Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/71AD02DC194F11ED818A3C66C4F9AE02.roa
File: 71AD02DC194F11ED818A3C66C4F9AE02.roa (raw, json)
Hash identifier: DOBTNH4GGNPUe/CVItieZfmqwMcwBWdfPDr7AZPstYA=
Subject key identifier: 1B:15:EF:C6:E0:2B:71:EF:B2:52:86:20:0E:0F:19:67:49:FF:B4:6E
Certificate issuer: /CN=A91847A2/serialNumber=9287F6E82F8F3BA24E09D9C63178A5C0B2DA01DE
Certificate serial: 0B44
Authority key identifier: 92:87:F6:E8:2F:8F:3B:A2:4E:09:D9:C6:31:78:A5:C0:B2:DA:01:DE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kof26C-PO6JOCdnGMXilwLLaAd4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/71AD02DC194F11ED818A3C66C4F9AE02.roa
Signing time: Fri 28 Mar 2025 20:01:55 +0000
ROA not before: Fri 28 Mar 2025 20:01:55 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 56251
IP address blocks: 58.145.233.0/24 maxlen: 24
202.42.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.crl
rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kof26C-PO6JOCdnGMXilwLLaAd4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 19:25:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2884 (0xb44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91847A2, serialNumber=9287F6E82F8F3BA24E09D9C63178A5C0B2DA01DE
Validity
Not Before: Mar 28 20:01:55 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e70033-4dd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:db:8e:a0:86:2b:c5:17:45:1a:28:88:12:4e:
c8:7b:d2:5b:3b:9f:1a:8f:e2:96:80:0a:76:8e:04:
cd:a2:bb:ae:cb:7a:8f:dd:f8:2b:5c:69:5f:fb:36:
fa:48:04:9a:4c:0f:88:fd:d9:49:f2:c4:05:80:9d:
2c:c2:7b:28:40:ca:24:6d:64:fe:b8:25:0a:67:04:
84:36:c9:c1:ea:f7:23:ae:1a:48:e3:a5:b0:c8:65:
7f:ee:fc:97:c5:3a:22:5b:50:90:58:7f:12:17:3b:
a6:7c:19:ac:32:74:74:b3:0a:fe:48:54:44:ea:a7:
0c:be:35:cc:99:14:7a:91:5c:cf:66:a4:c6:c6:f4:
0c:a8:88:86:4c:3a:84:d8:5f:02:88:c4:18:5d:51:
d1:81:3a:7c:f5:43:24:21:2f:2e:7c:a5:a3:6c:58:
40:b9:21:9d:ff:80:cf:fc:41:13:27:e4:5f:d5:58:
b1:47:9f:cf:90:ac:2c:1a:c5:d9:e0:e2:26:90:8e:
fd:ba:9b:fb:d9:c0:a2:6e:f0:98:c6:51:20:b8:c4:
5d:28:4b:eb:84:5f:3a:85:66:f8:e5:4d:7d:37:7c:
f7:2e:78:27:2b:89:f4:31:99:37:a0:aa:bb:3b:c3:
d2:ef:5f:d7:c6:eb:6a:24:89:fe:03:cc:5e:f8:fc:
1f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:15:EF:C6:E0:2B:71:EF:B2:52:86:20:0E:0F:19:67:49:FF:B4:6E
X509v3 Authority Key Identifier:
keyid:92:87:F6:E8:2F:8F:3B:A2:4E:09:D9:C6:31:78:A5:C0:B2:DA:01:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/kof26C-PO6JOCdnGMXilwLLaAd4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kof26C-PO6JOCdnGMXilwLLaAd4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847A2/B5773AAC594211EA936FCE43C4F9AE02/71AD02DC194F11ED818A3C66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.145.233.0/24
202.42.51.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:71:bb:14:ff:c1:05:60:5c:f2:33:19:72:8f:6c:6b:b7:62:
82:bc:b8:d1:0d:c5:e7:ed:0b:f9:1d:aa:42:d4:94:5c:98:25:
ac:51:fd:d5:bf:81:40:24:ae:9c:65:3a:99:03:fb:5b:2f:c7:
18:ac:f9:36:20:b0:c3:a4:b1:e4:f2:7b:94:3e:9f:2c:98:95:
39:e3:bc:ab:92:1e:bf:a7:bb:f6:be:83:63:e7:cd:e0:e6:0b:
1b:cd:b3:d6:b5:a1:1f:ec:18:a6:e3:20:da:8a:be:b2:56:56:
3e:41:52:09:33:00:93:30:a5:e1:b7:51:73:00:ee:53:cc:5c:
f6:93:65:d0:b7:64:2d:8b:82:22:ac:28:4e:38:60:16:2d:61:
02:1b:24:50:9b:7d:0f:5e:27:b7:9e:26:c4:ec:28:96:31:fa:
71:d3:c0:02:33:ef:97:2e:f2:94:6b:2e:52:ed:0a:38:46:bc:
7f:69:19:3f:c7:a7:40:c4:12:d9:e2:0b:8c:c0:ba:1f:fc:c5:
74:e2:bd:1a:06:59:af:ae:71:13:0e:6f:39:5f:6b:4f:f6:0c:
3d:58:40:db:36:de:0c:5b:42:34:9e:39:63:2a:fa:d5:fe:25:
66:9b:cc:2d:38:9d:b8:e4:46:8a:d7:52:6a:78:1b:fb:3e:c5:
4b:2d:f6:73
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC0QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ3QTIxMTAvBgNVBAUTKDkyODdGNkU4MkY4RjNCQTI0RTA5RDlDNjMxNzhBNUMw
QjJEQTAxREUwHhcNMjUwMzI4MjAwMTU1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U3MDAzMy00ZGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw9uOoIYrxRdFGiiIEk7Ie9JbO58aj+KWgAp2jgTNoruuy3qP3fgrXGlf+zb6
SASaTA+I/dlJ8sQFgJ0swnsoQMokbWT+uCUKZwSENsnB6vcjrhpI46WwyGV/7vyX
xToiW1CQWH8SFzumfBmsMnR0swr+SFRE6qcMvjXMmRR6kVzPZqTGxvQMqIiGTDqE
2F8CiMQYXVHRgTp89UMkIS8ufKWjbFhAuSGd/4DP/EETJ+Rf1VixR5/PkKwsGsXZ
4OImkI79upv72cCibvCYxlEguMRdKEvrhF86hWb45U19N3z3LngnK4n0MZk3oKq7
O8PS71/XxutqJIn+A8xe+PwfgQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBsV78bg
K3HvslKGIA4PGWdJ/7RuMB8GA1UdIwQYMBaAFJKH9ugvjzuiTgnZxjF4pcCy2gHe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDdBMi9CNTc3M0FBQzU5
NDIxMUVBOTM2RkNFNDNDNEY5QUUwMi9rb2YyNkMtUE82Sk9DZG5HTVhpbHdMTGFB
ZDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tvZjI2Qy1QTzZKT0NkbkdNWGlsd0xMYUFkNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ3QTIvQjU3NzNBQUM1OTQyMTFFQTkzNkZDRTQzQzRGOUFFMDIvNzFBRDAyREMx
OTRGMTFFRDgxOEEzQzY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAA6kekDBADKKjMwDQYJKoZIhvcNAQELBQADggEBALRxuxT/
wQVgXPIzGXKPbGu3YoK8uNENxeftC/kdqkLUlFyYJaxR/dW/gUAkrpxlOpkD+1sv
xxis+TYgsMOkseTye5Q+nyyYlTnjvKuSHr+nu/a+g2PnzeDmCxvNs9a1oR/sGKbj
INqKvrJWVj5BUgkzAJMwpeG3UXMA7lPMXPaTZdC3ZC2LgiKsKE44YBYtYQIbJFCb
fQ9eJ7eeJsTsKJYx+nHTwAIz75cu8pRrLlLtCjhGvH9pGT/Hp0DEEtniC4zAuh/8
xXTivRoGWa+ucRMObzlfa0/2DD1YQNs23gxbQjSeOWMq+tX+JWabzC04nbjkRorX
Ump4G/s+xUst9nM=
-----END CERTIFICATE-----
Generated at Sun Apr 13 21:18:54 2025 by rpki-client