Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/B8CCCFC8FE4711EF9822D46AC4F9AE02.roa
File: B8CCCFC8FE4711EF9822D46AC4F9AE02.roa (raw, json)
Hash identifier: OMFUXP/cctAoz4Xum6QNfmkgufq2udvA4e2an/c9gCg=
Subject key identifier: 75:D6:BA:6E:05:AE:31:91:BF:FC:2B:72:20:F1:D5:68:AD:94:66:26
Certificate issuer: /CN=A91F3C87/serialNumber=EF9FE381DA3D42EB7C4E0D049CCAE7228E28FB4B
Certificate serial: 0193
Authority key identifier: EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/B8CCCFC8FE4711EF9822D46AC4F9AE02.roa
Signing time: Tue 11 Mar 2025 07:09:07 +0000
ROA not before: Tue 11 Mar 2025 07:09:07 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 141153
IP address blocks: 43.224.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/75_jgdo9Qut8Tg0EnMrnIo4o-0s.crl
rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/75_jgdo9Qut8Tg0EnMrnIo4o-0s.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 02:51:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 403 (0x193)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3C87
Validity
Not Before: Mar 11 07:09:07 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67cfe193-ef6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ce:cc:4f:8c:f2:c8:04:a6:54:c8:91:88:76:
75:71:b1:59:78:a9:47:8a:c2:d1:2c:a9:01:dd:11:
90:34:41:58:63:e2:34:5a:2b:2e:3f:4c:6b:66:8a:
00:40:1b:c3:49:c9:f2:0f:b8:99:7c:13:7f:87:9b:
f0:8e:9f:f1:1a:71:55:e2:35:42:53:19:e7:66:98:
4c:02:23:1d:f7:1c:75:1d:b7:a8:13:57:1a:92:70:
13:53:13:41:c6:60:dd:80:c4:1f:7a:02:57:44:fd:
57:88:f2:3d:d1:e4:3d:b9:1b:fb:62:d5:97:17:07:
c8:86:10:4d:ea:8f:ff:3e:28:f4:12:85:de:ae:37:
80:71:af:a9:54:21:3b:66:98:92:0f:25:3f:95:d3:
ce:8b:77:49:5d:b5:98:1d:06:57:2e:42:35:1d:f9:
fa:7e:ed:18:a4:f6:81:85:f9:de:f5:04:a3:59:c4:
9e:03:04:a0:1e:c4:e9:37:1c:be:25:81:17:22:7a:
18:f5:27:43:29:fa:f9:df:77:de:0d:da:b0:30:bc:
02:a7:a7:48:db:bf:36:0d:bd:9a:92:08:5b:19:1f:
8f:d3:55:25:bc:99:f8:92:5c:b6:98:a0:37:6c:84:
3c:ed:a4:92:6c:11:44:0e:60:50:29:85:26:82:5c:
67:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D6:BA:6E:05:AE:31:91:BF:FC:2B:72:20:F1:D5:68:AD:94:66:26
X509v3 Authority Key Identifier:
keyid:EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/75_jgdo9Qut8Tg0EnMrnIo4o-0s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/B8CCCFC8FE4711EF9822D46AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.148.0/24
Signature Algorithm: sha256WithRSAEncryption
94:20:56:3b:fe:ea:cd:09:67:1a:b5:90:21:2f:11:ba:a9:94:
bd:13:2e:4c:e2:b0:00:4c:9f:e3:44:98:3c:8e:06:a9:af:d8:
84:71:c3:fd:8c:04:9d:05:f3:23:4b:27:97:7c:d4:77:b1:ec:
45:9d:c1:31:48:d0:94:b2:17:a5:d9:66:f2:5e:c1:14:a3:56:
c9:22:71:17:85:dd:b8:7e:85:3b:45:26:b3:be:dc:63:bb:d6:
ec:64:7c:ed:43:13:39:10:5e:f8:36:4d:77:97:b3:d7:34:86:
b5:d8:60:cd:24:81:6f:52:6d:0b:84:aa:ad:02:92:fe:6c:78:
e9:d9:57:b0:5a:f1:28:2f:6b:71:81:98:5f:46:99:a4:a0:ab:
d5:62:9c:17:a9:1a:27:98:d5:1d:76:9a:60:c5:bc:92:01:f2:
70:7d:39:fe:7c:ad:a4:b6:8e:69:1d:0d:3a:62:ff:ad:32:79:
c7:e8:86:56:48:5e:d2:9b:ac:f9:84:75:8e:db:70:b0:d9:d4:
e1:56:cd:6d:c5:bd:e2:24:fa:94:19:f2:92:a7:55:aa:ad:7f:
43:bd:17:2f:15:95:b6:07:1b:9f:07:52:22:68:9c:d4:87:0f:
aa:31:21:09:08:b1:d6:c5:2f:fa:7c:29:e6:91:07:17:1a:2a:
4c:3d:71:85
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjNDODcxMTAvBgNVBAUTKEVGOUZFMzgxREEzRDQyRUI3QzRFMEQwNDlDQ0FFNzIy
OEUyOEZCNEIwHhcNMjUwMzExMDcwOTA3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmZTE5My1lZjZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyM7MT4zyyASmVMiRiHZ1cbFZeKlHisLRLKkB3RGQNEFYY+I0WisuP0xrZooA
QBvDScnyD7iZfBN/h5vwjp/xGnFV4jVCUxnnZphMAiMd9xx1HbeoE1caknATUxNB
xmDdgMQfegJXRP1XiPI90eQ9uRv7YtWXFwfIhhBN6o//Pij0EoXerjeAca+pVCE7
ZpiSDyU/ldPOi3dJXbWYHQZXLkI1Hfn6fu0YpPaBhfne9QSjWcSeAwSgHsTpNxy+
JYEXInoY9SdDKfr533feDdqwMLwCp6dI2782Db2akghbGR+P01UlvJn4kly2mKA3
bIQ87aSSbBFEDmBQKYUmglxnkQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHXWum4F
rjGRv/wrciDx1WitlGYmMB8GA1UdIwQYMBaAFO+f44HaPULrfE4NBJzK5yKOKPtL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0M4Ny9FNzgyODU0RUVG
MEIxMUVEODFERDJENzJDNEY5QUUwMi83NV9qZ2RvOVF1dDhUZzBFbk1ybklvNG8t
MHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzc1X2pnZG85UXV0OFRnMEVuTXJuSW80by0wcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjNDODcvRTc4Mjg1NEVFRjBCMTFFRDgxREQyRDcyQzRGOUFFMDIvQjhDQ0NGQzhG
RTQ3MTFFRjk4MjJENDZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr4JQwDQYJKoZIhvcNAQELBQADggEBAJQgVjv+6s0JZxq1
kCEvEbqplL0TLkzisABMn+NEmDyOBqmv2IRxw/2MBJ0F8yNLJ5d81Hex7EWdwTFI
0JSyF6XZZvJewRSjVskicReF3bh+hTtFJrO+3GO71uxkfO1DEzkQXvg2TXeXs9c0
hrXYYM0kgW9SbQuEqq0Ckv5seOnZV7Ba8Sgva3GBmF9GmaSgq9VinBepGieY1R12
mmDFvJIB8nB9Of58raS2jmkdDTpi/60yecfohlZIXtKbrPmEdY7bcLDZ1OFWzW3F
veIk+pQZ8pKnVaqtf0O9Fy8VlbYHG58HUiJonNSHD6oxIQkIsdbFL/p8KeaRBxca
Kkw9cYU=
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:59:29 2025 by rpki-client