Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB880/C1903E62C75611EDB28A7F0AC4F9AE02/50A5B1ACC75911EDBFF7200BC4F9AE02.roa
File: 50A5B1ACC75911EDBFF7200BC4F9AE02.roa (raw, json)
Hash identifier: HHXQFb70LXf16l4S8JzNbd5w8LQr3pgR5z+FBqxSlps=
Subject key identifier: 19:2A:E9:B1:DC:9A:EE:4E:E6:42:30:4C:B1:DE:26:0F:31:83:B5:D4
Certificate issuer: /CN=A91FB880/serialNumber=598C5FCEA555AE595CC9E9761C0FB2DEAEA4451F
Certificate serial: 0144
Authority key identifier: 59:8C:5F:CE:A5:55:AE:59:5C:C9:E9:76:1C:0F:B2:DE:AE:A4:45:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WYxfzqVVrllcyel2HA-y3q6kRR8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FB880/C1903E62C75611EDB28A7F0AC4F9AE02/50A5B1ACC75911EDBFF7200BC4F9AE02.roa
Signing time: Thu 05 Dec 2024 03:17:21 +0000
ROA not before: Thu 05 Dec 2024 03:17:21 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 140728
IP address blocks: 103.79.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FB880/C1903E62C75611EDB28A7F0AC4F9AE02/WYxfzqVVrllcyel2HA-y3q6kRR8.crl
rsync://rpki.apnic.net/member_repository/A91FB880/C1903E62C75611EDB28A7F0AC4F9AE02/WYxfzqVVrllcyel2HA-y3q6kRR8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WYxfzqVVrllcyel2HA-y3q6kRR8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 02:33:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 324 (0x144)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FB880, serialNumber=598C5FCEA555AE595CC9E9761C0FB2DEAEA4451F
Validity
Not Before: Dec 5 03:17:21 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67511b40-d0fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:45:c2:0a:7d:d6:88:2e:b2:e8:27:3e:c5:6d:
77:b2:c5:f0:7e:ec:7a:87:c2:f2:f2:b2:78:04:34:
b9:4d:d7:5d:bf:37:15:8a:f2:bf:76:f3:fc:05:22:
ec:ef:61:e6:6f:5e:65:3d:0a:61:0d:1b:8b:00:01:
d6:57:c3:00:6f:08:b4:7c:ff:59:88:b6:ca:0c:4e:
f5:91:61:de:9a:bd:9c:2b:c0:e1:a2:ab:3d:9c:33:
ca:ef:0a:89:2e:80:19:e5:8c:06:30:5f:73:f5:ca:
0c:96:a5:6f:eb:4a:f8:8d:93:2d:01:32:7b:34:d2:
c6:29:d2:16:15:0f:aa:05:e7:53:7a:f8:14:9a:eb:
5c:43:cf:0c:7c:4d:2a:3d:61:26:b1:41:f4:86:f8:
78:aa:27:d3:67:38:6c:db:29:e4:f3:44:83:50:c7:
01:d8:68:07:04:2e:e5:24:8b:84:00:b9:b9:16:01:
6c:27:13:89:af:6a:8c:81:34:bc:25:98:e1:1d:d0:
20:d3:e1:64:9e:2d:96:ee:04:ff:b7:61:d7:e6:0b:
7f:11:36:80:d0:06:14:e0:77:47:d3:e4:3b:03:e1:
e4:80:fa:f6:b2:fa:68:e9:b2:59:2b:46:e5:37:52:
d9:c3:90:37:3e:60:ce:1b:05:50:4c:25:bb:cd:c4:
cd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:2A:E9:B1:DC:9A:EE:4E:E6:42:30:4C:B1:DE:26:0F:31:83:B5:D4
X509v3 Authority Key Identifier:
keyid:59:8C:5F:CE:A5:55:AE:59:5C:C9:E9:76:1C:0F:B2:DE:AE:A4:45:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FB880/C1903E62C75611EDB28A7F0AC4F9AE02/WYxfzqVVrllcyel2HA-y3q6kRR8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WYxfzqVVrllcyel2HA-y3q6kRR8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB880/C1903E62C75611EDB28A7F0AC4F9AE02/50A5B1ACC75911EDBFF7200BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.159.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:0f:3b:11:1a:59:f1:aa:f6:3f:b7:d3:7f:8c:bb:fb:39:86:
dc:40:9f:9d:1a:11:7f:72:c3:29:f2:0a:da:ec:2c:01:15:db:
02:54:11:30:a3:b3:86:c8:0d:8d:3b:0c:87:a3:4a:27:26:f3:
c2:36:4d:34:34:a4:e7:05:8c:9c:39:ae:9b:fa:fd:4d:d3:a8:
98:11:1d:78:16:55:b9:7c:dd:3f:ec:da:6b:5c:d8:2f:a2:ff:
b9:06:4f:a6:2a:a7:e8:fe:af:b2:eb:c0:42:87:a0:a5:94:76:
2e:03:7c:89:4f:54:90:f6:f7:be:d5:75:61:bc:4d:85:dc:c4:
11:85:96:51:f2:57:da:6d:4c:e7:ea:d2:da:fc:bb:87:ff:64:
1d:6a:59:b6:67:7b:16:bf:6d:7d:af:aa:cf:ff:fc:f1:fe:c0:
01:8e:c3:21:8a:0f:7a:b3:7f:92:d6:ad:24:ba:d2:07:69:b8:
61:94:e8:96:12:06:2f:aa:27:b5:fd:f8:af:f8:7f:de:0b:37:
cb:ae:4e:92:b3:9a:af:0c:15:fe:7b:8d:c5:0c:73:af:01:c6:
ea:f0:68:77:ec:4b:5e:98:f9:db:3e:2b:77:fb:8f:9a:c5:52:
65:47:ba:5f:db:a5:13:6c:77:52:a0:a9:44:d2:f3:2d:92:03:
f3:f1:27:12
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAUQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkI4ODAxMTAvBgNVBAUTKDU5OEM1RkNFQTU1NUFFNTk1Q0M5RTk3NjFDMEZCMkRF
QUVBNDQ1MUYwHhcNMjQxMjA1MDMxNzIxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUxMWI0MC1kMGZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsEXCCn3WiC6y6Cc+xW13ssXwfux6h8Ly8rJ4BDS5TdddvzcVivK/dvP8BSLs
72Hmb15lPQphDRuLAAHWV8MAbwi0fP9ZiLbKDE71kWHemr2cK8Dhoqs9nDPK7wqJ
LoAZ5YwGMF9z9coMlqVv60r4jZMtATJ7NNLGKdIWFQ+qBedTevgUmutcQ88MfE0q
PWEmsUH0hvh4qifTZzhs2ynk80SDUMcB2GgHBC7lJIuEALm5FgFsJxOJr2qMgTS8
JZjhHdAg0+Fkni2W7gT/t2HX5gt/ETaA0AYU4HdH0+Q7A+HkgPr2svpo6bJZK0bl
N1LZw5A3PmDOGwVQTCW7zcTNOwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBkq6bHc
mu5O5kIwTLHeJg8xg7XUMB8GA1UdIwQYMBaAFFmMX86lVa5ZXMnpdhwPst6upEUf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQjg4MC9DMTkwM0U2MkM3
NTYxMUVEQjI4QTdGMEFDNEY5QUUwMi9XWXhmenFWVnJsbGN5ZWwySEEteTNxNmtS
UjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dZeGZ6cVZWcmxsY3llbDJIQS15M3E2a1JSOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkI4ODAvQzE5MDNFNjJDNzU2MTFFREIyOEE3RjBBQzRGOUFFMDIvNTBBNUIxQUND
NzU5MTFFREJGRjcyMDBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnT58wDQYJKoZIhvcNAQELBQADggEBAAwPOxEaWfGq9j+3
03+Mu/s5htxAn50aEX9ywynyCtrsLAEV2wJUETCjs4bIDY07DIejSicm88I2TTQ0
pOcFjJw5rpv6/U3TqJgRHXgWVbl83T/s2mtc2C+i/7kGT6Yqp+j+r7LrwEKHoKWU
di4DfIlPVJD2977VdWG8TYXcxBGFllHyV9ptTOfq0tr8u4f/ZB1qWbZnexa/bX2v
qs///PH+wAGOwyGKD3qzf5LWrSS60gdpuGGU6JYSBi+qJ7X9+K/4f94LN8uuTpKz
mq8MFf57jcUMc68BxurwaHfsS16Y+ds+K3f7j5rFUmVHul/bpRNsd1KgqUTS8y2S
A/PxJxI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 11:43:03 2025 by rpki-client