Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172BD3/64BFF14EB3F711EE92A47717C4F9AE02/97F15FD8068D11EF839A3054C4F9AE02.roa
File: 97F15FD8068D11EF839A3054C4F9AE02.roa (raw, json)
Hash identifier: mLl/OI3EV7/JM4Fr1G9RnDxTwZqnfUJgsg+LaOLb7Wc=
Subject key identifier: 66:74:30:14:77:82:07:15:37:72:38:F5:9C:AE:A8:D2:7D:3B:E6:49
Certificate issuer: /CN=A9172BD3/serialNumber=3D7FEACB633A6B829323B1E9944D4AF98DDDA372
Certificate serial: 49
Authority key identifier: 3D:7F:EA:CB:63:3A:6B:82:93:23:B1:E9:94:4D:4A:F9:8D:DD:A3:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PX_qy2M6a4KTI7HplE1K-Y3do3I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172BD3/64BFF14EB3F711EE92A47717C4F9AE02/97F15FD8068D11EF839A3054C4F9AE02.roa
Signing time: Wed 15 May 2024 08:42:45 +0000
ROA not before: Wed 15 May 2024 08:42:45 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 45442
IP address blocks: 202.14.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9172BD3/64BFF14EB3F711EE92A47717C4F9AE02/PX_qy2M6a4KTI7HplE1K-Y3do3I.crl
rsync://rpki.apnic.net/member_repository/A9172BD3/64BFF14EB3F711EE92A47717C4F9AE02/PX_qy2M6a4KTI7HplE1K-Y3do3I.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PX_qy2M6a4KTI7HplE1K-Y3do3I.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 04:16:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73 (0x49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172BD3
Validity
Not Before: May 15 08:42:45 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66447585-4835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9e:b0:d1:0a:ab:34:9d:f3:5a:97:cd:99:62:
63:a0:70:36:60:fa:4b:21:dc:97:79:fb:00:8d:7b:
ce:06:ac:08:c1:9a:71:c8:5b:5b:08:a6:6b:76:70:
44:24:e1:ca:cc:ad:f0:66:26:6b:87:2f:21:7a:3d:
b9:71:a2:c6:ff:94:72:19:22:e9:01:35:d7:47:0f:
75:89:56:b2:c3:23:c4:94:f2:b6:53:74:9f:0e:26:
4f:78:8e:71:cd:77:b0:11:15:72:b9:3f:a7:ae:26:
be:56:d7:a9:15:99:b2:28:27:89:d8:b9:56:e8:dd:
52:97:f1:fa:ad:2d:a7:c7:8b:41:80:e6:57:a5:8a:
ba:5f:86:fb:42:bb:b4:9d:c1:de:b9:d8:30:e3:88:
c2:1d:91:be:e2:4b:54:37:73:27:70:b2:cc:4b:d0:
6c:e9:2a:72:7d:a6:c7:3d:46:80:25:94:f6:a4:94:
8b:cf:69:42:53:1d:d1:ed:d7:15:a4:bf:b2:25:98:
4f:7c:a2:54:2e:b0:bf:69:9b:e9:35:7c:c2:2c:96:
5e:96:de:06:e2:ff:ff:11:5f:fb:6c:b7:37:be:63:
ff:de:b5:6e:4f:ed:e4:44:6e:1d:cb:26:81:fd:16:
b1:21:31:82:f9:10:64:c2:a2:fc:44:69:a3:be:d4:
56:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:74:30:14:77:82:07:15:37:72:38:F5:9C:AE:A8:D2:7D:3B:E6:49
X509v3 Authority Key Identifier:
keyid:3D:7F:EA:CB:63:3A:6B:82:93:23:B1:E9:94:4D:4A:F9:8D:DD:A3:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172BD3/64BFF14EB3F711EE92A47717C4F9AE02/PX_qy2M6a4KTI7HplE1K-Y3do3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PX_qy2M6a4KTI7HplE1K-Y3do3I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172BD3/64BFF14EB3F711EE92A47717C4F9AE02/97F15FD8068D11EF839A3054C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.14.81.0/24
Signature Algorithm: sha256WithRSAEncryption
69:16:9d:f5:e8:dc:7c:4c:a8:15:14:eb:12:cc:02:62:bb:53:
77:f5:a4:df:e5:6b:7f:0c:88:a2:99:5c:55:46:44:b4:89:bd:
5d:70:6a:f6:de:1a:70:15:98:e9:1a:21:b1:5f:fb:2b:8f:f1:
65:55:24:17:45:0b:35:0c:18:f4:db:d3:00:30:6d:47:d8:1b:
e0:3a:23:a3:c2:30:15:6b:f8:45:74:e7:0c:50:b4:51:0b:cc:
e5:58:69:88:75:e9:48:fd:69:d5:8d:f8:f9:60:8b:27:37:eb:
fd:d9:7a:d3:d1:b4:cf:b2:7c:1a:cc:11:57:bc:a3:ed:d4:dc:
4f:a6:53:c7:55:4d:57:08:17:e4:a1:ef:f2:04:cc:88:b7:d1:
59:6a:bf:59:50:8f:0a:39:f6:bc:91:32:b5:9e:4a:43:18:c9:
52:d9:06:94:c8:68:ee:9d:bf:bf:33:e8:66:3c:6d:38:eb:f2:
e4:72:1b:c7:a4:e2:81:59:1f:82:1a:e9:f6:ab:b8:84:2a:7a:
c7:a4:3d:be:29:31:08:18:b5:10:eb:aa:18:0e:7f:3d:a4:0d:
71:5a:1c:44:02:8e:f2:f9:71:07:96:34:91:78:c3:e4:38:d3:
61:92:76:47:d5:9e:1d:df:51:ec:49:a2:56:81:cd:a3:03:aa:
23:89:bd:d4
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBSTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MkJEMzExMC8GA1UEBRMoM0Q3RkVBQ0I2MzNBNkI4MjkzMjNCMUU5OTQ0RDRBRjk4
REREQTM3MjAeFw0yNDA1MTUwODQyNDVaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NDQ3NTg1LTQ4MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCknrDRCqs0nfNal82ZYmOgcDZg+ksh3Jd5+wCNe84GrAjBmnHIW1sIpmt2cEQk
4crMrfBmJmuHLyF6Pblxosb/lHIZIukBNddHD3WJVrLDI8SU8rZTdJ8OJk94jnHN
d7ARFXK5P6euJr5W16kVmbIoJ4nYuVbo3VKX8fqtLafHi0GA5lelirpfhvtCu7Sd
wd652DDjiMIdkb7iS1Q3cydwssxL0GzpKnJ9psc9RoAllPaklIvPaUJTHdHt1xWk
v7IlmE98olQusL9pm+k1fMIsll6W3gbi//8RX/tstze+Y//etW5P7eREbh3LJoH9
FrEhMYL5EGTCovxEaaO+1FYRAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUZnQwFHeC
BxU3cjj1nK6o0n075kkwHwYDVR0jBBgwFoAUPX/qy2M6a4KTI7HplE1K+Y3do3Iw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQkQzLzY0QkZGMTRFQjNG
NzExRUU5MkE0NzcxN0M0RjlBRTAyL1BYX3F5Mk02YTRLVEk3SHBsRTFLLVkzZG8z
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUFhfcXkyTTZhNEtUSTdIcGxFMUstWTNkbzNJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MkJEMy82NEJGRjE0RUIzRjcxMUVFOTJBNDc3MTdDNEY5QUUwMi85N0YxNUZEODA2
OEQxMUVGODM5QTMwNTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMoOUTANBgkqhkiG9w0BAQsFAAOCAQEAaRad9ejcfEyoFRTr
EswCYrtTd/Wk3+VrfwyIoplcVUZEtIm9XXBq9t4acBWY6RohsV/7K4/xZVUkF0UL
NQwY9NvTADBtR9gb4Dojo8IwFWv4RXTnDFC0UQvM5VhpiHXpSP1p1Y34+WCLJzfr
/dl609G0z7J8GswRV7yj7dTcT6ZTx1VNVwgX5KHv8gTMiLfRWWq/WVCPCjn2vJEy
tZ5KQxjJUtkGlMho7p2/vzPoZjxtOOvy5HIbx6TigVkfghrp9qu4hCp6x6Q9vikx
CBi1EOuqGA5/PaQNcVocRAKO8vlxB5Y0kXjD5DjTYZJ2R9WeHd9R7EmiVoHNowOq
I4m91A==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:44:16 2025 by rpki-client