Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/C828314A02CC11E6AA35863CC4F9AE02.roa
File: C828314A02CC11E6AA35863CC4F9AE02.roa (raw, json)
Hash identifier: WtwbdAJs3osRQvsAOMvWgusqoBOVQjjr1Dv2FNOXu+k=
Subject key identifier: 3B:FF:B1:FF:02:C0:9D:3D:35:F9:F5:26:8F:81:05:96:55:A5:20:1A
Certificate issuer: /CN=A9146207/serialNumber=9E668E6E67BAD0ACF940A228C4BC093B8B24002B
Certificate serial: 23FF
Authority key identifier: 9E:66:8E:6E:67:BA:D0:AC:F9:40:A2:28:C4:BC:09:3B:8B:24:00:2B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nmaObme60Kz5QKIoxLwJO4skACs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/C828314A02CC11E6AA35863CC4F9AE02.roa
Signing time: Fri 26 Jul 2024 16:33:33 +0000
ROA not before: Fri 26 Jul 2024 16:33:33 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 18115
IP address blocks: 112.198.48.0/24 maxlen: 24
203.177.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/nmaObme60Kz5QKIoxLwJO4skACs.crl
rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/nmaObme60Kz5QKIoxLwJO4skACs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nmaObme60Kz5QKIoxLwJO4skACs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 15:59:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9215 (0x23ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146207
Validity
Not Before: Jul 26 16:33:33 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66a3cfdd-379c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:59:bb:96:da:d3:fe:4b:7c:e1:0e:69:7f:5a:
b3:d9:c2:14:63:88:23:14:dd:8a:97:ea:36:be:38:
6e:21:25:94:c4:b6:b1:15:33:40:74:94:72:ff:09:
03:11:94:60:a9:50:d7:7a:51:56:04:ba:cb:95:ab:
a7:a0:04:f7:c5:9b:87:e3:da:2c:20:a5:fe:67:70:
c1:6b:96:0f:de:89:47:d5:55:58:ef:da:2c:39:a1:
1f:2b:25:95:63:cb:81:8e:ef:d1:f5:6c:1a:9d:73:
4e:1a:03:e9:4f:b2:08:9a:44:dd:a8:61:fe:0a:03:
1a:0e:d8:32:e9:fb:a9:ab:3d:cf:86:32:9a:cd:a9:
4b:33:34:9e:d6:a7:34:8a:8e:4f:ab:74:1e:9d:9c:
98:f0:21:53:ca:60:cb:22:51:0b:1d:c7:59:a2:3d:
34:f6:37:6b:44:95:2e:1a:11:60:3c:25:b0:40:4d:
dd:5b:85:12:36:d2:40:90:9e:2f:3e:5e:e5:79:7e:
6c:5a:28:61:5c:2c:5b:0b:ce:53:ec:45:8c:fb:4a:
89:28:36:89:73:60:5b:20:39:32:54:cb:fb:5f:3e:
dc:b1:d7:a6:bb:78:a5:18:7d:bc:53:c8:a9:56:57:
2b:cd:b9:74:64:fa:bf:c0:9d:67:14:dc:f4:82:6b:
99:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FF:B1:FF:02:C0:9D:3D:35:F9:F5:26:8F:81:05:96:55:A5:20:1A
X509v3 Authority Key Identifier:
keyid:9E:66:8E:6E:67:BA:D0:AC:F9:40:A2:28:C4:BC:09:3B:8B:24:00:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/nmaObme60Kz5QKIoxLwJO4skACs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nmaObme60Kz5QKIoxLwJO4skACs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146207/FE75634002CB11E6865B8F3BC4F9AE02/C828314A02CC11E6AA35863CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
112.198.48.0/24
203.177.228.0/24
Signature Algorithm: sha256WithRSAEncryption
07:85:54:d1:33:30:d4:05:d6:54:d6:dc:44:a1:56:41:f9:13:
e1:24:0e:75:2d:4a:a5:86:55:1b:af:63:68:c6:63:ac:27:36:
01:53:17:66:8e:be:6e:e8:8e:64:2d:b5:ec:bb:69:a3:74:b4:
8f:a5:a6:49:4e:54:4f:28:7c:cf:f4:49:7d:b6:11:0e:e1:ab:
c1:e5:06:bb:87:3a:82:2f:21:d3:b2:40:c5:27:22:b0:3b:12:
eb:87:93:55:0d:5f:13:39:ba:3c:d3:a4:d6:99:ab:59:bb:fb:
c1:e0:9c:86:48:67:89:d5:1a:77:95:eb:13:d5:e0:9e:71:6e:
c1:6f:db:dc:50:a4:66:90:94:05:d9:bd:37:4f:b8:01:9f:bb:
c6:5b:df:b7:80:5c:ad:8d:05:f5:a2:54:d3:a6:4a:45:5c:e5:
1b:0e:c1:19:1b:60:b7:ed:27:eb:14:ee:70:cb:c2:30:15:73:
d4:08:fa:66:a1:b4:fc:12:3f:ca:27:55:6c:83:27:47:5a:0a:
48:5e:30:84:3e:0d:47:92:39:77:53:5f:d0:0c:c5:af:c1:78:
0d:a9:77:ce:03:a6:84:a9:ee:a6:8b:fe:90:8f:75:c3:b3:5b:
39:12:94:ab:60:dd:0b:3f:16:af:37:b8:f9:54:5b:09:75:32:
ed:5b:b4:63
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICI/8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDYyMDcxMTAvBgNVBAUTKDlFNjY4RTZFNjdCQUQwQUNGOTQwQTIyOEM0QkMwOTNC
OEIyNDAwMkIwHhcNMjQwNzI2MTYzMzMzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmEzY2ZkZC0zNzljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw1m7ltrT/kt84Q5pf1qz2cIUY4gjFN2Kl+o2vjhuISWUxLaxFTNAdJRy/wkD
EZRgqVDXelFWBLrLlaunoAT3xZuH49osIKX+Z3DBa5YP3olH1VVY79osOaEfKyWV
Y8uBju/R9WwanXNOGgPpT7IImkTdqGH+CgMaDtgy6fupqz3PhjKazalLMzSe1qc0
io5Pq3QenZyY8CFTymDLIlELHcdZoj009jdrRJUuGhFgPCWwQE3dW4USNtJAkJ4v
Pl7leX5sWihhXCxbC85T7EWM+0qJKDaJc2BbIDkyVMv7Xz7csdemu3ilGH28U8ip
Vlcrzbl0ZPq/wJ1nFNz0gmuZewIDAQABo4ICmzCCApcwHQYDVR0OBBYEFDv/sf8C
wJ09Nfn1Jo+BBZZVpSAaMB8GA1UdIwQYMBaAFJ5mjm5nutCs+UCiKMS8CTuLJAAr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NjIwNy9GRTc1NjM0MDAy
Q0IxMUU2ODY1QjhGM0JDNEY5QUUwMi9ubWFPYm1lNjBLejVRS0lveEx3Sk80c2tB
Q3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25tYU9ibWU2MEt6NVFLSW94THdKTzRza0FDcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDYyMDcvRkU3NTYzNDAwMkNCMTFFNjg2NUI4RjNCQzRGOUFFMDIvQzgyODMxNEEw
MkNDMTFFNkFBMzU4NjNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABwxjADBADLseQwDQYJKoZIhvcNAQELBQADggEBAAeFVNEz
MNQF1lTW3EShVkH5E+EkDnUtSqWGVRuvY2jGY6wnNgFTF2aOvm7ojmQttey7aaN0
tI+lpklOVE8ofM/0SX22EQ7hq8HlBruHOoIvIdOyQMUnIrA7EuuHk1UNXxM5ujzT
pNaZq1m7+8HgnIZIZ4nVGneV6xPV4J5xbsFv29xQpGaQlAXZvTdPuAGfu8Zb37eA
XK2NBfWiVNOmSkVc5RsOwRkbYLftJ+sU7nDLwjAVc9QI+mahtPwSP8onVWyDJ0da
CkheMIQ+DUeSOXdTX9AMxa/BeA2pd84DpoSp7qaL/pCPdcOzWzkSlKtg3Qs/Fq83
uPlUWwl1Mu1btGM=
-----END CERTIFICATE-----
Generated at Fri Apr 11 00:52:47 2025 by rpki-client