Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9197724/5F9C6B92904D11EFA1103864C4F9AE02/B5907D4E904E11EFA704CB22C4F9AE02.roa
File: B5907D4E904E11EFA704CB22C4F9AE02.roa (raw, json)
Hash identifier: 6wPxK2kdtgMpw3LNHlmnVo9Jz/VjEWx8dJSDP8encJs=
Subject key identifier: 7A:35:F4:C6:6F:87:24:70:F6:E5:28:46:09:61:9D:90:86:2A:03:E4
Certificate issuer: /CN=A9197724/serialNumber=196828A821F416ABA9CECC31AA71A303F4214778
Certificate serial: 03
Authority key identifier: 19:68:28:A8:21:F4:16:AB:A9:CE:CC:31:AA:71:A3:03:F4:21:47:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GWgoqCH0FqupzswxqnGjA_QhR3g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9197724/5F9C6B92904D11EFA1103864C4F9AE02/B5907D4E904E11EFA704CB22C4F9AE02.roa
Signing time: Tue 22 Oct 2024 08:22:00 +0000
ROA not before: Tue 22 Oct 2024 08:22:00 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 153361
IP address blocks: 2001:df4:62c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9197724/5F9C6B92904D11EFA1103864C4F9AE02/GWgoqCH0FqupzswxqnGjA_QhR3g.crl
rsync://rpki.apnic.net/member_repository/A9197724/5F9C6B92904D11EFA1103864C4F9AE02/GWgoqCH0FqupzswxqnGjA_QhR3g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GWgoqCH0FqupzswxqnGjA_QhR3g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 05:51:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9197724, serialNumber=196828A821F416ABA9CECC31AA71A303F4214778
Validity
Not Before: Oct 22 08:22:00 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=671760a8-9203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:6b:eb:e3:8d:a3:79:3d:a3:68:27:75:f5:70:
a7:fb:fc:22:45:19:af:8c:0f:51:09:78:e7:91:a6:
08:77:2c:27:5c:79:2d:16:8d:b0:d4:4c:27:25:67:
68:e7:9c:2e:a5:cc:d3:cd:72:84:dc:be:93:0c:ba:
1b:70:8c:f1:7d:06:f0:7a:0c:7c:cb:c6:d3:f4:12:
cf:29:ff:7e:8e:95:7b:f2:52:3c:94:5d:d4:68:e2:
43:1e:db:51:bb:07:8e:cb:07:62:4c:06:5c:eb:bc:
a9:8a:66:fa:9a:f2:07:26:ab:30:35:58:41:2e:33:
cd:4d:60:dd:c0:8b:a3:d7:66:35:f3:59:0b:e7:3e:
7c:6d:03:de:d7:0d:f3:bb:89:33:df:4a:b3:fd:6d:
59:1e:4f:35:53:ed:b3:5b:eb:3a:f4:f5:aa:98:29:
d9:84:16:82:a8:8d:c6:91:17:90:fe:c9:9e:50:0a:
0c:11:5d:d4:61:e5:99:fc:5a:f9:e9:6d:79:73:c2:
f7:97:c3:99:3a:a7:b4:9f:f8:0b:fa:ec:b7:32:e3:
10:04:32:fd:ce:95:15:b6:fc:8c:f2:d9:96:3d:45:
ea:40:57:3c:d0:2a:a1:d8:3d:c8:99:5a:03:ab:d4:
a4:00:41:d9:bc:a3:50:92:e3:8f:a0:54:9d:8a:3d:
01:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:35:F4:C6:6F:87:24:70:F6:E5:28:46:09:61:9D:90:86:2A:03:E4
X509v3 Authority Key Identifier:
keyid:19:68:28:A8:21:F4:16:AB:A9:CE:CC:31:AA:71:A3:03:F4:21:47:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9197724/5F9C6B92904D11EFA1103864C4F9AE02/GWgoqCH0FqupzswxqnGjA_QhR3g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GWgoqCH0FqupzswxqnGjA_QhR3g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9197724/5F9C6B92904D11EFA1103864C4F9AE02/B5907D4E904E11EFA704CB22C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:62c0::/48
Signature Algorithm: sha256WithRSAEncryption
02:0e:9a:89:2e:99:0b:9d:16:d3:86:a0:84:90:28:bc:69:0b:
99:34:b3:ac:eb:7b:ad:ab:c1:31:b8:f5:97:0e:6b:85:d5:29:
a7:50:6f:c3:a7:5f:f7:18:3d:54:e2:2b:02:37:d5:3d:33:84:
48:fd:34:70:7f:9e:e6:64:bc:1d:37:21:b1:a4:7f:e3:9d:42:
97:be:56:7d:45:c1:8b:38:4b:a7:fd:0e:84:0d:bb:0c:12:37:
f8:f2:7b:95:97:79:c3:37:76:5a:64:fb:29:65:ad:24:3a:4e:
fc:5a:38:92:5b:8b:57:a3:55:0c:a4:5c:42:e2:5e:38:0c:f5:
9e:1a:46:bb:a5:50:bd:99:dd:bc:35:75:d4:e9:02:f2:ac:1e:
f1:84:e9:07:44:5c:da:7e:81:e6:7d:fe:2e:27:bc:07:bd:0c:
f2:50:fb:41:07:3a:6c:40:1a:1e:ba:86:b5:f4:b8:28:c2:d8:
07:67:7a:22:5b:0d:fe:f7:e4:c3:ea:47:dd:3f:8f:96:15:26:
83:f2:4c:35:64:0f:08:86:74:28:21:ad:83:5e:3d:db:77:47:
56:96:5f:23:53:be:d0:0b:b8:14:a2:58:38:be:92:5c:e9:fb:
82:9e:d1:8d:d6:bd:de:3e:00:d4:3c:6b:b6:1b:79:0f:63:1f:
01:22:34:7c
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NzcyNDExMC8GA1UEBRMoMTk2ODI4QTgyMUY0MTZBQkE5Q0VDQzMxQUE3MUEzMDNG
NDIxNDc3ODAeFw0yNDEwMjIwODIyMDBaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MTc2MGE4LTkyMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDqa+vjjaN5PaNoJ3X1cKf7/CJFGa+MD1EJeOeRpgh3LCdceS0WjbDUTCclZ2jn
nC6lzNPNcoTcvpMMuhtwjPF9BvB6DHzLxtP0Es8p/36OlXvyUjyUXdRo4kMe21G7
B47LB2JMBlzrvKmKZvqa8gcmqzA1WEEuM81NYN3Ai6PXZjXzWQvnPnxtA97XDfO7
iTPfSrP9bVkeTzVT7bNb6zr09aqYKdmEFoKojcaRF5D+yZ5QCgwRXdRh5Zn8Wvnp
bXlzwveXw5k6p7Sf+Av67Lcy4xAEMv3OlRW2/Izy2ZY9RepAVzzQKqHYPciZWgOr
1KQAQdm8o1CS44+gVJ2KPQExAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUejX0xm+H
JHD25ShGCWGdkIYqA+QwHwYDVR0jBBgwFoAUGWgoqCH0FqupzswxqnGjA/QhR3gw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3NzI0LzVGOUM2QjkyOTA0
RDExRUZBMTEwMzg2NEM0RjlBRTAyL0dXZ29xQ0gwRnF1cHpzd3hxbkdqQV9RaFIz
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR1dnb3FDSDBGcXVwenN3eHFuR2pBX1FoUjNnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NzcyNC81RjlDNkI5MjkwNEQxMUVGQTExMDM4NjRDNEY5QUUwMi9CNTkwN0Q0RTkw
NEUxMUVGQTcwNENCMjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfRiwDANBgkqhkiG9w0BAQsFAAOCAQEAAg6aiS6ZC50W
04aghJAovGkLmTSzrOt7ravBMbj1lw5rhdUpp1Bvw6df9xg9VOIrAjfVPTOESP00
cH+e5mS8HTchsaR/451Cl75WfUXBizhLp/0OhA27DBI3+PJ7lZd5wzd2WmT7KWWt
JDpO/Fo4kluLV6NVDKRcQuJeOAz1nhpGu6VQvZndvDV11OkC8qwe8YTpB0Rc2n6B
5n3+Lie8B70M8lD7QQc6bEAaHrqGtfS4KMLYB2d6IlsN/vfkw+pH3T+PlhUmg/JM
NWQPCIZ0KCGtg14923dHVpZfI1O+0Au4FKJYOL6SXOn7gp7Rjda93j4A1Dxrtht5
D2MfASI0fA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 22:38:23 2025 by rpki-client