Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BE1BC/896C6C4846CE11E992850A3CC4F9AE02/8B7BDC02708811ED95A9DC75C4F9AE02.roa
File: 8B7BDC02708811ED95A9DC75C4F9AE02.roa (raw, json)
Hash identifier: 9+Gtcwt1HizyRVjiJLATuFRgohbLeetX6+Rnfri/zZI=
Subject key identifier: F9:FE:C3:F0:3F:9A:33:D5:BE:6F:66:73:52:E7:93:5A:DF:A2:0F:3F
Certificate issuer: /CN=A91BE1BC/serialNumber=429E9BDDA296620003CEC5EFABB823D303FE4F71
Certificate serial: 0FE9
Authority key identifier: 42:9E:9B:DD:A2:96:62:00:03:CE:C5:EF:AB:B8:23:D3:03:FE:4F:71
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qp6b3aKWYgADzsXvq7gj0wP-T3E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BE1BC/896C6C4846CE11E992850A3CC4F9AE02/8B7BDC02708811ED95A9DC75C4F9AE02.roa
Signing time: Tue 04 Feb 2025 17:25:34 +0000
ROA not before: Tue 04 Feb 2025 17:25:34 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 23602
IP address blocks: 124.40.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91BE1BC/896C6C4846CE11E992850A3CC4F9AE02/Qp6b3aKWYgADzsXvq7gj0wP-T3E.crl
rsync://rpki.apnic.net/member_repository/A91BE1BC/896C6C4846CE11E992850A3CC4F9AE02/Qp6b3aKWYgADzsXvq7gj0wP-T3E.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qp6b3aKWYgADzsXvq7gj0wP-T3E.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 17:23:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4073 (0xfe9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BE1BC, serialNumber=429E9BDDA296620003CEC5EFABB823D303FE4F71
Validity
Not Before: Feb 4 17:25:34 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a24d8d-abe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:67:2d:ad:84:a6:fe:5b:74:66:24:ee:88:36:
1d:ee:bd:93:f9:69:23:06:7e:e3:70:8e:3d:e0:83:
0f:86:1b:2d:e4:a1:fc:e7:51:fc:57:b8:83:b9:7c:
e1:cb:48:a7:d3:7c:4b:8c:cb:ac:c4:32:89:d2:fd:
f9:d5:f6:f6:90:a3:eb:e2:4b:3d:4f:79:ab:5c:22:
39:b4:c0:26:98:a6:d0:e2:6d:f8:77:2a:70:7d:e5:
40:9a:2c:b7:64:9a:99:e1:04:8a:da:ef:85:7c:b8:
d4:67:19:bb:a4:81:27:04:99:b2:b1:84:e3:ac:8a:
b1:7b:58:49:66:5b:5d:00:d1:cc:fb:4b:c7:cc:0e:
44:57:9d:25:3b:de:fc:5b:76:45:28:99:a2:2c:f2:
5b:11:17:72:6d:32:19:48:3c:19:4c:85:22:af:f1:
98:83:f3:c6:4d:73:07:b4:7a:f8:34:a0:56:70:04:
e6:28:3a:70:a1:7b:cb:f4:76:7f:b6:34:de:80:a0:
c6:3e:ea:b6:a3:50:49:e2:7b:98:6d:8e:21:2c:b7:
03:f9:09:54:7a:5a:ed:e2:36:dc:4b:a3:44:79:00:
34:03:25:6b:32:6e:8a:25:f0:e0:5a:a6:8d:99:3f:
19:9f:ed:ab:05:43:72:30:3b:ae:ee:f2:a6:df:d8:
a7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:FE:C3:F0:3F:9A:33:D5:BE:6F:66:73:52:E7:93:5A:DF:A2:0F:3F
X509v3 Authority Key Identifier:
keyid:42:9E:9B:DD:A2:96:62:00:03:CE:C5:EF:AB:B8:23:D3:03:FE:4F:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BE1BC/896C6C4846CE11E992850A3CC4F9AE02/Qp6b3aKWYgADzsXvq7gj0wP-T3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qp6b3aKWYgADzsXvq7gj0wP-T3E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BE1BC/896C6C4846CE11E992850A3CC4F9AE02/8B7BDC02708811ED95A9DC75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
124.40.232.0/24
Signature Algorithm: sha256WithRSAEncryption
01:3c:af:ea:86:65:b1:40:d9:45:58:56:96:5f:89:0a:39:fd:
79:2f:f7:2b:a9:ff:dd:21:c5:ef:a5:9a:33:12:06:71:5d:dc:
9f:3a:2a:47:5c:fa:57:72:81:71:9c:19:d0:a9:29:db:84:9a:
7e:63:a6:e1:fc:c4:1c:85:d4:aa:ef:60:4a:12:56:45:b8:71:
61:4e:10:ba:bb:60:17:0a:71:d0:22:a3:eb:7d:d7:f3:8a:2b:
d2:a7:fd:86:75:86:17:b8:47:cf:29:3f:69:aa:0d:a8:f6:65:
e7:62:cd:8c:5d:85:77:24:5b:0f:bb:a3:b7:b6:ae:04:bb:9d:
77:00:c3:cb:d4:a1:5c:1b:de:ea:a7:67:70:6a:73:c2:7c:65:
10:48:05:cb:5d:88:d3:3d:d5:91:7f:ef:71:4f:05:1a:1d:34:
71:96:12:15:f0:ec:92:96:71:a6:65:58:9d:9c:c9:8f:78:a7:
6a:89:3c:bb:0d:ab:0e:a8:de:04:1b:94:b1:7e:8a:02:0a:24:
3f:82:0a:3a:d5:26:41:72:6c:bd:aa:6d:d8:8f:a9:4b:8e:ab:
18:15:20:5e:f6:bb:c2:7c:fd:0e:58:c4:5c:21:14:0d:f6:d9:
6a:fc:d9:92:73:ec:90:59:b9:97:39:ee:55:72:37:92:ad:f9:
db:00:4b:d0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICD+kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkUxQkMxMTAvBgNVBAUTKDQyOUU5QkREQTI5NjYyMDAwM0NFQzVFRkFCQjgyM0Qz
MDNGRTRGNzEwHhcNMjUwMjA0MTcyNTM0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyNGQ4ZC1hYmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzWctrYSm/lt0ZiTuiDYd7r2T+WkjBn7jcI494IMPhhst5KH851H8V7iDuXzh
y0in03xLjMusxDKJ0v351fb2kKPr4ks9T3mrXCI5tMAmmKbQ4m34dypwfeVAmiy3
ZJqZ4QSK2u+FfLjUZxm7pIEnBJmysYTjrIqxe1hJZltdANHM+0vHzA5EV50lO978
W3ZFKJmiLPJbERdybTIZSDwZTIUir/GYg/PGTXMHtHr4NKBWcATmKDpwoXvL9HZ/
tjTegKDGPuq2o1BJ4nuYbY4hLLcD+QlUelrt4jbcS6NEeQA0AyVrMm6KJfDgWqaN
mT8Zn+2rBUNyMDuu7vKm39inqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPn+w/A/
mjPVvm9mc1Lnk1rfog8/MB8GA1UdIwQYMBaAFEKem92ilmIAA87F76u4I9MD/k9x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRTFCQy84OTZDNkM0ODQ2
Q0UxMUU5OTI4NTBBM0NDNEY5QUUwMi9RcDZiM2FLV1lnQUR6c1h2cTdnajB3UC1U
M0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FwNmIzYUtXWWdBRHpzWHZxN2dqMHdQLVQzRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkUxQkMvODk2QzZDNDg0NkNFMTFFOTkyODUwQTNDQzRGOUFFMDIvOEI3QkRDMDI3
MDg4MTFFRDk1QTlEQzc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB8KOgwDQYJKoZIhvcNAQELBQADggEBAAE8r+qGZbFA2UVY
VpZfiQo5/Xkv9yup/90hxe+lmjMSBnFd3J86Kkdc+ldygXGcGdCpKduEmn5jpuH8
xByF1KrvYEoSVkW4cWFOELq7YBcKcdAio+t91/OKK9Kn/YZ1hhe4R88pP2mqDaj2
ZedizYxdhXckWw+7o7e2rgS7nXcAw8vUoVwb3uqnZ3Bqc8J8ZRBIBctdiNM91ZF/
73FPBRodNHGWEhXw7JKWcaZlWJ2cyY94p2qJPLsNqw6o3gQblLF+igIKJD+CCjrV
JkFybL2qbdiPqUuOqxgVIF72u8J8/Q5YxFwhFA322Wr82ZJz7JBZuZc57lVyN5Kt
+dsAS9A=
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:06:42 2025 by rpki-client