Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/593105685BB711EE8E69584CC4F9AE02.roa
File: 593105685BB711EE8E69584CC4F9AE02.roa (raw, json)
Hash identifier: lkS26BT0D3kjQ+vvaIE4qPZCY0e62oxAQkxFZOHBmsQ=
Subject key identifier: E1:A1:FB:C4:A7:3C:89:A2:97:AB:A9:9D:A1:E9:B0:5B:09:CD:AD:71
Certificate issuer: /CN=A9198996/serialNumber=692135608683755E94D8ECA57D8B0B358ECE1718
Certificate serial: 02F9
Authority key identifier: 69:21:35:60:86:83:75:5E:94:D8:EC:A5:7D:8B:0B:35:8E:CE:17:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aSE1YIaDdV6U2OylfYsLNY7OFxg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/593105685BB711EE8E69584CC4F9AE02.roa
Signing time: Wed 18 Dec 2024 07:15:33 +0000
ROA not before: Wed 18 Dec 2024 07:15:33 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 132088
IP address blocks: 2402:e940:20::/44 maxlen: 44
2402:e940:30::/44 maxlen: 44
2402:e940:40::/44 maxlen: 44
2402:e940:60::/44 maxlen: 44
2402:e940:70::/44 maxlen: 44
2402:e940:80::/44 maxlen: 44
2402:e940:90::/44 maxlen: 44
2402:e940:a0::/44 maxlen: 44
2402:e940:b0::/44 maxlen: 44
2402:e940:c0::/44 maxlen: 44
2402:e940:d0::/44 maxlen: 44
2402:e940:e0::/44 maxlen: 44
2402:e940:f0::/44 maxlen: 44
2402:e940:100::/44 maxlen: 44
2402:e940:110::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/aSE1YIaDdV6U2OylfYsLNY7OFxg.crl
rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/aSE1YIaDdV6U2OylfYsLNY7OFxg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aSE1YIaDdV6U2OylfYsLNY7OFxg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 00:53:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 761 (0x2f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9198996, serialNumber=692135608683755E94D8ECA57D8B0B358ECE1718
Validity
Not Before: Dec 18 07:15:33 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67627695-a7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7c:59:25:b6:bd:4a:a9:2c:ca:09:10:75:3e:
e1:9f:94:0f:4c:49:c1:35:35:d3:ec:56:4f:c5:a0:
d1:15:8e:35:7d:1e:19:52:70:d4:b1:07:50:f2:0c:
b0:ee:d0:57:59:57:65:5e:78:aa:58:99:59:66:ea:
81:c1:13:1a:2e:84:9b:0d:6e:ed:50:95:16:b5:ba:
f2:4c:f4:d9:a1:cd:1e:89:28:a9:7d:f2:f1:5e:d8:
aa:31:bc:c2:48:72:4d:0f:63:56:25:83:1f:e8:5e:
00:0f:c7:43:90:46:2b:c4:bb:ed:37:05:66:2b:d7:
69:4e:34:1c:dd:70:c5:0b:07:e1:b4:81:02:23:cb:
c1:88:61:84:8a:8a:de:38:dd:c1:9d:cc:5c:1f:10:
8e:e0:f1:43:86:a2:21:7d:0c:b0:fe:7f:99:66:f0:
85:51:e0:ff:22:6d:e7:87:52:47:dd:e2:da:8c:b7:
0b:89:24:7b:b8:94:b3:9e:a3:7e:4e:a3:23:2f:68:
ef:43:0f:03:d0:cf:13:6f:53:0c:0f:10:6e:bb:ae:
36:1f:c5:bb:88:54:1e:bf:4e:a0:17:13:87:85:10:
c5:61:f4:84:fd:5a:5b:08:a5:27:61:61:f0:a2:8a:
11:5e:7c:79:73:9c:cd:84:02:52:75:62:9f:8d:46:
9d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A1:FB:C4:A7:3C:89:A2:97:AB:A9:9D:A1:E9:B0:5B:09:CD:AD:71
X509v3 Authority Key Identifier:
keyid:69:21:35:60:86:83:75:5E:94:D8:EC:A5:7D:8B:0B:35:8E:CE:17:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/aSE1YIaDdV6U2OylfYsLNY7OFxg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aSE1YIaDdV6U2OylfYsLNY7OFxg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/593105685BB711EE8E69584CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:e940:20::-2402:e940:4f:ffff:ffff:ffff:ffff:ffff
2402:e940:60::-2402:e940:11f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9f:41:19:2e:d1:a8:ba:5f:f5:ce:e3:40:dd:64:f6:3d:2d:88:
ef:a7:9f:91:27:41:ba:39:9d:08:b3:75:ff:67:52:86:b3:a2:
a7:50:67:5e:de:16:4d:f0:83:12:d8:e8:6b:94:c5:12:e0:c7:
11:d5:01:4a:e5:8b:b7:18:18:e9:1d:d2:01:32:65:a6:b0:04:
9d:4b:be:c2:85:90:fa:b6:78:82:d4:03:52:ab:da:2b:ea:53:
ea:b5:62:91:d1:3a:c2:57:c1:96:c2:c8:ab:3e:62:4e:7d:2a:
b2:ee:c3:88:e8:f1:06:93:29:80:80:8c:72:a8:52:e6:ee:ed:
16:6d:cb:45:f0:9a:64:a4:ae:b5:0f:50:12:f3:9a:93:0b:9c:
bb:d5:f7:80:01:92:6d:1f:4e:27:c7:d1:1a:35:cc:a1:86:c1:
47:d8:53:cc:6c:2c:d5:36:85:78:22:e6:f7:cc:aa:19:71:7f:
78:47:e2:32:b8:ca:37:11:bb:54:05:47:89:95:7d:d5:42:98:
f4:98:6e:28:64:99:72:d2:67:ce:fd:d5:09:86:a6:36:1d:72:
27:23:e9:58:4d:bf:40:d8:82:41:63:2d:a1:aa:bf:b2:00:12:
88:4a:15:63:b3:e6:a1:eb:c2:59:95:c8:0c:c7:08:ed:2c:e1:
2c:cc:2a:8d
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICAvkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTg5OTYxMTAvBgNVBAUTKDY5MjEzNTYwODY4Mzc1NUU5NEQ4RUNBNTdEOEIwQjM1
OEVDRTE3MTgwHhcNMjQxMjE4MDcxNTMzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyNzY5NS1hN2FjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAznxZJba9SqksygkQdT7hn5QPTEnBNTXT7FZPxaDRFY41fR4ZUnDUsQdQ8gyw
7tBXWVdlXniqWJlZZuqBwRMaLoSbDW7tUJUWtbryTPTZoc0eiSipffLxXtiqMbzC
SHJND2NWJYMf6F4AD8dDkEYrxLvtNwVmK9dpTjQc3XDFCwfhtIECI8vBiGGEiore
ON3BncxcHxCO4PFDhqIhfQyw/n+ZZvCFUeD/Im3nh1JH3eLajLcLiSR7uJSznqN+
TqMjL2jvQw8D0M8Tb1MMDxBuu642H8W7iFQev06gFxOHhRDFYfSE/VpbCKUnYWHw
oooRXnx5c5zNhAJSdWKfjUadzQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFOGh+8Sn
PImil6upnaHpsFsJza1xMB8GA1UdIwQYMBaAFGkhNWCGg3VelNjspX2LCzWOzhcY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODk5Ni82NjAzMEY1RUQw
NjAxMUVDQkE0MEZDODNDNEY5QUUwMi9hU0UxWUlhRGRWNlUyT3lsZllzTE5ZN09G
eGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FTRTFZSWFEZFY2VTJPeWxmWXNMTlk3T0Z4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTg5OTYvNjYwMzBGNUVEMDYwMTFFQ0JBNDBGQzgzQzRGOUFFMDIvNTkzMTA1Njg1
QkI3MTFFRThFNjk1ODRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMC4EAgACMCgwEgMHBSQC6UAAIAMHBCQC6UAAQDASAwcFJALpQABgAwcFJALp
QAEAMA0GCSqGSIb3DQEBCwUAA4IBAQCfQRku0ai6X/XO40DdZPY9LYjvp5+RJ0G6
OZ0Is3X/Z1KGs6KnUGde3hZN8IMS2OhrlMUS4McR1QFK5Yu3GBjpHdIBMmWmsASd
S77ChZD6tniC1ANSq9or6lPqtWKR0TrCV8GWwsirPmJOfSqy7sOI6PEGkymAgIxy
qFLm7u0WbctF8JpkpK61D1AS85qTC5y71feAAZJtH04nx9EaNcyhhsFH2FPMbCzV
NoV4Iub3zKoZcX94R+IyuMo3EbtUBUeJlX3VQpj0mG4oZJly0mfO/dUJhqY2HXIn
I+lYTb9A2IJBYy2hqr+yABKIShVjs+ah68JZlcgMxwjtLOEszCqN
-----END CERTIFICATE-----
Generated at Mon Apr 14 15:19:49 2025 by rpki-client