Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916F8DB/6C8BB86254BC11EEB8DB114AC4F9AE02/65A459FE54BD11EE8C958973C4F9AE02.roa
File: 65A459FE54BD11EE8C958973C4F9AE02.roa (raw, json)
Hash identifier: iUnEHsfjN1jchtBZnX9gEs2PWdWpqrF2oKCzEFQT8+I=
Subject key identifier: 8F:F6:A5:5D:55:65:E3:85:E5:8D:94:C5:24:FF:C4:57:CB:C0:9F:EA
Certificate issuer: /CN=A916F8DB/serialNumber=0DE2B6A62E54A0A61BCF314B6E2EFB8F3A1E3A7A
Certificate serial: E7
Authority key identifier: 0D:E2:B6:A6:2E:54:A0:A6:1B:CF:31:4B:6E:2E:FB:8F:3A:1E:3A:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeK2pi5UoKYbzzFLbi77jzoeOno.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916F8DB/6C8BB86254BC11EEB8DB114AC4F9AE02/65A459FE54BD11EE8C958973C4F9AE02.roa
Signing time: Tue 03 Dec 2024 04:07:30 +0000
ROA not before: Tue 03 Dec 2024 04:07:30 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 59217
IP address blocks: 43.248.248.0/22 maxlen: 24
103.243.164.0/22 maxlen: 24
2402:c940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916F8DB/6C8BB86254BC11EEB8DB114AC4F9AE02/DeK2pi5UoKYbzzFLbi77jzoeOno.crl
rsync://rpki.apnic.net/member_repository/A916F8DB/6C8BB86254BC11EEB8DB114AC4F9AE02/DeK2pi5UoKYbzzFLbi77jzoeOno.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeK2pi5UoKYbzzFLbi77jzoeOno.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 231 (0xe7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916F8DB, serialNumber=0DE2B6A62E54A0A61BCF314B6E2EFB8F3A1E3A7A
Validity
Not Before: Dec 3 04:07:30 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674e8402-a178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:8c:84:b5:c7:e0:18:47:b9:54:94:09:ad:49:
4f:97:c2:c9:e3:65:62:64:58:fe:bd:6a:40:0b:93:
55:c8:df:81:d3:6d:02:f5:94:88:1b:25:e6:4b:3d:
ad:0a:d9:59:e2:c0:92:0b:15:48:0e:40:d2:ad:31:
03:86:52:be:f0:3f:6e:3e:76:8e:09:a9:0a:97:0d:
28:77:4e:19:88:f9:51:8d:8a:bc:91:53:26:09:88:
3e:86:5a:48:0c:40:e9:ef:95:fb:6f:b6:bf:b9:56:
47:4a:31:69:13:00:02:78:06:83:85:90:88:ab:85:
f5:70:7b:6c:66:ba:86:68:98:51:f6:b6:b3:2a:0b:
c1:1b:9c:80:ee:04:55:28:67:d7:ac:12:b3:d2:7a:
05:f0:c2:20:d6:35:b0:04:21:fc:a3:c1:63:91:66:
a7:26:54:3e:ab:22:19:81:b6:a2:7d:13:d5:7f:b7:
60:8e:50:71:45:5d:38:3b:aa:f7:98:a0:bb:63:c7:
49:34:19:d1:95:d6:1f:69:35:5c:dd:1a:88:58:3f:
2a:9f:cf:e7:ab:ef:69:eb:fc:0f:24:bb:6f:a1:aa:
b4:f8:b3:f8:4b:a2:98:5f:49:dd:47:52:08:40:39:
b4:dd:06:3b:c1:03:89:6c:c5:78:14:af:c7:fa:01:
01:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:F6:A5:5D:55:65:E3:85:E5:8D:94:C5:24:FF:C4:57:CB:C0:9F:EA
X509v3 Authority Key Identifier:
keyid:0D:E2:B6:A6:2E:54:A0:A6:1B:CF:31:4B:6E:2E:FB:8F:3A:1E:3A:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916F8DB/6C8BB86254BC11EEB8DB114AC4F9AE02/DeK2pi5UoKYbzzFLbi77jzoeOno.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeK2pi5UoKYbzzFLbi77jzoeOno.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916F8DB/6C8BB86254BC11EEB8DB114AC4F9AE02/65A459FE54BD11EE8C958973C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.248.0/22
103.243.164.0/22
IPv6:
2402:c940::/32
Signature Algorithm: sha256WithRSAEncryption
84:1e:fe:96:4d:dd:46:66:a8:7d:56:a2:f7:1c:48:38:59:58:
75:b9:fb:72:c0:53:da:5f:0d:b2:59:b3:2a:d1:d8:0b:fa:4b:
c1:80:e6:53:90:80:e7:36:73:d4:be:4d:89:4a:df:50:d3:be:
a2:bb:11:84:37:3d:1b:50:bd:7a:61:78:e2:50:b4:8f:15:43:
d6:f7:0c:40:1b:ac:c9:9c:f2:07:a7:d2:39:e6:7e:45:f8:27:
b8:90:0f:5b:75:92:0f:57:95:85:03:e5:2c:43:07:c6:f8:dc:
40:d2:8c:51:3c:8f:9a:70:0a:99:51:72:47:b8:6a:25:bc:33:
c3:1c:28:7a:10:d1:03:d5:cb:02:f0:2a:bd:59:fd:8c:b3:f7:
04:e1:8a:61:7d:97:23:57:b0:b4:d6:33:b8:62:c2:01:92:c1:
fc:62:c6:52:23:e5:2c:f6:a1:e1:62:d9:b0:42:c2:07:13:48:
00:4a:4c:ae:f6:c0:27:d6:7e:dd:a2:41:6f:56:a9:9b:de:8b:
c7:26:dd:9a:35:9c:f3:8f:30:fa:b6:c9:8f:81:12:fa:da:42:
c4:6c:c3:82:3a:ce:12:6d:85:e6:fe:49:13:dc:66:07:ef:3a:
61:f8:4e:5e:be:85:f1:1e:5b:5a:b5:07:59:73:03:26:36:b4:
3c:b0:d8:80
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAOcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkY4REIxMTAvBgNVBAUTKDBERTJCNkE2MkU1NEEwQTYxQkNGMzE0QjZFMkVGQjhG
M0ExRTNBN0EwHhcNMjQxMjAzMDQwNzMwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlODQwMi1hMTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8oyEtcfgGEe5VJQJrUlPl8LJ42ViZFj+vWpAC5NVyN+B020C9ZSIGyXmSz2t
CtlZ4sCSCxVIDkDSrTEDhlK+8D9uPnaOCakKlw0od04ZiPlRjYq8kVMmCYg+hlpI
DEDp75X7b7a/uVZHSjFpEwACeAaDhZCIq4X1cHtsZrqGaJhR9razKgvBG5yA7gRV
KGfXrBKz0noF8MIg1jWwBCH8o8FjkWanJlQ+qyIZgbaifRPVf7dgjlBxRV04O6r3
mKC7Y8dJNBnRldYfaTVc3RqIWD8qn8/nq+9p6/wPJLtvoaq0+LP4S6KYX0ndR1II
QDm03QY7wQOJbMV4FK/H+gEB7wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFI/2pV1V
ZeOF5Y2UxST/xFfLwJ/qMB8GA1UdIwQYMBaAFA3itqYuVKCmG88xS24u+486Hjp6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RjhEQi82QzhCQjg2MjU0
QkMxMUVFQjhEQjExNEFDNEY5QUUwMi9EZUsycGk1VW9LWWJ6ekZMYmk3N2p6b2VP
bm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RlSzJwaTVVb0tZYnp6RkxiaTc3anpvZU9uby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkY4REIvNkM4QkI4NjI1NEJDMTFFRUI4REIxMTRBQzRGOUFFMDIvNjVBNDU5RkU1
NEJEMTFFRThDOTU4OTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIr+PgDBAJn86QwDQQCAAIwBwMFACQCyUAwDQYJKoZIhvcN
AQELBQADggEBAIQe/pZN3UZmqH1WovccSDhZWHW5+3LAU9pfDbJZsyrR2Av6S8GA
5lOQgOc2c9S+TYlK31DTvqK7EYQ3PRtQvXpheOJQtI8VQ9b3DEAbrMmc8gen0jnm
fkX4J7iQD1t1kg9XlYUD5SxDB8b43EDSjFE8j5pwCplRcke4aiW8M8McKHoQ0QPV
ywLwKr1Z/Yyz9wThimF9lyNXsLTWM7hiwgGSwfxixlIj5Sz2oeFi2bBCwgcTSABK
TK72wCfWft2iQW9WqZvei8cm3Zo1nPOPMPq2yY+BEvraQsRsw4I6zhJtheb+SRPc
ZgfvOmH4Tl6+hfEeW1q1B1lzAyY2tDyw2IA=
-----END CERTIFICATE-----
Generated at Sun Apr 13 12:35:00 2025 by rpki-client