Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/089CB7F8E41C11E9AD4A8D16C4F9AE02.roa
File: 089CB7F8E41C11E9AD4A8D16C4F9AE02.roa (raw, json)
Hash identifier: 29tTWrcXNIXarXuZvNVQ2lWN0oiWxIDYX0nWpSBxxvA=
Subject key identifier: 95:DA:04:23:57:9F:BE:FB:30:39:FC:DE:D8:7C:9D:FA:42:1F:26:1C
Certificate issuer: /CN=A9145446/serialNumber=7D65EBE14C3046E73E3986957302A26E081F1AF8
Certificate serial: 25F9
Authority key identifier: 7D:65:EB:E1:4C:30:46:E7:3E:39:86:95:73:02:A2:6E:08:1F:1A:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/089CB7F8E41C11E9AD4A8D16C4F9AE02.roa
Signing time: Thu 26 Sep 2024 15:52:55 +0000
ROA not before: Thu 26 Sep 2024 15:52:55 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 38575
IP address blocks: 125.5.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.crl
rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 15:45:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9721 (0x25f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9145446
Validity
Not Before: Sep 26 15:52:55 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f58357-508f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:16:a5:f4:83:45:25:b7:15:7d:38:7f:d9:07:
ed:03:d4:ca:9e:98:88:5d:20:f5:cc:8a:f6:79:56:
91:6c:28:00:6a:62:e6:a2:b8:d4:b8:0e:c9:b7:42:
96:c4:64:89:dc:fb:4f:4c:d7:ed:9a:9d:ff:59:61:
bc:54:e4:ad:c9:f1:a4:2f:64:3c:08:4b:a2:ea:7f:
17:30:e0:ac:20:3b:db:b2:bd:35:e2:d5:ab:47:7b:
d5:6f:d2:e8:df:45:70:ff:40:b5:e9:25:e7:79:b6:
51:14:bd:8a:9e:9e:8f:72:ce:c2:0b:84:b2:5b:3f:
89:b2:92:4a:d5:b0:04:f9:e3:e5:34:2f:f3:e6:e9:
5f:b0:d0:cc:84:0d:4a:15:69:73:00:54:ed:5c:86:
d6:de:c0:ec:be:e6:8f:0b:6a:7a:58:7d:7b:d4:61:
8f:59:5f:bc:6f:41:53:63:7e:dd:d8:6d:95:08:96:
b9:f7:08:58:bc:41:43:0b:4d:a4:e7:aa:5d:67:40:
92:dd:f7:ca:63:08:ba:fe:5b:28:56:01:94:fb:e1:
35:37:7f:c8:fd:24:8a:ba:61:a8:e1:19:ed:d4:fe:
64:fa:f7:44:6b:e8:bf:1c:a8:88:f5:69:71:0b:ef:
32:0c:5a:e9:a9:7d:cb:c3:42:66:5a:07:ea:b7:75:
43:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DA:04:23:57:9F:BE:FB:30:39:FC:DE:D8:7C:9D:FA:42:1F:26:1C
X509v3 Authority Key Identifier:
keyid:7D:65:EB:E1:4C:30:46:E7:3E:39:86:95:73:02:A2:6E:08:1F:1A:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/089CB7F8E41C11E9AD4A8D16C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
125.5.8.0/24
Signature Algorithm: sha256WithRSAEncryption
47:b4:20:87:3d:90:1b:e1:29:f2:40:f5:f8:b0:4a:ae:60:d5:
ee:a3:c3:d5:ef:02:8a:a8:7a:74:fd:f7:05:d1:b8:bc:6e:c1:
75:9c:34:76:30:ab:c1:26:a4:12:07:10:50:34:ff:1b:d3:69:
74:c7:94:56:db:2d:5d:24:7c:e6:cb:80:21:6f:21:32:1f:ff:
83:c2:39:16:bf:a4:7c:a2:aa:88:3e:c7:ad:f2:75:a6:28:2f:
43:11:4a:2c:6e:1d:d2:c2:c4:91:16:88:ca:90:f5:64:5c:5b:
dd:1a:9d:f3:f9:23:85:c6:41:33:2a:01:33:6f:2d:1a:39:3c:
ab:91:62:51:f5:6a:f9:c1:33:82:08:f8:b5:d2:ad:0c:17:d2:
a5:18:d0:2a:cd:29:d4:d1:88:79:50:f9:4b:3a:88:ee:e7:2b:
23:bd:ec:05:d1:e7:7b:2e:7c:a2:23:46:b2:3d:0b:43:60:2e:
6b:22:52:0b:9a:50:25:c0:4c:5b:72:85:bf:5a:0e:78:2d:c1:
af:15:73:39:96:64:05:62:6e:47:8b:2c:15:58:73:eb:78:59:
0b:78:fe:b0:db:c2:9c:ed:d9:1b:8a:7e:38:ed:6e:8d:57:2f:
eb:5c:7f:da:72:70:43:b1:cc:3d:d9:ec:b8:0c:9a:a2:ed:ae:
9b:af:04:b5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJfkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU0NDYxMTAvBgNVBAUTKDdENjVFQkUxNEMzMDQ2RTczRTM5ODY5NTczMDJBMjZF
MDgxRjFBRjgwHhcNMjQwOTI2MTU1MjU1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY1ODM1Ny01MDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvhal9INFJbcVfTh/2QftA9TKnpiIXSD1zIr2eVaRbCgAamLmorjUuA7Jt0KW
xGSJ3PtPTNftmp3/WWG8VOStyfGkL2Q8CEui6n8XMOCsIDvbsr014tWrR3vVb9Lo
30Vw/0C16SXnebZRFL2Knp6Pcs7CC4SyWz+JspJK1bAE+ePlNC/z5ulfsNDMhA1K
FWlzAFTtXIbW3sDsvuaPC2p6WH171GGPWV+8b0FTY37d2G2VCJa59whYvEFDC02k
56pdZ0CS3ffKYwi6/lsoVgGU++E1N3/I/SSKumGo4Rnt1P5k+vdEa+i/HKiI9Wlx
C+8yDFrpqX3Lw0JmWgfqt3VDIwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJXaBCNX
n777MDn83th8nfpCHyYcMB8GA1UdIwQYMBaAFH1l6+FMMEbnPjmGlXMCom4IHxr4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTQ0Ni9BQ0EyRTc1QzFG
QzUxMUU1QjQ1MERENjJDNEY5QUUwMi9mV1hyNFV3d1J1Yy1PWWFWY3dLaWJnZ2ZH
dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZXWHI0VXd3UnVjLU9ZYVZjd0tpYmdnZkd2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDU0NDYvQUNBMkU3NUMxRkM1MTFFNUI0NTBERDYyQzRGOUFFMDIvMDg5Q0I3RjhF
NDFDMTFFOUFENEE4RDE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB9BQgwDQYJKoZIhvcNAQELBQADggEBAEe0IIc9kBvhKfJA
9fiwSq5g1e6jw9XvAoqoenT99wXRuLxuwXWcNHYwq8EmpBIHEFA0/xvTaXTHlFbb
LV0kfObLgCFvITIf/4PCORa/pHyiqog+x63ydaYoL0MRSixuHdLCxJEWiMqQ9WRc
W90anfP5I4XGQTMqATNvLRo5PKuRYlH1avnBM4II+LXSrQwX0qUY0CrNKdTRiHlQ
+Us6iO7nKyO97AXR53sufKIjRrI9C0NgLmsiUguaUCXATFtyhb9aDngtwa8VczmW
ZAVibkeLLBVYc+t4WQt4/rDbwpzt2RuKfjjtbo1XL+tcf9pycEOxzD3Z7LgMmqLt
rpuvBLU=
-----END CERTIFICATE-----
Generated at Fri Apr 11 20:47:02 2025 by rpki-client