Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/35B844A8097511F0B4088653C4F9AE02.roa
File: 35B844A8097511F0B4088653C4F9AE02.roa (raw, json)
Hash identifier: 4UvrV3fbZx9mYunFmArhzUHFTXMET+/Q4nWorQ+DjI0=
Subject key identifier: 27:51:1F:90:16:8E:E2:ED:0F:BE:68:79:10:1C:32:25:53:7F:40:7F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AC73
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/35B844A8097511F0B4088653C4F9AE02.roa
Signing time: Tue 25 Mar 2025 12:32:26 +0000
ROA not before: Tue 25 Mar 2025 12:32:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133232
IP address blocks: 2001:df7:6e00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 09:21:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44147 (0xac73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 25 12:32:26 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67e2a25a-77eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d6:f2:84:47:68:ba:1d:3e:b3:7a:f7:e8:91:
72:7e:c4:67:d9:8c:b2:97:e4:30:bb:f5:fe:74:e2:
17:8f:f7:8d:4d:80:48:96:99:a4:3d:d1:54:ff:67:
90:e5:ed:0b:3e:c7:90:f0:d5:c9:92:4d:ed:cd:01:
ab:35:b8:7d:06:8d:af:59:16:62:37:d8:ff:88:82:
f0:84:c8:fb:06:91:9d:4e:f7:19:97:28:ee:a2:ba:
da:a1:28:2a:4a:3c:74:be:db:e4:63:de:c1:09:99:
6b:51:e7:60:73:ce:5f:e7:98:28:11:12:e5:be:54:
1e:e1:e7:ba:20:db:ed:9f:6b:43:5d:4f:3c:52:aa:
2f:c9:2c:23:37:84:fc:05:47:9e:46:3d:bb:7d:23:
05:d6:1b:c2:97:4e:4e:22:21:d8:29:21:bb:d9:f9:
e4:42:b1:87:91:9d:4f:5f:44:06:f0:7e:01:33:b0:
cb:0a:c7:13:66:81:21:73:0b:df:65:72:54:de:4c:
48:84:44:5d:9c:ff:ec:7f:f8:2b:ee:45:7e:99:12:
aa:a1:5c:00:99:af:9c:24:d3:92:41:c1:b7:0c:5c:
fe:a9:c7:a4:d1:97:f1:45:24:1d:9f:f2:f6:94:55:
b7:39:83:7c:9f:86:8a:c5:79:67:c0:50:5c:f6:4a:
34:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:51:1F:90:16:8E:E2:ED:0F:BE:68:79:10:1C:32:25:53:7F:40:7F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/35B844A8097511F0B4088653C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df7:6e00::/48
Signature Algorithm: sha256WithRSAEncryption
a1:b3:d1:8b:3d:ef:5a:69:69:4a:c0:15:7e:aa:79:b8:aa:31:
7b:16:77:4b:35:63:43:c1:28:82:da:ed:1e:42:8f:1e:d3:bd:
3b:11:d1:04:ba:f3:74:8f:7b:58:f4:11:44:59:3a:96:36:83:
52:c1:44:92:53:e1:c2:de:66:75:82:b4:80:28:2e:67:42:11:
84:f6:0d:71:f8:16:00:68:10:3b:17:ae:1a:bd:5f:68:c4:b7:
88:aa:96:03:91:79:bd:88:1e:ff:80:eb:6a:81:e9:06:00:f3:
e8:e3:e6:73:f8:59:67:03:b3:1e:e0:b7:ac:08:f6:1f:8b:1c:
d9:52:13:82:19:ae:5b:66:0a:53:f6:1f:43:62:4d:2e:a8:9d:
b2:f8:5a:ee:ea:f3:c6:50:58:38:4e:c5:44:ed:5e:b5:98:28:
17:a1:36:4d:40:df:b9:75:94:c0:9e:90:a8:e4:a8:b8:4e:d8:
06:be:8f:90:70:34:f0:74:22:fe:bc:00:45:3f:3e:56:da:fd:
a1:7a:65:6e:65:02:5b:0d:a8:e6:a5:e4:70:4f:e8:55:c5:e6:
c6:5e:fc:1c:02:29:c5:01:ee:9a:d0:6a:c3:31:c8:3c:15:b9:
51:18:52:f8:ee:07:ff:55:e2:b0:24:e8:99:59:e6:7a:ed:33:
82:1e:ba:fc
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIDAKxzMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMyNTEyMzIyNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdlMmEyNWEtNzdlYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLW8oRHaLodPrN69+iRcn7EZ9mMspfkMLv1/nTiF4/3jU2ASJaZpD3RVP9n
kOXtCz7HkPDVyZJN7c0BqzW4fQaNr1kWYjfY/4iC8ITI+waRnU73GZco7qK62qEo
Kko8dL7b5GPewQmZa1HnYHPOX+eYKBES5b5UHuHnuiDb7Z9rQ11PPFKqL8ksIzeE
/AVHnkY9u30jBdYbwpdOTiIh2Ckhu9n55EKxh5GdT19EBvB+ATOwywrHE2aBIXML
32VyVN5MSIREXZz/7H/4K+5FfpkSqqFcAJmvnCTTkkHBtwxc/qnHpNGX8UUkHZ/y
9pRVtzmDfJ+GisV5Z8BQXPZKNC0CAwEAAaOCApgwggKUMB0GA1UdDgQWBBQnUR+Q
Fo7i7Q++aHkQHDIlU39AfzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM1Qjg0NEE4
MDk3NTExRjBCNDA4ODY1M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCIGCCsGAQUFBwEHAQH/
BBMwETAPBAIAAjAJAwcAIAEN924AMA0GCSqGSIb3DQEBCwUAA4IBAQChs9GLPe9a
aWlKwBV+qnm4qjF7FndLNWNDwSiC2u0eQo8e0707EdEEuvN0j3tY9BFEWTqWNoNS
wUSSU+HC3mZ1grSAKC5nQhGE9g1x+BYAaBA7F64avV9oxLeIqpYDkXm9iB7/gOtq
gekGAPPo4+Zz+FlnA7Me4LesCPYfixzZUhOCGa5bZgpT9h9DYk0uqJ2y+Fru6vPG
UFg4TsVE7V61mCgXoTZNQN+5dZTAnpCo5Ki4TtgGvo+QcDTwdCL+vABFPz5W2v2h
emVuZQJbDajmpeRwT+hVxebGXvwcAinFAe6a0GrDMcg8FblRGFL47gf/VeKwJOiZ
WeZ67TOCHrr8
-----END CERTIFICATE-----
Generated at Tue Apr 8 02:21:05 2025 by rpki-client