Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/35D2294C4AB511EF87AB161BC4F9AE02.roa
File: 35D2294C4AB511EF87AB161BC4F9AE02.roa (raw, json)
Hash identifier: ojSPB0ISIGRw3cOfBtrECwI7sYrCbgl9SiZcYTomn1Y=
Subject key identifier: EA:B9:8E:8C:59:7B:69:66:A4:5C:CB:99:61:38:95:A1:28:0F:18:65
Certificate issuer: /CN=A9190D72/serialNumber=A54CB7742AABCF4E58E5D4C1F3B9D12DAD91B406
Certificate serial: D0
Authority key identifier: A5:4C:B7:74:2A:AB:CF:4E:58:E5:D4:C1:F3:B9:D1:2D:AD:91:B4:06
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pUy3dCqrz05Y5dTB87nRLa2RtAY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/35D2294C4AB511EF87AB161BC4F9AE02.roa
Signing time: Thu 27 Mar 2025 05:11:48 +0000
ROA not before: Thu 27 Mar 2025 05:11:48 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 136557
IP address blocks: 157.20.104.0/24 maxlen: 24
157.20.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/pUy3dCqrz05Y5dTB87nRLa2RtAY.crl
rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/pUy3dCqrz05Y5dTB87nRLa2RtAY.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pUy3dCqrz05Y5dTB87nRLa2RtAY.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 04:32:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 208 (0xd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9190D72
Validity
Not Before: Mar 27 05:11:48 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e4de14-9c90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:db:06:61:60:1f:75:df:86:d7:41:8b:bc:71:
c6:bb:b7:f3:46:50:e7:36:65:f3:6f:57:20:70:69:
25:5f:b2:18:57:6e:d7:fb:08:d8:c3:1a:9d:58:c1:
c7:0d:7d:b8:80:44:6a:a1:15:0d:1d:ca:30:56:05:
8b:45:b5:a9:b8:a6:fe:16:0c:b1:68:5e:32:d9:a1:
6e:7e:30:14:e9:ab:c8:ae:b1:c0:df:e3:92:06:8c:
05:18:48:b6:21:67:05:f8:87:26:b4:a6:d2:df:e2:
4c:b9:3e:06:c9:6d:dc:e7:64:7e:0d:00:fa:bd:ff:
bc:b6:25:66:aa:72:43:7e:e9:28:10:e4:50:05:68:
00:40:14:74:bf:40:34:2a:b7:ee:d4:f6:88:b0:bb:
f7:4d:ae:84:1f:66:ef:a7:03:cc:64:aa:83:aa:61:
ab:c6:f4:ad:0a:8a:c0:53:87:ad:9f:ad:96:7c:87:
53:a8:da:88:79:39:dc:dc:36:cf:b3:5a:9a:82:06:
24:29:9c:63:7f:cc:d8:77:1c:b4:eb:a5:b5:8c:ca:
57:08:78:db:05:ff:4f:15:e9:d4:bf:51:19:3a:85:
02:dd:bb:6e:ef:f4:25:ec:8d:9d:f1:5a:3f:07:f7:
02:40:ed:5d:bb:15:14:03:15:9b:a6:cb:3b:01:b6:
a9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B9:8E:8C:59:7B:69:66:A4:5C:CB:99:61:38:95:A1:28:0F:18:65
X509v3 Authority Key Identifier:
keyid:A5:4C:B7:74:2A:AB:CF:4E:58:E5:D4:C1:F3:B9:D1:2D:AD:91:B4:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/pUy3dCqrz05Y5dTB87nRLa2RtAY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pUy3dCqrz05Y5dTB87nRLa2RtAY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/35D2294C4AB511EF87AB161BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.104.0/23
Signature Algorithm: sha256WithRSAEncryption
30:6d:fa:7f:ef:90:49:b8:32:8e:4c:50:d9:0c:f2:0f:92:40:
fd:71:70:04:d1:c7:4f:11:5e:05:d6:5e:c7:2d:9b:e9:b8:49:
1b:da:c6:33:69:2f:f2:c9:94:6e:81:11:e9:fd:d8:4c:5d:d1:
85:e2:28:da:83:3f:6c:95:83:e8:2a:4e:66:97:c2:aa:64:ad:
47:44:f3:71:cb:1f:05:be:96:52:f4:31:ef:c9:e6:14:81:aa:
f8:ff:99:16:54:6a:e1:76:09:44:37:f8:78:72:6c:1e:9c:ce:
e6:f6:24:a7:c9:a0:fe:99:16:ad:5d:a1:13:ec:9e:29:d4:4c:
76:97:c7:b0:10:05:b5:d8:3d:f3:fa:a8:4d:66:85:26:3f:db:
18:25:e4:8a:7f:b8:d2:9e:53:8b:71:53:91:25:fd:7f:40:df:
00:00:0c:14:58:e1:9b:a5:d4:26:a8:35:b0:f5:68:ba:6c:c1:
74:b7:4c:7c:c0:85:03:3b:63:f6:63:03:70:26:3d:fa:fa:73:
28:6e:17:e1:77:87:e2:5b:1d:5e:f1:f4:ec:e5:1a:54:9f:f3:
09:74:9d:52:42:35:98:22:26:99:ef:21:d6:af:fa:dc:b6:14:
f0:4e:c5:b2:ea:b5:d4:66:23:8c:ca:a5:cf:f2:88:3e:b1:87:
86:95:db:07
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTBENzIxMTAvBgNVBAUTKEE1NENCNzc0MkFBQkNGNEU1OEU1RDRDMUYzQjlEMTJE
QUQ5MUI0MDYwHhcNMjUwMzI3MDUxMTQ4WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U0ZGUxNC05YzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwtsGYWAfdd+G10GLvHHGu7fzRlDnNmXzb1cgcGklX7IYV27X+wjYwxqdWMHH
DX24gERqoRUNHcowVgWLRbWpuKb+FgyxaF4y2aFufjAU6avIrrHA3+OSBowFGEi2
IWcF+IcmtKbS3+JMuT4GyW3c52R+DQD6vf+8tiVmqnJDfukoEORQBWgAQBR0v0A0
Krfu1PaIsLv3Ta6EH2bvpwPMZKqDqmGrxvStCorAU4etn62WfIdTqNqIeTnc3DbP
s1qaggYkKZxjf8zYdxy066W1jMpXCHjbBf9PFenUv1EZOoUC3btu7/Ql7I2d8Vo/
B/cCQO1duxUUAxWbpss7AbapcwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOq5joxZ
e2lmpFzLmWE4laEoDxhlMB8GA1UdIwQYMBaAFKVMt3Qqq89OWOXUwfO50S2tkbQG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MEQ3Mi82QUM5ODlGMEQ0
ODIxMUVFODdENUQ3MjRDNEY5QUUwMi9wVXkzZENxcnowNVk1ZFRCODduUkxhMlJ0
QVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3BVeTNkQ3FyejA1WTVkVEI4N25STGEyUnRBWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTBENzIvNkFDOTg5RjBENDgyMTFFRTg3RDVENzI0QzRGOUFFMDIvMzVEMjI5NEM0
QUI1MTFFRjg3QUIxNjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdFGgwDQYJKoZIhvcNAQELBQADggEBADBt+n/vkEm4Mo5M
UNkM8g+SQP1xcATRx08RXgXWXsctm+m4SRvaxjNpL/LJlG6BEen92Exd0YXiKNqD
P2yVg+gqTmaXwqpkrUdE83HLHwW+llL0Me/J5hSBqvj/mRZUauF2CUQ3+HhybB6c
zub2JKfJoP6ZFq1doRPsninUTHaXx7AQBbXYPfP6qE1mhSY/2xgl5Ip/uNKeU4tx
U5El/X9A3wAADBRY4Zul1CaoNbD1aLpswXS3THzAhQM7Y/ZjA3AmPfr6cyhuF+F3
h+JbHV7x9OzlGlSf8wl0nVJCNZgiJpnvIdav+ty2FPBOxbLqtdRmI4zKpc/yiD6x
h4aV2wc=
-----END CERTIFICATE-----
Generated at Fri Apr 11 19:52:19 2025 by rpki-client