Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/56494EB6DD5F11EFA1B96834C4F9AE02.roa
File: 56494EB6DD5F11EFA1B96834C4F9AE02.roa (raw, json)
Hash identifier: KWCnSJksefKMXttieBhzXhm2c/b7j/aeuiMbzephWMk=
Subject key identifier: 86:67:63:5A:6D:C2:E0:61:65:AF:E7:8F:EA:6E:3D:44:0F:BF:B4:DD
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1C9E
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/56494EB6DD5F11EFA1B96834C4F9AE02.roa
Signing time: Tue 28 Jan 2025 10:05:01 +0000
ROA not before: Tue 28 Jan 2025 10:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152522
IP address blocks: 160.22.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 22:26:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7326 (0x1c9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 28 10:05:01 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6798abcd-9166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fd:64:1e:dd:e6:ed:27:ce:74:97:8c:ac:9f:
32:5d:7a:c0:ff:06:b4:ec:65:7d:da:ec:48:75:6e:
1b:b0:34:46:fb:70:75:39:f8:62:0e:83:dc:0b:b4:
02:1e:2f:7d:6f:ab:f0:9e:09:f3:d8:41:e2:bc:51:
ba:ba:07:70:e2:11:f1:a4:f1:db:c1:35:15:4a:8d:
ee:85:10:db:70:c2:b0:bd:c0:fa:78:28:26:da:fd:
ba:ef:1a:f2:86:11:a5:1e:a2:dd:be:ac:2c:67:1b:
c0:a9:11:c7:4d:7b:06:47:91:34:96:24:42:73:12:
b7:8c:61:7f:73:00:5d:01:c0:92:6b:0e:3b:4c:ca:
9d:8f:f6:de:e7:c6:ca:c5:04:2b:92:71:48:48:56:
8e:b0:38:2a:d4:30:89:4e:60:54:d1:d8:e0:9a:37:
37:61:c2:3d:e8:2d:ff:c0:55:15:f4:db:78:a0:fc:
b6:46:bd:49:f9:10:0d:c2:14:a3:94:b6:63:09:e7:
2b:43:87:59:38:83:a3:d5:32:2a:ee:4e:11:bf:16:
62:c7:51:d5:e1:38:48:5b:a9:a4:09:cc:27:29:c9:
db:42:f1:2b:65:df:2b:89:2c:1f:58:2f:6a:9f:44:
d8:07:a5:ec:55:9e:f3:7c:9f:5d:d3:6a:6d:e2:be:
dc:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:67:63:5A:6D:C2:E0:61:65:AF:E7:8F:EA:6E:3D:44:0F:BF:B4:DD
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/56494EB6DD5F11EFA1B96834C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.86.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:76:bd:e2:bf:6c:08:01:2e:55:76:e8:05:80:3c:23:19:7e:
40:f3:dd:d0:df:b4:8c:9b:d8:db:9e:df:9b:84:8f:60:41:23:
ff:9a:83:54:57:2f:37:b1:56:ca:80:fb:b5:40:09:67:4a:24:
a3:85:50:11:b7:bd:4e:e3:49:f2:fa:25:84:75:7f:f4:ab:51:
6d:b5:29:70:70:a9:84:d1:c0:7d:4a:c3:1c:68:42:f7:3b:13:
02:9b:db:cb:1b:e3:e5:bd:bf:86:e0:cb:4a:18:5c:64:b0:d1:
28:56:3e:d0:b0:19:d5:54:57:06:d9:b7:2b:59:70:62:16:1d:
3a:1e:60:d8:08:af:e0:9d:08:78:29:9f:0b:60:27:5e:24:24:
57:3d:df:7e:12:09:89:52:93:eb:f1:9b:30:6d:22:c7:72:c7:
e1:a4:9e:0c:23:00:79:30:1f:0b:ca:9b:7a:22:74:f1:90:a0:
b4:1d:04:eb:e3:8a:42:bf:c3:46:ed:f8:c9:80:99:07:59:01:
a7:5d:8f:80:39:eb:ff:0b:a9:90:36:d1:85:fd:ca:79:7a:c2:
19:e5:bb:79:d2:2a:11:93:25:f3:5a:ba:57:92:f2:9f:f6:64:
73:65:10:32:c5:d4:6b:73:ab:63:99:a7:a8:f7:7a:5d:83:de:
74:7b:d0:6c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjUwMTI4MTAwNTAxWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk4YWJjZC05MTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnP1kHt3m7SfOdJeMrJ8yXXrA/wa07GV92uxIdW4bsDRG+3B1OfhiDoPcC7QC
Hi99b6vwngnz2EHivFG6ugdw4hHxpPHbwTUVSo3uhRDbcMKwvcD6eCgm2v267xry
hhGlHqLdvqwsZxvAqRHHTXsGR5E0liRCcxK3jGF/cwBdAcCSaw47TMqdj/be58bK
xQQrknFISFaOsDgq1DCJTmBU0djgmjc3YcI96C3/wFUV9Nt4oPy2Rr1J+RANwhSj
lLZjCecrQ4dZOIOj1TIq7k4RvxZix1HV4ThIW6mkCcwnKcnbQvErZd8riSwfWC9q
n0TYB6XsVZ7zfJ9d02pt4r7cqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIZnY1pt
wuBhZa/nj+puPUQPv7TdMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNTY0OTRFQjZE
RDVGMTFFRkExQjk2ODM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACgFlYwDQYJKoZIhvcNAQELBQADggEBAH92veK/bAgBLlV2
6AWAPCMZfkDz3dDftIyb2Nue35uEj2BBI/+ag1RXLzexVsqA+7VACWdKJKOFUBG3
vU7jSfL6JYR1f/SrUW21KXBwqYTRwH1KwxxoQvc7EwKb28sb4+W9v4bgy0oYXGSw
0ShWPtCwGdVUVwbZtytZcGIWHToeYNgIr+CdCHgpnwtgJ14kJFc9334SCYlSk+vx
mzBtIsdyx+GkngwjAHkwHwvKm3oidPGQoLQdBOvjikK/w0bt+MmAmQdZAaddj4A5
6/8LqZA20YX9ynl6whnlu3nSKhGTJfNauleS8p/2ZHNlEDLF1Gtzq2OZp6j3el2D
3nR70Gw=
-----END CERTIFICATE-----
Generated at Thu Apr 10 12:46:37 2025 by rpki-client