Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/3D331986E17211EFA5959B2FC4F9AE02.roa
File: 3D331986E17211EFA5959B2FC4F9AE02.roa (raw, json)
Hash identifier: c9azchd3zpY+xW9jIYIXi4nMNx42n/PmJQ0XhSYx2YM=
Subject key identifier: 15:4D:C5:45:24:6D:3D:9C:4D:0A:26:DB:5A:41:E5:98:A8:2A:66:FC
Certificate issuer: /CN=A91A3AB3/serialNumber=E4A94CFA8D2F9F5B39EF46350591CE312E514FB3
Certificate serial: 0246
Authority key identifier: E4:A9:4C:FA:8D:2F:9F:5B:39:EF:46:35:05:91:CE:31:2E:51:4F:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5KlM-o0vn1s570Y1BZHOMS5RT7M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/3D331986E17211EFA5959B2FC4F9AE02.roa
Signing time: Sun 02 Feb 2025 14:30:24 +0000
ROA not before: Sun 02 Feb 2025 14:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133504
IP address blocks: 2401:93e0:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/5KlM-o0vn1s570Y1BZHOMS5RT7M.crl
rsync://rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/5KlM-o0vn1s570Y1BZHOMS5RT7M.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5KlM-o0vn1s570Y1BZHOMS5RT7M.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 01:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 582 (0x246)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A3AB3
Validity
Not Before: Feb 2 14:30:24 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=679f8180-9c39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c4:ee:82:78:3d:58:53:14:be:13:03:be:43:
85:ba:3d:d2:e5:ea:d0:60:58:c6:db:f6:74:eb:e3:
c1:6d:54:60:14:26:33:a4:19:64:a3:90:d6:d5:cd:
ba:ea:67:5c:af:17:8b:0b:81:ab:dc:11:e9:f4:dc:
96:75:93:d1:0c:05:8e:c3:41:f5:71:9e:72:92:8d:
65:86:e7:8d:22:b1:9d:31:43:c8:53:2f:a6:a9:e2:
78:2e:18:6f:74:4e:ca:22:73:9e:e7:78:1d:e8:86:
bf:6d:6c:0c:dd:7e:d7:47:34:3b:f8:a9:5f:02:16:
b6:5a:be:e3:c8:e3:9a:8e:4b:22:8c:cb:2e:a7:db:
0a:5e:8b:6f:f1:4b:94:0e:bf:ef:56:c3:e0:83:91:
ae:08:7b:5a:d4:4f:40:8e:dc:63:2e:62:d9:ea:61:
96:2e:52:74:f7:44:fb:60:88:84:72:91:eb:35:22:
55:b5:e7:aa:c5:a1:ba:88:47:7f:f7:0f:13:e4:1d:
53:22:ac:1c:67:a9:85:26:86:25:a5:0d:b7:37:e1:
a9:42:ce:50:e8:2d:ba:ad:96:84:59:15:da:47:1a:
ec:74:50:33:29:2c:06:9e:97:b1:ac:8b:90:b0:a2:
b1:84:71:07:22:92:7a:65:6f:9e:94:25:05:e8:19:
a1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:4D:C5:45:24:6D:3D:9C:4D:0A:26:DB:5A:41:E5:98:A8:2A:66:FC
X509v3 Authority Key Identifier:
keyid:E4:A9:4C:FA:8D:2F:9F:5B:39:EF:46:35:05:91:CE:31:2E:51:4F:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/5KlM-o0vn1s570Y1BZHOMS5RT7M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5KlM-o0vn1s570Y1BZHOMS5RT7M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/3D331986E17211EFA5959B2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:93e0:5::/48
Signature Algorithm: sha256WithRSAEncryption
34:8c:30:0e:f1:1a:ec:cb:6c:a5:1d:01:be:35:37:b3:c2:cf:
6e:cd:52:e3:c0:7f:5f:fe:9a:cb:1b:1d:da:ca:d2:ac:b2:3c:
87:db:3f:a1:a8:47:4a:db:f5:10:72:e9:82:79:b7:49:57:8f:
38:6e:a3:29:ec:46:65:aa:44:96:7c:93:0a:79:dc:e0:93:09:
81:db:00:f9:3d:7e:e8:74:2a:51:ca:52:1c:3b:08:0f:7c:0f:
17:9a:11:88:a3:7f:fe:52:50:d2:51:30:c5:d0:5a:57:83:9c:
7d:59:cb:86:9b:0c:97:9c:ce:86:f6:24:5a:68:8d:55:cd:99:
ea:86:92:1e:22:5e:ff:ca:28:f9:65:6d:af:5e:c8:0e:45:01:
03:11:4e:70:34:d3:1d:fe:0c:f5:d6:8e:00:06:14:f7:36:d2:
8e:d9:22:53:25:3e:e7:13:ef:c5:bf:52:8b:b5:39:c6:67:16:
a3:89:e8:6d:b0:ec:8f:07:ae:7b:21:1f:ab:41:a4:78:ec:48:
a0:8c:51:9f:5a:df:4a:c2:21:4e:b8:f1:4a:24:de:c2:25:a5:
83:01:3d:63:75:0c:a9:73:4b:9c:6f:a6:94:2c:92:33:12:b3:
3f:6e:46:63:74:2a:1d:91:15:cd:23:51:4a:5b:e9:03:5e:ac:
78:42:0f:ba
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAkYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTNBQjMxMTAvBgNVBAUTKEU0QTk0Q0ZBOEQyRjlGNUIzOUVGNDYzNTA1OTFDRTMx
MkU1MTRGQjMwHhcNMjUwMjAyMTQzMDI0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzlmODE4MC05YzM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt8Tugng9WFMUvhMDvkOFuj3S5erQYFjG2/Z06+PBbVRgFCYzpBlko5DW1c26
6mdcrxeLC4Gr3BHp9NyWdZPRDAWOw0H1cZ5yko1lhueNIrGdMUPIUy+mqeJ4Lhhv
dE7KInOe53gd6Ia/bWwM3X7XRzQ7+KlfAha2Wr7jyOOajksijMsup9sKXotv8UuU
Dr/vVsPgg5GuCHta1E9AjtxjLmLZ6mGWLlJ090T7YIiEcpHrNSJVteeqxaG6iEd/
9w8T5B1TIqwcZ6mFJoYlpQ23N+GpQs5Q6C26rZaEWRXaRxrsdFAzKSwGnpexrIuQ
sKKxhHEHIpJ6ZW+elCUF6BmhNQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFBVNxUUk
bT2cTQom21pB5ZioKmb8MB8GA1UdIwQYMBaAFOSpTPqNL59bOe9GNQWRzjEuUU+z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0FCMy8wNUVEOTRDRTE5
NEMxMUVEQUQzOEYyMkJDNEY5QUUwMi81S2xNLW8wdm4xczU3MFkxQlpIT01TNVJU
N00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVLbE0tbzB2bjFzNTcwWTFCWkhPTVM1UlQ3TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTNBQjMvMDVFRDk0Q0UxOTRDMTFFREFEMzhGMjJCQzRGOUFFMDIvM0QzMzE5ODZF
MTcyMTFFRkE1OTU5QjJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAZPgAAUwDQYJKoZIhvcNAQELBQADggEBADSMMA7xGuzL
bKUdAb41N7PCz27NUuPAf1/+mssbHdrK0qyyPIfbP6GoR0rb9RBy6YJ5t0lXjzhu
oynsRmWqRJZ8kwp53OCTCYHbAPk9fuh0KlHKUhw7CA98DxeaEYijf/5SUNJRMMXQ
WleDnH1Zy4abDJeczob2JFpojVXNmeqGkh4iXv/KKPllba9eyA5FAQMRTnA00x3+
DPXWjgAGFPc20o7ZIlMlPucT78W/Uou1OcZnFqOJ6G2w7I8HrnshH6tBpHjsSKCM
UZ9a30rCIU648Uok3sIlpYMBPWN1DKlzS5xvppQskjMSsz9uRmN0Kh2RFc0jUUpb
6QNerHhCD7o=
-----END CERTIFICATE-----
Generated at Fri Apr 11 08:36:43 2025 by rpki-client