Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178C1E/B989F8A2C64711EE9D68EB7FC4F9AE02/395803C8CDD011EEB4E50681C4F9AE02.roa
File: 395803C8CDD011EEB4E50681C4F9AE02.roa (raw, json)
Hash identifier: U+mu9E/7fBnjCJrDiP1cAMTZViiPy5KDtk1hEO7aXYE=
Subject key identifier: FB:5D:D3:78:B5:0E:47:F9:50:DE:65:92:C0:F0:10:A9:70:B9:4A:E9
Certificate issuer: /CN=A9178C1E/serialNumber=F93EFAA6A6D054AE997C8A3CFF25F169C36F8A0C
Certificate serial: CD
Authority key identifier: F9:3E:FA:A6:A6:D0:54:AE:99:7C:8A:3C:FF:25:F1:69:C3:6F:8A:0C
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-T76pqbQVK6ZfIo8_yXxacNvigw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178C1E/B989F8A2C64711EE9D68EB7FC4F9AE02/395803C8CDD011EEB4E50681C4F9AE02.roa
Signing time: Mon 03 Mar 2025 07:29:10 +0000
ROA not before: Mon 03 Mar 2025 07:29:10 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 63801
IP address blocks: 157.15.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9178C1E/B989F8A2C64711EE9D68EB7FC4F9AE02/-T76pqbQVK6ZfIo8_yXxacNvigw.crl
rsync://rpki.apnic.net/member_repository/A9178C1E/B989F8A2C64711EE9D68EB7FC4F9AE02/-T76pqbQVK6ZfIo8_yXxacNvigw.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-T76pqbQVK6ZfIo8_yXxacNvigw.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 04:20:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 205 (0xcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178C1E, serialNumber=F93EFAA6A6D054AE997C8A3CFF25F169C36F8A0C
Validity
Not Before: Mar 3 07:29:10 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c55a46-8df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:92:79:18:70:9d:0c:d7:cf:f0:fa:ae:2b:f6:
30:95:44:50:53:5e:17:1e:da:fc:a4:10:6a:27:d6:
c7:e7:8e:84:c9:61:9c:d2:2c:a1:63:6f:82:4b:c5:
29:14:cf:93:e3:e7:12:6c:65:cc:b2:b1:67:82:44:
60:59:62:0f:46:a1:a7:3b:98:9a:79:a8:22:11:9f:
0b:87:3d:01:aa:da:ca:5b:98:fe:63:ed:9e:59:03:
7e:79:d7:ed:7e:f4:3f:66:ad:5b:33:32:1e:63:fe:
f7:b5:c3:a1:bf:68:95:f9:13:44:f6:7e:4a:7e:c4:
08:0e:2d:1c:7f:90:a4:ba:a0:b3:c1:61:e5:29:15:
56:b4:b6:49:66:5f:18:21:8e:c6:6d:fb:01:3b:e6:
89:f4:7b:92:69:33:ee:81:b1:38:af:3d:89:19:57:
7f:f6:50:ff:f3:d8:ad:9e:ef:af:12:5b:3e:72:f3:
86:7f:42:9c:8b:f7:60:c3:7c:9e:fd:fc:5f:d4:7b:
cb:5f:4f:df:64:6a:aa:4c:d0:8b:fe:b0:bb:12:2a:
80:79:c5:6b:77:36:2a:f9:8e:8b:5b:55:68:e9:72:
70:69:cd:c0:7d:f2:4c:a4:60:4b:36:cc:c5:0b:d5:
6d:47:b9:dd:d7:97:0a:89:75:14:8a:61:7f:08:ef:
eb:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:5D:D3:78:B5:0E:47:F9:50:DE:65:92:C0:F0:10:A9:70:B9:4A:E9
X509v3 Authority Key Identifier:
keyid:F9:3E:FA:A6:A6:D0:54:AE:99:7C:8A:3C:FF:25:F1:69:C3:6F:8A:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178C1E/B989F8A2C64711EE9D68EB7FC4F9AE02/-T76pqbQVK6ZfIo8_yXxacNvigw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-T76pqbQVK6ZfIo8_yXxacNvigw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178C1E/B989F8A2C64711EE9D68EB7FC4F9AE02/395803C8CDD011EEB4E50681C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.126.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:b5:db:96:4a:9d:87:78:72:e2:b3:2d:4f:41:8e:98:e1:a0:
45:fd:ce:0c:3d:b1:6b:67:ae:ca:13:b0:35:cf:4d:22:26:6e:
a4:46:54:74:6b:f2:de:32:9e:3d:25:f9:e5:41:36:02:4d:ef:
d7:0d:98:ef:32:1e:84:3c:3c:64:58:f8:fd:ec:82:d5:5d:1d:
1e:1a:4e:7f:25:94:d3:80:1e:b8:bd:83:2a:d6:1b:10:7a:84:
d4:9d:0f:42:8a:e0:d8:89:a2:3c:9d:e1:84:0d:fb:eb:e6:44:
2c:3f:57:a8:34:75:ad:56:ef:35:7b:04:f4:f1:3e:3a:40:d2:
1c:dc:48:3d:16:ac:49:37:d7:0f:5a:5e:71:23:9d:07:a1:4f:
8a:b7:1e:d8:e8:02:5d:1c:cb:16:f8:94:15:bb:47:f4:32:33:
ca:fa:41:d4:0c:5e:d1:9d:d3:18:83:07:e9:91:3d:64:15:d4:
5b:7b:21:e6:68:b5:eb:fa:74:4b:bd:58:30:da:e9:11:72:a9:
b6:23:40:3d:47:ad:c7:37:71:d9:25:5f:a0:fd:49:7e:05:9e:
d2:16:2d:f4:e9:ec:b1:ae:b3:14:9a:6d:37:c9:74:1f:a9:21:
35:00:fe:41:a3:f1:81:76:0b:e9:7a:a2:0a:b6:46:b5:e4:89:
15:cd:18:f2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhDMUUxMTAvBgNVBAUTKEY5M0VGQUE2QTZEMDU0QUU5OTdDOEEzQ0ZGMjVGMTY5
QzM2RjhBMEMwHhcNMjUwMzAzMDcyOTEwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M1NWE0Ni04ZGY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0pJ5GHCdDNfP8PquK/YwlURQU14XHtr8pBBqJ9bH546EyWGc0iyhY2+CS8Up
FM+T4+cSbGXMsrFngkRgWWIPRqGnO5iaeagiEZ8Lhz0BqtrKW5j+Y+2eWQN+edft
fvQ/Zq1bMzIeY/73tcOhv2iV+RNE9n5KfsQIDi0cf5CkuqCzwWHlKRVWtLZJZl8Y
IY7GbfsBO+aJ9HuSaTPugbE4rz2JGVd/9lD/89itnu+vEls+cvOGf0Kci/dgw3ye
/fxf1HvLX0/fZGqqTNCL/rC7EiqAecVrdzYq+Y6LW1Vo6XJwac3AffJMpGBLNszF
C9VtR7nd15cKiXUUimF/CO/rTQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPtd03i1
Dkf5UN5lksDwEKlwuUrpMB8GA1UdIwQYMBaAFPk++qam0FSumXyKPP8l8WnDb4oM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEMxRS9COTg5RjhBMkM2
NDcxMUVFOUQ2OEVCN0ZDNEY5QUUwMi8tVDc2cHFiUVZLNlpmSW84X3lYeGFjTnZp
Z3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLy1UNzZwcWJRVks2WmZJbzhfeVh4YWNOdmlndy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhDMUUvQjk4OUY4QTJDNjQ3MTFFRTlENjhFQjdGQzRGOUFFMDIvMzk1ODAzQzhD
REQwMTFFRUI0RTUwNjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdD34wDQYJKoZIhvcNAQELBQADggEBAL2125ZKnYd4cuKz
LU9BjpjhoEX9zgw9sWtnrsoTsDXPTSImbqRGVHRr8t4ynj0l+eVBNgJN79cNmO8y
HoQ8PGRY+P3sgtVdHR4aTn8llNOAHri9gyrWGxB6hNSdD0KK4NiJojyd4YQN++vm
RCw/V6g0da1W7zV7BPTxPjpA0hzcSD0WrEk31w9aXnEjnQehT4q3HtjoAl0cyxb4
lBW7R/QyM8r6QdQMXtGd0xiDB+mRPWQV1Ft7IeZotev6dEu9WDDa6RFyqbYjQD1H
rcc3cdklX6D9SX4FntIWLfTp7LGusxSabTfJdB+pITUA/kGj8YF2C+l6ogq2RrXk
iRXNGPI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 05:52:38 2025 by rpki-client