Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/0AC03CAC007411EFA54F0579C4F9AE02.roa
File: 0AC03CAC007411EFA54F0579C4F9AE02.roa (raw, json)
Hash identifier: ZVE488heOuKWpSOectEvq1AbnlIyu5Nn7ZLN+NatQFg=
Subject key identifier: 66:4C:4F:07:66:0B:69:E6:59:F2:A1:B5:52:AD:85:E3:78:44:A9:49
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1A11
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/0AC03CAC007411EFA54F0579C4F9AE02.roa
Signing time: Thu 30 May 2024 15:53:08 +0000
ROA not before: Thu 30 May 2024 15:53:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152483
IP address blocks: 157.20.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 22:26:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6673 (0x1a11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:53:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a0e4-47d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b4:b3:52:a0:f9:e8:53:9f:db:38:7e:35:8d:
b8:71:57:41:7f:5f:4e:07:b5:fe:b2:31:bb:4e:92:
69:31:ec:fc:d3:c6:98:10:be:fc:9e:7f:4f:81:a1:
91:e8:a5:88:6a:a5:cf:3b:e2:c0:c1:dc:18:8f:b6:
5b:bd:a5:26:0a:6c:d7:6a:b8:7a:4a:f1:15:0a:20:
ee:87:b9:ce:69:f3:67:33:74:1a:2b:70:0f:79:99:
2c:9f:ff:32:ac:09:64:98:64:26:5c:eb:b2:57:31:
17:83:5f:cc:c3:0c:cf:9f:ec:44:a4:a8:7c:32:12:
ae:6f:3f:d4:67:ef:e3:a0:7d:fa:cc:cb:a0:8f:2f:
94:2c:54:3c:af:bc:80:86:81:ca:b3:b6:2b:35:63:
62:7a:17:40:39:ca:6c:57:ee:55:f5:9b:b9:eb:c0:
28:df:a8:70:e0:bf:f4:4a:ec:ab:53:52:11:cc:60:
8c:f1:28:72:a2:d0:f9:d2:af:3b:36:64:7c:5c:aa:
c9:fb:9e:17:a3:d4:4f:e1:6b:af:98:16:12:cf:72:
2d:81:b4:41:0f:7d:ec:7b:75:15:3a:7e:f8:e7:96:
5e:c7:80:1a:4e:16:63:e9:2a:ee:1f:3a:ce:90:52:
b7:75:10:bd:09:2e:8f:cf:fe:2f:dc:ea:74:28:09:
f8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:4C:4F:07:66:0B:69:E6:59:F2:A1:B5:52:AD:85:E3:78:44:A9:49
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/0AC03CAC007411EFA54F0579C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.166.0/24
Signature Algorithm: sha256WithRSAEncryption
31:42:b7:24:f2:fa:c3:ad:e1:aa:75:f3:b6:51:dd:99:0d:4a:
1e:a3:6d:be:df:ed:7b:53:e5:6d:24:63:1c:cf:9d:12:ab:61:
09:a3:22:29:2a:4c:4e:ec:6b:09:67:85:c6:3d:05:b0:ab:c4:
af:2a:9a:6c:9b:e6:59:e6:02:12:24:0e:06:90:28:ed:fd:a9:
70:3d:c9:9a:80:d2:d1:16:70:0d:09:b2:67:79:6f:a8:6f:82:
ac:fa:9f:8c:7c:9e:4f:04:2a:57:f5:1f:2e:de:7c:e8:40:dd:
2d:a7:03:70:77:77:00:75:61:46:9d:12:61:5b:eb:47:75:b5:
ad:ce:7f:b1:16:59:97:2b:7a:e0:a9:5e:78:17:63:5e:7e:95:
4e:44:47:d8:8b:57:42:28:83:24:31:3d:c3:b1:bc:74:6b:b4:
4b:7a:6e:e3:fd:b8:84:81:58:72:4d:1b:da:e0:38:fc:6f:13:
c7:f9:b3:4f:93:86:7c:b4:80:a5:14:4b:46:63:60:ee:55:03:
36:71:6b:35:6e:a7:5c:5c:58:86:dc:f0:14:40:50:42:c3:48:
23:48:fb:c7:f4:14:7d:7d:15:a5:b4:f5:aa:7a:62:c4:06:f2:
6e:71:9c:c0:2b:d8:e4:89:f1:2c:13:85:64:20:b1:8c:44:5a:
7f:2a:5c:3d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGhEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjQwNTMwMTU1MzA4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU4YTBlNC00N2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvLSzUqD56FOf2zh+NY24cVdBf19OB7X+sjG7TpJpMez808aYEL78nn9PgaGR
6KWIaqXPO+LAwdwYj7ZbvaUmCmzXarh6SvEVCiDuh7nOafNnM3QaK3APeZksn/8y
rAlkmGQmXOuyVzEXg1/MwwzPn+xEpKh8MhKubz/UZ+/joH36zMugjy+ULFQ8r7yA
hoHKs7YrNWNiehdAOcpsV+5V9Zu568Ao36hw4L/0SuyrU1IRzGCM8ShyotD50q87
NmR8XKrJ+54Xo9RP4WuvmBYSz3ItgbRBD33se3UVOn7455Zex4AaThZj6SruHzrO
kFK3dRC9CS6Pz/4v3Op0KAn4WwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGZMTwdm
C2nmWfKhtVKtheN4RKlJMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMEFDMDNDQUMw
MDc0MTFFRkE1NEYwNTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACdFKYwDQYJKoZIhvcNAQELBQADggEBADFCtyTy+sOt4ap1
87ZR3ZkNSh6jbb7f7XtT5W0kYxzPnRKrYQmjIikqTE7sawlnhcY9BbCrxK8qmmyb
5lnmAhIkDgaQKO39qXA9yZqA0tEWcA0Jsmd5b6hvgqz6n4x8nk8EKlf1Hy7efOhA
3S2nA3B3dwB1YUadEmFb60d1ta3Of7EWWZcreuCpXngXY15+lU5ER9iLV0IogyQx
PcOxvHRrtEt6buP9uISBWHJNG9rgOPxvE8f5s0+Thny0gKUUS0ZjYO5VAzZxazVu
p1xcWIbc8BRAUELDSCNI+8f0FH19FaW09ap6YsQG8m5xnMAr2OSJ8SwThWQgsYxE
Wn8qXD0=
-----END CERTIFICATE-----
Generated at Thu Apr 10 21:15:18 2025 by rpki-client