Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/8C9FFE4C0F2F11EE85C26C11C4F9AE02.roa
File: 8C9FFE4C0F2F11EE85C26C11C4F9AE02.roa (raw, json)
Hash identifier: j4EoNG6mPHnfhB1j42qxfNdNciMiEtrw2eJw4okWk0c=
Subject key identifier: EF:4D:BA:C5:2C:B2:C1:5A:19:3F:84:3B:F4:BC:61:21:29:3C:44:D5
Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Certificate serial: 0EB3
Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/8C9FFE4C0F2F11EE85C26C11C4F9AE02.roa
Signing time: Tue 14 Jan 2025 18:16:16 +0000
ROA not before: Tue 14 Jan 2025 18:16:16 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 151326
IP address blocks: 220.232.135.0/24 maxlen: 24
220.232.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 17 Apr 2025 00:57:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3763 (0xeb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFFA0
Validity
Not Before: Jan 14 18:16:16 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6786a9ef-bf26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:50:44:7a:25:b0:07:d7:43:39:19:63:67:62:
30:f0:11:68:68:73:59:97:9b:84:fb:a2:24:eb:76:
30:71:df:70:a9:03:c7:cb:fb:55:c8:c2:6b:fe:c6:
69:ca:00:0f:dc:30:26:c9:c2:75:ad:da:d6:00:4a:
93:2d:65:f9:a0:04:0a:cd:eb:bb:9f:f2:b2:45:c4:
74:d7:e0:eb:e6:a8:fc:a8:d5:0c:78:cc:ed:2b:cf:
00:9c:af:e5:f7:0f:92:89:1d:71:9f:fa:fe:f4:21:
db:18:6d:2b:28:99:e9:5a:27:e3:a6:6f:85:9d:e4:
4c:5b:a7:f4:f6:5d:9d:60:98:90:fa:07:fc:8c:9d:
dc:3b:36:6a:3d:49:1c:77:ac:da:32:df:2f:56:9e:
17:ba:35:08:cb:fa:1e:4a:d9:d3:58:91:0d:04:b6:
68:61:74:9f:69:ec:b8:42:78:61:7c:a4:1b:8b:ed:
7b:30:a0:81:0a:d9:b7:d9:e8:36:98:74:d8:d1:5a:
2c:42:29:40:24:02:78:43:22:26:b3:e1:bf:18:b7:
7c:be:a0:93:20:1d:de:92:24:45:9e:fd:37:24:3e:
2f:85:cd:10:a2:81:39:5a:98:81:d0:db:d7:7c:fd:
90:f9:73:4c:3a:2f:e3:a2:41:22:2f:5a:ce:47:70:
e5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:4D:BA:C5:2C:B2:C1:5A:19:3F:84:3B:F4:BC:61:21:29:3C:44:D5
X509v3 Authority Key Identifier:
keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/8C9FFE4C0F2F11EE85C26C11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
220.232.135.0/24
220.232.158.0/24
Signature Algorithm: sha256WithRSAEncryption
63:30:d2:e0:ed:68:98:95:c8:2a:44:b5:ec:8e:33:7b:c4:45:
01:1d:3e:ff:ba:18:fb:12:93:30:a7:32:44:ca:ee:8b:31:fb:
a9:b7:21:cb:99:d5:98:1d:06:93:4a:16:61:80:a5:11:85:e9:
7f:0a:9e:24:3a:03:69:dc:f2:34:87:fe:d9:84:4b:3f:37:e1:
7e:79:4e:94:34:e7:b2:ec:e7:fb:6f:b6:5a:69:4c:b2:b5:9e:
d4:d5:6e:3e:13:6c:dc:09:cc:d6:33:96:e0:4c:4b:d4:8d:8b:
06:9b:17:8f:58:c3:e0:f4:df:4c:ac:bc:91:c9:96:af:15:d9:
f0:ff:58:71:b5:99:03:5e:42:4d:3f:6c:d6:f6:28:09:bc:3d:
57:d5:cd:be:55:4f:00:5c:9c:7f:5f:e8:1b:28:b6:5c:a3:91:
b9:2f:2a:ca:81:44:5a:32:b5:e0:14:0e:48:82:df:e8:34:1b:
09:29:4e:1a:91:01:0d:72:a9:04:26:bd:cc:22:66:6e:89:eb:
44:dc:e1:f1:77:8b:40:2b:53:56:d1:fc:2d:0e:7b:3c:38:5c:
4f:31:28:a4:3c:77:7c:02:6a:7d:be:bf:5e:f0:52:af:00:06:
77:00:ec:aa:11:53:31:67:d1:b8:89:82:18:ce:25:d1:a7:97:
3d:c3:e8:8e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDrMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB
RDNBRUZFQzgwHhcNMjUwMTE0MTgxNjE2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2YTllZi1iZjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu1BEeiWwB9dDORljZ2Iw8BFoaHNZl5uE+6Ik63Ywcd9wqQPHy/tVyMJr/sZp
ygAP3DAmycJ1rdrWAEqTLWX5oAQKzeu7n/KyRcR01+Dr5qj8qNUMeMztK88AnK/l
9w+SiR1xn/r+9CHbGG0rKJnpWifjpm+FneRMW6f09l2dYJiQ+gf8jJ3cOzZqPUkc
d6zaMt8vVp4XujUIy/oeStnTWJENBLZoYXSfaey4QnhhfKQbi+17MKCBCtm32eg2
mHTY0VosQilAJAJ4QyIms+G/GLd8vqCTIB3ekiRFnv03JD4vhc0QooE5WpiB0NvX
fP2Q+XNMOi/jokEiL1rOR3DlSwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFO9NusUs
ssFaGT+EO/S8YSEpPETVMB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4
Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvOEM5RkZFNEMw
RjJGMTFFRTg1QzI2QzExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADc6IcDBADc6J4wDQYJKoZIhvcNAQELBQADggEBAGMw0uDt
aJiVyCpEteyOM3vERQEdPv+6GPsSkzCnMkTK7osx+6m3IcuZ1ZgdBpNKFmGApRGF
6X8KniQ6A2nc8jSH/tmESz834X55TpQ057Ls5/tvtlppTLK1ntTVbj4TbNwJzNYz
luBMS9SNiwabF49Yw+D030ysvJHJlq8V2fD/WHG1mQNeQk0/bNb2KAm8PVfVzb5V
TwBcnH9f6BsotlyjkbkvKsqBRFoyteAUDkiC3+g0GwkpThqRAQ1yqQQmvcwiZm6J
60Tc4fF3i0ArU1bR/C0Oezw4XE8xKKQ8d3wCan2+v17wUq8ABncA7KoRUzFn0biJ
ghjOJdGnlz3D6I4=
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:37:04 2025 by rpki-client