Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/885DAE383B1C11EEA6DF117AC4F9AE02.roa
File: 885DAE383B1C11EEA6DF117AC4F9AE02.roa (raw, json)
Hash identifier: t6+QHhHKWbDZoxFsvhT+y8k66KeW3LrS7MegiCYm79I=
Subject key identifier: FA:46:42:D9:45:DD:D0:67:E3:96:D8:0B:99:DA:78:9A:4E:87:0D:BD
Certificate issuer: /CN=A913345B/serialNumber=846AC847DAC6B04209C72ACF464EBEEA16522052
Certificate serial: 0A5C
Authority key identifier: 84:6A:C8:47:DA:C6:B0:42:09:C7:2A:CF:46:4E:BE:EA:16:52:20:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hGrIR9rGsEIJxyrPRk6-6hZSIFI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/885DAE383B1C11EEA6DF117AC4F9AE02.roa
Signing time: Mon 10 Mar 2025 20:09:22 +0000
ROA not before: Mon 10 Mar 2025 20:09:22 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 56111
IP address blocks: 2001:df3:f80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/hGrIR9rGsEIJxyrPRk6-6hZSIFI.crl
rsync://rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/hGrIR9rGsEIJxyrPRk6-6hZSIFI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hGrIR9rGsEIJxyrPRk6-6hZSIFI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 19:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2652 (0xa5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913345B, serialNumber=846AC847DAC6B04209C72ACF464EBEEA16522052
Validity
Not Before: Mar 10 20:09:22 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67cf46f2-272d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2b:9b:aa:fe:ec:8e:c0:52:fd:6c:b0:31:5c:
d3:c5:a9:3f:fa:48:1c:2d:ad:90:01:46:2c:31:1d:
03:31:da:a4:72:1b:cb:39:6f:96:97:80:2b:74:21:
69:d7:4c:10:41:d3:9d:76:3b:48:6a:5e:ab:56:85:
70:64:f5:25:d0:ed:15:93:50:e4:90:d2:91:0a:f1:
c8:a2:21:5c:13:d6:dd:65:bb:70:f9:b2:6a:ca:57:
a5:33:0f:4b:f6:8f:87:78:f1:1c:36:f4:bc:cb:2a:
42:b1:bc:12:65:fd:1d:ff:cd:3d:f4:2e:c2:d8:a5:
0a:b1:e8:82:04:26:8e:e5:dd:63:a9:d2:f9:83:a9:
7d:b1:74:df:67:0f:e4:00:61:a9:54:88:f3:ee:83:
00:1f:4f:0c:3a:0f:5a:7d:55:d4:63:17:7c:f0:18:
9e:d8:a1:6c:1e:56:8a:24:d5:4c:da:c1:58:50:b0:
df:a1:12:38:0b:3b:8b:2f:6e:dc:4b:8a:c9:a4:b8:
93:99:0c:de:af:fc:e7:69:60:04:ed:ca:f6:85:3d:
26:f9:89:8d:c8:e5:e4:17:2d:9d:20:06:60:5e:b8:
47:5c:f9:9e:88:41:49:03:0d:7f:67:a8:b9:35:a8:
24:bf:a8:23:43:b0:ce:86:83:e7:a6:66:9a:dd:85:
5c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:46:42:D9:45:DD:D0:67:E3:96:D8:0B:99:DA:78:9A:4E:87:0D:BD
X509v3 Authority Key Identifier:
keyid:84:6A:C8:47:DA:C6:B0:42:09:C7:2A:CF:46:4E:BE:EA:16:52:20:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/hGrIR9rGsEIJxyrPRk6-6hZSIFI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hGrIR9rGsEIJxyrPRk6-6hZSIFI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/885DAE383B1C11EEA6DF117AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:f80::/48
Signature Algorithm: sha256WithRSAEncryption
54:8c:fd:a3:2a:ce:27:17:e8:e0:7b:48:fb:0c:22:50:1d:99:
44:3b:8f:f4:73:41:7b:58:3b:89:39:6b:26:d9:e7:90:94:be:
1e:5f:30:0a:49:31:b3:a5:80:6f:66:7d:6c:89:bb:71:47:98:
96:a4:98:93:53:8a:5f:f9:15:b7:ef:dc:9e:08:75:85:c4:da:
fe:10:c4:a3:e5:b1:7f:12:a1:f3:5f:a3:96:33:fc:fd:e8:bc:
41:d2:d7:f8:57:0e:ff:79:73:50:73:0d:21:fc:e9:bc:bc:eb:
d3:61:0d:08:35:da:ff:fb:ab:46:c0:ee:d4:2f:c1:77:dc:26:
6e:4a:1a:a9:e5:55:7b:f3:f5:ab:83:3e:37:f1:31:33:55:76:
b2:cb:e4:eb:b9:5f:ee:4c:9b:9b:63:0c:c0:d3:24:ed:6a:c3:
f8:1c:04:02:d0:74:c9:67:76:9c:67:d6:34:77:be:a8:15:0b:
4d:3f:be:37:4d:c1:5c:23:fc:db:f8:31:af:23:08:89:af:fe:
56:92:3f:a6:84:23:57:b7:2a:4f:43:d1:19:9b:1d:a4:27:f1:
90:2f:58:3e:aa:e3:58:93:02:5d:58:9e:4c:08:20:db:40:d2:
44:1c:c8:b9:79:22:34:a6:f3:ab:72:35:d2:0f:95:2a:02:97:
f4:de:5b:7f
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICClwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzM0NUIxMTAvBgNVBAUTKDg0NkFDODQ3REFDNkIwNDIwOUM3MkFDRjQ2NEVCRUVB
MTY1MjIwNTIwHhcNMjUwMzEwMjAwOTIyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmNDZmMi0yNzJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoiubqv7sjsBS/WywMVzTxak/+kgcLa2QAUYsMR0DMdqkchvLOW+Wl4ArdCFp
10wQQdOddjtIal6rVoVwZPUl0O0Vk1DkkNKRCvHIoiFcE9bdZbtw+bJqylelMw9L
9o+HePEcNvS8yypCsbwSZf0d/8099C7C2KUKseiCBCaO5d1jqdL5g6l9sXTfZw/k
AGGpVIjz7oMAH08MOg9afVXUYxd88Bie2KFsHlaKJNVM2sFYULDfoRI4CzuLL27c
S4rJpLiTmQzer/znaWAE7cr2hT0m+YmNyOXkFy2dIAZgXrhHXPmeiEFJAw1/Z6i5
Nagkv6gjQ7DOhoPnpmaa3YVcvQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFPpGQtlF
3dBn45bYC5naeJpOhw29MB8GA1UdIwQYMBaAFIRqyEfaxrBCCccqz0ZOvuoWUiBS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMzQ1Qi8yOEQ4MkM4MjVG
NkUxMUVBOTI0QjlCODBDNEY5QUUwMi9oR3JJUjlyR3NFSUp4eXJQUms2LTZoWlNJ
RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hHcklSOXJHc0VJSnh5clBSazYtNmhaU0lGSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzM0NUIvMjhEODJDODI1RjZFMTFFQTkyNEI5QjgwQzRGOUFFMDIvODg1REFFMzgz
QjFDMTFFRUE2REYxMTdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3zD4AwDQYJKoZIhvcNAQELBQADggEBAFSM/aMqzicX
6OB7SPsMIlAdmUQ7j/RzQXtYO4k5aybZ55CUvh5fMApJMbOlgG9mfWyJu3FHmJak
mJNTil/5Fbfv3J4IdYXE2v4QxKPlsX8SofNfo5Yz/P3ovEHS1/hXDv95c1BzDSH8
6by869NhDQg12v/7q0bA7tQvwXfcJm5KGqnlVXvz9auDPjfxMTNVdrLL5Ou5X+5M
m5tjDMDTJO1qw/gcBALQdMlndpxn1jR3vqgVC00/vjdNwVwj/Nv4Ma8jCImv/laS
P6aEI1e3Kk9D0RmbHaQn8ZAvWD6q41iTAl1YnkwIINtA0kQcyLl5IjSm86tyNdIP
lSoCl/TeW38=
-----END CERTIFICATE-----
Generated at Mon Apr 14 06:22:25 2025 by rpki-client