Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/4A63A29461AF11EAB55FB65CC4F9AE02.roa
File: 4A63A29461AF11EAB55FB65CC4F9AE02.roa (raw, json)
Hash identifier: w8Kk3w5vPPI6CEXyX6A6S7r0s6wiR7KW1otjGT4CMpw=
Subject key identifier: 5E:AB:EA:BA:99:8D:2D:9F:E0:4D:34:7E:60:6B:AD:E6:3E:D4:10:88
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 38AB
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/4A63A29461AF11EAB55FB65CC4F9AE02.roa
Signing time: Tue 16 Jul 2024 14:31:05 +0000
ROA not before: Tue 16 Jul 2024 14:31:05 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 36040
IP address blocks: 2001:fb0:109f:12::/64 maxlen: 64
2001:fb0:109f:14::/64 maxlen: 64
2001:fb0:109f:18::/64 maxlen: 64
2001:fb0:109f:19::/64 maxlen: 64
2001:fb0:109f:8007::/64 maxlen: 64
2001:fb0:109f:8009::/64 maxlen: 64
2001:fb0:109f:8010::/64 maxlen: 64
2001:fb0:109f:8013::/64 maxlen: 64
2001:fb0:109f:8014::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 14:20:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14507 (0x38ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC, serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Jul 16 14:31:05 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66968429-4e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:bf:77:bd:65:68:98:50:13:38:9e:05:ed:3d:
6e:d0:76:8b:3f:56:6a:80:89:2c:f7:34:89:e7:b0:
51:16:a3:62:b4:8f:fb:5c:e1:e2:e7:04:2e:e2:de:
5c:cd:65:8f:5d:dc:0e:13:c5:ee:a1:ae:04:0b:49:
dd:15:3f:f6:a9:86:8c:7b:16:63:28:68:a3:5f:6a:
8e:d5:b5:5f:79:13:5f:12:b1:b1:e2:28:01:b1:0f:
9b:af:45:e3:f6:13:31:3d:62:d0:29:a7:c1:2b:83:
bb:87:27:fe:a0:c1:a6:67:d7:d1:a1:14:c3:0a:31:
fe:38:38:e0:19:b5:8f:bd:eb:d5:40:9b:4d:6e:d0:
5c:d3:ea:58:ad:5c:e0:dd:32:f7:fa:7e:b2:89:cf:
c2:4d:59:c7:df:01:68:6c:6c:69:31:b5:ba:04:d6:
cb:2a:3c:a4:62:14:59:10:74:87:f0:de:ea:d4:a5:
f8:15:f6:ec:aa:5c:9f:76:b3:a1:09:34:98:85:40:
c8:f2:a8:00:bf:85:aa:0f:4c:29:44:c5:1d:bc:56:
a3:21:b3:dc:f1:92:e2:d8:51:c0:ae:e0:46:6a:11:
a0:5d:4b:4f:1b:4c:8c:30:75:c7:6e:f4:cc:49:99:
49:85:a5:b6:2e:36:52:3e:3c:18:6c:90:07:73:86:
c2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:AB:EA:BA:99:8D:2D:9F:E0:4D:34:7E:60:6B:AD:E6:3E:D4:10:88
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/4A63A29461AF11EAB55FB65CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:fb0:109f:12::/64
2001:fb0:109f:14::/64
2001:fb0:109f:18::/63
2001:fb0:109f:8007::/64
2001:fb0:109f:8009::/64
2001:fb0:109f:8010::/64
2001:fb0:109f:8013::-2001:fb0:109f:8014:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8f:6b:2c:f8:27:78:68:ad:ac:21:f0:53:de:2d:60:a5:3d:51:
a4:b8:5e:b2:b4:31:15:6b:34:00:09:c6:3a:7b:86:68:3c:ef:
d3:85:1f:3f:14:03:9b:e6:25:3a:a1:19:20:95:67:45:0d:77:
7d:61:03:12:38:d4:0d:11:b5:ad:0b:9e:8e:9c:c4:fa:a0:4b:
4e:e9:11:13:c2:15:5e:30:87:94:31:9b:7d:ed:5e:a6:93:6a:
29:be:30:ac:6b:4a:84:08:a5:48:92:5c:82:b8:41:8f:d8:7b:
51:07:c4:be:30:27:8a:ae:75:ef:6e:9c:ed:23:e7:12:1c:52:
bf:01:34:65:15:32:62:85:1a:2c:72:f9:95:7f:87:41:f7:dd:
a8:37:4e:b3:4c:be:9b:f8:a8:5f:34:3c:e4:f7:9f:b9:4c:b4:
0a:b2:aa:fc:4d:d9:2e:61:a3:03:a7:12:d1:5f:b7:f8:71:89:
eb:61:f1:72:04:5c:d1:fc:cb:b9:ee:c3:74:12:1b:fb:83:71:
0d:22:2d:19:8b:cd:f3:bf:de:a8:6b:ae:88:77:17:ee:55:0c:
d9:e3:07:a5:3f:72:0a:03:9f:24:72:cc:a1:fd:39:3f:9d:8d:
7d:b5:eb:e3:70:40:32:e1:6b:cd:af:cd:a2:e0:81:e5:3e:ff:
76:30:20:d9
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgICOKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjQwNzE2MTQzMTA1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njk2ODQyOS00ZTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5L93vWVomFATOJ4F7T1u0HaLP1ZqgIks9zSJ57BRFqNitI/7XOHi5wQu4t5c
zWWPXdwOE8Xuoa4EC0ndFT/2qYaMexZjKGijX2qO1bVfeRNfErGx4igBsQ+br0Xj
9hMxPWLQKafBK4O7hyf+oMGmZ9fRoRTDCjH+ODjgGbWPvevVQJtNbtBc0+pYrVzg
3TL3+n6yic/CTVnH3wFobGxpMbW6BNbLKjykYhRZEHSH8N7q1KX4FfbsqlyfdrOh
CTSYhUDI8qgAv4WqD0wpRMUdvFajIbPc8ZLi2FHAruBGahGgXUtPG0yMMHXHbvTM
SZlJhaW2LjZSPjwYbJAHc4bCuQIDAQABo4IC6TCCAuUwHQYDVR0OBBYEFF6r6rqZ
jS2f4E00fmBrreY+1BCIMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvNEE2M0EyOTQ2
MUFGMTFFQUI1NUZCNjVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcwYIKwYBBQUHAQcBAf8E
ZDBiMGAEAgACMFoDCQAgAQ+wEJ8AEgMJACABD7AQnwAUAwkBIAEPsBCfABgDCQAg
AQ+wEJ+ABwMJACABD7AQn4AJAwkAIAEPsBCfgBAwFgMJACABD7AQn4ATAwkAIAEP
sBCfgBQwDQYJKoZIhvcNAQELBQADggEBAI9rLPgneGitrCHwU94tYKU9UaS4XrK0
MRVrNAAJxjp7hmg879OFHz8UA5vmJTqhGSCVZ0UNd31hAxI41A0Rta0Lno6cxPqg
S07pERPCFV4wh5Qxm33tXqaTaim+MKxrSoQIpUiSXIK4QY/Ye1EHxL4wJ4qude9u
nO0j5xIcUr8BNGUVMmKFGixy+ZV/h0H33ag3TrNMvpv4qF80POT3n7lMtAqyqvxN
2S5howOnEtFft/hxieth8XIEXNH8y7nuw3QSG/uDcQ0iLRmLzfO/3qhrroh3F+5V
DNnjB6U/cgoDnyRyzKH9OT+djX216+NwQDLha82vzaLggeU+/3YwINk=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:17:08 2025 by rpki-client