Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/D0BE1D2AE0E111ECBFF27B44C4F9AE02.roa
File: D0BE1D2AE0E111ECBFF27B44C4F9AE02.roa (raw, json)
Hash identifier: aCiTo8r6/YizGBxfvK+82W96JeKhKg5t3eb9WI+OofU=
Subject key identifier: 6D:82:40:11:16:42:48:19:DD:7F:1F:CE:F4:51:63:8F:53:30:95:B3
Certificate issuer: /CN=A919A713/serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B
Certificate serial: 02D9
Authority key identifier: 24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/D0BE1D2AE0E111ECBFF27B44C4F9AE02.roa
Signing time: Fri 31 Jan 2025 01:44:57 +0000
ROA not before: Fri 31 Jan 2025 01:44:57 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 23477
IP address blocks: 168.153.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl
rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 01:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 729 (0x2d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919A713, serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B
Validity
Not Before: Jan 31 01:44:57 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679c2b18-97e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:17:10:4d:0f:37:5b:8d:27:77:11:33:5a:ca:
4f:9c:d3:66:d7:13:31:f9:4b:6b:39:33:2c:21:3a:
de:19:03:07:dc:b5:96:35:38:04:df:95:78:fc:f4:
a2:b2:04:a9:52:cb:d8:8f:75:f0:e6:f9:e9:7d:84:
07:a3:a2:3b:57:45:7b:f5:11:f6:4f:5b:c0:cc:b1:
b1:51:53:30:a0:48:2a:d8:d0:fe:ba:b3:33:23:21:
04:36:ef:3d:5c:32:24:9f:c7:eb:63:8d:d7:29:8b:
9a:71:0b:50:a4:de:a7:21:83:71:53:08:5c:fc:b9:
2a:65:d6:43:08:cc:cb:c5:d1:60:29:51:29:45:d3:
74:b6:7a:97:a0:af:d1:b5:7b:e9:1b:0a:87:57:25:
4a:11:da:3f:93:a8:d9:d6:6c:28:ee:48:ff:79:3b:
6e:58:e9:3b:28:d7:f1:7e:a8:a8:70:e5:35:62:04:
95:44:a9:20:e8:a0:97:4c:11:28:ca:85:dd:8c:2c:
04:97:87:6d:2e:be:a5:d7:83:3d:31:36:f2:85:bf:
cd:b5:07:18:5a:6c:5a:37:da:0e:11:e2:f4:97:e1:
51:99:9f:80:c1:75:02:76:d2:44:33:0f:e7:cd:63:
5f:d5:45:72:5f:98:51:d8:2c:11:c6:c5:dd:7b:83:
49:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:82:40:11:16:42:48:19:DD:7F:1F:CE:F4:51:63:8F:53:30:95:B3
X509v3 Authority Key Identifier:
keyid:24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/D0BE1D2AE0E111ECBFF27B44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
168.153.100.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:f9:d2:79:52:25:cf:fd:13:d8:39:3e:49:3e:ec:5e:15:12:
97:80:26:50:6e:03:b6:29:0a:60:38:22:ad:05:87:25:5d:bc:
ba:da:83:07:33:eb:36:06:ef:bf:a6:92:72:5c:60:1c:57:c2:
3a:aa:de:cf:00:ad:da:bb:ae:2f:b0:fb:27:95:cb:d8:db:91:
fc:39:38:99:5d:2d:9f:28:38:1b:6f:1b:83:c2:8c:40:2f:ff:
05:f0:b2:90:e3:c8:92:4d:90:5a:c8:a1:03:d5:6b:18:67:a9:
01:cf:f4:68:23:d4:7c:6e:f4:0b:b3:2f:b2:ad:1d:4f:1c:2b:
e9:50:c2:bb:85:77:4a:50:07:cb:21:59:e5:da:76:e2:a2:68:
ee:9f:29:bc:2d:a7:54:54:30:05:f4:60:4a:d8:4a:15:70:8b:
73:02:29:36:de:e6:67:35:32:cc:81:9e:f8:38:02:de:a5:da:
0e:2e:1f:8b:2e:82:c0:bb:e3:82:05:75:02:f6:eb:9c:da:76:
c1:1f:80:ea:02:fa:59:0c:c4:50:30:59:60:30:ed:81:bc:62:
ef:04:19:56:ab:42:bc:bf:cd:a2:d3:16:23:84:6e:48:e7:4b:
c3:44:4e:35:dc:cb:89:f3:d1:45:23:dd:66:19:60:71:1b:bb:
68:ad:17:bb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAtkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUE3MTMxMTAvBgNVBAUTKDI0QzhCQkY5MzBDRDJEMTIzOTlBQkRGOUM5Q0FCMTRC
MUNENzlGNkIwHhcNMjUwMTMxMDE0NDU3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljMmIxOC05N2U5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArBcQTQ83W40ndxEzWspPnNNm1xMx+UtrOTMsITreGQMH3LWWNTgE35V4/PSi
sgSpUsvYj3Xw5vnpfYQHo6I7V0V79RH2T1vAzLGxUVMwoEgq2ND+urMzIyEENu89
XDIkn8frY43XKYuacQtQpN6nIYNxUwhc/LkqZdZDCMzLxdFgKVEpRdN0tnqXoK/R
tXvpGwqHVyVKEdo/k6jZ1mwo7kj/eTtuWOk7KNfxfqiocOU1YgSVRKkg6KCXTBEo
yoXdjCwEl4dtLr6l14M9MTbyhb/NtQcYWmxaN9oOEeL0l+FRmZ+AwXUCdtJEMw/n
zWNf1UVyX5hR2CwRxsXde4NJPwIDAQABo4IClTCCApEwHQYDVR0OBBYEFG2CQBEW
QkgZ3X8fzvRRY49TMJWzMB8GA1UdIwQYMBaAFCTIu/kwzS0SOZq9+cnKsUsc159r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTcxMy8zNDk5NENCNEUw
REExMUVDOTRDN0UwNjJDNEY5QUUwMi9KTWk3LVRETkxSSTVtcjM1eWNxeFN4elhu
MnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0pNaTctVEROTFJJNW1yMzV5Y3F4U3h6WG4ycy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUE3MTMvMzQ5OTRDQjRFMERBMTFFQzk0QzdFMDYyQzRGOUFFMDIvRDBCRTFEMkFF
MEUxMTFFQ0JGRjI3QjQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAComWQwDQYJKoZIhvcNAQELBQADggEBAL350nlSJc/9E9g5
Pkk+7F4VEpeAJlBuA7YpCmA4Iq0FhyVdvLragwcz6zYG77+mknJcYBxXwjqq3s8A
rdq7ri+w+yeVy9jbkfw5OJldLZ8oOBtvG4PCjEAv/wXwspDjyJJNkFrIoQPVaxhn
qQHP9Ggj1Hxu9AuzL7KtHU8cK+lQwruFd0pQB8shWeXaduKiaO6fKbwtp1RUMAX0
YErYShVwi3MCKTbe5mc1MsyBnvg4At6l2g4uH4sugsC744IFdQL265zadsEfgOoC
+lkMxFAwWWAw7YG8Yu8EGVarQry/zaLTFiOEbkjnS8NETjXcy4nz0UUj3WYZYHEb
u2itF7s=
-----END CERTIFICATE-----
Generated at Mon Apr 14 05:53:03 2025 by rpki-client