Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/39139BD2F8F111EF91972863C4F9AE02.roa
File: 39139BD2F8F111EF91972863C4F9AE02.roa (raw, json)
Hash identifier: 3cC7CFnkWfu2xFfHhGIjcq4nfvdfcBTBWorv2KGelaQ=
Subject key identifier: 8F:14:55:71:E3:15:A4:7E:B9:56:D1:6D:1B:7B:C2:05:EE:65:21:33
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1CD4
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/39139BD2F8F111EF91972863C4F9AE02.roa
Signing time: Tue 04 Mar 2025 12:07:20 +0000
ROA not before: Tue 04 Mar 2025 12:07:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 153294
IP address blocks: 161.248.66.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 22:26:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7380 (0x1cd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 4 12:07:20 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c6ecf8-c5c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:73:c3:bb:1e:6a:6e:2e:47:e8:14:ab:0b:e4:
48:1e:10:82:54:9e:c2:8f:ab:cd:08:a3:a6:09:8d:
0e:c9:13:65:85:63:d7:ba:0d:17:22:e8:11:a7:a0:
8b:74:5c:7d:29:e0:b1:74:df:7a:06:bc:fb:62:1d:
d9:69:92:1c:23:7e:88:2a:f9:07:0b:05:ea:3c:c9:
e6:a9:ab:5c:80:c8:58:ca:8c:e6:7b:45:cd:30:33:
48:25:e5:cc:e2:93:8f:28:7e:ac:8d:0a:9b:97:b9:
d8:82:7d:31:7f:54:a9:46:0a:ac:93:b9:7d:d6:a8:
b8:ad:c3:51:92:19:18:f7:ae:ec:5d:f9:3f:cb:44:
4f:66:70:fd:fe:fa:5c:34:3e:bf:d6:c0:42:72:24:
48:af:17:a9:84:60:5c:8d:a0:3c:41:13:b6:0e:d1:
10:dc:29:8c:8d:2f:44:73:e2:0e:b2:a7:35:ea:08:
ba:22:55:05:b6:49:92:07:c0:85:a6:18:0e:31:9c:
be:aa:62:9d:a9:d1:b5:f3:87:da:c3:eb:d7:f0:79:
c8:a1:d8:7a:ac:be:09:cb:be:88:10:e6:52:b8:5d:
29:db:04:1c:0c:45:b3:4d:d7:f5:83:e2:9d:d3:70:
ae:65:9a:b2:45:37:f2:52:64:34:69:e5:af:93:93:
f0:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:14:55:71:E3:15:A4:7E:B9:56:D1:6D:1B:7B:C2:05:EE:65:21:33
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/39139BD2F8F111EF91972863C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.66.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:0a:76:bf:1a:7d:95:00:48:3a:65:c2:4b:6b:ef:99:26:3b:
27:e7:4e:d8:3c:78:f5:53:ea:de:4b:d0:7e:f3:cd:2c:14:e6:
5c:30:0e:0e:2d:d8:a3:7d:7d:e2:fc:78:25:20:20:78:bb:ac:
dd:55:d6:ad:a1:40:3c:a3:53:aa:8e:7e:c2:65:6c:81:ac:12:
00:57:56:78:8a:21:b2:3a:74:53:44:fa:19:82:49:2a:6d:1b:
4e:94:32:ad:57:c0:3d:12:61:00:05:2d:91:fb:12:6a:26:a2:
fb:a1:e1:ab:87:c7:ca:2f:3e:6b:81:43:87:ad:e1:d5:43:92:
99:bc:88:e3:1a:48:01:82:e0:16:24:d8:1a:97:7f:7c:12:19:
38:25:93:9e:7b:41:02:a2:4f:44:4c:c8:54:e0:89:b0:c3:02:
7c:af:37:bd:5d:4b:d3:db:5f:57:92:ce:ad:f0:b7:21:56:50:
d5:7b:50:67:e1:63:97:26:5c:12:f9:03:f2:b9:d7:c1:e0:17:
8b:73:a4:15:f8:cf:2a:17:ba:ea:53:35:1a:fa:b6:0f:d1:ed:
75:2f:03:01:a7:70:9d:d7:4b:fc:c3:de:31:47:de:e7:83:2d:
fe:e0:ac:53:7b:22:2c:20:b8:82:0d:e6:13:29:3d:e2:f5:b3:
e5:31:58:8c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHNQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjUwMzA0MTIwNzIwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M2ZWNmOC1jNWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzXPDux5qbi5H6BSrC+RIHhCCVJ7Cj6vNCKOmCY0OyRNlhWPXug0XIugRp6CL
dFx9KeCxdN96Brz7Yh3ZaZIcI36IKvkHCwXqPMnmqatcgMhYyozme0XNMDNIJeXM
4pOPKH6sjQqbl7nYgn0xf1SpRgqsk7l91qi4rcNRkhkY967sXfk/y0RPZnD9/vpc
ND6/1sBCciRIrxephGBcjaA8QRO2DtEQ3CmMjS9Ec+IOsqc16gi6IlUFtkmSB8CF
phgOMZy+qmKdqdG184faw+vX8HnIodh6rL4Jy76IEOZSuF0p2wQcDEWzTdf1g+Kd
03CuZZqyRTfyUmQ0aeWvk5PwiQIDAQABo4IClTCCApEwHQYDVR0OBBYEFI8UVXHj
FaR+uVbRbRt7wgXuZSEzMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMzkxMzlCRDJG
OEYxMTFFRjkxOTcyODYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGh+EIwDQYJKoZIhvcNAQELBQADggEBALYKdr8afZUASDpl
wktr75kmOyfnTtg8ePVT6t5L0H7zzSwU5lwwDg4t2KN9feL8eCUgIHi7rN1V1q2h
QDyjU6qOfsJlbIGsEgBXVniKIbI6dFNE+hmCSSptG06UMq1XwD0SYQAFLZH7Emom
ovuh4auHx8ovPmuBQ4et4dVDkpm8iOMaSAGC4BYk2BqXf3wSGTglk557QQKiT0RM
yFTgibDDAnyvN71dS9PbX1eSzq3wtyFWUNV7UGfhY5cmXBL5A/K518HgF4tzpBX4
zyoXuupTNRr6tg/R7XUvAwGncJ3XS/zD3jFH3ueDLf7grFN7IiwguIIN5hMpPeL1
s+UxWIw=
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:27:15 2025 by rpki-client