Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/CCF1692CC85111EFAEC7B83FC4F9AE02.roa
File: CCF1692CC85111EFAEC7B83FC4F9AE02.roa (raw, json)
Hash identifier: YNmXXeohBLlW644lJk9sQ0wTlKH8+7poI39Ki1Khyx0=
Subject key identifier: 52:B0:8A:D9:FD:98:2D:CB:77:4A:8E:F0:A9:00:20:11:F5:A9:34:AE
Certificate issuer: /CN=A91B74E8/serialNumber=6C080A2BA7DAAC95D4D93488A900151AE3A59DF8
Certificate serial: 045E
Authority key identifier: 6C:08:0A:2B:A7:DA:AC:95:D4:D9:34:88:A9:00:15:1A:E3:A5:9D:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bAgKK6farJXU2TSIqQAVGuOlnfg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/CCF1692CC85111EFAEC7B83FC4F9AE02.roa
Signing time: Wed 01 Jan 2025 15:05:13 +0000
ROA not before: Wed 01 Jan 2025 15:05:13 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 149000
IP address blocks: 2001:df0:740::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/bAgKK6farJXU2TSIqQAVGuOlnfg.crl
rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/bAgKK6farJXU2TSIqQAVGuOlnfg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bAgKK6farJXU2TSIqQAVGuOlnfg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 23:47:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1118 (0x45e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B74E8, serialNumber=6C080A2BA7DAAC95D4D93488A900151AE3A59DF8
Validity
Not Before: Jan 1 15:05:13 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677559a9-1eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:47:8a:80:14:66:9d:bb:78:1d:aa:de:7b:0c:
28:e2:22:17:d8:2f:d3:c7:bd:93:d2:36:b1:0f:71:
55:79:3f:79:5f:fb:08:88:02:5f:d4:43:a4:d5:1e:
d3:23:c4:85:71:51:aa:0f:01:ec:0b:92:ff:4d:32:
4c:08:72:bd:c4:54:fc:7f:25:20:6d:93:29:71:bf:
ec:ea:33:56:47:d4:48:11:e3:ab:18:60:4f:44:9a:
06:13:57:cd:07:d0:81:fe:b8:ec:49:44:29:46:3c:
65:b3:16:22:3b:98:25:f7:2f:ca:ae:a4:b1:18:46:
98:d7:fd:6e:5d:23:b8:de:4e:4d:4f:d3:50:51:c9:
24:19:79:ba:8d:db:ec:e7:7d:ed:53:a6:fb:67:c6:
f0:b7:b6:92:88:8e:21:e5:ae:64:08:76:cc:f7:96:
16:3d:03:54:71:7a:ae:f9:82:fc:94:59:8a:1b:6c:
c4:cc:fa:b4:3b:c2:d2:54:c2:32:5b:ac:a9:48:3a:
36:13:88:47:18:e3:67:e7:02:e3:53:e5:96:a1:3d:
aa:6d:0d:76:63:fd:05:9d:d5:27:5e:13:b7:97:17:
ee:08:d5:11:a4:4b:e0:45:42:c7:e9:cd:a4:2e:53:
b5:2e:bc:34:44:5a:9a:14:4a:f0:fd:dd:2f:d5:63:
f4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B0:8A:D9:FD:98:2D:CB:77:4A:8E:F0:A9:00:20:11:F5:A9:34:AE
X509v3 Authority Key Identifier:
keyid:6C:08:0A:2B:A7:DA:AC:95:D4:D9:34:88:A9:00:15:1A:E3:A5:9D:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/bAgKK6farJXU2TSIqQAVGuOlnfg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bAgKK6farJXU2TSIqQAVGuOlnfg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/CCF1692CC85111EFAEC7B83FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df0:740::/48
Signature Algorithm: sha256WithRSAEncryption
a1:3a:2c:7c:cf:4e:6f:00:a6:56:68:b9:4c:c6:00:47:45:5a:
4c:df:dd:c9:c2:0d:fb:09:95:5a:de:fc:fa:ad:bc:a7:03:a1:
d2:20:75:fc:98:04:e5:00:8f:e0:1f:61:07:e5:a2:2a:47:b8:
55:e0:ed:01:29:90:27:09:c7:79:f2:ca:b7:19:96:06:58:07:
c9:67:f9:1d:cc:43:82:ad:29:03:c5:71:3b:83:f0:0c:b0:c9:
59:ac:8c:64:b9:a2:58:a1:c1:3b:19:bd:0c:45:49:07:bb:af:
85:11:78:f0:ee:46:2a:1d:dd:7c:07:54:1d:4a:0b:e7:1b:01:
8a:5f:f8:87:fc:91:f1:a4:f4:b5:07:9d:cc:a3:13:be:d0:bf:
8c:ab:11:e3:39:d3:57:4a:18:6b:b5:c4:a7:f2:16:91:a3:2a:
34:53:f9:3c:f0:57:83:3f:42:f3:78:bf:c5:4b:6b:3d:2e:a3:
9f:db:04:99:ba:62:2a:68:f6:53:b1:37:cd:58:fb:49:c5:cb:
8c:6a:73:79:f0:c9:76:e9:42:8b:57:fc:51:f4:c5:87:f0:68:
3c:ca:ae:f6:13:33:05:bc:97:15:2a:bb:81:5c:2d:b1:d4:a9:
0b:00:5e:d2:3f:56:6a:50:a7:48:0a:d5:24:bf:39:b6:f0:78:
2c:a5:7f:7b
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICBF4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc0RTgxMTAvBgNVBAUTKDZDMDgwQTJCQTdEQUFDOTVENEQ5MzQ4OEE5MDAxNTFB
RTNBNTlERjgwHhcNMjUwMTAxMTUwNTEzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc1NTlhOS0xZWFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtUeKgBRmnbt4Hareewwo4iIX2C/Tx72T0jaxD3FVeT95X/sIiAJf1EOk1R7T
I8SFcVGqDwHsC5L/TTJMCHK9xFT8fyUgbZMpcb/s6jNWR9RIEeOrGGBPRJoGE1fN
B9CB/rjsSUQpRjxlsxYiO5gl9y/KrqSxGEaY1/1uXSO43k5NT9NQUckkGXm6jdvs
533tU6b7Z8bwt7aSiI4h5a5kCHbM95YWPQNUcXqu+YL8lFmKG2zEzPq0O8LSVMIy
W6ypSDo2E4hHGONn5wLjU+WWoT2qbQ12Y/0FndUnXhO3lxfuCNURpEvgRULH6c2k
LlO1Lrw0RFqaFErw/d0v1WP0eQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFFKwitn9
mC3Ld0qO8KkAIBH1qTSuMB8GA1UdIwQYMBaAFGwICiun2qyV1Nk0iKkAFRrjpZ34
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzRFOC80N0Y2MjAxMjQz
RUExMUVDODRBQjYzNDdDNEY5QUUwMi9iQWdLSzZmYXJKWFUyVFNJcVFBVkd1T2xu
ZmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JBZ0tLNmZhckpYVTJUU0lxUUFWR3VPbG5mZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc0RTgvNDdGNjIwMTI0M0VBMTFFQzg0QUI2MzQ3QzRGOUFFMDIvQ0NGMTY5MkND
ODUxMTFFRkFFQzdCODNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3wB0AwDQYJKoZIhvcNAQELBQADggEBAKE6LHzPTm8A
plZouUzGAEdFWkzf3cnCDfsJlVre/PqtvKcDodIgdfyYBOUAj+AfYQfloipHuFXg
7QEpkCcJx3nyyrcZlgZYB8ln+R3MQ4KtKQPFcTuD8AywyVmsjGS5olihwTsZvQxF
SQe7r4URePDuRiod3XwHVB1KC+cbAYpf+If8kfGk9LUHncyjE77Qv4yrEeM501dK
GGu1xKfyFpGjKjRT+TzwV4M/QvN4v8VLaz0uo5/bBJm6Yipo9lOxN81Y+0nFy4xq
c3nwyXbpQotX/FH0xYfwaDzKrvYTMwW8lxUqu4FcLbHUqQsAXtI/VmpQp0gK1SS/
ObbweCylf3s=
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:54:30 2025 by rpki-client