Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91971CB/010EB288808911EB8B505F20C4F9AE02/27C29E5EF94411EDB4C6E91CC4F9AE02.roa
File: 27C29E5EF94411EDB4C6E91CC4F9AE02.roa (raw, json)
Hash identifier: PGlTDpEV17D+1hrLu4fdfibpz1YbRKMAlzpsoNFgyb4=
Subject key identifier: 04:74:53:BF:34:B9:53:18:A0:40:B2:59:30:12:0A:14:A8:39:FC:7A
Certificate issuer: /CN=A91971CB/serialNumber=319B3144F06A8F2B30D412071FE1210774FE86E7
Certificate serial: 0647
Authority key identifier: 31:9B:31:44:F0:6A:8F:2B:30:D4:12:07:1F:E1:21:07:74:FE:86:E7
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/MZsxRPBqjysw1BIHH-EhB3T-huc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91971CB/010EB288808911EB8B505F20C4F9AE02/27C29E5EF94411EDB4C6E91CC4F9AE02.roa
Signing time: Sun 16 Feb 2025 15:20:55 +0000
ROA not before: Sun 16 Feb 2025 15:20:55 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 56038
IP address blocks: 185.207.8.0/24 maxlen: 24
185.207.9.0/24 maxlen: 24
185.207.10.0/24 maxlen: 24
185.207.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91971CB/010EB288808911EB8B505F20C4F9AE02/MZsxRPBqjysw1BIHH-EhB3T-huc.crl
rsync://rpki.apnic.net/member_repository/A91971CB/010EB288808911EB8B505F20C4F9AE02/MZsxRPBqjysw1BIHH-EhB3T-huc.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/MZsxRPBqjysw1BIHH-EhB3T-huc.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 15:11:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1607 (0x647)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91971CB, serialNumber=319B3144F06A8F2B30D412071FE1210774FE86E7
Validity
Not Before: Feb 16 15:20:55 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67b20257-4962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:38:5d:45:72:89:4d:af:d8:67:2d:2e:b1:a9:
25:57:2d:b0:57:97:2c:6a:ce:ec:30:4a:e4:4f:11:
72:34:2f:bb:d4:c4:e0:85:70:56:af:13:76:e9:a9:
85:f8:f5:98:4c:bf:e5:12:f3:6f:a0:f3:35:5b:01:
6e:75:bf:ec:47:5f:34:2e:a6:7f:ac:32:97:10:da:
ff:a7:99:77:1e:94:b0:c9:42:fa:ac:50:ba:c2:8b:
ef:1a:bd:ae:4a:ca:96:51:fe:b1:94:52:d5:1b:7d:
e7:c9:34:17:6c:e8:f4:13:2f:87:0e:29:b6:8d:08:
cb:58:00:f7:77:cb:3d:5e:7d:9b:fc:59:17:c2:13:
ee:20:ad:a8:34:f3:c8:43:6a:01:16:d2:c2:c3:48:
39:42:dd:f2:b8:b0:16:21:31:7e:bb:01:45:09:fe:
0e:62:39:e4:e9:55:85:3a:4d:84:12:6a:d7:51:b8:
0a:28:80:c1:80:14:b3:47:61:1a:55:e9:41:32:ee:
da:17:f5:61:99:4f:20:92:d3:09:68:4e:2d:99:e1:
76:66:71:78:b1:4a:13:7f:ba:90:c4:7d:c9:17:f4:
49:dd:64:3b:99:47:4c:45:59:44:b5:72:5a:b5:b9:
41:f9:34:af:7d:b4:98:5d:ff:72:e2:a5:dc:9f:b2:
29:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:74:53:BF:34:B9:53:18:A0:40:B2:59:30:12:0A:14:A8:39:FC:7A
X509v3 Authority Key Identifier:
keyid:31:9B:31:44:F0:6A:8F:2B:30:D4:12:07:1F:E1:21:07:74:FE:86:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91971CB/010EB288808911EB8B505F20C4F9AE02/MZsxRPBqjysw1BIHH-EhB3T-huc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/MZsxRPBqjysw1BIHH-EhB3T-huc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91971CB/010EB288808911EB8B505F20C4F9AE02/27C29E5EF94411EDB4C6E91CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
185.207.8.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:7b:53:c3:6d:86:ce:27:23:ee:7f:be:49:7c:10:30:06:a4:
4e:e1:a6:d7:b4:c3:f8:d6:f4:7a:1a:0f:4d:a8:22:0e:86:7d:
a2:73:1e:28:1e:8d:59:5e:f7:df:08:9e:3a:3f:5d:b6:89:bf:
ea:ce:3e:be:41:a8:cd:54:05:f5:20:aa:2f:e6:04:19:45:7a:
1e:6c:f8:f8:5e:07:31:ca:68:df:2a:8c:a0:b3:3a:e5:f5:d4:
4d:57:6c:e7:9a:b8:1e:26:e1:83:5e:a2:ba:3f:b9:a2:f4:a2:
e9:ca:46:26:c6:45:5a:a1:94:a7:26:21:f6:84:ce:7c:82:5b:
a1:3b:db:bb:79:0e:5d:a2:67:81:43:ed:af:47:9b:b7:df:4c:
05:cb:a1:17:24:ec:f2:fc:6b:68:5c:1d:dc:43:26:a7:25:f8:
1b:89:81:3b:de:ab:58:1c:f1:9a:4e:71:8c:5f:3a:cb:15:e0:
6b:c5:47:dc:e5:5a:f9:90:f1:5e:e2:c6:a8:bb:40:fc:c5:58:
6a:09:46:a3:d5:47:8a:20:53:bf:3c:7e:38:4a:05:24:98:f8:
0e:3a:15:19:09:e4:85:2f:9d:6a:7c:bc:81:0b:ec:78:73:f6:
75:e0:3b:4d:d6:65:07:c8:70:de:25:10:d2:c9:98:58:90:36:
44:8b:1f:bf
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBkcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTcxQ0IxMTAvBgNVBAUTKDMxOUIzMTQ0RjA2QThGMkIzMEQ0MTIwNzFGRTEyMTA3
NzRGRTg2RTcwHhcNMjUwMjE2MTUyMDU1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2IyMDI1Ny00OTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApzhdRXKJTa/YZy0usaklVy2wV5csas7sMErkTxFyNC+71MTghXBWrxN26amF
+PWYTL/lEvNvoPM1WwFudb/sR180LqZ/rDKXENr/p5l3HpSwyUL6rFC6wovvGr2u
SsqWUf6xlFLVG33nyTQXbOj0Ey+HDim2jQjLWAD3d8s9Xn2b/FkXwhPuIK2oNPPI
Q2oBFtLCw0g5Qt3yuLAWITF+uwFFCf4OYjnk6VWFOk2EEmrXUbgKKIDBgBSzR2Ea
VelBMu7aF/VhmU8gktMJaE4tmeF2ZnF4sUoTf7qQxH3JF/RJ3WQ7mUdMRVlEtXJa
tblB+TSvfbSYXf9y4qXcn7IpuQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAR0U780
uVMYoECyWTASChSoOfx6MB8GA1UdIwQYMBaAFDGbMUTwao8rMNQSBx/hIQd0/obn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NzFDQi8wMTBFQjI4ODgw
ODkxMUVCOEI1MDVGMjBDNEY5QUUwMi9NWnN4UlBCcWp5c3cxQklISC1FaEIzVC1o
dWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL01ac3hSUEJxanlzdzFCSUhILUVoQjNULWh1Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTcxQ0IvMDEwRUIyODg4MDg5MTFFQjhCNTA1RjIwQzRGOUFFMDIvMjdDMjlFNUVG
OTQ0MTFFREI0QzZFOTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAK5zwgwDQYJKoZIhvcNAQELBQADggEBALB7U8Nths4nI+5/
vkl8EDAGpE7hpte0w/jW9HoaD02oIg6GfaJzHigejVle998Injo/XbaJv+rOPr5B
qM1UBfUgqi/mBBlFeh5s+PheBzHKaN8qjKCzOuX11E1XbOeauB4m4YNeoro/uaL0
ounKRibGRVqhlKcmIfaEznyCW6E727t5Dl2iZ4FD7a9Hm7ffTAXLoRck7PL8a2hc
HdxDJqcl+BuJgTveq1gc8ZpOcYxfOssV4GvFR9zlWvmQ8V7ixqi7QPzFWGoJRqPV
R4ogU788fjhKBSSY+A46FRkJ5IUvnWp8vIEL7Hhz9nXgO03WZQfIcN4lENLJmFiQ
NkSLH78=
-----END CERTIFICATE-----
Generated at Mon Apr 14 09:10:14 2025 by rpki-client