Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/F046E896E9B411EFADF57822C4F9AE02.roa
File: F046E896E9B411EFADF57822C4F9AE02.roa (raw, json)
Hash identifier: GMfaRkgZtU0bibSF5X1yqmKnNBnQN18neJaY0c9lA5Y=
Subject key identifier: 07:0D:A1:82:95:FA:62:97:93:17:4C:A0:33:70:F6:35:68:A7:67:AB
Certificate issuer: /CN=A9138D0E/serialNumber=8671C967EF80CE3D12DCEA30491B946FD70687C0
Certificate serial: 137A
Authority key identifier: 86:71:C9:67:EF:80:CE:3D:12:DC:EA:30:49:1B:94:6F:D7:06:87:C0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnHJZ--Azj0S3OowSRuUb9cGh8A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/F046E896E9B411EFADF57822C4F9AE02.roa
Signing time: Thu 13 Feb 2025 02:48:01 +0000
ROA not before: Thu 13 Feb 2025 02:48:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134134
IP address blocks: 2404:9f40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.crl
rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnHJZ--Azj0S3OowSRuUb9cGh8A.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 16:56:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4986 (0x137a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9138D0E, serialNumber=8671C967EF80CE3D12DCEA30491B946FD70687C0
Validity
Not Before: Feb 13 02:48:01 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67ad5d60-46f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4a:f2:86:eb:70:d3:02:3f:6b:8b:29:c7:be:
b4:a7:11:5a:15:b1:41:48:b4:c4:c6:b2:6b:39:0f:
f7:a1:f5:10:a6:ca:d4:cf:7d:79:7f:a0:96:7c:51:
c4:aa:06:3e:67:45:77:d3:3a:2b:d9:15:e5:66:3b:
59:b7:77:98:6f:00:f3:cd:b9:15:45:ac:ab:f8:8c:
e5:19:b1:f5:25:e9:d5:bc:bd:63:12:ec:c9:0b:13:
ed:5f:d1:61:f4:d0:d0:b0:c7:64:b7:cf:b2:e7:34:
5b:6f:bb:f2:c3:60:42:27:1c:8b:be:ce:86:4b:04:
0d:91:51:23:74:b9:7f:23:d4:9e:a1:9f:1a:52:51:
e4:4a:f9:bb:9e:e8:bf:46:ba:9d:c4:5f:57:97:d0:
9c:42:38:b8:a7:42:05:3c:fa:5e:57:5c:93:a3:79:
02:37:85:99:18:d2:af:ea:47:2e:d7:19:b5:4b:be:
06:03:ca:25:0e:58:3b:04:49:ca:d5:31:20:14:34:
db:2b:cf:bc:b0:f8:c6:ad:ce:9e:45:88:ec:72:01:
07:73:f9:62:02:40:c2:03:b3:f0:54:15:20:93:41:
03:f9:58:37:26:5f:4f:86:16:21:17:9f:e6:1a:14:
4f:34:72:f9:0c:d0:8e:e9:35:52:7b:fc:c0:d8:65:
65:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:0D:A1:82:95:FA:62:97:93:17:4C:A0:33:70:F6:35:68:A7:67:AB
X509v3 Authority Key Identifier:
keyid:86:71:C9:67:EF:80:CE:3D:12:DC:EA:30:49:1B:94:6F:D7:06:87:C0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/hnHJZ--Azj0S3OowSRuUb9cGh8A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hnHJZ--Azj0S3OowSRuUb9cGh8A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9138D0E/8E714984A35E11E8B41A5878C4F9AE02/F046E896E9B411EFADF57822C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:9f40::/32
Signature Algorithm: sha256WithRSAEncryption
cf:3f:ab:bc:6c:2e:eb:ce:7f:05:56:10:85:13:64:c5:da:66:
7d:b0:33:20:36:ae:8a:f5:ec:c1:e3:5b:64:da:7e:da:46:74:
7b:aa:74:65:db:2d:fe:b5:2e:ee:81:27:74:57:48:03:63:8a:
1e:f9:ae:30:c9:27:34:b1:e9:ec:5d:88:84:77:4c:27:2e:e8:
26:4c:01:5e:43:79:aa:22:54:f8:88:9e:a0:b6:ad:19:8d:ae:
4d:49:17:59:f0:86:4c:e5:b6:1f:84:84:f2:f8:89:d9:8b:c4:
18:53:6f:45:27:3d:d5:78:75:63:46:d6:c8:82:6f:9d:cc:a6:
ce:31:6a:31:35:3c:0e:a3:e2:fe:b1:19:3d:96:15:49:7a:9d:
c0:c3:f6:b5:31:27:93:e5:c0:ad:31:77:97:4c:b0:55:a6:e6:
9c:6a:39:e6:88:41:f6:e5:90:1e:17:75:4e:1d:dc:74:71:2a:
40:35:3e:a9:60:f7:2c:b4:e5:28:60:64:8e:66:49:bb:ed:ac:
9e:af:01:fd:25:2e:7b:32:16:d9:e0:5a:c6:b4:0e:f1:7e:c8:
a4:9d:bf:20:07:2d:52:fd:d8:b8:b9:c2:f2:73:e9:24:f9:16:
5e:ae:f8:c6:f5:53:57:36:18:15:45:e3:27:ed:59:50:8d:a5:
0a:b1:5a:2f
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICE3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzhEMEUxMTAvBgNVBAUTKDg2NzFDOTY3RUY4MENFM0QxMkRDRUEzMDQ5MUI5NDZG
RDcwNjg3QzAwHhcNMjUwMjEzMDI0ODAxWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FkNWQ2MC00NmY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp0ryhutw0wI/a4spx760pxFaFbFBSLTExrJrOQ/3ofUQpsrUz315f6CWfFHE
qgY+Z0V30zor2RXlZjtZt3eYbwDzzbkVRayr+IzlGbH1JenVvL1jEuzJCxPtX9Fh
9NDQsMdkt8+y5zRbb7vyw2BCJxyLvs6GSwQNkVEjdLl/I9SeoZ8aUlHkSvm7nui/
RrqdxF9Xl9CcQji4p0IFPPpeV1yTo3kCN4WZGNKv6kcu1xm1S74GA8olDlg7BEnK
1TEgFDTbK8+8sPjGrc6eRYjscgEHc/liAkDCA7PwVBUgk0ED+Vg3Jl9PhhYhF5/m
GhRPNHL5DNCO6TVSe/zA2GVlzQIDAQABo4ICljCCApIwHQYDVR0OBBYEFAcNoYKV
+mKXkxdMoDNw9jVop2erMB8GA1UdIwQYMBaAFIZxyWfvgM49EtzqMEkblG/XBofA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOEQwRS84RTcxNDk4NEEz
NUUxMUU4QjQxQTU4NzhDNEY5QUUwMi9obkhKWi0tQXpqMFMzT293U1J1VWI5Y0do
OEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2huSEpaLS1BemowUzNPb3dTUnVVYjljR2g4QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzhEMEUvOEU3MTQ5ODRBMzVFMTFFOEI0MUE1ODc4QzRGOUFFMDIvRjA0NkU4OTZF
OUI0MTFFRkFERjU3ODIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkBJ9AMA0GCSqGSIb3DQEBCwUAA4IBAQDPP6u8bC7rzn8F
VhCFE2TF2mZ9sDMgNq6K9ezB41tk2n7aRnR7qnRl2y3+tS7ugSd0V0gDY4oe+a4w
ySc0sensXYiEd0wnLugmTAFeQ3mqIlT4iJ6gtq0Zja5NSRdZ8IZM5bYfhITy+InZ
i8QYU29FJz3VeHVjRtbIgm+dzKbOMWoxNTwOo+L+sRk9lhVJep3Aw/a1MSeT5cCt
MXeXTLBVpuacajnmiEH25ZAeF3VOHdx0cSpANT6pYPcstOUoYGSOZkm77ayerwH9
JS57MhbZ4FrGtA7xfsiknb8gBy1S/di4ucLyc+kk+RZervjG9VNXNhgVReMn7VlQ
jaUKsVov
-----END CERTIFICATE-----
Generated at Mon Apr 14 14:16:01 2025 by rpki-client