Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91954E2/73EBE6A2346F11EF97CA7546C4F9AE02/CC8E710C347011EF9F04CE66C4F9AE02.roa
File: CC8E710C347011EF9F04CE66C4F9AE02.roa (raw, json)
Hash identifier: zqqFgR8hZJd3tGWwh69g86T2JXS+0860K/pt4Nn27L8=
Subject key identifier: 0A:E1:F6:DF:98:4E:06:6D:78:B6:63:D5:50:E2:6E:8D:81:31:03:36
Certificate issuer: /CN=A91954E2/serialNumber=601AA3FD4770BFC69AF2406F2E80ED08E7DC6B43
Certificate serial: 83
Authority key identifier: 60:1A:A3:FD:47:70:BF:C6:9A:F2:40:6F:2E:80:ED:08:E7:DC:6B:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YBqj_Udwv8aa8kBvLoDtCOfca0M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91954E2/73EBE6A2346F11EF97CA7546C4F9AE02/CC8E710C347011EF9F04CE66C4F9AE02.roa
Signing time: Mon 03 Mar 2025 08:29:26 +0000
ROA not before: Mon 03 Mar 2025 08:29:26 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 152731
IP address blocks: 202.50.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91954E2/73EBE6A2346F11EF97CA7546C4F9AE02/YBqj_Udwv8aa8kBvLoDtCOfca0M.crl
rsync://rpki.apnic.net/member_repository/A91954E2/73EBE6A2346F11EF97CA7546C4F9AE02/YBqj_Udwv8aa8kBvLoDtCOfca0M.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YBqj_Udwv8aa8kBvLoDtCOfca0M.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 05:13:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131 (0x83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91954E2
Validity
Not Before: Mar 3 08:29:26 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c56866-192f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:06:0e:26:82:f8:fc:15:bb:85:b2:44:c1:12:
f2:dc:30:88:e8:a2:5b:b8:28:34:50:39:db:5d:22:
6c:74:cd:0e:53:c2:60:33:da:0b:a9:07:a9:21:7c:
57:4a:bb:1b:d2:3e:a4:68:c3:47:82:4f:42:8b:70:
74:76:3d:73:44:05:4b:c4:37:32:82:ab:64:fd:fa:
d9:dc:31:95:a6:1b:b0:e0:a5:cf:c9:41:fd:23:41:
74:85:cb:72:cc:e1:c3:7c:de:82:32:a4:6d:e9:d6:
61:76:f0:75:54:8d:68:d9:87:7a:d6:18:c7:42:3d:
4e:75:68:63:0d:d7:65:3b:6b:31:6e:b8:36:bc:2b:
e8:c4:b6:ab:a1:3d:de:7e:22:bc:93:66:c1:34:4e:
40:37:03:e1:f3:40:9e:2f:d3:fa:eb:66:b1:ff:26:
68:42:6f:42:11:df:4e:2b:4e:1a:bb:8f:29:d8:b7:
ce:8b:b3:90:44:03:1f:49:4b:77:7b:14:fe:40:bf:
de:80:5d:7c:4e:3e:46:a3:a6:c1:a7:3e:8c:53:fc:
85:5d:1b:5a:23:02:36:24:36:8b:f5:29:7e:37:6e:
e4:83:9b:29:18:8e:14:72:74:58:74:7c:06:97:78:
ff:a0:32:ba:82:de:d7:84:72:c3:b2:2d:d8:1f:e5:
82:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E1:F6:DF:98:4E:06:6D:78:B6:63:D5:50:E2:6E:8D:81:31:03:36
X509v3 Authority Key Identifier:
keyid:60:1A:A3:FD:47:70:BF:C6:9A:F2:40:6F:2E:80:ED:08:E7:DC:6B:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91954E2/73EBE6A2346F11EF97CA7546C4F9AE02/YBqj_Udwv8aa8kBvLoDtCOfca0M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YBqj_Udwv8aa8kBvLoDtCOfca0M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91954E2/73EBE6A2346F11EF97CA7546C4F9AE02/CC8E710C347011EF9F04CE66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.50.129.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:d1:22:04:ec:f0:d9:89:72:47:f3:bd:97:35:3f:a3:57:8e:
26:71:64:da:8e:c9:72:e5:ef:f0:8d:80:22:c8:c8:6e:84:77:
fe:c4:db:50:d9:24:90:8e:dc:9c:2b:56:6a:65:dc:a6:ab:78:
f3:86:46:00:37:48:bf:63:5c:e8:ce:3f:d3:f3:fb:0e:15:58:
16:89:56:dc:c1:e4:82:f7:b7:cc:4b:6a:34:52:61:b4:d4:90:
b6:8b:63:bc:d7:e3:5f:08:19:3c:44:1c:bb:ba:93:4c:5d:d4:
6d:3f:8e:41:e1:c9:fc:b8:d6:ba:8c:3d:28:51:7d:fd:f3:66:
34:44:97:aa:f4:a3:7c:1a:a9:00:68:26:2d:52:75:82:36:e5:
67:28:2b:fc:aa:27:1c:70:f2:a3:4f:e3:da:e4:b9:f9:ed:e2:
f7:d1:76:31:28:7a:f7:bb:b2:d0:25:a5:00:db:8c:86:08:78:
9e:53:e6:41:7d:a1:a5:bd:54:b7:7f:aa:3c:6f:52:ce:fb:64:
75:bb:a6:0c:36:ff:30:51:d2:67:4d:ea:9a:9a:dd:b6:2b:54:
59:59:3c:bf:36:80:68:70:af:04:b4:10:08:08:b8:ac:27:2e:
47:df:e9:b4:f4:77:84:0f:61:b0:06:c2:63:a2:2e:be:de:7e:
9c:4f:fa:a0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTU0RTIxMTAvBgNVBAUTKDYwMUFBM0ZENDc3MEJGQzY5QUYyNDA2RjJFODBFRDA4
RTdEQzZCNDMwHhcNMjUwMzAzMDgyOTI2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M1Njg2Ni0xOTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1QYOJoL4/BW7hbJEwRLy3DCI6KJbuCg0UDnbXSJsdM0OU8JgM9oLqQepIXxX
Srsb0j6kaMNHgk9Ci3B0dj1zRAVLxDcygqtk/frZ3DGVphuw4KXPyUH9I0F0hcty
zOHDfN6CMqRt6dZhdvB1VI1o2Yd61hjHQj1OdWhjDddlO2sxbrg2vCvoxLaroT3e
fiK8k2bBNE5ANwPh80CeL9P662ax/yZoQm9CEd9OK04au48p2LfOi7OQRAMfSUt3
exT+QL/egF18Tj5Go6bBpz6MU/yFXRtaIwI2JDaL9Sl+N27kg5spGI4UcnRYdHwG
l3j/oDK6gt7XhHLDsi3YH+WCdwIDAQABo4IClTCCApEwHQYDVR0OBBYEFArh9t+Y
TgZteLZj1VDibo2BMQM2MB8GA1UdIwQYMBaAFGAao/1HcL/GmvJAby6A7Qjn3GtD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTRFMi83M0VCRTZBMjM0
NkYxMUVGOTdDQTc1NDZDNEY5QUUwMi9ZQnFqX1Vkd3Y4YWE4a0J2TG9EdENPZmNh
ME0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lCcWpfVWR3djhhYThrQnZMb0R0Q09mY2EwTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTU0RTIvNzNFQkU2QTIzNDZGMTFFRjk3Q0E3NTQ2QzRGOUFFMDIvQ0M4RTcxMEMz
NDcwMTFFRjlGMDRDRTY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKMoEwDQYJKoZIhvcNAQELBQADggEBAMLRIgTs8NmJckfz
vZc1P6NXjiZxZNqOyXLl7/CNgCLIyG6Ed/7E21DZJJCO3JwrVmpl3KarePOGRgA3
SL9jXOjOP9Pz+w4VWBaJVtzB5IL3t8xLajRSYbTUkLaLY7zX418IGTxEHLu6k0xd
1G0/jkHhyfy41rqMPShRff3zZjREl6r0o3waqQBoJi1SdYI25WcoK/yqJxxw8qNP
49rkufnt4vfRdjEoeve7stAlpQDbjIYIeJ5T5kF9oaW9VLd/qjxvUs77ZHW7pgw2
/zBR0mdN6pqa3bYrVFlZPL82gGhwrwS0EAgIuKwnLkff6bT0d4QPYbAGwmOiLr7e
fpxP+qA=
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:56:19 2025 by rpki-client