Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC0F2/7F33EE24FD7E11EEA1B3535CC4F9AE02/EE647C1418A411EFBA690F60C4F9AE02.roa
File: EE647C1418A411EFBA690F60C4F9AE02.roa (raw, json)
Hash identifier: 1sKQhDe4XE+z/iEwFOdjuVVtLfzSNo7ytvziBnxPEOc=
Subject key identifier: 72:8B:C7:33:FB:D4:85:AC:6D:57:D3:3A:F4:FA:3D:E9:98:07:36:13
Certificate issuer: /CN=A91DC0F2/serialNumber=A0033F4943630DC94E2DDF5F2A6B88E866461AE7
Certificate serial: 7E
Authority key identifier: A0:03:3F:49:43:63:0D:C9:4E:2D:DF:5F:2A:6B:88:E8:66:46:1A:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oAM_SUNjDclOLd9fKmuI6GZGGuc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC0F2/7F33EE24FD7E11EEA1B3535CC4F9AE02/EE647C1418A411EFBA690F60C4F9AE02.roa
Signing time: Thu 05 Dec 2024 05:19:07 +0000
ROA not before: Thu 05 Dec 2024 05:19:07 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 152135
IP address blocks: 210.79.168.0/24 maxlen: 24
210.79.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DC0F2/7F33EE24FD7E11EEA1B3535CC4F9AE02/oAM_SUNjDclOLd9fKmuI6GZGGuc.crl
rsync://rpki.apnic.net/member_repository/A91DC0F2/7F33EE24FD7E11EEA1B3535CC4F9AE02/oAM_SUNjDclOLd9fKmuI6GZGGuc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oAM_SUNjDclOLd9fKmuI6GZGGuc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 24 Apr 2025 04:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126 (0x7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC0F2, serialNumber=A0033F4943630DC94E2DDF5F2A6B88E866461AE7
Validity
Not Before: Dec 5 05:19:07 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675137cb-598f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a8:05:82:fc:7d:33:c2:23:7e:aa:24:78:6e:
48:ab:98:09:a2:4b:ec:92:97:6b:71:70:e5:28:84:
65:6a:dd:03:c3:eb:d6:f5:e7:99:bb:5d:0b:8b:d7:
7f:cf:96:11:c5:59:18:9c:c5:a5:e4:f8:47:63:10:
0b:50:5e:ae:bd:70:8f:fc:5e:2a:1b:34:e9:14:bd:
40:8a:0f:7b:a2:60:ba:0b:dd:81:70:e7:67:0d:0e:
f2:cb:f3:2b:24:67:6c:68:bf:e0:7c:a5:e0:ff:e2:
09:24:32:44:0b:7f:62:59:1a:08:da:88:0d:94:7f:
08:27:4b:79:65:ae:15:61:b1:4b:db:73:f5:c3:a9:
d5:9b:b5:82:e6:bf:b9:9f:a3:bb:69:e2:37:16:ee:
6d:5f:e3:2b:c8:2d:ec:69:8d:6f:c3:b6:77:32:55:
d8:8f:8a:90:f8:80:a4:ed:1b:97:93:17:fd:0f:b2:
0b:88:20:c8:97:2b:c7:8c:b6:a1:ae:b2:36:9f:a3:
e4:4d:8e:a9:fd:4c:13:7c:fd:c4:cd:5c:a3:36:76:
86:41:01:ce:67:b7:a7:f0:bd:35:a2:71:2f:c7:3a:
a7:0d:09:50:ef:cc:77:23:4a:b0:1c:b3:c2:ab:dc:
19:2e:69:6a:9c:90:a1:bb:cb:0d:ea:bd:5a:cf:f5:
bf:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:8B:C7:33:FB:D4:85:AC:6D:57:D3:3A:F4:FA:3D:E9:98:07:36:13
X509v3 Authority Key Identifier:
keyid:A0:03:3F:49:43:63:0D:C9:4E:2D:DF:5F:2A:6B:88:E8:66:46:1A:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC0F2/7F33EE24FD7E11EEA1B3535CC4F9AE02/oAM_SUNjDclOLd9fKmuI6GZGGuc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oAM_SUNjDclOLd9fKmuI6GZGGuc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC0F2/7F33EE24FD7E11EEA1B3535CC4F9AE02/EE647C1418A411EFBA690F60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.79.168.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:e2:94:17:9e:59:38:27:8a:02:7b:09:3c:5a:33:c8:26:7b:
2f:bd:37:ed:76:fb:19:10:fc:f7:1b:cb:94:12:73:f5:ed:81:
07:60:ee:48:2e:aa:e5:c1:3c:30:9a:83:e0:db:19:5e:7d:3d:
de:1b:4f:eb:7c:2d:42:52:58:e1:e1:04:71:56:fc:0c:9d:97:
e5:ca:b2:ba:a9:0b:5d:f9:17:67:8c:45:45:46:ab:6f:c9:e6:
aa:bc:01:b3:f9:85:3f:b1:0c:35:97:7f:1d:b8:f1:da:82:d0:
7b:d7:66:d6:d8:7e:ef:22:d1:51:52:21:11:6f:42:ec:80:f3:
1e:ae:24:aa:c8:24:6e:f8:24:61:0f:a8:f9:f5:5e:a1:2a:0f:
a2:e0:8c:42:7b:7a:a5:fe:88:5c:01:d8:a2:54:67:23:eb:32:
56:0d:84:0a:dd:84:45:b0:6b:28:45:c6:3d:08:73:86:eb:bf:
4a:98:b4:3b:74:a4:90:41:2c:09:e8:05:b4:b0:29:41:7f:d2:
67:1d:3e:60:29:5c:6f:68:96:3f:85:b3:66:6a:0e:08:28:7d:
68:69:d7:27:c0:b9:30:87:69:3f:d0:08:f0:62:2c:48:7c:52:
a9:24:bc:ef:46:76:24:84:b2:54:23:b3:dc:49:51:1f:9b:51:
40:1c:fb:79
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBfjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
QzBGMjExMC8GA1UEBRMoQTAwMzNGNDk0MzYzMERDOTRFMkRERjVGMkE2Qjg4RTg2
NjQ2MUFFNzAeFw0yNDEyMDUwNTE5MDdaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NTEzN2NiLTU5OGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGqAWC/H0zwiN+qiR4bkirmAmiS+ySl2txcOUohGVq3QPD69b155m7XQuL13/P
lhHFWRicxaXk+EdjEAtQXq69cI/8XiobNOkUvUCKD3uiYLoL3YFw52cNDvLL8ysk
Z2xov+B8peD/4gkkMkQLf2JZGgjaiA2UfwgnS3llrhVhsUvbc/XDqdWbtYLmv7mf
o7tp4jcW7m1f4yvILexpjW/DtncyVdiPipD4gKTtG5eTF/0PsguIIMiXK8eMtqGu
sjafo+RNjqn9TBN8/cTNXKM2doZBAc5nt6fwvTWicS/HOqcNCVDvzHcjSrAcs8Kr
3BkuaWqckKG7yw3qvVrP9b+pAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUcovHM/vU
haxtV9M69Po96ZgHNhMwHwYDVR0jBBgwFoAUoAM/SUNjDclOLd9fKmuI6GZGGucw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURDMEYyLzdGMzNFRTI0RkQ3
RTExRUVBMUIzNTM1Q0M0RjlBRTAyL29BTV9TVU5qRGNsT0xkOWZLbXVJNkdaR0d1
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvb0FNX1NVTmpEY2xPTGQ5ZkttdUk2R1pHR3VjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
QzBGMi83RjMzRUUyNEZEN0UxMUVFQTFCMzUzNUNDNEY5QUUwMi9FRTY0N0MxNDE4
QTQxMUVGQkE2OTBGNjBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAdJPqDANBgkqhkiG9w0BAQsFAAOCAQEAruKUF55ZOCeKAnsJ
PFozyCZ7L7037Xb7GRD89xvLlBJz9e2BB2DuSC6q5cE8MJqD4NsZXn093htP63wt
QlJY4eEEcVb8DJ2X5cqyuqkLXfkXZ4xFRUarb8nmqrwBs/mFP7EMNZd/Hbjx2oLQ
e9dm1th+7yLRUVIhEW9C7IDzHq4kqsgkbvgkYQ+o+fVeoSoPouCMQnt6pf6IXAHY
olRnI+syVg2ECt2ERbBrKEXGPQhzhuu/Spi0O3SkkEEsCegFtLApQX/SZx0+YClc
b2iWP4WzZmoOCCh9aGnXJ8C5MIdpP9AI8GIsSHxSqSS870Z2JISyVCOz3ElRH5tR
QBz7eQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 11:11:13 2025 by rpki-client