Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9185B6D/21522182E78E11EE9831EB7EC4F9AE02/5A32E8DAE79111EE972FC923C4F9AE02.roa
File: 5A32E8DAE79111EE972FC923C4F9AE02.roa (raw, json)
Hash identifier: mY/bcg2+Nm0bHgEr5ZTRXdk5A4XIUo9DciT4aIgm6Hs=
Subject key identifier: B1:5C:04:1C:0F:F5:C9:91:F5:BA:33:1A:5C:78:95:A4:9A:52:7F:F8
Certificate issuer: /CN=A9185B6D/serialNumber=8E02B5C4DEB53F2B712FF077DE04908375E813DB
Certificate serial: BC
Authority key identifier: 8E:02:B5:C4:DE:B5:3F:2B:71:2F:F0:77:DE:04:90:83:75:E8:13:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jgK1xN61PytxL_B33gSQg3XoE9s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9185B6D/21522182E78E11EE9831EB7EC4F9AE02/5A32E8DAE79111EE972FC923C4F9AE02.roa
Signing time: Fri 21 Mar 2025 05:11:56 +0000
ROA not before: Fri 21 Mar 2025 05:11:56 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 152459
IP address blocks: 2401:7d60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9185B6D/21522182E78E11EE9831EB7EC4F9AE02/jgK1xN61PytxL_B33gSQg3XoE9s.crl
rsync://rpki.apnic.net/member_repository/A9185B6D/21522182E78E11EE9831EB7EC4F9AE02/jgK1xN61PytxL_B33gSQg3XoE9s.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jgK1xN61PytxL_B33gSQg3XoE9s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 04:41:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188 (0xbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9185B6D
Validity
Not Before: Mar 21 05:11:56 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67dcf51b-5044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:76:55:df:a5:b7:9c:e3:e7:48:bc:99:b0:62:
63:7f:e1:20:d7:4a:22:32:a9:34:b9:94:64:52:f4:
74:b2:44:34:b0:b2:63:c3:11:8a:06:4d:3d:a1:eb:
09:89:38:dc:d1:73:44:33:9e:20:f9:f4:29:b6:29:
c7:5f:5c:df:0a:e3:e1:9f:43:de:8b:8b:72:a8:df:
a2:e4:7c:c6:0b:65:55:7f:2a:ab:cc:ea:c6:08:36:
d6:13:8c:11:13:b5:0f:dc:fd:b1:a7:9b:a3:a5:01:
c2:57:80:f8:6b:a1:02:6b:ca:0e:72:f4:55:70:2a:
7d:65:54:87:bd:90:b1:f8:63:7b:e7:88:5c:5f:63:
07:df:f6:3b:bd:97:ff:30:4c:ec:cc:31:ea:11:e1:
69:c1:8f:7a:7a:b0:cf:c0:06:25:b5:21:d2:1d:02:
10:01:39:f0:5a:b7:8f:b4:c0:ed:c9:32:39:8c:1b:
02:b0:12:1c:7e:ee:36:5f:11:b1:92:72:7c:fd:49:
70:f3:53:58:1c:0b:4c:6a:ff:67:d8:f3:d1:af:f0:
52:d3:62:e6:c2:d9:66:24:30:e3:37:c4:35:c9:24:
05:99:32:92:1e:27:e7:e7:db:1f:ed:13:e5:20:02:
27:2f:a4:be:8a:e6:4b:2e:76:69:3c:38:57:d8:ca:
39:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:5C:04:1C:0F:F5:C9:91:F5:BA:33:1A:5C:78:95:A4:9A:52:7F:F8
X509v3 Authority Key Identifier:
keyid:8E:02:B5:C4:DE:B5:3F:2B:71:2F:F0:77:DE:04:90:83:75:E8:13:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9185B6D/21522182E78E11EE9831EB7EC4F9AE02/jgK1xN61PytxL_B33gSQg3XoE9s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jgK1xN61PytxL_B33gSQg3XoE9s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185B6D/21522182E78E11EE9831EB7EC4F9AE02/5A32E8DAE79111EE972FC923C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:7d60::/32
Signature Algorithm: sha256WithRSAEncryption
bb:d1:be:a6:11:e9:de:5b:2f:b5:5f:e1:2d:b5:73:4d:ce:af:
18:a6:f2:48:b3:e3:09:68:5e:62:83:65:46:24:bc:9b:bc:39:
4b:bb:19:6c:58:a8:6c:b3:f9:fe:c0:d8:5f:5a:07:94:b6:b8:
8a:9f:f0:72:ed:4d:1a:58:2e:3f:ff:1e:62:c9:94:b1:2e:64:
78:0e:1e:d5:d5:7e:d4:0c:a8:3e:86:09:c2:1e:7d:ab:df:e4:
17:cb:09:77:d1:b8:21:12:7e:50:b1:0b:dd:a9:8d:7d:cf:85:
17:7f:db:76:e1:71:bd:88:31:13:40:69:5b:c0:25:d2:19:35:
bc:21:6d:c3:a4:ff:29:f1:e1:84:9a:d2:6c:f0:c5:7a:31:8f:
b8:84:8d:3d:84:b9:7f:6a:31:ab:32:32:5d:6c:73:f4:c6:df:
60:bd:61:05:6b:4e:1f:a7:54:e4:bb:50:4c:b5:e5:04:08:0e:
e8:3d:2f:45:eb:c7:c7:1b:07:53:9d:cb:23:0b:19:d3:19:03:
af:d0:5a:62:03:d8:12:e9:ce:fb:5c:a7:2e:61:83:85:ff:e2:
c8:0b:61:d2:ff:a6:c2:2d:f5:3f:ae:f1:1d:11:c4:5b:01:4d:
c1:68:46:9f:f0:54:dc:bf:c8:a0:4c:90:96:d1:cd:c9:b8:86:
97:b6:de:7f
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICALwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODVCNkQxMTAvBgNVBAUTKDhFMDJCNUM0REVCNTNGMkI3MTJGRjA3N0RFMDQ5MDgz
NzVFODEzREIwHhcNMjUwMzIxMDUxMTU2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjZjUxYi01MDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvnZV36W3nOPnSLyZsGJjf+Eg10oiMqk0uZRkUvR0skQ0sLJjwxGKBk09oesJ
iTjc0XNEM54g+fQptinHX1zfCuPhn0Pei4tyqN+i5HzGC2VVfyqrzOrGCDbWE4wR
E7UP3P2xp5ujpQHCV4D4a6ECa8oOcvRVcCp9ZVSHvZCx+GN754hcX2MH3/Y7vZf/
MEzszDHqEeFpwY96erDPwAYltSHSHQIQATnwWrePtMDtyTI5jBsCsBIcfu42XxGx
knJ8/Ulw81NYHAtMav9n2PPRr/BS02LmwtlmJDDjN8Q1ySQFmTKSHifn59sf7RPl
IAInL6S+iuZLLnZpPDhX2Mo5rQIDAQABo4ICljCCApIwHQYDVR0OBBYEFLFcBBwP
9cmR9bozGlx4laSaUn/4MB8GA1UdIwQYMBaAFI4CtcTetT8rcS/wd94EkIN16BPb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUI2RC8yMTUyMjE4MkU3
OEUxMUVFOTgzMUVCN0VDNEY5QUUwMi9qZ0sxeE42MVB5dHhMX0IzM2dTUWczWG9F
OXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pnSzF4TjYxUHl0eExfQjMzZ1NRZzNYb0U5cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODVCNkQvMjE1MjIxODJFNzhFMTFFRTk4MzFFQjdFQzRGOUFFMDIvNUEzMkU4REFF
NzkxMTFFRTk3MkZDOTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAX1gMA0GCSqGSIb3DQEBCwUAA4IBAQC70b6mEeneWy+1
X+EttXNNzq8YpvJIs+MJaF5ig2VGJLybvDlLuxlsWKhss/n+wNhfWgeUtriKn/By
7U0aWC4//x5iyZSxLmR4Dh7V1X7UDKg+hgnCHn2r3+QXywl30bghEn5QsQvdqY19
z4UXf9t24XG9iDETQGlbwCXSGTW8IW3DpP8p8eGEmtJs8MV6MY+4hI09hLl/ajGr
MjJdbHP0xt9gvWEFa04fp1Tku1BMteUECA7oPS9F68fHGwdTncsjCxnTGQOv0Fpi
A9gS6c77XKcuYYOF/+LIC2HS/6bCLfU/rvEdEcRbAU3BaEaf8FTcv8igTJCW0c3J
uIaXtt5/
-----END CERTIFICATE-----
Generated at Thu Apr 10 01:55:39 2025 by rpki-client