Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/1E6589CEB37611EE9784BA64C4F9AE02.roa
File: 1E6589CEB37611EE9784BA64C4F9AE02.roa (raw, json)
Hash identifier: F4N0xgImm+TOrZM0hzQTOPlmJ87E2jnqNePCHy4XcJs=
Subject key identifier: 56:B5:C6:35:6E:C2:B8:72:09:60:2C:A7:B0:7B:63:10:D3:45:CD:17
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 19FE
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/1E6589CEB37611EE9784BA64C4F9AE02.roa
Signing time: Thu 30 May 2024 15:52:49 +0000
ROA not before: Thu 30 May 2024 15:52:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151704
IP address blocks: 157.10.98.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 22:26:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6654 (0x19fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:52:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a0d1-2cc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9f:97:bd:19:c1:37:02:0e:ae:80:d5:c2:43:
1d:2e:20:58:63:fb:47:1f:12:87:c5:dd:09:5d:de:
f3:69:0d:51:37:09:2f:a0:d5:02:a9:cb:fb:47:0b:
23:4b:d5:04:27:6a:cc:50:f9:54:87:56:f6:78:46:
1e:83:be:aa:fe:c9:b4:0d:74:2d:32:c8:c2:b6:bf:
79:d6:e7:79:86:93:38:38:11:6a:a2:ff:d2:a4:63:
8d:34:00:9b:d5:c8:d4:b1:28:27:13:f4:19:5d:88:
ed:58:8c:b9:62:c3:59:ee:31:5d:e3:0d:94:a4:e0:
bc:07:c5:f4:26:9e:11:39:1a:b7:2c:db:79:9e:59:
3f:1d:cb:9e:f3:99:38:27:77:80:8a:3c:06:b9:2a:
3b:d5:b6:d7:16:03:87:07:b1:4b:a0:09:5f:38:d9:
71:8f:27:ef:72:64:c9:d3:9e:26:6f:b4:4c:0b:1f:
60:fb:ef:fe:df:be:0a:5e:71:44:82:4f:27:22:2a:
92:3c:a6:c0:ee:ae:e1:33:d8:d9:77:37:d2:85:e6:
12:65:25:63:29:38:54:4a:07:79:e9:2e:af:11:5c:
f7:26:2c:05:df:a8:15:82:05:51:0a:d9:3e:30:ea:
48:12:d1:59:9d:1a:68:b6:87:25:b3:f7:f1:94:e1:
41:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B5:C6:35:6E:C2:B8:72:09:60:2C:A7:B0:7B:63:10:D3:45:CD:17
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/1E6589CEB37611EE9784BA64C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.98.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:78:08:88:46:b5:01:e9:31:a6:31:bf:45:a2:9c:79:60:71:
24:e1:4e:99:37:64:ed:42:8d:cc:a3:1b:18:50:d6:62:f3:51:
ff:56:53:69:06:4a:62:c2:99:e1:fa:ad:2f:a0:db:a1:f9:57:
4b:4c:d7:35:c4:1f:24:57:8f:97:77:fb:7b:83:a8:10:55:dc:
c0:84:cd:6a:00:b4:5f:c2:ac:4b:2f:98:ce:78:37:5e:07:b6:
50:9a:e2:92:56:3e:b8:ad:ef:67:4c:86:47:16:9d:98:1f:ff:
53:1d:32:7b:77:7f:9f:fb:5a:f6:d0:de:36:78:d0:6b:60:99:
7d:f8:af:7b:5f:d6:52:c1:56:ac:77:ac:60:33:97:45:bf:d8:
93:fb:6e:98:1c:b7:ff:85:f6:2d:4a:38:2c:b3:06:cd:e8:4a:
b6:45:8e:3b:6f:76:04:48:92:9d:b0:d2:fb:69:7f:e7:ad:5c:
47:b3:59:24:b3:48:14:20:dc:ae:1e:06:bf:af:73:28:2b:3e:
06:55:04:fb:ba:92:6c:41:f7:43:9d:a7:a3:e0:00:96:b9:79:
44:ad:2f:09:52:53:02:b3:28:6e:43:dd:41:89:03:52:01:6c:
9d:05:f1:84:0f:7b:83:8d:5a:e9:15:dd:22:2a:cf:5d:e8:26:
f7:2d:ae:1b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGf4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjQwNTMwMTU1MjQ5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU4YTBkMS0yY2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvp+XvRnBNwIOroDVwkMdLiBYY/tHHxKHxd0JXd7zaQ1RNwkvoNUCqcv7Rwsj
S9UEJ2rMUPlUh1b2eEYeg76q/sm0DXQtMsjCtr951ud5hpM4OBFqov/SpGONNACb
1cjUsSgnE/QZXYjtWIy5YsNZ7jFd4w2UpOC8B8X0Jp4RORq3LNt5nlk/Hcue85k4
J3eAijwGuSo71bbXFgOHB7FLoAlfONlxjyfvcmTJ054mb7RMCx9g++/+374KXnFE
gk8nIiqSPKbA7q7hM9jZdzfSheYSZSVjKThUSgd56S6vEVz3JiwF36gVggVRCtk+
MOpIEtFZnRpotocls/fxlOFBvQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFa1xjVu
wrhyCWAsp7B7YxDTRc0XMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMUU2NTg5Q0VC
Mzc2MTFFRTk3ODRCQTY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdCmIwDQYJKoZIhvcNAQELBQADggEBAE54CIhGtQHpMaYx
v0WinHlgcSThTpk3ZO1CjcyjGxhQ1mLzUf9WU2kGSmLCmeH6rS+g26H5V0tM1zXE
HyRXj5d3+3uDqBBV3MCEzWoAtF/CrEsvmM54N14HtlCa4pJWPrit72dMhkcWnZgf
/1MdMnt3f5/7WvbQ3jZ40GtgmX34r3tf1lLBVqx3rGAzl0W/2JP7bpgct/+F9i1K
OCyzBs3oSrZFjjtvdgRIkp2w0vtpf+etXEezWSSzSBQg3K4eBr+vcygrPgZVBPu6
kmxB90Odp6PgAJa5eUStLwlSUwKzKG5D3UGJA1IBbJ0F8YQPe4ONWukV3SIqz13o
Jvctrhs=
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:49:27 2025 by rpki-client