
Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/554A2D46AB0A11EF96A1610EC4F9AE02.roa
File: 554A2D46AB0A11EF96A1610EC4F9AE02.roa (raw, json)
Hash identifier: wHn/FbmJ8bEjVLb3f8+b53QMjb4dDN2bdVjnX229qdA=
Subject key identifier: 86:D0:24:41:E4:A8:62:3A:91:D7:8E:76:B8:79:77:FF:E4:67:AD:97
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 043F
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/554A2D46AB0A11EF96A1610EC4F9AE02.roa
Signing time: Mon 25 Nov 2024 08:50:34 +0000
ROA not before: Mon 25 Nov 2024 08:50:34 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 153403
IP address blocks: 160.191.166.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 14:32:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1087 (0x43f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Nov 25 08:50:34 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67443a5a-5017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:26:eb:75:7b:67:1e:cf:30:3e:a8:a5:07:ab:
48:6b:ac:d7:ff:d3:67:8c:ee:cd:ed:d9:42:d4:77:
35:10:33:7b:69:b3:ea:d2:4b:b0:52:5c:20:f3:7b:
c5:3d:ad:df:c0:97:95:82:29:5d:91:0b:44:5d:d9:
cb:6b:ef:01:ac:85:63:a2:48:4b:b3:fe:24:2a:dd:
88:73:fa:85:8a:4b:c4:08:41:15:24:8c:ab:02:e1:
bf:54:2f:a3:f0:4b:53:9c:11:94:28:90:51:bf:ce:
d0:18:28:77:b3:ef:ca:2c:3c:3d:eb:89:19:cf:46:
76:53:e2:30:ba:97:61:cf:14:af:3b:b9:74:cc:eb:
1c:65:9c:09:8b:d0:b4:3b:a8:40:fb:a3:fa:30:11:
0f:2f:03:b8:2f:07:08:7a:f4:0d:72:68:79:aa:61:
f1:18:f2:87:a1:be:99:35:c0:be:19:c1:5a:7a:25:
00:56:84:34:3b:06:9d:c9:25:d0:90:e2:3b:78:d5:
06:bf:49:6e:a4:22:00:b0:4a:1c:19:fd:0f:8e:3a:
f3:fa:64:60:d1:62:d2:4b:15:26:cc:c3:9a:de:a6:
ab:9c:33:e1:46:36:89:89:d9:9c:d0:85:bb:79:70:
4d:cc:60:52:5d:09:e7:63:0c:18:88:74:8f:8a:45:
00:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D0:24:41:E4:A8:62:3A:91:D7:8E:76:B8:79:77:FF:E4:67:AD:97
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/554A2D46AB0A11EF96A1610EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.191.166.0/23
Signature Algorithm: sha256WithRSAEncryption
68:2c:c1:5e:55:b4:42:cd:3a:64:5f:f9:24:52:84:e9:8a:b5:
4d:35:21:e6:98:6c:41:8c:0d:92:63:be:5f:f1:e0:c3:71:ad:
bd:b2:51:f0:8d:44:3c:1a:65:34:38:f5:5e:7e:26:3a:1b:11:
3b:d8:ea:10:46:a9:6d:f6:a0:8f:68:d7:9e:b3:a9:f8:90:ce:
e8:ad:d5:d2:68:4e:6d:f4:54:21:4f:42:c2:bc:0c:c5:20:20:
b4:4e:63:96:dc:9b:c8:c6:b0:6c:c0:62:48:53:eb:b5:c1:47:
8d:b5:eb:c2:ed:4f:64:dc:7d:8d:1f:2b:1a:b9:24:58:4d:9b:
ec:32:a8:2a:a2:a0:08:8b:2d:eb:64:cd:dc:5a:b1:f1:6e:75:
fc:ec:4b:1b:be:42:04:89:11:66:89:ad:45:cb:42:b2:78:8a:
b4:72:9e:2a:73:85:62:78:4a:be:28:c3:86:4c:68:2a:19:fe:
71:c6:5e:ec:38:f5:18:f8:a3:c5:b8:9f:f7:58:0c:70:de:82:
26:27:8d:7b:33:91:a8:fe:76:41:26:4c:ea:f1:5d:7c:6c:53:
18:a7:99:e5:a7:20:a6:4a:1f:72:20:b6:a2:66:d6:f7:bc:10:
c6:f7:34:be:77:1f:c0:58:c3:69:b5:1c:cd:b1:96:25:a3:3a:
0f:c6:8b:3f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBD8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjQxMTI1MDg1MDM0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ0M2E1YS01MDE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0CbrdXtnHs8wPqilB6tIa6zX/9NnjO7N7dlC1Hc1EDN7abPq0kuwUlwg83vF
Pa3fwJeVgildkQtEXdnLa+8BrIVjokhLs/4kKt2Ic/qFikvECEEVJIyrAuG/VC+j
8EtTnBGUKJBRv87QGCh3s+/KLDw964kZz0Z2U+IwupdhzxSvO7l0zOscZZwJi9C0
O6hA+6P6MBEPLwO4LwcIevQNcmh5qmHxGPKHob6ZNcC+GcFaeiUAVoQ0OwadySXQ
kOI7eNUGv0lupCIAsEocGf0Pjjrz+mRg0WLSSxUmzMOa3qarnDPhRjaJidmc0IW7
eXBNzGBSXQnnYwwYiHSPikUAdwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIbQJEHk
qGI6kdeOdrh5d//kZ62XMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvNTU0QTJENDZB
QjBBMTFFRjk2QTE2MTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGgv6YwDQYJKoZIhvcNAQELBQADggEBAGgswV5VtELNOmRf
+SRShOmKtU01IeaYbEGMDZJjvl/x4MNxrb2yUfCNRDwaZTQ49V5+JjobETvY6hBG
qW32oI9o156zqfiQzuit1dJoTm30VCFPQsK8DMUgILROY5bcm8jGsGzAYkhT67XB
R42168LtT2TcfY0fKxq5JFhNm+wyqCqioAiLLetkzdxasfFudfzsSxu+QgSJEWaJ
rUXLQrJ4irRynipzhWJ4Sr4ow4ZMaCoZ/nHGXuw49Rj4o8W4n/dYDHDegiYnjXsz
kaj+dkEmTOrxXXxsUxinmeWnIKZKH3IgtqJm1ve8EMb3NL53H8BYw2m1HM2xliWj
Og/Giz8=
-----END CERTIFICATE-----
Generated at Sun Apr 13 13:35:04 2025 by rpki-client