Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91326B3/C55423AAE69111EEBF058932C4F9AE02/E3ABAA7AE69211EEB34D4B6AC4F9AE02.roa
File: E3ABAA7AE69211EEB34D4B6AC4F9AE02.roa (raw, json)
Hash identifier: EyKD4I3R8YSy4asXY+8xvf07IP4owJwI772hb1AAhAw=
Subject key identifier: C9:8F:C6:4F:C8:87:13:FD:B1:79:EB:94:1A:0B:AD:EE:C3:8E:9C:6E
Certificate issuer: /CN=A91326B3/serialNumber=0BDAB608617F3C3183C470F4E619B2795F75C389
Certificate serial: BC
Authority key identifier: 0B:DA:B6:08:61:7F:3C:31:83:C4:70:F4:E6:19:B2:79:5F:75:C3:89
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/C9q2CGF_PDGDxHD05hmyeV91w4k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91326B3/C55423AAE69111EEBF058932C4F9AE02/E3ABAA7AE69211EEB34D4B6AC4F9AE02.roa
Signing time: Fri 07 Mar 2025 05:21:28 +0000
ROA not before: Fri 07 Mar 2025 05:21:28 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 152458
IP address blocks: 157.15.140.0/23 maxlen: 23
157.15.140.0/24 maxlen: 24
157.15.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91326B3/C55423AAE69111EEBF058932C4F9AE02/C9q2CGF_PDGDxHD05hmyeV91w4k.crl
rsync://rpki.apnic.net/member_repository/A91326B3/C55423AAE69111EEBF058932C4F9AE02/C9q2CGF_PDGDxHD05hmyeV91w4k.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/C9q2CGF_PDGDxHD05hmyeV91w4k.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 04:40:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188 (0xbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91326B3
Validity
Not Before: Mar 7 05:21:28 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ca8258-ba8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:65:cb:35:e3:7d:0a:05:7e:b0:d4:6e:bd:c5:
93:4a:4c:00:bd:71:42:07:54:7b:90:c4:a9:b5:cf:
13:e2:75:ea:c3:b0:ae:67:a0:a8:88:a5:aa:40:66:
1e:d8:3b:b1:d8:b7:43:84:35:95:5e:f6:b5:a3:2e:
84:f0:0c:5e:35:91:9e:85:22:65:3a:46:29:ce:da:
44:f7:63:d6:2c:99:78:a1:39:c2:78:bc:92:4c:aa:
37:cc:e9:74:dd:bf:25:5b:c2:ae:61:b5:6b:79:68:
62:f3:13:ad:e1:0c:3b:b9:d8:c7:0a:2e:ca:a7:ba:
48:37:e8:ed:2e:89:5c:d0:38:b2:14:60:a3:f2:a1:
a4:1b:b0:33:81:47:67:39:32:40:50:24:b2:fb:07:
17:81:84:08:f0:e8:64:95:09:d2:3f:d6:bc:2c:d3:
9c:cc:6d:e9:a4:90:0e:9a:dd:04:f1:36:5b:6a:a8:
4f:59:cd:56:d2:01:9a:f7:9c:fc:59:26:f2:55:ec:
50:61:95:1d:cb:4b:aa:7c:cb:f9:c5:cc:57:4a:dd:
5d:52:16:f6:15:0e:f4:13:44:d7:4c:fe:7f:ab:b1:
6d:f9:a5:d3:c3:6c:dd:bd:f9:c1:cf:e0:43:cb:73:
fc:16:4a:6a:64:3e:54:47:25:26:e9:fc:32:f7:5e:
4a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:8F:C6:4F:C8:87:13:FD:B1:79:EB:94:1A:0B:AD:EE:C3:8E:9C:6E
X509v3 Authority Key Identifier:
keyid:0B:DA:B6:08:61:7F:3C:31:83:C4:70:F4:E6:19:B2:79:5F:75:C3:89
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91326B3/C55423AAE69111EEBF058932C4F9AE02/C9q2CGF_PDGDxHD05hmyeV91w4k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/C9q2CGF_PDGDxHD05hmyeV91w4k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91326B3/C55423AAE69111EEBF058932C4F9AE02/E3ABAA7AE69211EEB34D4B6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.140.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:bd:64:f6:eb:94:ea:64:37:53:21:f7:df:b8:b6:27:9f:c7:
82:5e:b9:a5:29:3e:89:de:24:7b:31:78:fd:40:1a:97:54:6f:
03:28:00:ec:75:09:79:ca:3e:f0:ba:c4:01:14:0a:f5:30:06:
15:64:ff:c8:db:eb:ec:4b:57:b0:61:ce:e1:27:8b:05:d7:77:
af:60:d0:49:fe:a1:10:a6:39:92:5d:4e:05:f8:3b:88:74:22:
fd:35:45:d1:32:79:26:51:dc:3e:92:4f:bf:f0:6a:b2:62:44:
01:4b:16:fb:b2:41:a2:0c:1b:45:8f:f9:f4:e5:51:aa:77:6a:
b3:6f:f3:a6:9f:6f:43:7e:3d:14:69:39:5d:cc:26:39:7e:78:
b0:0c:df:ff:50:8a:30:6b:b6:25:92:b8:67:3f:7a:97:ac:bb:
6a:d1:9c:f3:38:86:db:17:b6:f7:47:86:d1:cb:e6:a1:37:4e:
31:27:9e:f2:5d:aa:27:0c:1f:25:fa:2b:fc:18:b7:33:bb:ed:
0c:76:8a:f2:fa:ef:e6:25:1e:16:09:0d:49:e2:90:65:a4:b9:
b4:11:e7:5f:05:12:80:9b:d8:fd:42:63:4d:a6:b7:80:20:49:
58:57:b8:36:1b:44:49:de:a5:7d:c9:1a:39:2d:65:32:6f:9e:
4b:f3:74:34
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICALwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzI2QjMxMTAvBgNVBAUTKDBCREFCNjA4NjE3RjNDMzE4M0M0NzBGNEU2MTlCMjc5
NUY3NUMzODkwHhcNMjUwMzA3MDUyMTI4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NhODI1OC1iYThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx2XLNeN9CgV+sNRuvcWTSkwAvXFCB1R7kMSptc8T4nXqw7CuZ6CoiKWqQGYe
2Dux2LdDhDWVXva1oy6E8AxeNZGehSJlOkYpztpE92PWLJl4oTnCeLySTKo3zOl0
3b8lW8KuYbVreWhi8xOt4Qw7udjHCi7Kp7pIN+jtLolc0DiyFGCj8qGkG7AzgUdn
OTJAUCSy+wcXgYQI8OhklQnSP9a8LNOczG3ppJAOmt0E8TZbaqhPWc1W0gGa95z8
WSbyVexQYZUdy0uqfMv5xcxXSt1dUhb2FQ70E0TXTP5/q7Ft+aXTw2zdvfnBz+BD
y3P8FkpqZD5URyUm6fwy915KZwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMmPxk/I
hxP9sXnrlBoLre7DjpxuMB8GA1UdIwQYMBaAFAvatghhfzwxg8Rw9OYZsnlfdcOJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjZCMy9DNTU0MjNBQUU2
OTExMUVFQkYwNTg5MzJDNEY5QUUwMi9DOXEyQ0dGX1BER0R4SEQwNWhteWVWOTF3
NGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0M5cTJDR0ZfUERHRHhIRDA1aG15ZVY5MXc0ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzI2QjMvQzU1NDIzQUFFNjkxMTFFRUJGMDU4OTMyQzRGOUFFMDIvRTNBQkFBN0FF
NjkyMTFFRUIzNEQ0QjZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdD4wwDQYJKoZIhvcNAQELBQADggEBALu9ZPbrlOpkN1Mh
99+4tiefx4JeuaUpPoneJHsxeP1AGpdUbwMoAOx1CXnKPvC6xAEUCvUwBhVk/8jb
6+xLV7BhzuEniwXXd69g0En+oRCmOZJdTgX4O4h0Iv01RdEyeSZR3D6ST7/warJi
RAFLFvuyQaIMG0WP+fTlUap3arNv86afb0N+PRRpOV3MJjl+eLAM3/9QijBrtiWS
uGc/epesu2rRnPM4htsXtvdHhtHL5qE3TjEnnvJdqicMHyX6K/wYtzO77Qx2ivL6
7+YlHhYJDUnikGWkubQR518FEoCb2P1CY02mt4AgSVhXuDYbREnepX3JGjktZTJv
nkvzdDQ=
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:56:34 2025 by rpki-client