Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/3A8C7518B72111EFA9A92F26C4F9AE02.roa
File: 3A8C7518B72111EFA9A92F26C4F9AE02.roa (raw, json)
Hash identifier: MaCtkavFP9h6cbzbI+/48yQalN3EQ9/HSWusPsbFrP0=
Subject key identifier: 15:A1:1F:D5:01:1C:D0:B5:F5:50:D0:D5:42:9F:10:E6:9E:8E:C4:9F
Certificate issuer: /CN=A91982EF/serialNumber=87197FD546DC31523111DD9390B1BA3F3D702656
Certificate serial: 0A
Authority key identifier: 87:19:7F:D5:46:DC:31:52:31:11:DD:93:90:B1:BA:3F:3D:70:26:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/3A8C7518B72111EFA9A92F26C4F9AE02.roa
Signing time: Tue 10 Dec 2024 18:16:48 +0000
ROA not before: Tue 10 Dec 2024 18:16:48 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2402:2500:10a0::/44 maxlen: 44
2402:2500:10a0::/48 maxlen: 48
2402:2500:10a1::/48 maxlen: 48
2402:2500:10a2::/48 maxlen: 48
2402:2500:10a3::/48 maxlen: 48
2402:2500:10a4::/48 maxlen: 48
2402:2500:10a5::/48 maxlen: 48
2402:2500:10a6::/48 maxlen: 48
2402:2500:10a7::/48 maxlen: 48
2402:2500:10a8::/48 maxlen: 48
2402:2500:10a9::/48 maxlen: 48
2402:2500:10aa::/48 maxlen: 48
2402:2500:10ab::/48 maxlen: 48
2402:2500:10ac::/48 maxlen: 48
2402:2500:10ad::/48 maxlen: 48
2402:2500:10ae::/48 maxlen: 48
2402:2500:10af::/48 maxlen: 48
2402:2500:20a0::/44 maxlen: 44
2402:2500:20a0::/48 maxlen: 48
2402:2500:20a1::/48 maxlen: 48
2402:2500:20a2::/48 maxlen: 48
2402:2500:20a3::/48 maxlen: 48
2402:2500:20a4::/48 maxlen: 48
2402:2500:20a5::/48 maxlen: 48
2402:2500:20a6::/48 maxlen: 48
2402:2500:20a7::/48 maxlen: 48
2402:2500:20a8::/48 maxlen: 48
2402:2500:20a9::/48 maxlen: 48
2402:2500:20aa::/48 maxlen: 48
2402:2500:20ab::/48 maxlen: 48
2402:2500:20ac::/48 maxlen: 48
2402:2500:20ad::/48 maxlen: 48
2402:2500:20ae::/48 maxlen: 48
2402:2500:20af::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl
rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 Jan 2025 05:57:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91982EF/serialNumber=87197FD546DC31523111DD9390B1BA3F3D702656
Validity
Not Before: Dec 10 18:16:48 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67588590-b5c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e2:f1:8b:71:ab:fe:d8:ae:28:79:78:13:24:
a3:97:16:cf:aa:ae:0d:82:23:29:a8:7a:70:e6:b4:
f4:b9:dc:3b:28:0e:56:64:68:e7:ed:00:e2:e1:7c:
43:56:1a:0a:41:4e:88:2f:8e:a0:b9:cc:da:fb:2b:
62:c2:40:15:e2:d9:90:a9:f2:75:16:89:53:db:ba:
4e:9f:6a:dd:e3:74:0d:36:8e:d0:08:bb:bd:be:d4:
d3:31:c7:fb:6b:8c:be:67:ad:fc:b5:8f:62:f5:bb:
bd:2b:a0:38:ab:36:7c:da:41:aa:97:34:ae:55:ab:
b6:0e:b6:fa:1b:5a:58:76:88:41:f1:67:31:96:15:
48:a8:90:a1:4f:15:d1:cd:ee:a1:4e:67:e0:14:44:
2c:a0:8a:9e:34:60:a2:98:17:8a:cc:b5:a8:f0:db:
58:9f:de:69:de:95:5a:75:7b:71:78:47:b2:91:fe:
54:95:e8:33:76:d7:2e:15:7f:37:ed:b8:f1:f3:d4:
d8:86:96:1d:03:2e:cb:30:90:41:02:00:dd:5f:3d:
0e:31:62:46:b1:2a:6c:8c:d5:50:79:f7:96:88:1c:
03:34:65:e2:bc:64:22:56:68:c0:31:3b:70:f8:96:
a3:8e:1a:54:b0:9c:fa:bc:c8:0b:58:8e:40:ff:27:
57:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:A1:1F:D5:01:1C:D0:B5:F5:50:D0:D5:42:9F:10:E6:9E:8E:C4:9F
X509v3 Authority Key Identifier:
keyid:87:19:7F:D5:46:DC:31:52:31:11:DD:93:90:B1:BA:3F:3D:70:26:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/3A8C7518B72111EFA9A92F26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:2500:10a0::/44
2402:2500:20a0::/44
Signature Algorithm: sha256WithRSAEncryption
3f:15:4b:74:0c:fd:06:77:55:25:bc:da:d0:c6:43:03:35:d6:
1f:70:21:91:6a:b9:16:af:e5:3f:d2:39:db:a5:4a:01:ec:87:
20:5a:38:2f:b7:94:0e:18:51:a7:f3:1b:e0:4e:0d:27:3b:a0:
3c:00:8b:e2:77:15:0a:1c:4f:be:df:03:38:0a:e3:60:f2:b5:
ca:cc:e3:6c:6b:8f:51:40:3a:7d:c0:11:93:17:27:6f:41:2c:
53:5b:ed:e7:26:af:4d:7b:bf:d1:47:7d:ae:8d:ec:13:52:77:
59:30:84:3c:f8:8a:11:b9:1b:f4:f9:7b:64:f6:2a:74:b8:98:
b9:e3:7e:9b:d1:4a:00:8e:e3:bb:5e:fb:a3:65:32:3f:58:c9:
b8:9f:47:b9:d9:18:fb:2a:3c:c8:b8:bb:f3:8f:28:4a:92:a4:
5d:5c:d0:b9:86:76:e1:af:c0:98:73:c1:c2:57:03:93:e3:4b:
2b:9f:01:55:8d:8e:47:82:40:fb:3b:53:54:97:52:96:7e:fd:
96:c9:15:8c:90:e2:5f:bd:ac:4c:02:92:8b:5e:35:4b:08:97:
b3:c0:9f:0c:7e:5d:5c:3b:06:4f:36:47:93:3a:79:25:2a:c4:
8f:6e:92:b7:cd:ec:e8:ab:de:4a:ee:db:8f:8b:b2:1c:c8:2c:
f9:a4:4e:62
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
ODJFRjExMC8GA1UEBRMoODcxOTdGRDU0NkRDMzE1MjMxMTFERDkzOTBCMUJBM0Yz
RDcwMjY1NjAeFw0yNDEyMTAxODE2NDhaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NTg4NTkwLWI1YzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCu4vGLcav+2K4oeXgTJKOXFs+qrg2CIymoenDmtPS53DsoDlZkaOftAOLhfENW
GgpBTogvjqC5zNr7K2LCQBXi2ZCp8nUWiVPbuk6fat3jdA02jtAIu72+1NMxx/tr
jL5nrfy1j2L1u70roDirNnzaQaqXNK5Vq7YOtvobWlh2iEHxZzGWFUiokKFPFdHN
7qFOZ+AURCygip40YKKYF4rMtajw21if3mnelVp1e3F4R7KR/lSV6DN21y4Vfzft
uPHz1NiGlh0DLsswkEECAN1fPQ4xYkaxKmyM1VB595aIHAM0ZeK8ZCJWaMAxO3D4
lqOOGlSwnPq8yAtYjkD/J1c3AgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUFaEf1QEc
0LX1UNDVQp8Q5p6OxJ8wHwYDVR0jBBgwFoAUhxl/1UbcMVIxEd2TkLG6Pz1wJlYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk4MkVGL0ZDNjUwQjcyQjcx
RDExRUY4OTgyQzQwQ0M0RjlBRTAyL2h4bF8xVWJjTVZJeEVkMlRrTEc2UHoxd0ps
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaHhsXzFVYmNNVkl4RWQyVGtMRzZQejF3SmxZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
ODJFRi9GQzY1MEI3MkI3MUQxMUVGODk4MkM0MENDNEY5QUUwMi8zQThDNzUxOEI3
MjExMUVGQTlBOTJGMjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAIwEgMHBCQCJQAQoAMHBCQCJQAgoDANBgkqhkiG9w0BAQsFAAOCAQEA
PxVLdAz9BndVJbza0MZDAzXWH3AhkWq5Fq/lP9I526VKAeyHIFo4L7eUDhhRp/Mb
4E4NJzugPACL4ncVChxPvt8DOArjYPK1yszjbGuPUUA6fcARkxcnb0EsU1vt5yav
TXu/0Ud9ro3sE1J3WTCEPPiKEbkb9Pl7ZPYqdLiYueN+m9FKAI7ju177o2UyP1jJ
uJ9HudkY+yo8yLi7848oSpKkXVzQuYZ24a/AmHPBwlcDk+NLK58BVY2OR4JA+ztT
VJdSln79lskVjJDiX72sTAKSi141SwiXs8CfDH5dXDsGTzZHkzp5JSrEj26St83s
6KveSu7bj4uyHMgs+aROYg==
-----END CERTIFICATE-----
Generated at Fri Dec 27 07:43:56 2024 by rpki-client on console-ams.rpki-client.org