Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/375F1062D70111EFB7290E6AC4F9AE02.roa
File: 375F1062D70111EFB7290E6AC4F9AE02.roa (raw, json)
Hash identifier: DSlAsxyvvJz2VOFQyyUukJK8spniHsIPKzLwmwvG7IU=
Subject key identifier: E6:C7:D9:04:45:BA:12:10:77:A4:99:83:79:DB:97:3F:7E:D6:9C:E8
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1C88
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/375F1062D70111EFB7290E6AC4F9AE02.roa
Signing time: Mon 20 Jan 2025 07:36:10 +0000
ROA not before: Mon 20 Jan 2025 07:36:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 153301
IP address blocks: 161.248.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 22:26:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7304 (0x1c88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 20 07:36:10 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=678dfce9-3b93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8c:49:6d:83:aa:95:d3:d0:90:3c:f8:22:51:
ec:a6:0d:8e:2d:a0:56:d8:ea:6a:bf:9a:cd:c3:19:
e9:19:aa:c3:68:78:b1:d4:ca:49:57:16:64:e5:9d:
80:7b:98:57:a8:34:b4:b5:0a:fe:5b:c6:ed:e1:22:
fe:e4:d8:30:7f:a8:41:e0:b6:64:14:93:7c:bf:98:
8b:f2:20:75:0e:1a:6b:a3:e2:b8:5d:bc:46:95:b0:
0b:1f:36:be:b6:23:0e:98:96:48:1c:08:fd:97:f2:
9f:8c:04:45:d4:cf:ff:54:31:7f:d2:36:ac:77:4e:
32:94:33:61:3c:a8:eb:50:0b:2a:55:11:0a:93:d9:
9e:5d:2f:c0:dc:57:1a:5c:e4:b4:44:f8:0b:90:dc:
30:6f:c7:b0:df:01:ba:8b:6c:b4:86:9d:89:8f:6f:
87:bb:92:4e:b9:7c:d3:7c:16:10:b8:cc:26:92:14:
ea:01:89:9b:b3:07:13:7e:fe:b1:e7:fa:63:c9:93:
e0:c7:d4:f5:be:c5:2d:32:b3:2d:e6:61:d1:c2:26:
51:dc:fa:6d:72:91:25:5b:12:5f:1b:03:36:9c:b8:
ac:7b:76:b1:d8:70:ec:2a:c6:39:ed:2f:da:9a:48:
98:1f:44:e7:17:4d:8a:7a:1c:f2:7b:4a:ef:90:b7:
23:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C7:D9:04:45:BA:12:10:77:A4:99:83:79:DB:97:3F:7E:D6:9C:E8
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/375F1062D70111EFB7290E6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.159.0/24
Signature Algorithm: sha256WithRSAEncryption
28:2f:11:a5:2b:4c:e2:97:a2:00:63:b2:cd:d5:eb:1c:6f:7c:
3b:a3:97:2f:dc:e4:4d:ef:bd:c5:cd:50:28:2b:a1:31:8a:7c:
fd:96:f1:51:b8:b1:84:af:77:f9:66:eb:f6:0b:75:ad:92:8a:
3f:ca:26:83:79:3e:b6:b2:b0:8d:62:31:99:62:d4:08:f9:25:
ec:41:c0:ef:0f:81:a9:b7:d7:ed:79:50:ea:98:76:f0:29:07:
95:e0:d5:16:f6:1a:29:09:60:78:65:61:48:6c:e0:59:23:fc:
4e:1e:1a:b5:17:b5:4c:6f:3c:9f:a1:a1:f1:66:00:78:67:69:
c0:a7:6f:c0:14:9a:44:a2:f3:6d:96:c8:27:77:5d:87:55:f8:
23:05:5a:7f:f9:79:ff:46:26:90:2c:66:4f:31:1e:c8:c3:35:
ae:6a:66:9e:09:5c:2e:49:cd:cc:ab:40:2a:8a:9b:47:bd:11:
24:a9:d7:9e:ed:14:31:2a:6a:14:13:ee:f9:7d:74:73:f4:b1:
19:02:2f:0e:15:00:2c:8c:79:aa:51:00:28:e8:de:81:f9:ba:
5f:db:12:5b:0f:66:9f:d5:48:9a:3b:f0:78:fd:a4:2a:44:2d:
7c:4b:b8:b7:9b:53:23:ff:9f:16:eb:14:7b:93:d4:a4:85:05:
d6:01:8c:42
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjUwMTIwMDczNjEwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhkZmNlOS0zYjkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuYxJbYOqldPQkDz4IlHspg2OLaBW2Opqv5rNwxnpGarDaHix1MpJVxZk5Z2A
e5hXqDS0tQr+W8bt4SL+5Ngwf6hB4LZkFJN8v5iL8iB1Dhpro+K4XbxGlbALHza+
tiMOmJZIHAj9l/KfjARF1M//VDF/0jasd04ylDNhPKjrUAsqVREKk9meXS/A3Fca
XOS0RPgLkNwwb8ew3wG6i2y0hp2Jj2+Hu5JOuXzTfBYQuMwmkhTqAYmbswcTfv6x
5/pjyZPgx9T1vsUtMrMt5mHRwiZR3PptcpElWxJfGwM2nLise3ax2HDsKsY57S/a
mkiYH0TnF02Kehzye0rvkLcj3wIDAQABo4IClTCCApEwHQYDVR0OBBYEFObH2QRF
uhIQd6SZg3nblz9+1pzoMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMzc1RjEwNjJE
NzAxMTFFRkI3MjkwRTZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACh+J8wDQYJKoZIhvcNAQELBQADggEBACgvEaUrTOKXogBj
ss3V6xxvfDujly/c5E3vvcXNUCgroTGKfP2W8VG4sYSvd/lm6/YLda2Sij/KJoN5
PraysI1iMZli1Aj5JexBwO8Pgam31+15UOqYdvApB5Xg1Rb2GikJYHhlYUhs4Fkj
/E4eGrUXtUxvPJ+hofFmAHhnacCnb8AUmkSi822WyCd3XYdV+CMFWn/5ef9GJpAs
Zk8xHsjDNa5qZp4JXC5JzcyrQCqKm0e9ESSp157tFDEqahQT7vl9dHP0sRkCLw4V
ACyMeapRACjo3oH5ul/bElsPZp/VSJo78Hj9pCpELXxLuLebUyP/nxbrFHuT1KSF
BdYBjEI=
-----END CERTIFICATE-----
Generated at Fri Apr 11 01:15:49 2025 by rpki-client