Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/2CCF1E3CC1FB11EF8FEEDA53C4F9AE02.roa
File: 2CCF1E3CC1FB11EF8FEEDA53C4F9AE02.roa (raw, json)
Hash identifier: mxel97G1h95rKgA5ES8sTrC62fGtI/h7p/k2ksim6Yc=
Subject key identifier: E4:95:8E:3F:62:02:F0:C5:B3:36:72:9A:27:A1:46:E9:A1:0B:6D:5C
Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial: 0DEC
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/2CCF1E3CC1FB11EF8FEEDA53C4F9AE02.roa
Signing time: Tue 24 Dec 2024 13:30:01 +0000
ROA not before: Tue 24 Dec 2024 13:30:01 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 44324
IP address blocks: 2406:840:e270::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl
rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 19:56:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3564 (0xdec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917ED5C
Validity
Not Before: Dec 24 13:30:01 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=676ab758-ad18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4b:c0:4d:3a:5b:6f:78:f8:ce:aa:a4:eb:ba:
05:bb:f2:bb:fc:0d:d3:d5:d0:11:c9:5b:ec:02:b3:
ca:f6:32:dd:dc:c9:76:1d:2e:09:43:70:9d:3a:b1:
86:1e:43:b8:5a:22:b5:e8:63:09:a5:d8:95:b6:5d:
2a:95:8d:2f:ce:b4:9c:11:02:f7:26:e1:a1:61:dd:
ac:8b:57:a3:55:ce:c1:e9:0a:f1:43:18:ec:73:54:
d7:f3:c5:d7:cc:ae:43:5b:44:ec:af:f6:af:d3:45:
6e:5c:c6:5d:45:44:86:8d:4b:81:18:90:7c:90:e3:
69:09:27:41:fd:b5:a6:8b:51:f9:4d:66:a7:73:79:
7a:bb:67:63:e0:9c:46:99:d8:b7:ff:f0:65:f6:c8:
0c:a5:52:b1:28:b9:d8:4d:56:7b:78:53:e1:cb:e3:
50:3f:06:a9:55:77:28:39:8c:30:3a:fd:1d:81:30:
11:eb:92:a1:46:8f:e9:52:66:ba:e9:6a:1f:c9:99:
d3:d1:f3:1d:fe:2b:70:be:f7:93:47:98:0f:80:04:
54:05:fe:e0:71:b1:d0:5c:4b:3b:2a:7d:2a:e0:9c:
0f:0e:6a:0c:21:4a:6d:b0:6d:1f:85:55:d5:44:44:
a1:e7:0f:34:e6:2b:04:2b:af:19:10:dd:d4:61:2e:
57:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:95:8E:3F:62:02:F0:C5:B3:36:72:9A:27:A1:46:E9:A1:0B:6D:5C
X509v3 Authority Key Identifier:
keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/2CCF1E3CC1FB11EF8FEEDA53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:840:e270::/44
Signature Algorithm: sha256WithRSAEncryption
99:a5:59:e7:83:67:ea:89:7f:05:ba:81:ef:fc:ca:15:bf:ad:
4f:30:98:b7:61:00:8d:26:29:c2:b9:35:fc:2d:0b:f6:e7:dc:
35:e3:11:63:a7:84:38:dd:63:8d:93:36:15:85:36:d7:ec:4a:
8a:74:d3:f6:81:cc:b0:79:ee:17:73:e1:8f:01:8c:4b:b9:37:
ac:21:2c:2f:87:2a:b3:e4:0e:d8:41:7c:3e:17:b4:c8:36:cb:
66:d7:44:7e:cb:e8:4f:7e:2e:37:00:5d:41:b2:10:41:aa:24:
af:a4:88:6d:a9:0c:17:52:c6:d8:09:ea:83:14:ed:9a:5d:a3:
18:63:2e:12:86:1e:d8:39:38:27:85:b5:0a:a3:0d:25:e2:64:
43:94:79:51:d3:b3:f1:4f:a8:ff:04:2a:b9:ac:b8:38:44:74:
2d:a3:5d:cb:ac:64:f4:20:4b:18:a2:a3:cd:72:14:30:ec:3b:
e2:11:f3:87:f5:96:bd:4b:cb:e6:e1:e9:36:e3:57:c1:a0:49:
61:ca:74:f2:85:a5:dc:94:7c:0c:66:68:19:b7:f8:81:77:47:
2f:97:76:ef:0d:bb:80:79:34:5e:59:fa:e3:5b:69:e7:aa:6f:
de:e0:76:f4:c2:15:e6:7c:0e:55:fb:8e:1b:c9:15:0a:22:5a:
c4:0a:67:9c
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICDewwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjQxMjI0MTMzMDAxWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZhYjc1OC1hZDE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv0vATTpbb3j4zqqk67oFu/K7/A3T1dARyVvsArPK9jLd3Ml2HS4JQ3CdOrGG
HkO4WiK16GMJpdiVtl0qlY0vzrScEQL3JuGhYd2si1ejVc7B6QrxQxjsc1TX88XX
zK5DW0Tsr/av00VuXMZdRUSGjUuBGJB8kONpCSdB/bWmi1H5TWanc3l6u2dj4JxG
mdi3//Bl9sgMpVKxKLnYTVZ7eFPhy+NQPwapVXcoOYwwOv0dgTAR65KhRo/pUma6
6WofyZnT0fMd/itwvveTR5gPgARUBf7gcbHQXEs7Kn0q4JwPDmoMIUptsG0fhVXV
RESh5w805isEK68ZEN3UYS5X0wIDAQABo4ICmDCCApQwHQYDVR0OBBYEFOSVjj9i
AvDFszZymiehRumhC21cMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvMkNDRjFFM0ND
MUZCMTFFRjhGRUVEQTUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkBghA4nAwDQYJKoZIhvcNAQELBQADggEBAJmlWeeDZ+qJ
fwW6ge/8yhW/rU8wmLdhAI0mKcK5NfwtC/bn3DXjEWOnhDjdY42TNhWFNtfsSop0
0/aBzLB57hdz4Y8BjEu5N6whLC+HKrPkDthBfD4XtMg2y2bXRH7L6E9+LjcAXUGy
EEGqJK+kiG2pDBdSxtgJ6oMU7ZpdoxhjLhKGHtg5OCeFtQqjDSXiZEOUeVHTs/FP
qP8EKrmsuDhEdC2jXcusZPQgSxiio81yFDDsO+IR84f1lr1Ly+bh6TbjV8GgSWHK
dPKFpdyUfAxmaBm3+IF3Ry+Xdu8Nu4B5NF5Z+uNbaeeqb97gdvTCFeZ8DlX7jhvJ
FQoiWsQKZ5w=
-----END CERTIFICATE-----
Generated at Fri Apr 11 09:33:13 2025 by rpki-client