Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC068/781E7DC4D51611EEB35E6A60C4F9AE02/4C798C5AD5DD11EEA5B1C711C4F9AE02.roa
File: 4C798C5AD5DD11EEA5B1C711C4F9AE02.roa (raw, json)
Hash identifier: UehIW4ne9/pa7E+bJ7b7vlEagKFtkPy1RDy9gQNG8w4=
Subject key identifier: 2F:C0:8E:E2:94:7E:73:0B:AC:F2:E8:CC:E7:FE:69:A2:04:F3:BD:AA
Certificate issuer: /CN=A91DC068/serialNumber=AA36DEAA0B488D743D3096A374D3CEC3034E69DA
Certificate serial: CD
Authority key identifier: AA:36:DE:AA:0B:48:8D:74:3D:30:96:A3:74:D3:CE:C3:03:4E:69:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qjbeqgtIjXQ9MJajdNPOwwNOado.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC068/781E7DC4D51611EEB35E6A60C4F9AE02/4C798C5AD5DD11EEA5B1C711C4F9AE02.roa
Signing time: Mon 17 Mar 2025 04:50:55 +0000
ROA not before: Mon 17 Mar 2025 04:50:55 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 134245
IP address blocks: 2001:df3:80c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DC068/781E7DC4D51611EEB35E6A60C4F9AE02/qjbeqgtIjXQ9MJajdNPOwwNOado.crl
rsync://rpki.apnic.net/member_repository/A91DC068/781E7DC4D51611EEB35E6A60C4F9AE02/qjbeqgtIjXQ9MJajdNPOwwNOado.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qjbeqgtIjXQ9MJajdNPOwwNOado.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 04:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 205 (0xcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC068
Validity
Not Before: Mar 17 04:50:55 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67d7aa2f-1fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:90:c8:bb:8c:e4:b7:63:6e:6d:2c:e3:a3:86:
2c:7a:f2:78:0a:e5:6a:7a:4b:21:d1:e8:3b:93:1e:
aa:c8:0d:03:80:4c:f2:50:8f:56:c4:eb:ab:7a:b3:
df:ea:11:b1:0f:b8:e3:fe:45:a1:45:aa:4f:99:e2:
16:43:0d:5c:86:be:fa:88:89:74:95:f7:45:cb:d6:
b5:a5:12:94:1d:18:fe:2f:52:03:26:1c:5e:2f:ac:
39:0e:44:77:f9:c4:d5:5d:ef:3a:9b:22:2f:8f:52:
45:1b:32:32:d8:bd:ef:ce:95:91:c9:d7:dc:bd:50:
63:fe:92:4e:42:f3:53:37:40:c8:54:18:20:8e:51:
16:6a:d3:ca:3c:6c:2d:39:9d:b5:e4:2c:ef:78:9b:
2d:36:47:de:ab:6c:82:00:21:25:e3:c3:2c:38:6d:
d5:51:70:67:ab:7c:25:cf:14:67:fe:56:ab:e5:a4:
1c:cd:d3:07:76:6f:bd:a5:26:01:bb:57:94:83:a4:
62:9e:f2:4b:4a:7f:b3:75:80:47:53:69:50:a3:0a:
4a:19:d7:95:e2:6f:22:d2:bd:9c:e9:77:dd:c2:90:
d6:cf:38:24:73:53:ea:87:42:26:ae:67:d9:c8:0c:
a1:f5:d6:de:6d:38:3b:ea:56:cc:45:be:db:1b:06:
f2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C0:8E:E2:94:7E:73:0B:AC:F2:E8:CC:E7:FE:69:A2:04:F3:BD:AA
X509v3 Authority Key Identifier:
keyid:AA:36:DE:AA:0B:48:8D:74:3D:30:96:A3:74:D3:CE:C3:03:4E:69:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC068/781E7DC4D51611EEB35E6A60C4F9AE02/qjbeqgtIjXQ9MJajdNPOwwNOado.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qjbeqgtIjXQ9MJajdNPOwwNOado.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC068/781E7DC4D51611EEB35E6A60C4F9AE02/4C798C5AD5DD11EEA5B1C711C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
3c:12:66:48:7c:4f:07:a1:75:32:f6:bc:3e:c0:ec:19:d1:bc:
5e:8e:05:c0:35:09:45:a6:16:a8:eb:54:d4:02:f5:c8:aa:4e:
ff:7f:3c:4a:f4:43:8b:07:84:6f:14:aa:89:39:0e:4f:53:c7:
5a:e2:2e:4d:c8:81:9b:ff:7a:d5:4a:c3:0c:ed:d6:2f:39:04:
53:1f:04:f1:2d:83:4e:7f:85:64:59:68:05:b0:ec:fd:ac:ac:
e2:7b:7b:10:1a:a4:19:f5:2e:ce:8d:a1:f0:ed:e6:d6:7e:6c:
26:18:4e:af:08:ad:fa:3a:fb:97:b8:5e:86:34:4a:d1:c5:e8:
93:8e:f3:eb:aa:9d:bc:36:06:9c:48:8a:27:1c:e2:df:43:8c:
6e:92:1e:63:57:9b:38:75:b5:66:0a:54:c6:0a:70:d0:ea:04:
14:52:b0:90:2d:96:9e:c0:71:a8:c6:78:46:6a:05:01:49:4e:
d7:94:57:46:1e:ce:fc:e8:1b:a5:e5:d5:20:12:d1:27:65:82:
b9:06:87:3a:9a:87:c9:06:f8:7f:b6:b0:d1:c9:84:bb:43:ab:
30:de:ae:18:d0:b1:27:bf:ab:0d:83:d5:a2:14:88:39:c0:4c:
da:0b:34:e9:10:69:1f:eb:b2:8d:f8:db:ec:ef:8c:9f:5b:41:
81:e5:15:bd
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REMwNjgxMTAvBgNVBAUTKEFBMzZERUFBMEI0ODhENzQzRDMwOTZBMzc0RDNDRUMz
MDM0RTY5REEwHhcNMjUwMzE3MDQ1MDU1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q3YWEyZi0xZmU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwJDIu4zkt2NubSzjo4YsevJ4CuVqeksh0eg7kx6qyA0DgEzyUI9WxOurerPf
6hGxD7jj/kWhRapPmeIWQw1chr76iIl0lfdFy9a1pRKUHRj+L1IDJhxeL6w5DkR3
+cTVXe86myIvj1JFGzIy2L3vzpWRydfcvVBj/pJOQvNTN0DIVBggjlEWatPKPGwt
OZ215CzveJstNkfeq2yCACEl48MsOG3VUXBnq3wlzxRn/lar5aQczdMHdm+9pSYB
u1eUg6RinvJLSn+zdYBHU2lQowpKGdeV4m8i0r2c6XfdwpDWzzgkc1Pqh0ImrmfZ
yAyh9dbebTg76lbMRb7bGwbyiQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFC/AjuKU
fnMLrPLozOf+aaIE872qMB8GA1UdIwQYMBaAFKo23qoLSI10PTCWo3TTzsMDTmna
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzA2OC83ODFFN0RDNEQ1
MTYxMUVFQjM1RTZBNjBDNEY5QUUwMi9xamJlcWd0SWpYUTlNSmFqZE5QT3d3Tk9h
ZG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FqYmVxZ3RJalhROU1KYWpkTlBPd3dOT2Fkby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REMwNjgvNzgxRTdEQzRENTE2MTFFRUIzNUU2QTYwQzRGOUFFMDIvNEM3OThDNUFE
NUREMTFFRUE1QjFDNzExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3zgMAwDQYJKoZIhvcNAQELBQADggEBADwSZkh8Tweh
dTL2vD7A7BnRvF6OBcA1CUWmFqjrVNQC9ciqTv9/PEr0Q4sHhG8Uqok5Dk9Tx1ri
Lk3IgZv/etVKwwzt1i85BFMfBPEtg05/hWRZaAWw7P2srOJ7exAapBn1Ls6NofDt
5tZ+bCYYTq8Irfo6+5e4XoY0StHF6JOO8+uqnbw2BpxIiicc4t9DjG6SHmNXmzh1
tWYKVMYKcNDqBBRSsJAtlp7AcajGeEZqBQFJTteUV0YezvzoG6Xl1SAS0SdlgrkG
hzqah8kG+H+2sNHJhLtDqzDerhjQsSe/qw2D1aIUiDnATNoLNOkQaR/rso342+zv
jJ9bQYHlFb0=
-----END CERTIFICATE-----
Generated at Fri Apr 11 17:19:31 2025 by rpki-client