Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/DD76C09AB16711EFBD483568C4F9AE02.roa
File: DD76C09AB16711EFBD483568C4F9AE02.roa (raw, json)
Hash identifier: lZ2oQ4wvz4evXveDE7LNoYJmc6E6jg/A59sR/rYBi6k=
Subject key identifier: F3:71:D9:C8:4F:D1:89:F4:BE:5C:42:60:99:72:2C:3B:D2:57:7A:35
Certificate issuer: /CN=A91B1E8B/serialNumber=9D3C33ACB1103E71FA1FF3E6013E9DC3112269FC
Certificate serial: 5E
Authority key identifier: 9D:3C:33:AC:B1:10:3E:71:FA:1F:F3:E6:01:3E:9D:C3:11:22:69:FC
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/DD76C09AB16711EFBD483568C4F9AE02.roa
Signing time: Thu 09 Jan 2025 05:20:29 +0000
ROA not before: Thu 09 Jan 2025 05:20:29 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 134715
IP address blocks: 157.10.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.crl
rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 05:22:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94 (0x5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B1E8B
Validity
Not Before: Jan 9 05:20:29 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677f5c9d-b568
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ad:6b:cc:07:a3:47:fe:3c:9e:8e:7e:3d:e1:
68:1e:ff:e6:80:9b:26:66:64:26:c1:f7:e4:75:b1:
3a:b1:b6:71:8c:94:23:02:30:8a:b2:05:c3:f4:75:
9f:5e:89:cb:bc:b9:7e:ba:c2:92:62:a6:a1:38:dd:
22:b6:5c:c8:7d:ae:06:bd:94:a3:0e:c6:a2:59:22:
72:4a:35:be:6a:ea:4e:d9:ba:2a:28:86:38:19:d8:
02:87:7f:f8:25:ba:6c:ba:bf:f6:84:d4:b4:99:4e:
ab:07:b7:f1:ab:63:f4:7c:fa:32:b6:7c:24:3b:4c:
b9:2f:07:74:b9:55:bd:4c:41:bb:51:05:7a:76:a6:
20:17:71:a6:cd:a0:53:6f:33:b7:7b:48:c2:6a:8c:
03:db:1d:91:1b:40:e7:26:29:f2:7d:f1:b8:af:df:
7f:00:94:c2:ec:f8:12:2c:ec:e3:d6:49:0c:a6:de:
3c:ac:44:6d:10:6c:7c:c5:40:ab:1c:a2:2a:43:ef:
a6:b7:c3:5c:a5:99:63:e2:29:04:5e:3f:d4:db:17:
fc:51:a2:27:01:78:96:d4:c6:50:94:8c:a9:a9:d7:
70:35:56:2c:4a:1c:21:98:7d:77:1d:b4:8c:2c:84:
62:15:64:77:54:3b:eb:7c:95:c9:26:12:46:f3:86:
f6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:71:D9:C8:4F:D1:89:F4:BE:5C:42:60:99:72:2C:3B:D2:57:7A:35
X509v3 Authority Key Identifier:
keyid:9D:3C:33:AC:B1:10:3E:71:FA:1F:F3:E6:01:3E:9D:C3:11:22:69:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/DD76C09AB16711EFBD483568C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.124.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:e8:13:da:93:58:4c:12:74:be:51:14:94:11:5b:7b:a0:6f:
3b:f6:cb:c7:78:80:d0:7a:f1:35:10:25:f9:78:31:44:c9:3e:
8c:26:a4:1e:10:f1:0c:8d:c7:85:c8:52:05:b5:17:18:c3:b3:
7a:dc:be:7b:b3:04:f7:a1:44:47:0c:9c:e3:57:a3:09:b0:85:
eb:12:2b:97:22:1b:94:00:33:9c:f0:4f:3f:d3:6f:32:bd:78:
c9:ae:6a:59:15:d7:34:6c:42:94:bd:06:42:33:4f:d4:21:09:
ea:1c:cf:96:7f:22:da:1a:f0:62:02:9f:8f:e4:ef:de:f3:07:
de:13:a4:62:e2:2c:6a:cd:13:ef:b9:36:04:74:27:9f:7b:23:
cc:84:e6:90:49:c0:51:b4:b0:49:cf:fa:e6:8a:c3:b2:90:95:
0b:01:bd:a6:1e:d8:8c:5c:2d:81:22:f5:47:c2:67:4f:e8:0e:
a0:95:83:24:11:85:1d:d2:f1:12:13:d5:92:13:c8:1c:7a:1f:
eb:a5:f4:8c:80:ab:4e:0a:ef:6f:d3:c2:d3:e8:5a:1d:2d:5d:
90:aa:1a:59:8f:a8:f8:a4:36:ca:59:c7:03:44:85:59:af:4f:
81:62:48:c4:9b:45:8f:9d:bc:f7:4d:06:2b:81:41:c5:53:01:
dd:84:63:eb
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBXjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
MUU4QjExMC8GA1UEBRMoOUQzQzMzQUNCMTEwM0U3MUZBMUZGM0U2MDEzRTlEQzMx
MTIyNjlGQzAeFw0yNTAxMDkwNTIwMjlaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3N2Y1YzlkLWI1NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDdrWvMB6NH/jyejn494Wge/+aAmyZmZCbB9+R1sTqxtnGMlCMCMIqyBcP0dZ9e
icu8uX66wpJipqE43SK2XMh9rga9lKMOxqJZInJKNb5q6k7ZuioohjgZ2AKHf/gl
umy6v/aE1LSZTqsHt/GrY/R8+jK2fCQ7TLkvB3S5Vb1MQbtRBXp2piAXcabNoFNv
M7d7SMJqjAPbHZEbQOcmKfJ98biv338AlMLs+BIs7OPWSQym3jysRG0QbHzFQKsc
oipD76a3w1ylmWPiKQReP9TbF/xRoicBeJbUxlCUjKmp13A1VixKHCGYfXcdtIws
hGIVZHdUO+t8lckmEkbzhvZjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU83HZyE/R
ifS+XEJgmXIsO9JXejUwHwYDVR0jBBgwFoAUnTwzrLEQPnH6H/PmAT6dwxEiafww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIxRThCLzYyOTE3NjQ0NDVC
NjExRUY4QUIzMEEzMUM0RjlBRTAyL25Ud3pyTEVRUG5INkhfUG1BVDZkd3hFaWFm
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvblR3enJMRVFQbkg2SF9QbUFUNmR3eEVpYWZ3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MUU4Qi82MjkxNzY0NDQ1QjYxMUVGOEFCMzBBMzFDNEY5QUUwMi9ERDc2QzA5QUIx
NjcxMUVGQkQ0ODM1NjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAZ0KfDANBgkqhkiG9w0BAQsFAAOCAQEAGugT2pNYTBJ0vlEU
lBFbe6BvO/bLx3iA0HrxNRAl+XgxRMk+jCakHhDxDI3HhchSBbUXGMOzety+e7ME
96FERwyc41ejCbCF6xIrlyIblAAznPBPP9NvMr14ya5qWRXXNGxClL0GQjNP1CEJ
6hzPln8i2hrwYgKfj+Tv3vMH3hOkYuIsas0T77k2BHQnn3sjzITmkEnAUbSwSc/6
5orDspCVCwG9ph7YjFwtgSL1R8JnT+gOoJWDJBGFHdLxEhPVkhPIHHof66X0jICr
Tgrvb9PC0+haHS1dkKoaWY+o+KQ2ylnHA0SFWa9PgWJIxJtFj528900GK4FBxVMB
3YRj6w==
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:19:56 2025 by rpki-client