Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/6B910002F7F411EFA0F3E52DC4F9AE02.roa
File: 6B910002F7F411EFA0F3E52DC4F9AE02.roa (raw, json)
Hash identifier: oK0MFWTJ+AXgkpy3phWNN8Y+Lxg044bOFYSddgTDy4w=
Subject key identifier: F1:57:0F:28:5D:FB:D1:44:5A:1D:72:67:49:27:D9:C3:13:A8:A6:E8
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 1CD2
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/6B910002F7F411EFA0F3E52DC4F9AE02.roa
Signing time: Mon 03 Mar 2025 05:57:42 +0000
ROA not before: Mon 03 Mar 2025 05:57:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141317
IP address blocks: 160.191.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 22:26:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7378 (0x1cd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 3 05:57:42 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c544d6-bb4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:20:92:ad:5a:cd:22:91:60:83:fc:c2:a8:c2:
8a:38:f4:ff:e6:70:d5:ae:29:69:e9:3f:21:f9:28:
6c:2a:33:10:14:2c:4e:8f:fc:94:2f:ad:5c:17:dd:
6d:de:2f:1a:01:6c:46:93:2d:f2:87:0a:22:87:d9:
dc:2a:f8:bb:b0:7d:a7:70:f5:c4:6e:e2:a6:93:c4:
b9:09:98:04:39:1d:43:f3:1e:6a:45:b3:1d:99:6b:
0e:d2:80:b0:5f:7c:78:11:f3:5c:ac:cd:49:7b:a4:
f0:13:d6:bc:ec:8f:b4:82:22:e8:6a:ec:cf:84:bb:
24:d9:31:a5:01:23:8a:6e:41:52:06:2f:75:4c:b2:
cb:04:3e:ff:5d:53:63:c7:31:3a:76:38:2e:16:fa:
fe:37:0d:66:e0:c5:7e:97:fc:88:d3:a7:fb:0e:80:
36:05:da:28:85:a1:f2:da:05:3d:b0:3e:1b:ba:eb:
2f:12:45:5f:d9:8b:4e:4a:c5:b6:45:9c:a8:22:d8:
6c:fc:1d:72:ee:3c:b7:52:81:2e:41:48:22:93:d5:
60:4e:3b:34:b2:76:fd:f5:6b:0a:4c:0b:90:a7:5d:
e5:f2:17:2d:8c:12:fe:d0:4c:f6:66:da:af:c3:ab:
24:71:e4:78:f4:04:19:78:a8:49:f4:5f:28:f1:f8:
0e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:57:0F:28:5D:FB:D1:44:5A:1D:72:67:49:27:D9:C3:13:A8:A6:E8
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/6B910002F7F411EFA0F3E52DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.76.0/24
Signature Algorithm: sha256WithRSAEncryption
83:e2:1e:03:de:83:26:e3:fb:4b:49:25:42:23:d3:3f:f0:c7:
17:cd:c7:55:6d:9b:5f:e7:01:c9:d6:bc:15:41:4b:ce:41:78:
b8:cc:34:c0:75:1e:cd:a8:3b:1d:5a:ce:47:25:f0:e0:86:f0:
0d:58:4a:87:a9:d0:ff:88:2d:fa:04:51:6d:72:5d:d9:55:07:
57:23:6a:45:36:6b:89:9d:d5:6a:76:f2:ef:d1:7a:9e:cb:89:
39:ba:fd:bf:b8:d8:00:6d:7d:9b:e2:02:69:12:a5:3a:a0:21:
19:1a:04:80:da:6f:5c:33:bf:56:38:5f:f8:a2:09:de:9e:35:
83:e3:a4:b1:3d:24:7e:54:1a:0d:02:f3:b6:40:9e:24:c5:25:
f9:65:70:17:1d:9a:5d:f1:c0:01:87:e5:7a:2a:28:9b:0b:33:
d3:8a:d6:51:d8:c2:9f:de:32:5a:3e:16:bb:54:6d:05:c1:41:
80:ec:54:26:ae:c3:f5:0e:4e:d3:dd:79:51:81:24:66:b6:c6:
27:da:22:1a:68:bf:e9:6e:b1:cd:a3:0e:fc:c1:14:a8:d8:c6:
86:10:a7:21:61:af:bc:99:58:8f:5b:a9:c1:04:6e:1a:43:7a:
7a:01:1e:12:a8:16:74:91:e0:dc:70:17:6c:f0:b3:45:90:c9:
e2:64:7b:0d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICHNIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjUwMzAzMDU1NzQyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M1NDRkNi1iYjRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0CCSrVrNIpFgg/zCqMKKOPT/5nDVrilp6T8h+ShsKjMQFCxOj/yUL61cF91t
3i8aAWxGky3yhwoih9ncKvi7sH2ncPXEbuKmk8S5CZgEOR1D8x5qRbMdmWsO0oCw
X3x4EfNcrM1Je6TwE9a87I+0giLoauzPhLsk2TGlASOKbkFSBi91TLLLBD7/XVNj
xzE6djguFvr+Nw1m4MV+l/yI06f7DoA2BdoohaHy2gU9sD4buusvEkVf2YtOSsW2
RZyoIths/B1y7jy3UoEuQUgik9VgTjs0snb99WsKTAuQp13l8hctjBL+0Ez2Ztqv
w6skceR49AQZeKhJ9F8o8fgOYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPFXDyhd
+9FEWh1yZ0kn2cMTqKboMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNkI5MTAwMDJG
N0Y0MTFFRkEwRjNFNTJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACgv0wwDQYJKoZIhvcNAQELBQADggEBAIPiHgPegybj+0tJ
JUIj0z/wxxfNx1Vtm1/nAcnWvBVBS85BeLjMNMB1Hs2oOx1azkcl8OCG8A1YSoep
0P+ILfoEUW1yXdlVB1cjakU2a4md1Wp28u/Rep7LiTm6/b+42ABtfZviAmkSpTqg
IRkaBIDab1wzv1Y4X/iiCd6eNYPjpLE9JH5UGg0C87ZAniTFJfllcBcdml3xwAGH
5XoqKJsLM9OK1lHYwp/eMlo+FrtUbQXBQYDsVCauw/UOTtPdeVGBJGa2xifaIhpo
v+lusc2jDvzBFKjYxoYQpyFhr7yZWI9bqcEEbhpDenoBHhKoFnSR4NxwF2zws0WQ
yeJkew0=
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:32:53 2025 by rpki-client