Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/08347C420BFB11EDA31A0961C4F9AE02.roa
File: 08347C420BFB11EDA31A0961C4F9AE02.roa (raw, json)
Hash identifier: iBQaFzR8EsNKfOhQyR2WaqwTnXNt65iEA7xvcPEERlo=
Subject key identifier: A5:76:96:38:19:32:A6:45:66:2A:E5:02:D3:3C:2C:3A:B7:55:54:59
Certificate issuer: /CN=A91AA48F/serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503
Certificate serial: 3437
Authority key identifier: BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/08347C420BFB11EDA31A0961C4F9AE02.roa
Signing time: Mon 02 Sep 2024 14:50:50 +0000
ROA not before: Mon 02 Sep 2024 14:50:50 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 9506
IP address blocks: 111.65.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl
rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 14:39:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13367 (0x3437)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AA48F
Validity
Not Before: Sep 2 14:50:50 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d5d0ca-94a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:01:a9:b5:95:cc:2e:aa:8c:b7:02:03:f4:5a:
63:af:36:d0:90:94:f1:14:37:7f:5b:09:7b:cc:37:
aa:30:71:8b:e6:bc:c1:0a:c4:c8:83:e9:df:3e:a6:
b8:be:f4:e1:98:67:41:b2:77:61:ee:ad:45:49:91:
61:6e:b7:7d:66:5c:9c:da:8f:e1:c9:b7:66:90:37:
09:44:e1:d5:b5:2e:61:21:62:9e:d0:63:b8:c4:ab:
29:f4:03:70:3d:63:9c:61:24:33:7a:3e:63:79:74:
52:be:01:43:5f:5e:3c:13:e0:0e:e1:0c:46:90:75:
d4:08:b6:1e:ed:57:01:26:7c:e9:ee:88:7f:2f:75:
05:14:62:f7:86:66:79:ac:cc:45:e7:0c:d1:06:28:
5e:d4:e8:03:8f:68:ea:a5:bc:2b:a6:ab:d9:5a:83:
d6:99:a7:bc:bb:03:75:0b:1b:c8:e5:05:28:81:35:
d6:39:04:b9:ae:6a:e9:0d:f5:01:b9:d2:f5:79:b0:
91:25:ab:54:0a:fb:3d:5c:25:2c:10:ca:de:a9:4f:
b0:af:fc:e7:a6:9f:4f:b2:d6:fe:35:b5:cd:9d:ab:
d2:d2:fb:16:ae:85:3b:fc:70:6c:34:48:d5:74:9d:
5d:6a:99:d7:44:14:ba:a7:cf:9e:1a:da:ee:1a:98:
a5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:76:96:38:19:32:A6:45:66:2A:E5:02:D3:3C:2C:3A:B7:55:54:59
X509v3 Authority Key Identifier:
keyid:BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/08347C420BFB11EDA31A0961C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.65.101.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:dd:68:2d:4b:f7:6a:56:25:4d:76:1e:fc:c5:87:de:96:25:
88:59:35:e8:46:91:28:c6:f2:db:d0:86:08:2a:b4:e9:71:d0:
26:a3:09:5c:49:ac:82:5b:77:22:db:b9:a7:e4:2b:f2:26:1b:
a8:ee:a6:c4:31:af:99:ec:a1:02:5a:15:4a:3e:c2:58:c5:0b:
79:f9:0e:29:e9:b7:70:c8:a0:a9:f7:25:d0:80:b1:2e:45:a3:
c6:50:aa:3f:b7:70:d4:b2:84:20:9c:d1:12:67:77:ec:82:8c:
65:8d:f7:0b:bb:c8:3e:72:f0:f4:f9:5a:c0:85:83:42:d4:61:
af:04:eb:61:31:8f:c8:e4:06:c4:6a:a5:50:55:d5:87:50:a9:
76:bf:ae:dd:bc:e0:44:2e:60:2e:b9:db:09:1b:f4:d2:7f:ec:
65:a8:54:fc:9a:78:5f:74:29:01:86:8e:2a:c1:ce:91:2e:51:
83:88:24:a7:c7:12:5f:4f:af:12:16:07:9f:dc:40:60:cd:5d:
08:2c:8c:ce:62:3d:1b:d1:3f:23:98:32:09:a3:3d:7b:b8:97:
6d:87:6d:0a:e3:f3:3a:95:2c:b8:99:12:3b:8e:bf:a9:50:e7:
94:ed:d9:1b:03:78:2e:3f:51:20:00:d9:18:e7:a6:80:92:e7:
3d:80:83:ee
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNDcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUE0OEYxMTAvBgNVBAUTKEJFMEU3QTg5MEY3MjgxQzY1NDYzMkU4QkU4MEVCQkY5
RkZCNTY1MDMwHhcNMjQwOTAyMTQ1MDUwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ1ZDBjYS05NGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqAGptZXMLqqMtwID9FpjrzbQkJTxFDd/Wwl7zDeqMHGL5rzBCsTIg+nfPqa4
vvThmGdBsndh7q1FSZFhbrd9Zlyc2o/hybdmkDcJROHVtS5hIWKe0GO4xKsp9ANw
PWOcYSQzej5jeXRSvgFDX148E+AO4QxGkHXUCLYe7VcBJnzp7oh/L3UFFGL3hmZ5
rMxF5wzRBihe1OgDj2jqpbwrpqvZWoPWmae8uwN1CxvI5QUogTXWOQS5rmrpDfUB
udL1ebCRJatUCvs9XCUsEMreqU+wr/znpp9Pstb+NbXNnavS0vsWroU7/HBsNEjV
dJ1dapnXRBS6p8+eGtruGpil5QIDAQABo4IClTCCApEwHQYDVR0OBBYEFKV2ljgZ
MqZFZirlAtM8LDq3VVRZMB8GA1UdIwQYMBaAFL4OeokPcoHGVGMui+gOu/n/tWUD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ4Ri84QzgxQTg1NjFE
OEQxMUUyODY2QzUwRUIwOEIwMkNEMi92ZzU2aVE5eWdjWlVZeTZMNkE2Ny1mLTFa
UU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZnNTZpUTl5Z2NaVVl5Nkw2QTY3LWYtMVpRTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUE0OEYvOEM4MUE4NTYxRDhEMTFFMjg2NkM1MEVCMDhCMDJDRDIvMDgzNDdDNDIw
QkZCMTFFREEzMUEwOTYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABvQWUwDQYJKoZIhvcNAQELBQADggEBAGzdaC1L92pWJU12
HvzFh96WJYhZNehGkSjG8tvQhggqtOlx0CajCVxJrIJbdyLbuafkK/ImG6jupsQx
r5nsoQJaFUo+wljFC3n5Dinpt3DIoKn3JdCAsS5Fo8ZQqj+3cNSyhCCc0RJnd+yC
jGWN9wu7yD5y8PT5WsCFg0LUYa8E62Exj8jkBsRqpVBV1YdQqXa/rt284EQuYC65
2wkb9NJ/7GWoVPyaeF90KQGGjirBzpEuUYOIJKfHEl9PrxIWB5/cQGDNXQgsjM5i
PRvRPyOYMgmjPXu4l22HbQrj8zqVLLiZEjuOv6lQ55Tt2RsDeC4/USAA2RjnpoCS
5z2Ag+4=
-----END CERTIFICATE-----
Generated at Thu Apr 10 12:34:51 2025 by rpki-client