Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9185D79/BF194D80283D11EDA944733DC4F9AE02/E0B81ED0D56111EE9E1D7E5BC4F9AE02.roa
File: E0B81ED0D56111EE9E1D7E5BC4F9AE02.roa (raw, json)
Hash identifier: EmbjI84JzquBQTIr84bkMPcgLgOL5ED40jMLVI24vcA=
Subject key identifier: AC:E7:1D:34:16:3C:99:97:DD:4C:4E:2F:4F:A9:4E:50:1C:47:64:DE
Certificate issuer: /CN=A9185D79/serialNumber=7A3D7D3748C78986C2C5E50B5013BEB60AB47ADC
Certificate serial: 01F3
Authority key identifier: 7A:3D:7D:37:48:C7:89:86:C2:C5:E5:0B:50:13:BE:B6:0A:B4:7A:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ej19N0jHiYbCxeULUBO-tgq0etw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9185D79/BF194D80283D11EDA944733DC4F9AE02/E0B81ED0D56111EE9E1D7E5BC4F9AE02.roa
Signing time: Fri 03 Jan 2025 01:34:50 +0000
ROA not before: Fri 03 Jan 2025 01:34:50 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 150803
IP address blocks: 202.179.153.0/24 maxlen: 24
202.179.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9185D79/BF194D80283D11EDA944733DC4F9AE02/ej19N0jHiYbCxeULUBO-tgq0etw.crl
rsync://rpki.apnic.net/member_repository/A9185D79/BF194D80283D11EDA944733DC4F9AE02/ej19N0jHiYbCxeULUBO-tgq0etw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ej19N0jHiYbCxeULUBO-tgq0etw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 01:36:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 499 (0x1f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9185D79, serialNumber=7A3D7D3748C78986C2C5E50B5013BEB60AB47ADC
Validity
Not Before: Jan 3 01:34:50 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67773eba-c53d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c8:f0:61:81:67:41:98:39:32:0e:22:a4:40:
7b:ec:9e:c9:76:68:38:b7:33:4b:55:59:c7:f4:65:
d8:6b:44:02:23:b9:0e:45:11:92:a0:da:21:70:9f:
64:d7:ef:2d:d2:b2:8f:88:53:79:aa:6d:f3:b6:33:
8f:03:9d:61:05:a9:0b:0c:47:8c:c8:05:25:59:dc:
e7:39:7e:33:19:4d:c0:43:16:4a:59:1b:8b:3d:38:
21:c3:89:2a:ae:ef:85:92:e5:1e:f4:39:f0:fc:3d:
84:1d:09:a5:f4:1a:3e:4b:70:8d:a3:6e:ec:6d:68:
1a:fd:37:b1:9f:63:73:17:90:59:56:8f:73:72:2a:
34:70:fe:fc:f8:7f:2b:1b:a4:9f:fa:80:ec:82:ec:
77:ac:83:a3:e7:a1:33:5b:2c:72:ce:a4:76:ce:8c:
f5:b9:f9:a8:31:52:ab:78:0c:f6:72:53:ba:8a:a6:
24:10:50:64:31:5d:b9:d2:15:7d:6a:2e:5e:ce:e7:
61:77:a2:5f:46:54:42:1b:b6:6c:99:54:dc:99:f1:
28:6b:d2:00:42:23:99:12:9a:98:9d:8f:d6:db:58:
f7:42:f0:56:3d:17:39:9e:ad:a9:a0:40:fd:46:29:
1d:36:cc:ea:a6:b0:d9:50:98:ef:ca:d7:86:b1:2a:
b2:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E7:1D:34:16:3C:99:97:DD:4C:4E:2F:4F:A9:4E:50:1C:47:64:DE
X509v3 Authority Key Identifier:
keyid:7A:3D:7D:37:48:C7:89:86:C2:C5:E5:0B:50:13:BE:B6:0A:B4:7A:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9185D79/BF194D80283D11EDA944733DC4F9AE02/ej19N0jHiYbCxeULUBO-tgq0etw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ej19N0jHiYbCxeULUBO-tgq0etw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185D79/BF194D80283D11EDA944733DC4F9AE02/E0B81ED0D56111EE9E1D7E5BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.179.153.0-202.179.154.255
Signature Algorithm: sha256WithRSAEncryption
99:19:5a:ef:35:1f:b1:8c:66:0d:52:e9:1f:ac:84:cf:41:e2:
7a:0f:0a:a3:8a:0d:e0:66:ed:44:6f:a9:31:f2:7f:80:fb:96:
4e:6e:b4:53:fa:02:2d:08:4c:b7:d4:c2:13:22:d4:4e:37:da:
88:6d:80:8e:a0:b5:24:e4:86:97:3e:ab:4d:d0:9b:69:17:83:
b3:6d:52:09:e1:56:48:47:9f:d5:a7:1a:4b:29:85:2a:5c:a8:
1c:ed:4c:e3:23:05:6f:ed:3d:b0:ff:81:3d:7e:f3:08:78:f1:
29:22:41:43:b6:1e:f5:fb:5a:6a:df:ac:ac:0a:4d:bf:45:98:
e7:4c:d3:db:62:69:90:5a:34:9b:f5:7e:d0:a2:79:e3:4f:23:
62:d3:17:c1:07:28:e1:15:70:05:a1:10:29:f9:de:d5:8e:e7:
b8:e3:1d:06:4b:ea:f5:54:eb:cc:0d:08:2f:b4:8e:c2:dc:5e:
4d:c5:6d:bb:4b:e9:f4:00:c4:37:d7:ae:47:db:de:9c:b4:65:
8d:a9:69:00:4a:29:ea:1b:bc:3b:d3:61:8b:f1:d0:0d:3d:25:
ca:73:f0:3b:aa:63:ea:4c:09:af:f6:a9:20:13:2b:36:0a:ad:
e3:37:00:34:9f:56:5a:b2:81:d5:b1:d0:39:7d:5b:fd:0f:46:
62:42:01:7a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICAfMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODVENzkxMTAvBgNVBAUTKDdBM0Q3RDM3NDhDNzg5ODZDMkM1RTUwQjUwMTNCRUI2
MEFCNDdBREMwHhcNMjUwMTAzMDEzNDUwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc3M2ViYS1jNTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvsjwYYFnQZg5Mg4ipEB77J7Jdmg4tzNLVVnH9GXYa0QCI7kORRGSoNohcJ9k
1+8t0rKPiFN5qm3ztjOPA51hBakLDEeMyAUlWdznOX4zGU3AQxZKWRuLPTghw4kq
ru+FkuUe9Dnw/D2EHQml9Bo+S3CNo27sbWga/Texn2NzF5BZVo9zcio0cP78+H8r
G6Sf+oDsgux3rIOj56EzWyxyzqR2zoz1ufmoMVKreAz2clO6iqYkEFBkMV250hV9
ai5ezudhd6JfRlRCG7ZsmVTcmfEoa9IAQiOZEpqYnY/W21j3QvBWPRc5nq2poED9
RikdNszqprDZUJjvyteGsSqyUwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFKznHTQW
PJmX3UxOL0+pTlAcR2TeMB8GA1UdIwQYMBaAFHo9fTdIx4mGwsXlC1ATvrYKtHrc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUQ3OS9CRjE5NEQ4MDI4
M0QxMUVEQTk0NDczM0RDNEY5QUUwMi9lajE5TjBqSGlZYkN4ZVVMVUJPLXRncTBl
dHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VqMTlOMGpIaVliQ3hlVUxVQk8tdGdxMGV0dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODVENzkvQkYxOTREODAyODNEMTFFREE5NDQ3MzNEQzRGOUFFMDIvRTBCODFFRDBE
NTYxMTFFRTlFMUQ3RTVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAMqzmQMEAMqzmjANBgkqhkiG9w0BAQsFAAOCAQEAmRla
7zUfsYxmDVLpH6yEz0Hieg8Ko4oN4GbtRG+pMfJ/gPuWTm60U/oCLQhMt9TCEyLU
TjfaiG2AjqC1JOSGlz6rTdCbaReDs21SCeFWSEef1acaSymFKlyoHO1M4yMFb+09
sP+BPX7zCHjxKSJBQ7Ye9ftaat+srApNv0WY50zT22JpkFo0m/V+0KJ5408jYtMX
wQco4RVwBaEQKfne1Y7nuOMdBkvq9VTrzA0IL7SOwtxeTcVtu0vp9ADEN9euR9ve
nLRljalpAEop6hu8O9Nhi/HQDT0lynPwO6pj6kwJr/apIBMrNgqt4zcANJ9WWrKB
1bHQOX1b/Q9GYkIBeg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 10:41:52 2025 by rpki-client