Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/98AEAB84B72111EF8A087D30C4F9AE02.roa
File: 98AEAB84B72111EF8A087D30C4F9AE02.roa (raw, json)
Hash identifier: 8ewBwE8XstXeeqmSvgrbIwTd2CEtwyCXsNRMX6ARDE8=
Subject key identifier: 30:63:9F:63:6D:93:83:4D:CF:89:39:CC:06:85:0C:A2:D8:F7:AD:91
Certificate issuer: /CN=A91982EF/serialNumber=87197FD546DC31523111DD9390B1BA3F3D702656
Certificate serial: 0C
Authority key identifier: 87:19:7F:D5:46:DC:31:52:31:11:DD:93:90:B1:BA:3F:3D:70:26:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/98AEAB84B72111EF8A087D30C4F9AE02.roa
Signing time: Tue 10 Dec 2024 18:17:38 +0000
ROA not before: Tue 10 Dec 2024 18:17:38 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2402:2500:10a0::/44 maxlen: 44
2402:2500:10a0::/48 maxlen: 48
2402:2500:10a1::/48 maxlen: 48
2402:2500:10a2::/48 maxlen: 48
2402:2500:10a3::/48 maxlen: 48
2402:2500:10a4::/48 maxlen: 48
2402:2500:10a5::/48 maxlen: 48
2402:2500:10a6::/48 maxlen: 48
2402:2500:10a7::/48 maxlen: 48
2402:2500:10a8::/48 maxlen: 48
2402:2500:10a9::/48 maxlen: 48
2402:2500:10aa::/48 maxlen: 48
2402:2500:10ab::/48 maxlen: 48
2402:2500:10ac::/48 maxlen: 48
2402:2500:10ad::/48 maxlen: 48
2402:2500:10ae::/48 maxlen: 48
2402:2500:10af::/48 maxlen: 48
2402:2500:20a0::/44 maxlen: 44
2402:2500:20a0::/48 maxlen: 48
2402:2500:20a1::/48 maxlen: 48
2402:2500:20a2::/48 maxlen: 48
2402:2500:20a3::/48 maxlen: 48
2402:2500:20a4::/48 maxlen: 48
2402:2500:20a5::/48 maxlen: 48
2402:2500:20a6::/48 maxlen: 48
2402:2500:20a7::/48 maxlen: 48
2402:2500:20a8::/48 maxlen: 48
2402:2500:20a9::/48 maxlen: 48
2402:2500:20aa::/48 maxlen: 48
2402:2500:20ab::/48 maxlen: 48
2402:2500:20ac::/48 maxlen: 48
2402:2500:20ad::/48 maxlen: 48
2402:2500:20ae::/48 maxlen: 48
2402:2500:20af::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl
rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 05:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91982EF
Validity
Not Before: Dec 10 18:17:38 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=675885c2-a7c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c7:98:26:9c:29:28:88:d4:a7:9c:06:c8:a1:
1d:b2:3f:50:ad:bd:0f:d5:e2:83:a4:76:78:fe:e1:
62:16:56:1e:cc:a1:d1:bf:9e:94:41:a5:5e:81:35:
b8:0d:5d:be:ee:84:f4:4f:8e:89:69:49:84:e5:20:
72:0d:4c:4a:69:7e:0c:8a:d5:f4:e7:34:dc:85:0b:
f4:ce:37:34:a5:8f:52:ad:87:e5:e0:b8:21:97:03:
04:ca:74:9b:53:3c:d1:ed:27:35:ac:0c:82:19:e0:
d6:4a:9f:99:2d:7b:6f:98:69:32:43:e2:18:e4:af:
3a:94:65:0a:93:dd:f9:1a:22:8f:7c:96:73:66:8c:
b2:38:07:d2:3c:d0:d8:4b:1b:64:81:ef:b3:e5:bc:
82:c7:ea:77:08:a9:ed:16:32:b8:d8:9d:b3:4d:45:
f0:2a:fb:2a:48:07:dc:96:ef:69:e4:70:5a:58:8c:
48:85:a3:b3:f2:e1:5c:92:f1:32:50:74:2a:29:93:
29:05:e2:19:73:f0:9e:41:99:c3:9e:f9:b0:e9:e4:
9f:b6:f1:71:8f:ff:82:d2:60:c3:e4:5b:26:3e:b5:
2c:6f:e0:a2:67:c9:e5:c7:d4:d2:ff:94:97:68:84:
0b:a4:f4:c4:ba:e4:c6:d6:29:24:48:0e:6a:12:7d:
ca:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:63:9F:63:6D:93:83:4D:CF:89:39:CC:06:85:0C:A2:D8:F7:AD:91
X509v3 Authority Key Identifier:
keyid:87:19:7F:D5:46:DC:31:52:31:11:DD:93:90:B1:BA:3F:3D:70:26:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxl_1UbcMVIxEd2TkLG6Pz1wJlY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91982EF/FC650B72B71D11EF8982C40CC4F9AE02/98AEAB84B72111EF8A087D30C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:2500:10a0::/44
2402:2500:20a0::/44
Signature Algorithm: sha256WithRSAEncryption
ad:0d:18:ad:d5:66:c6:74:be:8e:bd:5d:56:b7:2b:73:b2:4b:
e5:6b:f7:65:2d:c3:60:a3:80:d0:e6:00:ff:ac:93:60:ef:ce:
33:b5:c0:e9:86:50:9b:3c:71:41:a5:34:a7:52:fc:52:38:74:
2c:31:40:f6:15:b8:c0:21:c2:05:7b:38:d3:73:32:41:ac:66:
b6:03:8f:e2:f2:94:fc:f1:4f:37:8d:b0:1d:c2:ed:f6:77:54:
f2:44:01:d5:8b:ad:91:d6:45:f9:2f:e9:9b:0a:2f:2b:ae:e8:
80:3e:93:90:c7:71:33:62:bd:38:d8:ed:87:73:d1:9d:9a:40:
04:45:9c:23:39:2f:e1:89:64:16:bc:20:0f:30:25:f6:d9:52:
0e:ec:c6:0a:64:44:75:b9:ef:42:aa:23:f0:46:e7:6d:83:13:
29:f8:53:ed:f0:ca:55:7f:75:81:e0:70:08:de:17:6a:c3:0d:
46:69:63:11:f1:13:23:77:88:90:d8:d6:55:ec:d2:a1:62:6e:
7a:01:a1:e5:f0:8d:20:cf:0c:78:cb:18:ab:87:cb:d0:84:92:
b7:a3:89:48:e5:95:69:e5:13:58:54:80:86:d8:3a:81:f1:6a:
9e:7c:cb:02:47:d0:e0:96:9d:d9:05:0d:4f:2b:5f:33:8b:c7:
e5:e8:d4:75
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
ODJFRjExMC8GA1UEBRMoODcxOTdGRDU0NkRDMzE1MjMxMTFERDkzOTBCMUJBM0Yz
RDcwMjY1NjAeFw0yNDEyMTAxODE3MzhaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NTg4NWMyLWE3YzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDkx5gmnCkoiNSnnAbIoR2yP1CtvQ/V4oOkdnj+4WIWVh7ModG/npRBpV6BNbgN
Xb7uhPRPjolpSYTlIHINTEppfgyK1fTnNNyFC/TONzSlj1Kth+XguCGXAwTKdJtT
PNHtJzWsDIIZ4NZKn5kte2+YaTJD4hjkrzqUZQqT3fkaIo98lnNmjLI4B9I80NhL
G2SB77PlvILH6ncIqe0WMrjYnbNNRfAq+ypIB9yW72nkcFpYjEiFo7Py4VyS8TJQ
dCopkykF4hlz8J5BmcOe+bDp5J+28XGP/4LSYMPkWyY+tSxv4KJnyeXH1NL/lJdo
hAuk9MS65MbWKSRIDmoSfco3AgMBAAGjggKhMIICnTAdBgNVHQ4EFgQUMGOfY22T
g03PiTnMBoUMotj3rZEwHwYDVR0jBBgwFoAUhxl/1UbcMVIxEd2TkLG6Pz1wJlYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk4MkVGL0ZDNjUwQjcyQjcx
RDExRUY4OTgyQzQwQ0M0RjlBRTAyL2h4bF8xVWJjTVZJeEVkMlRrTEc2UHoxd0ps
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaHhsXzFVYmNNVkl4RWQyVGtMRzZQejF3SmxZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
ODJFRi9GQzY1MEI3MkI3MUQxMUVGODk4MkM0MENDNEY5QUUwMi85OEFFQUI4NEI3
MjExMUVGOEEwODdEMzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQc
MBowGAQCAAIwEgMHBCQCJQAQoAMHBCQCJQAgoDANBgkqhkiG9w0BAQsFAAOCAQEA
rQ0YrdVmxnS+jr1dVrcrc7JL5Wv3ZS3DYKOA0OYA/6yTYO/OM7XA6YZQmzxxQaU0
p1L8Ujh0LDFA9hW4wCHCBXs403MyQaxmtgOP4vKU/PFPN42wHcLt9ndU8kQB1Yut
kdZF+S/pmwovK67ogD6TkMdxM2K9ONjth3PRnZpABEWcIzkv4YlkFrwgDzAl9tlS
DuzGCmREdbnvQqoj8EbnbYMTKfhT7fDKVX91geBwCN4XasMNRmljEfETI3eIkNjW
VezSoWJuegGh5fCNIM8MeMsYq4fL0ISSt6OJSOWVaeUTWFSAhtg6gfFqnnzLAkfQ
4Jad2QUNTytfM4vH5ejUdQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:00:29 2025 by rpki-client