Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91274A4/DDBE420A30F011EA9859AE53C4F9AE02/21A731506C9B11ED93A7513AC4F9AE02.roa
File: 21A731506C9B11ED93A7513AC4F9AE02.roa (raw, json)
Hash identifier: 8dlna4OSSEor7RjmsLK1ACn3Ob2tSwzfuy2V+7m0V0I=
Subject key identifier: 86:55:32:72:43:E9:CA:21:1E:29:2D:40:0C:CC:BD:91:96:F3:BB:C9
Certificate issuer: /CN=A91274A4/serialNumber=595665FF85E4E477371F7541F7209DC244E60CA5
Certificate serial: 0B76
Authority key identifier: 59:56:65:FF:85:E4:E4:77:37:1F:75:41:F7:20:9D:C2:44:E6:0C:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVZl_4Xk5Hc3H3VB9yCdwkTmDKU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91274A4/DDBE420A30F011EA9859AE53C4F9AE02/21A731506C9B11ED93A7513AC4F9AE02.roa
Signing time: Thu 12 Dec 2024 19:08:39 +0000
ROA not before: Thu 12 Dec 2024 19:08:39 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 31898
IP address blocks: 203.149.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91274A4/DDBE420A30F011EA9859AE53C4F9AE02/WVZl_4Xk5Hc3H3VB9yCdwkTmDKU.crl
rsync://rpki.apnic.net/member_repository/A91274A4/DDBE420A30F011EA9859AE53C4F9AE02/WVZl_4Xk5Hc3H3VB9yCdwkTmDKU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVZl_4Xk5Hc3H3VB9yCdwkTmDKU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 18:56:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2934 (0xb76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91274A4, serialNumber=595665FF85E4E477371F7541F7209DC244E60CA5
Validity
Not Before: Dec 12 19:08:39 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=675b34b7-2609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b2:73:4d:87:65:4e:c0:c2:d1:44:06:b3:b3:
3a:80:17:d4:a2:80:02:13:97:1e:51:f6:11:af:89:
9c:b4:45:85:31:21:fc:4c:6f:33:44:ef:92:63:40:
70:89:8a:61:e4:f0:8d:be:e9:e0:ef:ee:ed:5d:7e:
7b:ce:df:82:00:f0:29:24:56:7c:61:b2:d0:b5:a4:
1c:2b:60:6a:75:40:41:ef:87:d0:6e:64:7e:d4:97:
d1:f6:b6:22:5c:6d:a0:32:b1:01:79:13:ad:cc:4c:
4a:99:60:0c:55:0c:43:8d:e9:87:6e:76:f1:a6:43:
b1:5a:ac:1b:8a:68:0b:4b:80:af:2a:09:30:13:9e:
0d:e8:ce:fc:ef:02:8a:6a:f6:c2:24:27:77:d3:93:
24:f7:5f:f2:a9:f8:da:43:e7:6a:3c:e6:18:51:9b:
ad:a1:58:6c:92:20:0a:84:97:ef:51:b5:56:26:b8:
b6:4e:95:fb:13:10:fe:f2:a8:8d:cb:ae:e6:de:4c:
52:09:f3:99:2f:0f:f2:f0:c7:39:ea:ff:7b:6c:e6:
db:93:1a:5a:9a:1f:9c:ad:d5:7a:a1:6c:c6:b2:db:
2c:31:36:b3:5a:6c:d9:86:0c:af:73:d8:32:fa:27:
14:08:ad:c9:aa:85:74:a6:c1:ff:f0:02:49:71:69:
2d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:55:32:72:43:E9:CA:21:1E:29:2D:40:0C:CC:BD:91:96:F3:BB:C9
X509v3 Authority Key Identifier:
keyid:59:56:65:FF:85:E4:E4:77:37:1F:75:41:F7:20:9D:C2:44:E6:0C:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91274A4/DDBE420A30F011EA9859AE53C4F9AE02/WVZl_4Xk5Hc3H3VB9yCdwkTmDKU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVZl_4Xk5Hc3H3VB9yCdwkTmDKU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91274A4/DDBE420A30F011EA9859AE53C4F9AE02/21A731506C9B11ED93A7513AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.149.202.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:31:33:50:ec:b1:02:53:77:b2:e1:53:45:1d:36:19:68:6c:
44:29:38:06:e2:f9:ad:97:ff:35:06:bb:3a:31:fd:89:33:78:
2e:a8:01:de:8a:4e:fe:9e:51:be:b3:5a:c0:ed:f4:20:af:53:
9b:3c:78:23:e1:18:8b:e6:e3:41:c5:3c:97:15:00:d2:86:18:
43:8a:cc:d5:ca:63:25:13:2b:c8:e3:c5:95:1d:0f:c3:86:04:
ae:ca:b0:64:e0:88:8a:42:cd:b8:65:d7:59:54:a2:bf:30:e0:
46:ad:86:3d:92:f2:0a:a8:5a:85:9a:f6:a3:9b:0a:cf:8a:7c:
56:22:20:36:f3:c9:79:0f:fc:b1:bf:d0:c5:3c:54:ef:85:82:
3c:19:14:72:6d:c9:d0:db:c3:95:aa:e0:a7:08:c9:23:e4:25:
c8:92:05:2d:f7:1a:aa:33:8f:63:4a:be:98:7b:50:7c:90:f5:
4d:4c:2e:31:6f:a5:68:a8:4a:6f:2f:8e:f6:71:dc:37:9a:95:
4a:a5:2f:6a:df:36:29:17:a5:6d:6e:43:58:2c:13:66:45:ab:
56:0e:45:93:15:54:9e:3b:c4:f0:2d:22:c5:88:74:b4:66:ea:
e8:64:e2:73:55:db:33:10:03:dd:60:97:62:79:4f:c6:9e:c3:
dd:ed:b8:a9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC3YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc0QTQxMTAvBgNVBAUTKDU5NTY2NUZGODVFNEU0NzczNzFGNzU0MUY3MjA5REMy
NDRFNjBDQTUwHhcNMjQxMjEyMTkwODM5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzViMzRiNy0yNjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsLJzTYdlTsDC0UQGs7M6gBfUooACE5ceUfYRr4mctEWFMSH8TG8zRO+SY0Bw
iYph5PCNvung7+7tXX57zt+CAPApJFZ8YbLQtaQcK2BqdUBB74fQbmR+1JfR9rYi
XG2gMrEBeROtzExKmWAMVQxDjemHbnbxpkOxWqwbimgLS4CvKgkwE54N6M787wKK
avbCJCd305Mk91/yqfjaQ+dqPOYYUZutoVhskiAKhJfvUbVWJri2TpX7ExD+8qiN
y67m3kxSCfOZLw/y8Mc56v97bObbkxpamh+crdV6oWzGstssMTazWmzZhgyvc9gy
+icUCK3JqoV0psH/8AJJcWktsQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIZVMnJD
6cohHiktQAzMvZGW87vJMB8GA1UdIwQYMBaAFFlWZf+F5OR3Nx91QfcgncJE5gyl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzRBNC9EREJFNDIwQTMw
RjAxMUVBOTg1OUFFNTNDNEY5QUUwMi9XVlpsXzRYazVIYzNIM1ZCOXlDZHdrVG1E
S1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dWWmxfNFhrNUhjM0gzVkI5eUNkd2tUbURLVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc0QTQvRERCRTQyMEEzMEYwMTFFQTk4NTlBRTUzQzRGOUFFMDIvMjFBNzMxNTA2
QzlCMTFFRDkzQTc1MTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLlcowDQYJKoZIhvcNAQELBQADggEBALkxM1DssQJTd7Lh
U0UdNhlobEQpOAbi+a2X/zUGuzox/YkzeC6oAd6KTv6eUb6zWsDt9CCvU5s8eCPh
GIvm40HFPJcVANKGGEOKzNXKYyUTK8jjxZUdD8OGBK7KsGTgiIpCzbhl11lUor8w
4Eathj2S8gqoWoWa9qObCs+KfFYiIDbzyXkP/LG/0MU8VO+FgjwZFHJtydDbw5Wq
4KcIySPkJciSBS33Gqozj2NKvph7UHyQ9U1MLjFvpWioSm8vjvZx3DealUqlL2rf
NikXpW1uQ1gsE2ZFq1YORZMVVJ47xPAtIsWIdLRm6uhk4nNV2zMQA91gl2J5T8ae
w93tuKk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:46:11 2025 by rpki-client