Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D61/295E4C76601B11EDA5C7276EC4F9AE02/35ADE898B90A11EF97D24653C4F9AE02.roa
File: 35ADE898B90A11EF97D24653C4F9AE02.roa (raw, json)
Hash identifier: /sVqx8q3knVsrGKYvA1MUovYNq+EQPYvWXQlJdzVZFw=
Subject key identifier: 4E:F3:34:B7:0A:F2:B6:F3:28:E8:2D:57:90:24:76:65:6F:C3:0F:20
Certificate issuer: /CN=A9148D61/serialNumber=69FF68D39AC1773E28A85785C791B4A8D9B38486
Certificate serial: 0193
Authority key identifier: 69:FF:68:D3:9A:C1:77:3E:28:A8:57:85:C7:91:B4:A8:D9:B3:84:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/af9o05rBdz4oqFeFx5G0qNmzhIY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148D61/295E4C76601B11EDA5C7276EC4F9AE02/35ADE898B90A11EF97D24653C4F9AE02.roa
Signing time: Fri 13 Dec 2024 04:24:57 +0000
ROA not before: Fri 13 Dec 2024 04:24:57 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 150286
IP address blocks: 2001:df1:3440::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9148D61/295E4C76601B11EDA5C7276EC4F9AE02/af9o05rBdz4oqFeFx5G0qNmzhIY.crl
rsync://rpki.apnic.net/member_repository/A9148D61/295E4C76601B11EDA5C7276EC4F9AE02/af9o05rBdz4oqFeFx5G0qNmzhIY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/af9o05rBdz4oqFeFx5G0qNmzhIY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 01:58:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 403 (0x193)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148D61
Validity
Not Before: Dec 13 04:24:57 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=675bb719-cac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:63:06:17:11:c8:54:84:16:1f:66:63:9b:74:
c6:15:fe:5e:bd:87:16:09:3e:c4:9c:2a:97:db:fc:
45:ad:18:b0:e6:49:15:4a:4d:0f:e9:f3:5c:e1:29:
8c:ac:a3:6b:50:c3:32:36:40:46:d5:51:75:ce:a3:
bb:3a:03:a5:00:b8:b9:4f:41:2d:da:49:93:1a:7b:
70:22:4b:b2:ea:c5:41:15:ae:83:ce:4b:60:f7:b6:
68:8d:06:97:83:2d:db:44:85:ed:0e:1d:72:f3:ae:
c2:d7:69:59:d4:d9:5c:2f:b9:43:69:ee:4b:45:ec:
fb:5f:89:c4:b0:6c:50:7b:f0:03:ca:58:c6:d0:65:
14:9b:13:02:7a:74:bc:93:5b:d6:1c:39:e1:cb:5b:
af:41:01:63:32:06:6f:60:af:81:62:b7:d2:11:78:
06:db:38:b8:0f:18:4b:6d:85:12:ab:1f:7f:63:54:
49:49:37:ed:79:a2:51:ef:3e:59:96:7c:5d:d5:44:
cf:a5:8b:76:2f:05:15:a6:ee:b7:b8:7b:4e:27:29:
d4:5f:8f:91:8c:c2:99:3c:3f:13:ba:99:45:ba:94:
73:75:89:46:0e:c0:ac:b7:fe:f0:3b:9b:41:75:cf:
69:fb:d9:bf:65:f2:51:ce:b7:c6:f4:5c:74:a5:0b:
7c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F3:34:B7:0A:F2:B6:F3:28:E8:2D:57:90:24:76:65:6F:C3:0F:20
X509v3 Authority Key Identifier:
keyid:69:FF:68:D3:9A:C1:77:3E:28:A8:57:85:C7:91:B4:A8:D9:B3:84:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148D61/295E4C76601B11EDA5C7276EC4F9AE02/af9o05rBdz4oqFeFx5G0qNmzhIY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/af9o05rBdz4oqFeFx5G0qNmzhIY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D61/295E4C76601B11EDA5C7276EC4F9AE02/35ADE898B90A11EF97D24653C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df1:3440::/48
Signature Algorithm: sha256WithRSAEncryption
13:5b:47:a5:0a:e2:45:9e:38:cd:8a:b2:c9:37:a9:3c:37:4e:
7b:e6:48:6b:b1:3b:2e:36:cd:a2:ce:e2:43:ad:12:da:15:0d:
f5:2c:6d:41:99:b1:9e:4a:04:91:f8:30:56:9d:bf:f1:76:17:
02:fc:17:43:d5:73:1e:f6:1d:e8:e6:97:5d:a7:04:c9:89:29:
44:3e:6f:7d:ba:f0:2c:58:8b:55:b3:98:52:51:61:69:0b:5a:
df:63:da:16:d8:b8:5c:03:78:22:e7:b2:2f:bf:c1:f3:a4:63:
fb:ac:98:4a:4c:0a:b5:bf:36:53:c4:1b:e1:e0:89:3d:83:d7:
b5:eb:fb:0f:41:15:36:19:c5:d9:76:66:c5:48:a1:7b:71:b1:
d9:4c:64:45:58:f4:43:d3:f2:2f:aa:5e:5e:33:90:a3:dd:b6:
a3:da:51:24:31:10:46:be:ff:fe:86:1d:8e:1d:d0:4e:fa:4e:
68:4e:0c:bd:29:dc:65:e4:f7:7d:0c:5d:52:70:98:5a:d6:01:
db:4d:a3:37:4e:07:be:22:43:05:c5:20:95:da:71:90:11:d2:
6e:9b:3b:4f:35:98:bb:df:8a:fa:7f:3d:21:5f:ca:f8:d2:d0:
7c:80:73:a9:3c:ec:7d:5d:61:1e:87:a3:80:22:ac:26:1f:e7:
be:63:be:48
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAZMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhENjExMTAvBgNVBAUTKDY5RkY2OEQzOUFDMTc3M0UyOEE4NTc4NUM3OTFCNEE4
RDlCMzg0ODYwHhcNMjQxMjEzMDQyNDU3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzViYjcxOS1jYWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx2MGFxHIVIQWH2Zjm3TGFf5evYcWCT7EnCqX2/xFrRiw5kkVSk0P6fNc4SmM
rKNrUMMyNkBG1VF1zqO7OgOlALi5T0Et2kmTGntwIkuy6sVBFa6Dzktg97ZojQaX
gy3bRIXtDh1y867C12lZ1NlcL7lDae5LRez7X4nEsGxQe/ADyljG0GUUmxMCenS8
k1vWHDnhy1uvQQFjMgZvYK+BYrfSEXgG2zi4DxhLbYUSqx9/Y1RJSTfteaJR7z5Z
lnxd1UTPpYt2LwUVpu63uHtOJynUX4+RjMKZPD8TuplFupRzdYlGDsCst/7wO5tB
dc9p+9m/ZfJRzrfG9Fx0pQt8jQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFE7zNLcK
8rbzKOgtV5AkdmVvww8gMB8GA1UdIwQYMBaAFGn/aNOawXc+KKhXhceRtKjZs4SG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQ2MS8yOTVFNEM3NjYw
MUIxMUVEQTVDNzI3NkVDNEY5QUUwMi9hZjlvMDVyQmR6NG9xRmVGeDVHMHFObXpo
SVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FmOW8wNXJCZHo0b3FGZUZ4NUcwcU5temhJWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhENjEvMjk1RTRDNzY2MDFCMTFFREE1QzcyNzZFQzRGOUFFMDIvMzVBREU4OThC
OTBBMTFFRjk3RDI0NjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3xNEAwDQYJKoZIhvcNAQELBQADggEBABNbR6UK4kWe
OM2Kssk3qTw3TnvmSGuxOy42zaLO4kOtEtoVDfUsbUGZsZ5KBJH4MFadv/F2FwL8
F0PVcx72Hejml12nBMmJKUQ+b3268CxYi1WzmFJRYWkLWt9j2hbYuFwDeCLnsi+/
wfOkY/usmEpMCrW/NlPEG+HgiT2D17Xr+w9BFTYZxdl2ZsVIoXtxsdlMZEVY9EPT
8i+qXl4zkKPdtqPaUSQxEEa+//6GHY4d0E76TmhODL0p3GXk930MXVJwmFrWAdtN
ozdOB74iQwXFIJXacZAR0m6bO081mLvfivp/PSFfyvjS0HyAc6k87H1dYR6Ho4Ai
rCYf575jvkg=
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:37:43 2025 by rpki-client