Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/21F94DCC3A9011EFBD977F28C4F9AE02.roa
File: 21F94DCC3A9011EFBD977F28C4F9AE02.roa (raw, json)
Hash identifier: WOyaKtU6QVWs9hOU6AKkEP4e2l0lBBpXx5ylPYzEtZg=
Subject key identifier: C5:0A:12:C3:7E:18:DF:5C:A3:B7:E4:70:3A:F1:87:8F:00:3D:A3:D3
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1A90
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/21F94DCC3A9011EFBD977F28C4F9AE02.roa
Signing time: Fri 05 Jul 2024 05:33:39 +0000
ROA not before: Fri 05 Jul 2024 05:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151101
IP address blocks: 160.25.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 22:26:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6800 (0x1a90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jul 5 05:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=668785b3-d64e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:31:42:bc:f9:9c:fe:21:67:72:eb:62:2c:7a:
44:a2:cd:5e:18:0c:63:16:1e:72:20:2b:de:c6:c6:
67:ee:7e:f9:c8:16:d6:79:5b:5b:55:f6:c1:fc:e0:
02:8c:f3:fb:4b:b6:5d:8d:77:69:ff:02:56:33:a0:
5c:1a:b6:f5:9e:0f:9a:20:42:2d:b1:fb:b1:ec:d5:
fe:ec:2f:07:6c:86:e2:46:c3:d4:ab:88:bf:32:1b:
a9:08:34:14:64:4f:fb:08:a1:4d:9c:e1:8b:db:9d:
78:47:d5:df:f9:64:3b:0a:bf:dd:c3:50:2d:af:52:
8a:d9:7d:84:90:e0:03:ae:a5:15:1a:8b:72:af:3a:
5e:04:8a:cd:ef:97:c8:c1:c6:57:8a:3f:e4:1e:17:
e9:ab:54:0e:5d:3a:a6:00:5e:bf:a9:07:69:9c:42:
4b:8d:09:bf:59:15:a7:7a:3a:d3:30:f1:94:48:a9:
06:58:5e:2d:be:48:29:6c:49:5b:4f:2a:8f:a4:68:
dc:19:bd:7d:91:b3:64:f2:41:10:f8:65:2d:4d:9d:
93:35:07:13:fe:eb:15:66:f0:d4:3c:0e:3a:7e:8f:
90:0d:f1:62:bf:b8:d1:aa:c5:cc:85:e7:2c:50:4d:
fe:95:a1:f8:b4:da:07:36:8f:7e:5b:01:20:ed:34:
1d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:0A:12:C3:7E:18:DF:5C:A3:B7:E4:70:3A:F1:87:8F:00:3D:A3:D3
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/21F94DCC3A9011EFBD977F28C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.25.63.0/24
Signature Algorithm: sha256WithRSAEncryption
02:b5:79:86:bf:0c:0f:86:a8:cf:16:10:8f:bb:3b:a1:e7:ec:
a9:34:25:29:26:79:f8:ff:eb:c8:d1:3b:03:cf:f8:23:39:d4:
38:8c:ae:7a:29:fe:89:67:5e:10:07:20:0e:6b:26:7e:a0:8f:
de:e0:13:50:fd:66:8c:c7:39:31:28:21:60:5d:e1:4c:ba:61:
a0:6e:6a:d7:fb:3e:bd:87:b1:9c:c7:04:13:b6:a8:3d:68:48:
fa:54:85:c4:f0:e3:e8:52:53:16:4b:13:e7:ab:23:87:6f:80:
a3:10:07:e5:24:9b:22:64:e2:c3:02:a6:0a:70:fa:92:a1:1e:
19:94:04:ea:21:dd:2a:f9:f6:95:d7:91:64:21:48:57:d0:36:
2f:f8:12:3b:7e:9d:df:d7:22:be:d4:e4:91:97:79:f6:da:b9:
e8:f6:7d:88:78:77:b7:dd:72:05:d8:91:18:74:f4:98:bb:f6:
88:74:ff:ed:32:64:bb:79:36:2f:dc:95:35:1b:a5:c3:01:3e:
52:c9:7f:c4:85:bd:8a:7f:cd:d4:f0:15:9f:f7:58:bf:c1:72:
7b:6a:bc:07:b4:f9:32:cc:a8:e0:db:2d:17:82:ac:98:83:f6:
8e:8e:d2:e4:17:37:68:51:c8:bc:85:70:b1:e0:2e:87:00:9e:
a0:3c:a0:c8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGpAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjQwNzA1MDUzMzM5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg3ODViMy1kNjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvjFCvPmc/iFncutiLHpEos1eGAxjFh5yICvexsZn7n75yBbWeVtbVfbB/OAC
jPP7S7ZdjXdp/wJWM6BcGrb1ng+aIEItsfux7NX+7C8HbIbiRsPUq4i/MhupCDQU
ZE/7CKFNnOGL2514R9Xf+WQ7Cr/dw1Atr1KK2X2EkOADrqUVGotyrzpeBIrN75fI
wcZXij/kHhfpq1QOXTqmAF6/qQdpnEJLjQm/WRWnejrTMPGUSKkGWF4tvkgpbElb
TyqPpGjcGb19kbNk8kEQ+GUtTZ2TNQcT/usVZvDUPA46fo+QDfFiv7jRqsXMhecs
UE3+laH4tNoHNo9+WwEg7TQdswIDAQABo4IClTCCApEwHQYDVR0OBBYEFMUKEsN+
GN9co7fkcDrxh48APaPTMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMjFGOTREQ0Mz
QTkwMTFFRkJEOTc3RjI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACgGT8wDQYJKoZIhvcNAQELBQADggEBAAK1eYa/DA+GqM8W
EI+7O6Hn7Kk0JSkmefj/68jROwPP+CM51DiMrnop/olnXhAHIA5rJn6gj97gE1D9
ZozHOTEoIWBd4Uy6YaBuatf7Pr2HsZzHBBO2qD1oSPpUhcTw4+hSUxZLE+erI4dv
gKMQB+UkmyJk4sMCpgpw+pKhHhmUBOoh3Sr59pXXkWQhSFfQNi/4Ejt+nd/XIr7U
5JGXefbauej2fYh4d7fdcgXYkRh09Ji79oh0/+0yZLt5Ni/clTUbpcMBPlLJf8SF
vYp/zdTwFZ/3WL/BcntqvAe0+TLMqODbLReCrJiD9o6O0uQXN2hRyLyFcLHgLocA
nqA8oMg=
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:29:30 2025 by rpki-client