Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913731F/81711ED89D6F11EEBBBC9180C4F9AE02/32776B2EF77E11EFA2C3C928C4F9AE02.roa
File: 32776B2EF77E11EFA2C3C928C4F9AE02.roa (raw, json)
Hash identifier: iO0GAxxz6iQr/JhGiMVk8iBOxy3hTg8mQrZcdi3mCzM=
Subject key identifier: 52:81:BD:CB:77:12:5C:48:B7:2F:F5:7E:D9:E7:91:42:F5:80:9A:5B
Certificate issuer: /CN=A913731F/serialNumber=5B75090E9EA04298B47BAF82FAA2280E5E36A4BF
Certificate serial: F2
Authority key identifier: 5B:75:09:0E:9E:A0:42:98:B4:7B:AF:82:FA:A2:28:0E:5E:36:A4:BF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W3UJDp6gQpi0e6-C-qIoDl42pL8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913731F/81711ED89D6F11EEBBBC9180C4F9AE02/32776B2EF77E11EFA2C3C928C4F9AE02.roa
Signing time: Sun 02 Mar 2025 15:51:26 +0000
ROA not before: Sun 02 Mar 2025 15:51:26 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 152182
IP address blocks: 2401:5ba0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913731F/81711ED89D6F11EEBBBC9180C4F9AE02/W3UJDp6gQpi0e6-C-qIoDl42pL8.crl
rsync://rpki.apnic.net/member_repository/A913731F/81711ED89D6F11EEBBBC9180C4F9AE02/W3UJDp6gQpi0e6-C-qIoDl42pL8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W3UJDp6gQpi0e6-C-qIoDl42pL8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 04:02:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 242 (0xf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913731F, serialNumber=5B75090E9EA04298B47BAF82FAA2280E5E36A4BF
Validity
Not Before: Mar 2 15:51:26 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67c47e7d-f90d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:32:3d:3e:b5:27:c4:f7:82:3e:17:9b:a9:21:
b7:86:87:35:68:3d:af:de:c4:e2:c7:e0:8d:c0:2e:
4f:de:ac:55:31:c3:16:71:be:bf:d7:47:9f:ab:ab:
64:de:57:6a:ad:50:ee:d7:43:40:36:a0:c5:82:15:
c7:7c:52:6d:fe:e6:aa:5a:36:16:b3:36:77:ac:f3:
7a:6b:d7:56:67:ee:a7:c4:79:03:01:1d:c2:3f:8f:
20:a6:5e:64:91:1b:a6:57:62:65:09:13:d7:df:ac:
09:2a:db:79:e0:d9:26:63:b7:76:f2:9a:e3:a5:ad:
02:2f:7c:ae:21:40:09:8a:18:de:a2:5a:76:3c:e9:
6c:c3:95:4f:31:58:86:65:fd:5a:f2:7a:bc:44:11:
a6:32:ab:2d:94:40:a8:51:b6:7a:75:03:1f:fd:99:
08:05:fd:f2:9b:b8:4e:33:ab:ea:fc:2c:00:30:4f:
32:d8:21:d5:17:30:24:e5:5b:c0:68:1b:e1:d0:7a:
6e:58:99:c9:c9:9c:26:ea:89:d3:3d:32:4f:01:e7:
70:b0:63:99:cb:2c:e2:44:3f:d8:66:b8:bb:c7:d6:
a8:fa:42:e0:15:1d:37:73:3e:4a:7b:5b:a6:d6:c3:
ef:29:bb:dc:62:d9:97:1e:60:7e:be:b4:ae:16:27:
a3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:81:BD:CB:77:12:5C:48:B7:2F:F5:7E:D9:E7:91:42:F5:80:9A:5B
X509v3 Authority Key Identifier:
keyid:5B:75:09:0E:9E:A0:42:98:B4:7B:AF:82:FA:A2:28:0E:5E:36:A4:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913731F/81711ED89D6F11EEBBBC9180C4F9AE02/W3UJDp6gQpi0e6-C-qIoDl42pL8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W3UJDp6gQpi0e6-C-qIoDl42pL8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913731F/81711ED89D6F11EEBBBC9180C4F9AE02/32776B2EF77E11EFA2C3C928C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:5ba0::/32
Signature Algorithm: sha256WithRSAEncryption
92:78:10:84:98:e4:64:8c:9a:7f:75:94:0d:7e:9a:55:c1:56:
9a:d8:9c:2c:f3:19:60:05:d3:3c:83:62:15:77:d1:4c:51:b6:
9c:0b:10:cd:b6:7e:71:52:5f:51:f7:9c:2e:1a:9c:b1:6c:44:
fc:67:71:6b:f3:15:d2:a8:3d:2d:cf:4b:52:12:50:b3:1a:56:
6c:77:3e:9f:4d:93:e6:c8:a6:e0:25:8b:fe:8a:0f:9f:3a:19:
c9:7d:e8:7b:f4:00:af:94:d1:07:e5:5b:54:9c:98:b4:2f:fe:
4b:e7:94:85:fb:60:ef:03:c7:a4:7e:9a:28:f8:0f:10:9a:d2:
28:66:b8:30:d8:2c:3e:18:db:fd:b0:be:79:4f:d0:f2:47:f6:
3c:d6:d4:bd:ab:84:a8:63:9d:ed:27:66:de:c8:7d:6b:3a:09:
1e:ce:56:35:83:d1:9d:5a:8f:e4:95:5e:61:86:a3:00:22:3a:
9b:9c:87:79:e4:26:c0:b3:42:e5:37:f2:72:c7:86:b2:3b:7b:
7c:48:ad:fb:05:fa:80:2f:e2:d3:81:db:5d:0b:16:1f:60:42:
cb:26:8c:03:46:03:12:19:53:78:fa:11:08:2f:02:94:d8:5d:
22:3f:01:10:cb:49:c0:24:d9:2b:d2:3a:39:73:24:ff:79:29:
71:a8:da:e4
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICAPIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzczMUYxMTAvBgNVBAUTKDVCNzUwOTBFOUVBMDQyOThCNDdCQUY4MkZBQTIyODBF
NUUzNkE0QkYwHhcNMjUwMzAyMTU1MTI2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M0N2U3ZC1mOTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5TI9PrUnxPeCPhebqSG3hoc1aD2v3sTix+CNwC5P3qxVMcMWcb6/10efq6tk
3ldqrVDu10NANqDFghXHfFJt/uaqWjYWszZ3rPN6a9dWZ+6nxHkDAR3CP48gpl5k
kRumV2JlCRPX36wJKtt54NkmY7d28prjpa0CL3yuIUAJihjeolp2POlsw5VPMViG
Zf1a8nq8RBGmMqstlECoUbZ6dQMf/ZkIBf3ym7hOM6vq/CwAME8y2CHVFzAk5VvA
aBvh0HpuWJnJyZwm6onTPTJPAedwsGOZyyziRD/YZri7x9ao+kLgFR03cz5Ke1um
1sPvKbvcYtmXHmB+vrSuFiejKQIDAQABo4ICljCCApIwHQYDVR0OBBYEFFKBvct3
ElxIty/1ftnnkUL1gJpbMB8GA1UdIwQYMBaAFFt1CQ6eoEKYtHuvgvqiKA5eNqS/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNzMxRi84MTcxMUVEODlE
NkYxMUVFQkJCQzkxODBDNEY5QUUwMi9XM1VKRHA2Z1FwaTBlNi1DLXFJb0RsNDJw
TDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1czVUpEcDZnUXBpMGU2LUMtcUlvRGw0MnBMOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzczMUYvODE3MTFFRDg5RDZGMTFFRUJCQkM5MTgwQzRGOUFFMDIvMzI3NzZCMkVG
NzdFMTFFRkEyQzNDOTI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAVugMA0GCSqGSIb3DQEBCwUAA4IBAQCSeBCEmORkjJp/
dZQNfppVwVaa2Jws8xlgBdM8g2IVd9FMUbacCxDNtn5xUl9R95wuGpyxbET8Z3Fr
8xXSqD0tz0tSElCzGlZsdz6fTZPmyKbgJYv+ig+fOhnJfeh79ACvlNEH5VtUnJi0
L/5L55SF+2DvA8ekfpoo+A8QmtIoZrgw2Cw+GNv9sL55T9DyR/Y81tS9q4SoY53t
J2beyH1rOgkezlY1g9GdWo/klV5hhqMAIjqbnId55CbAs0LlN/Jyx4ayO3t8SK37
BfqAL+LTgdtdCxYfYELLJowDRgMSGVN4+hEILwKU2F0iPwEQy0nAJNkr0jo5cyT/
eSlxqNrk
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:37:06 2025 by rpki-client