Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/E101BEF6BA1111EAA2AF621EC4F9AE02.roa
File: E101BEF6BA1111EAA2AF621EC4F9AE02.roa (raw, json)
Hash identifier: f8jut1BjubAtyXtCTXzr4YjM1IoW+OqJ6ONFoVgC57s=
Subject key identifier: FB:8E:42:73:76:EA:29:A6:FE:DB:A9:F3:D6:17:D0:12:11:4F:EB:8F
Certificate issuer: /CN=A91E563F/serialNumber=482016E56A0241FD2D35BFD77BC972E673CE9F2F
Certificate serial: 0832
Authority key identifier: 48:20:16:E5:6A:02:41:FD:2D:35:BF:D7:7B:C9:72:E6:73:CE:9F:2F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SCAW5WoCQf0tNb_Xe8ly5nPOny8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/E101BEF6BA1111EAA2AF621EC4F9AE02.roa
Signing time: Fri 12 Jul 2024 21:40:02 +0000
ROA not before: Fri 12 Jul 2024 21:40:02 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 62500
IP address blocks: 202.95.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/SCAW5WoCQf0tNb_Xe8ly5nPOny8.crl
rsync://rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/SCAW5WoCQf0tNb_Xe8ly5nPOny8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SCAW5WoCQf0tNb_Xe8ly5nPOny8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 20:24:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2098 (0x832)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E563F
Validity
Not Before: Jul 12 21:40:02 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6691a2b1-8020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:99:b1:e1:e8:8f:20:92:61:e4:63:48:c2:d8:
6c:c6:69:e1:96:87:88:3b:37:6d:5a:28:10:b2:a8:
00:06:0b:a0:13:97:05:63:57:b9:5e:31:6f:61:b3:
3c:40:3b:08:1b:50:ba:3f:dc:2f:69:69:72:7f:c7:
76:dc:9a:08:34:10:9c:fa:c1:11:44:fe:3a:74:d1:
1b:9a:bf:ae:20:21:fb:37:25:62:f3:32:72:15:58:
58:b1:b6:c8:37:f7:84:13:42:a6:47:50:53:9f:0a:
2c:c3:05:70:69:c7:1b:e8:e4:2c:8e:39:34:63:08:
43:ae:a1:b7:ed:e0:06:27:cd:5d:e7:55:06:57:52:
5a:a2:19:66:e7:15:1c:45:b5:91:f0:c5:82:e4:06:
25:da:bf:2d:85:8f:6a:20:b1:58:66:74:ad:a1:d8:
f3:ab:9f:4d:9e:35:07:98:ae:8e:ff:03:63:07:c8:
60:19:e6:b0:cf:92:c8:3e:63:84:28:30:5d:51:8d:
b2:c5:80:02:44:e5:6e:53:7e:94:e2:90:c2:a0:64:
f9:22:cd:e9:c9:b0:51:f4:15:8f:91:6f:fb:94:b5:
20:61:77:ac:43:43:da:3a:24:21:0d:b4:94:e1:26:
d5:88:8a:0a:2e:2d:d7:27:19:b3:f2:69:0c:8e:f3:
fe:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:8E:42:73:76:EA:29:A6:FE:DB:A9:F3:D6:17:D0:12:11:4F:EB:8F
X509v3 Authority Key Identifier:
keyid:48:20:16:E5:6A:02:41:FD:2D:35:BF:D7:7B:C9:72:E6:73:CE:9F:2F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/SCAW5WoCQf0tNb_Xe8ly5nPOny8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SCAW5WoCQf0tNb_Xe8ly5nPOny8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E563F/0AB777DAB6A811EAAEE14F7BC4F9AE02/E101BEF6BA1111EAA2AF621EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.95.233.0/24
Signature Algorithm: sha256WithRSAEncryption
90:a9:c9:a6:26:9f:33:f3:b3:8d:e6:7a:cd:74:54:39:9c:05:
5b:27:d7:f8:85:4a:d1:23:67:7a:47:e7:7f:c7:c2:07:5c:72:
0c:a4:55:b5:b6:a4:97:54:27:9c:f4:8b:50:13:00:c0:c1:fc:
14:c8:0f:77:d1:19:91:77:ce:c6:7f:5e:71:af:97:fb:dd:6d:
82:a3:11:7a:61:ef:2c:9a:b7:5d:cb:f2:e7:4a:f7:16:a2:77:
c7:95:3a:b8:7b:47:1d:11:1c:06:83:a8:02:4c:e8:38:be:57:
aa:4f:5a:fa:5e:b0:9f:f2:b4:24:e1:24:a7:c9:2b:1e:67:62:
48:bb:71:bb:2e:c5:42:23:b2:68:8f:16:39:0a:6f:2d:31:4e:
e5:7a:57:7f:95:c8:3d:5e:40:72:64:bf:db:8c:7a:6c:ae:02:
47:54:f8:bb:b1:a7:9b:c4:fd:d3:87:d5:01:49:86:d1:7d:88:
9e:04:63:56:a0:da:79:d2:df:6c:76:4b:21:0e:1d:b8:86:27:
8b:9f:e7:92:66:42:e9:cf:de:8f:51:30:48:44:2f:ff:d6:6b:
af:ab:c3:eb:64:8c:6a:b1:6a:cb:d6:d2:31:1d:4b:ac:76:6a:
da:0f:34:8a:1c:6f:07:b3:e9:b8:aa:b6:d3:85:e2:e8:6c:f1:
76:60:ca:fc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCDIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTU2M0YxMTAvBgNVBAUTKDQ4MjAxNkU1NkEwMjQxRkQyRDM1QkZENzdCQzk3MkU2
NzNDRTlGMkYwHhcNMjQwNzEyMjE0MDAyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjkxYTJiMS04MDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApZmx4eiPIJJh5GNIwthsxmnhloeIOzdtWigQsqgABgugE5cFY1e5XjFvYbM8
QDsIG1C6P9wvaWlyf8d23JoINBCc+sERRP46dNEbmr+uICH7NyVi8zJyFVhYsbbI
N/eEE0KmR1BTnwoswwVwaccb6OQsjjk0YwhDrqG37eAGJ81d51UGV1Jaohlm5xUc
RbWR8MWC5AYl2r8thY9qILFYZnStodjzq59NnjUHmK6O/wNjB8hgGeawz5LIPmOE
KDBdUY2yxYACROVuU36U4pDCoGT5Is3pybBR9BWPkW/7lLUgYXesQ0PaOiQhDbSU
4SbViIoKLi3XJxmz8mkMjvP+fQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPuOQnN2
6imm/tup89YX0BIRT+uPMB8GA1UdIwQYMBaAFEggFuVqAkH9LTW/13vJcuZzzp8v
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTYzRi8wQUI3NzdEQUI2
QTgxMUVBQUVFMTRGN0JDNEY5QUUwMi9TQ0FXNVdvQ1FmMHROYl9YZThseTVuUE9u
eTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDQVc1V29DUWYwdE5iX1hlOGx5NW5QT255OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTU2M0YvMEFCNzc3REFCNkE4MTFFQUFFRTE0RjdCQzRGOUFFMDIvRTEwMUJFRjZC
QTExMTFFQUEyQUY2MjFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKX+kwDQYJKoZIhvcNAQELBQADggEBAJCpyaYmnzPzs43m
es10VDmcBVsn1/iFStEjZ3pH53/HwgdccgykVbW2pJdUJ5z0i1ATAMDB/BTID3fR
GZF3zsZ/XnGvl/vdbYKjEXph7yyat13L8udK9xaid8eVOrh7Rx0RHAaDqAJM6Di+
V6pPWvpesJ/ytCThJKfJKx5nYki7cbsuxUIjsmiPFjkKby0xTuV6V3+VyD1eQHJk
v9uMemyuAkdU+Luxp5vE/dOH1QFJhtF9iJ4EY1ag2nnS32x2SyEOHbiGJ4uf55Jm
QunP3o9RMEhEL//Wa6+rw+tkjGqxasvW0jEdS6x2atoPNIocbwez6biqttOF4uhs
8XZgyvw=
-----END CERTIFICATE-----
Generated at Thu Apr 10 00:40:09 2025 by rpki-client