Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/1BDAA63E12B211EBA631032CC4F9AE02.roa
File: 1BDAA63E12B211EBA631032CC4F9AE02.roa (raw, json)
Hash identifier: BJy4+HNv8kQ6Lc2CH7nff6rHz79DtOyFMzKFxBbxH6Y=
Subject key identifier: 77:89:9C:AB:B6:B7:BE:F9:FC:F6:77:55:A2:42:5D:E0:FC:94:2E:6F
Certificate issuer: /CN=A91B625F/serialNumber=E155B82A87D28E877602F994F8FFD3E744AAF480
Certificate serial: 07A1
Authority key identifier: E1:55:B8:2A:87:D2:8E:87:76:02:F9:94:F8:FF:D3:E7:44:AA:F4:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/1BDAA63E12B211EBA631032CC4F9AE02.roa
Signing time: Tue 10 Dec 2024 21:50:53 +0000
ROA not before: Tue 10 Dec 2024 21:50:53 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 213262
IP address blocks: 2406:9dc0:30::/44 maxlen: 44
2406:9dc0:30::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.crl
rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 21:17:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1953 (0x7a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B625F
Validity
Not Before: Dec 10 21:50:53 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6758b7bd-1a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:56:09:46:9b:b0:53:03:55:f3:9d:91:e9:3b:
b2:a5:4b:13:4c:a2:0f:30:aa:80:74:aa:8e:18:aa:
26:91:01:0a:9f:e2:e2:e7:fe:97:84:d8:a8:e0:2c:
54:5a:de:24:67:1f:5d:dc:4d:92:0e:d2:ff:e6:8c:
27:1b:7c:60:36:0f:7e:0a:d2:5c:10:50:be:da:05:
ce:65:78:95:20:4d:8d:0c:3a:d2:df:57:35:7b:0d:
d5:fc:3d:3c:10:12:03:c3:2c:37:4d:25:c4:f0:6d:
1b:5a:1d:25:db:31:24:bc:40:7e:ae:26:7e:af:17:
4c:4d:9b:f7:6c:97:a8:8b:05:e8:18:4e:b5:fc:28:
ec:95:1d:a5:08:be:5f:61:d5:50:b0:15:7c:00:8e:
bc:29:39:df:4e:9c:77:d2:46:b5:6c:80:c8:8e:14:
c4:2c:45:b1:6c:c5:e7:8b:97:07:6b:04:fd:3e:4b:
43:9f:1e:77:e2:bd:d7:d2:f7:14:66:4d:51:9f:a4:
ac:1c:66:93:84:b9:d8:9e:28:cf:f0:ef:3b:45:93:
8e:07:34:79:c2:50:9b:4c:a9:53:65:da:ed:82:51:
94:81:35:03:5d:bb:71:96:b5:89:ec:0b:e0:17:03:
97:0f:fe:41:97:35:4a:25:3a:1a:7c:35:8c:38:86:
e0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:89:9C:AB:B6:B7:BE:F9:FC:F6:77:55:A2:42:5D:E0:FC:94:2E:6F
X509v3 Authority Key Identifier:
keyid:E1:55:B8:2A:87:D2:8E:87:76:02:F9:94:F8:FF:D3:E7:44:AA:F4:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/4VW4KofSjod2AvmU-P_T50Sq9IA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4VW4KofSjod2AvmU-P_T50Sq9IA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B625F/22D91F7211CE11EB8AD05A2BC4F9AE02/1BDAA63E12B211EBA631032CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:9dc0:30::/44
Signature Algorithm: sha256WithRSAEncryption
b4:5d:17:90:15:e2:fb:a6:77:40:d1:01:5d:87:78:2c:92:c7:
02:af:ab:e8:f1:f4:26:61:ea:b3:b8:90:ec:2c:4e:d5:72:98:
f2:c5:8a:9a:1d:e9:b4:1d:e6:ca:e9:96:8a:f0:91:6e:de:f7:
12:0d:99:9c:25:74:90:13:2c:09:f7:93:ee:d2:a5:dc:17:b4:
67:f8:45:53:86:ff:1e:6b:fc:94:fd:69:85:a8:c5:fb:3a:76:
dc:2a:30:90:3f:7e:02:67:67:e7:f4:de:5e:b6:32:3e:77:f5:
4c:6f:1f:d5:d0:81:89:dc:19:1d:af:b4:f5:17:9f:8e:ab:72:
8a:d9:cb:a4:7e:a4:e5:94:42:4f:53:7b:6c:21:4e:e9:2e:e6:
9d:76:c7:dc:46:b1:63:11:b7:89:b0:70:67:e4:02:46:b2:87:
f9:fd:8b:1e:71:05:ec:66:42:2d:72:2c:21:b9:fd:4d:dd:36:
fe:fb:4a:f4:cd:7f:d1:9b:54:0c:d1:79:08:7b:e3:07:44:67:
98:a6:d4:01:72:e9:f6:fd:49:f7:c3:2b:e3:22:0f:d1:a2:3c:
77:8b:3e:93:9b:db:fb:a0:92:96:57:56:9e:59:a5:bb:86:42:
84:4f:6f:60:36:ce:9d:cd:a0:01:c1:34:e8:cc:3e:57:f1:90:
d2:0d:84:e6
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICB6EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjYyNUYxMTAvBgNVBAUTKEUxNTVCODJBODdEMjhFODc3NjAyRjk5NEY4RkZEM0U3
NDRBQUY0ODAwHhcNMjQxMjEwMjE1MDUzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4YjdiZC0xYTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA21YJRpuwUwNV852R6TuypUsTTKIPMKqAdKqOGKomkQEKn+Li5/6XhNio4CxU
Wt4kZx9d3E2SDtL/5ownG3xgNg9+CtJcEFC+2gXOZXiVIE2NDDrS31c1ew3V/D08
EBIDwyw3TSXE8G0bWh0l2zEkvEB+riZ+rxdMTZv3bJeoiwXoGE61/CjslR2lCL5f
YdVQsBV8AI68KTnfTpx30ka1bIDIjhTELEWxbMXni5cHawT9PktDnx534r3X0vcU
Zk1Rn6SsHGaThLnYnijP8O87RZOOBzR5wlCbTKlTZdrtglGUgTUDXbtxlrWJ7Avg
FwOXD/5BlzVKJToafDWMOIbghQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFHeJnKu2
t775/PZ3VaJCXeD8lC5vMB8GA1UdIwQYMBaAFOFVuCqH0o6HdgL5lPj/0+dEqvSA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjI1Ri8yMkQ5MUY3MjEx
Q0UxMUVCOEFEMDVBMkJDNEY5QUUwMi80Vlc0S29mU2pvZDJBdm1VLVBfVDUwU3E5
SUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRWVzRLb2ZTam9kMkF2bVUtUF9UNTBTcTlJQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjYyNUYvMjJEOTFGNzIxMUNFMTFFQjhBRDA1QTJCQzRGOUFFMDIvMUJEQUE2M0Ux
MkIyMTFFQkE2MzEwMzJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkBp3AADAwDQYJKoZIhvcNAQELBQADggEBALRdF5AV4vum
d0DRAV2HeCySxwKvq+jx9CZh6rO4kOwsTtVymPLFipod6bQd5srplorwkW7e9xIN
mZwldJATLAn3k+7SpdwXtGf4RVOG/x5r/JT9aYWoxfs6dtwqMJA/fgJnZ+f03l62
Mj539UxvH9XQgYncGR2vtPUXn46rcorZy6R+pOWUQk9Te2whTuku5p12x9xGsWMR
t4mwcGfkAkayh/n9ix5xBexmQi1yLCG5/U3dNv77SvTNf9GbVAzReQh74wdEZ5im
1AFy6fb9SffDK+MiD9GiPHeLPpOb2/ugkpZXVp5ZpbuGQoRPb2A2zp3NoAHBNOjM
PlfxkNINhOY=
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:04:57 2025 by rpki-client