Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9159B6F/348AA908D09C11EE80AB8D7EC4F9AE02/F56322CCD09C11EE94431F80C4F9AE02.roa
File: F56322CCD09C11EE94431F80C4F9AE02.roa (raw, json)
Hash identifier: VBkLC1Ug6+V5ASssgia7rSJZ2O30hfTWr/78uTsbXl8=
Subject key identifier: A3:3D:EC:72:18:B2:5E:71:9C:AF:BF:D6:EC:0C:9F:56:74:53:97:08
Certificate issuer: /CN=A9159B6F/serialNumber=BD6BA45FF0276C2C604A033B07CDA4E4C0DF15D7
Certificate serial: CB
Authority key identifier: BD:6B:A4:5F:F0:27:6C:2C:60:4A:03:3B:07:CD:A4:E4:C0:DF:15:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vWukX_AnbCxgSgM7B82k5MDfFdc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9159B6F/348AA908D09C11EE80AB8D7EC4F9AE02/F56322CCD09C11EE94431F80C4F9AE02.roa
Signing time: Fri 21 Mar 2025 05:11:36 +0000
ROA not before: Fri 21 Mar 2025 05:11:36 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 138032
IP address blocks: 2001:df3:7c40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9159B6F/348AA908D09C11EE80AB8D7EC4F9AE02/vWukX_AnbCxgSgM7B82k5MDfFdc.crl
rsync://rpki.apnic.net/member_repository/A9159B6F/348AA908D09C11EE80AB8D7EC4F9AE02/vWukX_AnbCxgSgM7B82k5MDfFdc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vWukX_AnbCxgSgM7B82k5MDfFdc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 04:25:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203 (0xcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9159B6F, serialNumber=BD6BA45FF0276C2C604A033B07CDA4E4C0DF15D7
Validity
Not Before: Mar 21 05:11:36 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67dcf508-d610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:2e:9e:1f:62:1e:aa:93:76:69:eb:3f:38:e3:
47:fd:c2:c0:d6:90:49:65:db:bd:04:ad:b2:4e:62:
fe:b3:25:bf:dc:e2:09:2e:bf:85:b3:54:88:d6:8c:
8f:80:95:6d:b4:b7:b9:21:65:b4:22:fb:3d:11:83:
89:2f:4f:09:12:3e:57:d0:7d:22:e8:4c:bd:5f:70:
07:cb:51:09:3d:53:39:f3:e3:e8:08:f8:9f:c8:22:
9e:47:60:dd:17:41:4d:a0:81:3f:28:be:a9:ee:44:
59:18:8d:c5:0a:92:ed:28:ab:bd:10:5b:e9:f6:36:
6e:49:7a:f3:be:43:c5:77:0a:ca:4e:e2:29:bd:21:
fd:98:1a:52:16:59:43:21:09:27:81:10:f7:a6:0a:
12:c5:09:e9:3b:e7:f0:06:5d:88:37:e6:e8:cf:18:
59:cb:6d:0a:bf:9e:d1:d8:6f:56:16:b9:cc:39:43:
50:60:ad:40:d4:29:9a:b7:f4:1d:17:78:61:fe:64:
4f:50:e4:6b:fa:18:35:b1:75:81:1b:a6:56:ff:68:
2d:d8:d3:ef:6d:3f:b9:12:31:86:7a:11:0a:b2:d1:
83:7d:4e:f5:92:e2:f8:3d:5e:45:2c:3a:73:2b:f1:
49:47:1b:04:c1:29:4e:e6:c5:00:e0:b7:ac:9b:f3:
d3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3D:EC:72:18:B2:5E:71:9C:AF:BF:D6:EC:0C:9F:56:74:53:97:08
X509v3 Authority Key Identifier:
keyid:BD:6B:A4:5F:F0:27:6C:2C:60:4A:03:3B:07:CD:A4:E4:C0:DF:15:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9159B6F/348AA908D09C11EE80AB8D7EC4F9AE02/vWukX_AnbCxgSgM7B82k5MDfFdc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vWukX_AnbCxgSgM7B82k5MDfFdc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9159B6F/348AA908D09C11EE80AB8D7EC4F9AE02/F56322CCD09C11EE94431F80C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:7c40::/48
Signature Algorithm: sha256WithRSAEncryption
28:a2:40:f5:05:ad:ba:44:13:b9:2d:28:3f:99:84:50:32:68:
98:35:9f:7e:72:5b:7f:39:42:08:bb:9f:d6:51:b3:e0:64:04:
f5:01:9e:85:f4:ce:2a:57:b5:3f:a2:e6:12:6d:f1:23:8b:51:
da:60:74:15:76:d5:75:27:cb:00:0d:8c:f8:02:02:40:0f:f9:
4b:30:86:3d:c0:d8:bb:e5:4d:3d:aa:e8:16:1d:00:dc:85:a4:
b6:a7:c2:14:7e:79:d5:20:82:40:4a:84:6c:3a:49:56:e1:ae:
07:f4:03:43:22:51:83:5c:cc:43:86:ab:c9:ab:36:58:b0:7b:
90:03:42:13:bc:a9:96:8b:a6:cd:3d:e9:b4:c8:b2:78:ec:c8:
c2:73:fd:88:79:90:92:82:23:8c:a2:1f:36:28:15:06:e2:9e:
24:fe:af:6d:41:ce:d0:58:70:51:1f:7a:63:86:e8:29:2a:dc:
68:ca:d4:a0:c8:3b:0e:8f:35:74:25:48:0d:09:ab:0d:37:76:
a5:be:3a:29:21:ca:7a:90:67:a8:07:eb:2c:ed:c7:ed:1f:51:
f4:72:af:ff:c7:03:62:5f:fe:a5:82:69:ef:0d:56:38:25:73:
00:ed:0b:d9:93:a3:f2:0c:66:32:ec:19:83:51:ab:c3:ef:3e:
c9:45:64:11
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTlCNkYxMTAvBgNVBAUTKEJENkJBNDVGRjAyNzZDMkM2MDRBMDMzQjA3Q0RBNEU0
QzBERjE1RDcwHhcNMjUwMzIxMDUxMTM2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjZjUwOC1kNjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8i6eH2IeqpN2aes/OONH/cLA1pBJZdu9BK2yTmL+syW/3OIJLr+Fs1SI1oyP
gJVttLe5IWW0Ivs9EYOJL08JEj5X0H0i6Ey9X3AHy1EJPVM58+PoCPifyCKeR2Dd
F0FNoIE/KL6p7kRZGI3FCpLtKKu9EFvp9jZuSXrzvkPFdwrKTuIpvSH9mBpSFllD
IQkngRD3pgoSxQnpO+fwBl2IN+bozxhZy20Kv57R2G9WFrnMOUNQYK1A1Cmat/Qd
F3hh/mRPUORr+hg1sXWBG6ZW/2gt2NPvbT+5EjGGehEKstGDfU71kuL4PV5FLDpz
K/FJRxsEwSlO5sUA4Lesm/PTQwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFKM97HIY
sl5xnK+/1uwMn1Z0U5cIMB8GA1UdIwQYMBaAFL1rpF/wJ2wsYEoDOwfNpOTA3xXX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OUI2Ri8zNDhBQTkwOEQw
OUMxMUVFODBBQjhEN0VDNEY5QUUwMi92V3VrWF9BbmJDeGdTZ003QjgyazVNRGZG
ZGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZXdWtYX0FuYkN4Z1NnTTdCODJrNU1EZkZkYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTlCNkYvMzQ4QUE5MDhEMDlDMTFFRTgwQUI4RDdFQzRGOUFFMDIvRjU2MzIyQ0NE
MDlDMTFFRTk0NDMxRjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3zfEAwDQYJKoZIhvcNAQELBQADggEBACiiQPUFrbpE
E7ktKD+ZhFAyaJg1n35yW385Qgi7n9ZRs+BkBPUBnoX0zipXtT+i5hJt8SOLUdpg
dBV21XUnywANjPgCAkAP+Uswhj3A2LvlTT2q6BYdANyFpLanwhR+edUggkBKhGw6
SVbhrgf0A0MiUYNczEOGq8mrNliwe5ADQhO8qZaLps096bTIsnjsyMJz/Yh5kJKC
I4yiHzYoFQbiniT+r21BztBYcFEfemOG6Ckq3GjK1KDIOw6PNXQlSA0Jqw03dqW+
OikhynqQZ6gH6yztx+0fUfRyr//HA2Jf/qWCae8NVjglcwDtC9mTo/IMZjLsGYNR
q8PvPslFZBE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:25:18 2025 by rpki-client