Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/910426E4539811EAB7BED96CC4F9AE02.roa
File: 910426E4539811EAB7BED96CC4F9AE02.roa (raw, json)
Hash identifier: YIt68PYPeFNs14TOKRBnX3wb5yR24CCwcGmNtVFKTE8=
Subject key identifier: 72:C2:10:C7:E3:2C:DA:5E:51:E3:40:B7:77:3F:95:8E:CF:0A:6A:36
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 1890
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/910426E4539811EAB7BED96CC4F9AE02.roa
Signing time: Tue 18 Feb 2025 17:35:23 +0000
ROA not before: Tue 18 Feb 2025 17:35:23 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 21775
IP address blocks: 2402:7800:3002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 16:52:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6288 (0x1890)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D, serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Feb 18 17:35:23 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b4c4db-f19c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:93:8a:69:98:86:fb:0d:0b:db:12:ea:f8:6e:
24:a0:29:cd:c3:d6:f4:25:b8:e4:30:85:b7:85:73:
40:96:0e:56:fe:bd:e1:db:e7:17:ac:04:fe:56:85:
8b:02:9d:28:58:c6:03:68:bf:52:27:90:d8:67:67:
75:5b:50:d9:f3:c7:5c:cb:e0:8f:65:1d:a1:78:f9:
fa:2e:61:89:08:61:e9:a2:c5:17:ca:f5:84:71:ff:
c4:9d:e9:87:b4:31:04:99:7d:1d:d2:68:2d:12:b9:
46:cd:b1:4e:7f:32:e5:a3:dd:78:12:c1:d3:8f:ac:
15:04:6d:5d:d0:93:1f:5f:b0:24:80:bf:50:b4:f2:
71:30:a1:8a:b1:8e:d2:db:ad:15:2c:39:3c:40:93:
9b:94:68:a2:e6:63:a8:3c:19:fa:7a:a1:91:77:3f:
19:62:39:ee:10:4d:e3:8b:85:b1:cb:d0:89:9b:fd:
7c:bc:48:e6:99:7f:63:b5:63:22:8b:5f:5d:8e:e7:
7a:f3:a5:c1:0b:e2:1a:8a:d4:39:be:d5:18:ae:6e:
05:6b:8b:51:1b:f4:dc:70:9d:a3:9f:fe:ba:75:86:
e3:b7:15:e5:f2:5f:6a:f4:8d:59:38:78:c9:49:4c:
c4:59:c2:a8:ff:d2:26:27:96:b3:1e:83:c9:77:fe:
6b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:C2:10:C7:E3:2C:DA:5E:51:E3:40:B7:77:3F:95:8E:CF:0A:6A:36
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/910426E4539811EAB7BED96CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:7800:3002::/48
Signature Algorithm: sha256WithRSAEncryption
9a:c2:97:a6:2a:a7:f1:53:e3:42:dc:3f:96:a5:ef:47:ac:db:
9d:47:e3:48:02:0c:72:2a:1c:7b:23:44:8d:27:8c:fe:ca:f1:
89:f8:99:7f:6c:d0:fb:b5:87:45:78:cd:a5:9b:bf:d2:e3:69:
0c:f9:e0:4f:a7:10:90:90:90:bb:96:86:45:a4:d8:ba:51:ed:
12:0e:ec:a4:e3:e4:eb:b3:43:26:78:26:7e:d6:54:5b:a5:0c:
9a:9b:63:18:94:7c:f2:2c:95:f5:f6:ee:63:ca:99:00:05:77:
89:a3:a8:c2:ce:50:99:0c:2b:dd:4a:f0:e7:4d:d2:0b:fd:a6:
70:e3:74:88:ee:09:fe:1b:d3:59:80:e8:95:84:22:43:ae:65:
7c:2a:45:b0:ea:a4:a5:14:5c:c1:bb:0a:04:5f:6d:10:91:b2:
1d:65:3a:2f:49:4f:21:44:75:76:18:b9:43:98:7c:ce:e5:64:
88:81:3c:18:c4:a9:13:93:c8:ad:98:72:75:88:0b:b9:ec:0c:
2c:40:ab:cc:e2:5e:f0:7e:7f:c9:ec:21:3a:d8:4f:f9:cf:a2:
e6:5f:ce:cb:9b:72:44:08:be:c5:05:e0:03:13:8e:93:a9:85:
00:2e:4e:9c:86:82:00:5a:43:d6:98:71:23:05:96:82:6e:39:
45:3b:13:a2
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICGJAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjUwMjE4MTczNTIzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0YzRkYi1mMTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1JOKaZiG+w0L2xLq+G4koCnNw9b0JbjkMIW3hXNAlg5W/r3h2+cXrAT+VoWL
Ap0oWMYDaL9SJ5DYZ2d1W1DZ88dcy+CPZR2hePn6LmGJCGHposUXyvWEcf/EnemH
tDEEmX0d0mgtErlGzbFOfzLlo914EsHTj6wVBG1d0JMfX7AkgL9QtPJxMKGKsY7S
260VLDk8QJOblGii5mOoPBn6eqGRdz8ZYjnuEE3ji4Wxy9CJm/18vEjmmX9jtWMi
i19djud686XBC+IaitQ5vtUYrm4Fa4tRG/TccJ2jn/66dYbjtxXl8l9q9I1ZOHjJ
SUzEWcKo/9ImJ5azHoPJd/5rRQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFHLCEMfj
LNpeUeNAt3c/lY7PCmo2MB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvOTEwNDI2RTQ1
Mzk4MTFFQUI3QkVEOTZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAngAMAIwDQYJKoZIhvcNAQELBQADggEBAJrCl6Yqp/FT
40LcP5al70es251H40gCDHIqHHsjRI0njP7K8Yn4mX9s0Pu1h0V4zaWbv9LjaQz5
4E+nEJCQkLuWhkWk2LpR7RIO7KTj5OuzQyZ4Jn7WVFulDJqbYxiUfPIslfX27mPK
mQAFd4mjqMLOUJkMK91K8OdN0gv9pnDjdIjuCf4b01mA6JWEIkOuZXwqRbDqpKUU
XMG7CgRfbRCRsh1lOi9JTyFEdXYYuUOYfM7lZIiBPBjEqROTyK2YcnWIC7nsDCxA
q8ziXvB+f8nsITrYT/nPouZfzsubckQIvsUF4AMTjpOphQAuTpyGggBaQ9aYcSMF
loJuOUU7E6I=
-----END CERTIFICATE-----
Generated at Mon Apr 14 10:29:32 2025 by rpki-client