Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C422/3E745368ED5511E38072C57E5911EA32/F645F318500C11EBA2295426C4F9AE02.roa
File: F645F318500C11EBA2295426C4F9AE02.roa (raw, json)
Hash identifier: cs/JN2roMF9559frpHSU57kLMdZZdt/kq/+fgPXNaTg=
Subject key identifier: 48:FE:1F:27:3C:90:CA:E4:FE:3D:B8:42:B0:2A:2E:34:CC:05:F3:82
Certificate issuer: /CN=A917C422/serialNumber=35439E0BF35C888BB84D1B24ECDE7060CF744E91
Certificate serial: 2ADF
Authority key identifier: 35:43:9E:0B:F3:5C:88:8B:B8:4D:1B:24:EC:DE:70:60:CF:74:4E:91
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NUOeC_NciIu4TRsk7N5wYM90TpE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C422/3E745368ED5511E38072C57E5911EA32/F645F318500C11EBA2295426C4F9AE02.roa
Signing time: Mon 26 Aug 2024 14:40:28 +0000
ROA not before: Mon 26 Aug 2024 14:40:28 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 9244
IP address blocks: 152.104.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917C422/3E745368ED5511E38072C57E5911EA32/NUOeC_NciIu4TRsk7N5wYM90TpE.crl
rsync://rpki.apnic.net/member_repository/A917C422/3E745368ED5511E38072C57E5911EA32/NUOeC_NciIu4TRsk7N5wYM90TpE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NUOeC_NciIu4TRsk7N5wYM90TpE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 14:25:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10975 (0x2adf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C422, serialNumber=35439E0BF35C888BB84D1B24ECDE7060CF744E91
Validity
Not Before: Aug 26 14:40:28 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66cc93db-7c81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:7d:e8:af:b4:53:c3:66:5b:7f:5a:34:77:44:
d3:40:dc:6a:38:5e:2a:7d:5e:0e:ac:24:96:af:35:
6c:20:fe:4f:f7:d3:24:a7:86:ac:20:74:25:03:d0:
fb:aa:99:5e:f9:8c:a3:b1:b5:60:8f:6e:4e:8b:9b:
25:34:f0:f1:a8:15:1c:52:c9:77:46:e8:a8:b5:c8:
38:46:7e:36:ed:08:4c:8e:f2:e8:fa:85:fb:fb:46:
9f:e1:d2:e4:87:8a:b8:ba:bd:54:be:36:e2:85:b6:
62:8c:1a:22:8b:e6:73:49:f9:e2:3e:0a:d6:2c:7c:
27:bf:5a:20:28:eb:ad:05:c4:67:fb:3f:84:54:68:
89:1c:9c:04:c5:31:e3:e8:c0:0b:f4:b0:80:6d:fa:
2c:4e:4e:1a:36:c9:ad:7b:48:30:f8:4a:28:09:c3:
48:d8:ef:a3:04:8a:08:9e:95:cb:0f:94:01:20:2a:
a1:3a:6e:7d:9f:0e:28:a7:e5:29:2d:21:e3:d3:70:
0b:86:bf:91:a8:d8:1f:30:3f:1b:a2:07:0f:1f:a5:
71:a9:fa:34:4a:04:0c:11:03:08:33:43:31:56:68:
25:be:e2:d9:5d:52:a9:ba:0c:0b:f4:f4:7a:80:7e:
d3:1b:ab:26:63:33:ba:38:89:f2:7a:90:c6:12:03:
40:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:FE:1F:27:3C:90:CA:E4:FE:3D:B8:42:B0:2A:2E:34:CC:05:F3:82
X509v3 Authority Key Identifier:
keyid:35:43:9E:0B:F3:5C:88:8B:B8:4D:1B:24:EC:DE:70:60:CF:74:4E:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C422/3E745368ED5511E38072C57E5911EA32/NUOeC_NciIu4TRsk7N5wYM90TpE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NUOeC_NciIu4TRsk7N5wYM90TpE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C422/3E745368ED5511E38072C57E5911EA32/F645F318500C11EBA2295426C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
152.104.96.0/19
Signature Algorithm: sha256WithRSAEncryption
c4:57:03:e1:ba:29:8d:7c:7a:bc:70:25:c4:7f:38:50:52:29:
24:22:6f:11:c6:99:6e:c4:a7:fc:7c:92:b0:22:82:3b:cd:c8:
7b:fe:18:de:32:e5:1c:6e:1a:ed:a6:16:f9:d4:6a:f1:98:19:
1b:a4:e9:08:a0:2e:18:56:6c:16:02:13:fc:a6:8b:37:af:2c:
50:a5:ea:9b:33:70:19:bb:39:1f:22:5e:1d:02:98:b3:aa:bd:
a2:9f:ab:0a:15:4d:e7:48:cb:64:ea:7c:b9:e4:ab:9f:d9:23:
13:2d:bf:59:c5:99:96:b0:68:e4:15:93:3c:28:ab:43:9d:c6:
64:ba:8a:f6:d1:0c:d0:d2:d7:5c:3d:7b:a5:48:fb:ac:ea:2b:
a2:5e:64:5b:ba:13:4f:62:70:e7:be:42:d5:55:1e:3b:49:e5:
5e:35:7c:bf:ad:b4:11:51:9d:65:9f:fb:a4:92:79:bb:6a:22:
69:8a:4d:3f:31:c8:c9:7a:dd:e1:91:37:3d:3d:7e:09:ba:6b:
58:d6:d9:0f:b0:69:c0:6c:af:22:90:3d:23:7a:9c:2f:36:63:
1a:25:ae:09:5f:bf:ca:6c:86:40:e5:9a:5a:4f:ed:f2:36:7b:
e1:c0:c3:2f:1c:db:f8:ac:a2:ae:cf:e7:6c:5c:f6:72:2e:58:
74:12:ab:18
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICKt8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0M0MjIxMTAvBgNVBAUTKDM1NDM5RTBCRjM1Qzg4OEJCODREMUIyNEVDREU3MDYw
Q0Y3NDRFOTEwHhcNMjQwODI2MTQ0MDI4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmNjOTNkYi03YzgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3X3or7RTw2Zbf1o0d0TTQNxqOF4qfV4OrCSWrzVsIP5P99Mkp4asIHQlA9D7
qple+YyjsbVgj25Oi5slNPDxqBUcUsl3Ruiotcg4Rn427QhMjvLo+oX7+0af4dLk
h4q4ur1UvjbihbZijBoii+ZzSfniPgrWLHwnv1ogKOutBcRn+z+EVGiJHJwExTHj
6MAL9LCAbfosTk4aNsmte0gw+EooCcNI2O+jBIoInpXLD5QBICqhOm59nw4op+Up
LSHj03ALhr+RqNgfMD8bogcPH6Vxqfo0SgQMEQMIM0MxVmglvuLZXVKpugwL9PR6
gH7TG6smYzO6OInyepDGEgNAZwIDAQABo4IClTCCApEwHQYDVR0OBBYEFEj+Hyc8
kMrk/j24QrAqLjTMBfOCMB8GA1UdIwQYMBaAFDVDngvzXIiLuE0bJOzecGDPdE6R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzQyMi8zRTc0NTM2OEVE
NTUxMUUzODA3MkM1N0U1OTExRUEzMi9OVU9lQ19OY2lJdTRUUnNrN041d1lNOTBU
cEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL05VT2VDX05jaUl1NFRSc2s3TjV3WU05MFRwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0M0MjIvM0U3NDUzNjhFRDU1MTFFMzgwNzJDNTdFNTkxMUVBMzIvRjY0NUYzMTg1
MDBDMTFFQkEyMjk1NDI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAWYaGAwDQYJKoZIhvcNAQELBQADggEBAMRXA+G6KY18erxw
JcR/OFBSKSQibxHGmW7Ep/x8krAigjvNyHv+GN4y5RxuGu2mFvnUavGYGRuk6Qig
LhhWbBYCE/ymizevLFCl6pszcBm7OR8iXh0CmLOqvaKfqwoVTedIy2TqfLnkq5/Z
IxMtv1nFmZawaOQVkzwoq0OdxmS6ivbRDNDS11w9e6VI+6zqK6JeZFu6E09icOe+
QtVVHjtJ5V41fL+ttBFRnWWf+6SSebtqImmKTT8xyMl63eGRNz09fgm6a1jW2Q+w
acBsryKQPSN6nC82Yxolrglfv8pshkDlmlpP7fI2e+HAwy8c2/isoq7P52xc9nIu
WHQSqxg=
-----END CERTIFICATE-----
Generated at Mon Apr 14 09:38:54 2025 by rpki-client