c:8f:10:ef:6a:47:bd:a9:61:cb:2e:
cc:18:70:c2:71:39:95:7a:ae:68:00:87:f3:31:3b:5d:69:39:
47:d6:fb:34:cb:b7:8b:38:df:82:11:89:1e:87:0d:e4:01:ab:
db:9c:45:5b:9d:74:c4:3a:40:97:97:0a:a6:10:07:27:ac:d4:
b0:8c:69:d8:df:d5:e5:08:a4:ba:47:30:d0:ac:59:42:2c:6f:
56:22:25:cc:62:51:cc:f7:d8:88:83:aa:f4:67:df:b0:48:e0:
10:4b:b0:b1:d7:d1:53:62:30:65:35:46:ad:bb:a3:15:86:fb:
23:41:bb:6d
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICAK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkIxMjkxMTAvBgNVBAUTKDJDOEQxQTU4MDU2RUQxODhGRTg1ODBFNzBEMURFNTBG
NEMzREEyNzAwHhcNMjQxMTAzMDQxODMwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI2Zjk5Ni1hODczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0Cxd899c3OnpdmZ8WtR4d88tavWkrU9iKX8q5tbKTSZlcltuymbbC+mEqRAf
6fi6uchnDOJ5e8Ob9G2NysxfvwvPPhog4DcpN97mqH0FjAU+Q6OCpqzPzeRj29eS
T5OqKeMCxAoGcdq3ObFdYEiR2U4t40NCvw8n2WlRyR69oVmAC1iBY15CvXKb74lW
fYLaYIzTv0AU9laZ/kHBbmFudb4KAuiONkUbmQUTz4n2gE3KGzsYzaKJKWmpRvUo
w50Azhz6Srmq5QYi5aa4DQ5nPbvQ1IDjHFMJORc6VyCWX0vMlU3gXSIXAYwP4biw
3Gppmh9l3N+RVetxkrfSjgFXQQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFIVielX5
B7b7DZCH0HH6wqq0U0HiMB8GA1UdIwQYMBaAFCyNGlgFbtGI/oWA5w0d5Q9MPaJw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjEyOS80QjNDRUVCNDkz
M0QxMUVFOEE5NTAyNTNDNEY5QUUwMi9MSTBhV0FWdTBZai1oWURuRFIzbEQwdzlv
bkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xJMGFXQVZ1MFlqLWhZRG5EUjNsRDB3OW9uQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkIxMjkvNEIzQ0VFQjQ5MzNEMTFFRThBOTUwMjUzQzRGOUFFMDIvQTVGNEE1MzY5
MzNEMTFFRUE2QjRBNjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAItQBAwDAMEAGcOtQMEA2cOsDANBgkqhkiG9w0BAQsFAAOC
AQEAAAn+lKjrpFmv+dExh9/5m6DMWd9yxjFingMdHhMpRN00GK47BrA0hfpDNVgN
oJsZd3RYNJqOXHzH3v35VN/pB1VuV4x5nA/lEN2fRTl1EinQTP0vXU4bJ7ah9Bhu
Qy8tUxlEZthIY+/Nph0xH8+euOeTcEszjiuz35n8ExalBNulhGVKoDyPEO9qR72p
YcsuzBhwwnE5lXquaACH8zE7XWk5R9b7NMu3izjfghGJHocN5AGr25xFW510xDpA
l5cKphAHJ6zUsIxp2N/V5Qikukcw0KxZQixvViIlzGJRzPfYiIOq9GffsEjgEEuw
sdfRU2IwZTVGrbujFYb7I0G7bQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:18:12 2025 by rpki-client