Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161B37/532A2E0AABBC11EFB3D9CE6EC4F9AE02/172F46B6B2AA11EFA6C7B35AC4F9AE02.roa
File: 172F46B6B2AA11EFA6C7B35AC4F9AE02.roa (raw, json)
Hash identifier: ykJZ1vokWQVQModznO57DFIfns9B6rl6axv/cLKTInk=
Subject key identifier: 38:F6:8D:C7:10:06:BF:85:3D:09:0D:A7:B2:2C:65:F6:C5:8F:6F:26
Certificate issuer: /CN=A9161B37/serialNumber=8A80FE8A0D23BC30C664A77AA08ED90E19B591DC
Certificate serial: 07
Authority key identifier: 8A:80:FE:8A:0D:23:BC:30:C6:64:A7:7A:A0:8E:D9:0E:19:B5:91:DC
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ioD-ig0jvDDGZKd6oI7ZDhm1kdw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161B37/532A2E0AABBC11EFB3D9CE6EC4F9AE02/172F46B6B2AA11EFA6C7B35AC4F9AE02.roa
Signing time: Thu 05 Dec 2024 01:41:48 +0000
ROA not before: Thu 05 Dec 2024 01:41:47 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 153381
IP address blocks: 198.49.32.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9161B37/532A2E0AABBC11EFB3D9CE6EC4F9AE02/ioD-ig0jvDDGZKd6oI7ZDhm1kdw.crl
rsync://rpki.apnic.net/member_repository/A9161B37/532A2E0AABBC11EFB3D9CE6EC4F9AE02/ioD-ig0jvDDGZKd6oI7ZDhm1kdw.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ioD-ig0jvDDGZKd6oI7ZDhm1kdw.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 06:06:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161B37, serialNumber=8A80FE8A0D23BC30C664A77AA08ED90E19B591DC
Validity
Not Before: Dec 5 01:41:47 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=675104db-dc4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5f:1a:2c:38:b4:61:11:0a:9f:00:9c:c3:d3:
37:5c:36:8f:cd:4d:08:d1:77:12:91:ee:7c:51:b3:
dc:e2:e5:c0:3f:90:4a:59:e8:ba:2c:a0:ed:ac:55:
6b:ea:f5:0b:60:9e:9a:8d:a4:aa:a2:65:d3:cc:97:
73:fe:af:92:40:c8:62:e6:29:9b:89:8b:98:44:f1:
84:5d:1d:f1:21:d6:ca:86:59:60:7e:11:74:f9:fe:
eb:53:f0:9e:cd:83:19:d9:29:96:d7:bb:28:cf:5c:
71:12:3c:7d:c4:b6:6b:07:d1:99:50:9d:06:be:e2:
5e:b9:33:8a:59:75:40:17:bd:5e:96:06:15:d4:10:
6d:e2:82:80:d8:80:df:de:5c:2b:9d:16:33:1f:45:
8f:ae:d5:90:b4:b0:4b:94:a5:e3:25:b0:e9:2a:b3:
62:43:8a:65:1f:4d:1e:05:23:e2:68:b3:98:6f:bb:
86:61:14:26:13:96:88:d7:e7:f3:69:42:c4:64:c0:
c8:02:59:7b:f6:15:e0:ad:b0:12:49:24:43:a8:d2:
36:69:59:97:34:c1:1b:23:2b:eb:bd:a4:5c:a5:f3:
bc:a6:0b:89:3e:a7:6d:c8:26:fa:d9:ab:14:f7:e1:
63:de:7c:92:41:1c:0a:24:dd:a6:be:b7:b1:b7:46:
89:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F6:8D:C7:10:06:BF:85:3D:09:0D:A7:B2:2C:65:F6:C5:8F:6F:26
X509v3 Authority Key Identifier:
keyid:8A:80:FE:8A:0D:23:BC:30:C6:64:A7:7A:A0:8E:D9:0E:19:B5:91:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161B37/532A2E0AABBC11EFB3D9CE6EC4F9AE02/ioD-ig0jvDDGZKd6oI7ZDhm1kdw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ioD-ig0jvDDGZKd6oI7ZDhm1kdw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161B37/532A2E0AABBC11EFB3D9CE6EC4F9AE02/172F46B6B2AA11EFA6C7B35AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
198.49.32.0/21
Signature Algorithm: sha256WithRSAEncryption
06:4c:70:16:25:c8:9d:0b:01:00:e4:aa:57:d5:5e:40:a4:0a:
8d:53:39:73:3b:cd:6b:5e:92:95:dc:7a:68:4f:e1:b0:45:8c:
61:65:7e:06:f9:e5:63:f1:3a:00:0a:b0:07:7a:5f:22:f3:af:
c8:db:4d:bd:99:fd:d0:9f:72:31:f7:80:b6:ef:9f:92:43:43:
08:c5:b4:be:c7:38:df:02:14:08:27:43:cb:bf:26:81:cf:f2:
28:49:a9:cf:b3:fa:d1:43:0b:92:e4:a2:fa:36:70:5e:ef:d2:
ca:c0:5c:a1:fc:b3:c2:39:3c:fe:6a:db:29:c7:f0:1b:bd:2c:
94:24:03:7a:45:6a:56:44:90:55:e5:c9:59:6a:f7:dc:12:a7:
e8:06:d4:95:82:03:2d:27:94:60:c9:23:92:28:e5:3a:70:74:
42:07:ca:ab:ff:95:96:1f:ab:bd:75:5a:80:1b:2a:8d:3d:d1:
d9:1f:66:e7:7a:e1:c6:62:7e:73:f1:21:45:24:d2:65:51:8e:
6a:2c:73:81:ac:55:42:76:1f:5b:f2:f7:c2:e0:bb:29:16:57:
31:50:2f:4d:33:f0:48:55:c8:48:01:a7:82:8d:d9:f4:c6:7c:
4e:a8:ea:5c:cb:9c:b9:0f:b1:94:14:af:4b:f1:de:aa:04:a4:
f5:63:e4:5e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
MUIzNzExMC8GA1UEBRMoOEE4MEZFOEEwRDIzQkMzMEM2NjRBNzdBQTA4RUQ5MEUx
OUI1OTFEQzAeFw0yNDEyMDUwMTQxNDdaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NTEwNGRiLWRjNGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkXxosOLRhEQqfAJzD0zdcNo/NTQjRdxKR7nxRs9zi5cA/kEpZ6LosoO2sVWvq
9QtgnpqNpKqiZdPMl3P+r5JAyGLmKZuJi5hE8YRdHfEh1sqGWWB+EXT5/utT8J7N
gxnZKZbXuyjPXHESPH3EtmsH0ZlQnQa+4l65M4pZdUAXvV6WBhXUEG3igoDYgN/e
XCudFjMfRY+u1ZC0sEuUpeMlsOkqs2JDimUfTR4FI+Jos5hvu4ZhFCYTlojX5/Np
QsRkwMgCWXv2FeCtsBJJJEOo0jZpWZc0wRsjK+u9pFyl87ymC4k+p23IJvrZqxT3
4WPefJJBHAok3aa+t7G3RomrAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUOPaNxxAG
v4U9CQ2nsixl9sWPbyYwHwYDVR0jBBgwFoAUioD+ig0jvDDGZKd6oI7ZDhm1kdww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxQjM3LzUzMkEyRTBBQUJC
QzExRUZCM0Q5Q0U2RUM0RjlBRTAyL2lvRC1pZzBqdkRER1pLZDZvSTdaRGhtMWtk
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvaW9ELWlnMGp2RERHWktkNm9JN1pEaG0xa2R3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
MUIzNy81MzJBMkUwQUFCQkMxMUVGQjNEOUNFNkVDNEY5QUUwMi8xNzJGNDZCNkIy
QUExMUVGQTZDN0IzNUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEA8YxIDANBgkqhkiG9w0BAQsFAAOCAQEABkxwFiXInQsBAOSq
V9VeQKQKjVM5czvNa16Sldx6aE/hsEWMYWV+BvnlY/E6AAqwB3pfIvOvyNtNvZn9
0J9yMfeAtu+fkkNDCMW0vsc43wIUCCdDy78mgc/yKEmpz7P60UMLkuSi+jZwXu/S
ysBcofyzwjk8/mrbKcfwG70slCQDekVqVkSQVeXJWWr33BKn6AbUlYIDLSeUYMkj
kijlOnB0QgfKq/+Vlh+rvXVagBsqjT3R2R9m53rhxmJ+c/EhRSTSZVGOaixzgaxV
QnYfW/L3wuC7KRZXMVAvTTPwSFXISAGngo3Z9MZ8TqjqXMucuQ+xlBSvS/HeqgSk
9WPkXg==
-----END CERTIFICATE-----
Generated at Sun Apr 13 19:49:44 2025 by rpki-client