Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919A909/166E747C2A3311EFBE9AA859C4F9AE02/1D5C0B90475D11EFBD75C15EC4F9AE02.roa
File: 1D5C0B90475D11EFBD75C15EC4F9AE02.roa (raw, json)
Hash identifier: THvSuu89zBwF6bcGi2lQr5DOft4c27TPpxpcQHdJvh8=
Subject key identifier: C4:5D:BF:DB:47:75:98:C4:7B:A0:55:54:88:1B:3D:74:A0:4B:CA:1E
Certificate issuer: /CN=A919A909/serialNumber=D7210B6E99424A9E82A4D45002736F6483AA279A
Certificate serial: 1D
Authority key identifier: D7:21:0B:6E:99:42:4A:9E:82:A4:D4:50:02:73:6F:64:83:AA:27:9A
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1yELbplCSp6CpNRQAnNvZIOqJ5o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919A909/166E747C2A3311EFBE9AA859C4F9AE02/1D5C0B90475D11EFBD75C15EC4F9AE02.roa
Signing time: Sun 21 Jul 2024 12:31:12 +0000
ROA not before: Sun 21 Jul 2024 12:31:12 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 201217
IP address blocks: 160.22.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919A909/166E747C2A3311EFBE9AA859C4F9AE02/1yELbplCSp6CpNRQAnNvZIOqJ5o.crl
rsync://rpki.apnic.net/member_repository/A919A909/166E747C2A3311EFBE9AA859C4F9AE02/1yELbplCSp6CpNRQAnNvZIOqJ5o.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1yELbplCSp6CpNRQAnNvZIOqJ5o.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 05:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29 (0x1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919A909, serialNumber=D7210B6E99424A9E82A4D45002736F6483AA279A
Validity
Not Before: Jul 21 12:31:12 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=669cff90-0f82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:06:cc:f6:16:7b:00:17:d0:30:11:aa:41:fa:
26:1c:59:c9:d3:1b:1c:45:6c:38:7a:ab:08:66:32:
a2:a1:00:6f:d5:fd:08:93:fa:04:22:96:bd:d6:df:
af:97:ec:cb:61:fb:d7:a8:fd:5d:a1:35:cb:73:ff:
7f:7e:26:c3:46:d6:cf:53:a4:b5:6a:51:fb:6a:63:
ec:15:b8:cd:ce:e4:13:ec:38:eb:7b:fd:78:b2:3d:
0e:d7:81:72:7a:79:a2:7d:6a:cf:76:8b:5c:52:36:
02:0c:c5:a3:48:24:16:9e:f3:56:d7:90:0b:38:0b:
d5:89:24:6e:63:50:e2:66:c3:50:03:5a:8d:84:62:
5f:1f:fe:2f:91:db:59:87:d5:c7:89:f7:0d:9f:1c:
e1:a3:c1:43:17:c1:df:2e:4e:02:65:38:35:07:3a:
92:b2:6d:e1:09:31:fa:83:bf:15:48:8e:01:27:8f:
04:b8:97:40:a7:e6:1b:7f:51:c9:d1:49:e3:9d:36:
a7:37:13:23:9f:f2:95:1b:58:c8:84:b1:73:28:90:
c9:61:1e:d8:5b:10:71:bc:78:50:64:29:89:c3:88:
4f:55:d7:f5:4f:74:1d:11:71:f9:bc:db:5b:28:5c:
1f:b9:96:0e:84:30:ad:6c:b8:99:cb:72:b1:15:d3:
4b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5D:BF:DB:47:75:98:C4:7B:A0:55:54:88:1B:3D:74:A0:4B:CA:1E
X509v3 Authority Key Identifier:
keyid:D7:21:0B:6E:99:42:4A:9E:82:A4:D4:50:02:73:6F:64:83:AA:27:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919A909/166E747C2A3311EFBE9AA859C4F9AE02/1yELbplCSp6CpNRQAnNvZIOqJ5o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1yELbplCSp6CpNRQAnNvZIOqJ5o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A909/166E747C2A3311EFBE9AA859C4F9AE02/1D5C0B90475D11EFBD75C15EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.157.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:93:07:c2:47:d9:4d:d7:a6:16:11:a9:dd:d5:aa:48:a8:ce:
af:71:7e:34:3e:c2:28:38:4e:60:54:db:1b:7c:a0:9f:c6:d5:
77:84:f4:a1:83:5f:53:71:6e:cc:2e:d8:fc:9c:6d:b5:bf:4d:
26:e9:29:35:cd:1f:94:3a:87:a3:fd:91:41:ca:57:58:c4:de:
37:fd:aa:9d:69:ee:16:bf:4a:75:af:69:48:67:66:3f:63:ae:
ec:24:13:e1:27:bb:0e:87:46:68:63:bb:bf:6d:3d:bf:1c:c9:
4d:2b:6e:e0:be:6f:c5:c7:2c:e3:ca:c1:bb:cd:48:c2:0e:c7:
ae:2f:ad:9f:b7:b8:af:48:2f:81:91:97:0e:b4:73:d2:cc:86:
b9:ef:84:c2:62:94:bc:cd:3b:e5:03:83:a4:e8:63:23:85:15:
a0:a8:b5:fe:a0:df:6e:88:7f:e4:9e:16:ea:f9:5e:09:52:36:
61:00:eb:6e:68:fb:bd:35:62:1a:17:c2:e7:89:25:46:41:1d:
a0:a5:66:7c:59:69:3f:aa:a1:70:43:86:fe:c6:8d:6d:45:c1:
46:02:59:ce:10:7c:22:d7:18:14:9a:29:57:83:2b:f3:27:44:
ba:7d:09:8b:db:34:e5:11:6f:61:f1:ea:41:34:3e:22:41:ad:
db:9a:5c:79
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBHTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
QTkwOTExMC8GA1UEBRMoRDcyMTBCNkU5OTQyNEE5RTgyQTRENDUwMDI3MzZGNjQ4
M0FBMjc5QTAeFw0yNDA3MjExMjMxMTJaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2OWNmZjkwLTBmODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDbBsz2FnsAF9AwEapB+iYcWcnTGxxFbDh6qwhmMqKhAG/V/QiT+gQilr3W36+X
7Mth+9eo/V2hNctz/39+JsNG1s9TpLVqUftqY+wVuM3O5BPsOOt7/XiyPQ7XgXJ6
eaJ9as92i1xSNgIMxaNIJBae81bXkAs4C9WJJG5jUOJmw1ADWo2EYl8f/i+R21mH
1ceJ9w2fHOGjwUMXwd8uTgJlODUHOpKybeEJMfqDvxVIjgEnjwS4l0Cn5ht/UcnR
SeOdNqc3EyOf8pUbWMiEsXMokMlhHthbEHG8eFBkKYnDiE9V1/VPdB0Rcfm821so
XB+5lg6EMK1suJnLcrEV00tpAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUxF2/20d1
mMR7oFVUiBs9dKBLyh4wHwYDVR0jBBgwFoAU1yELbplCSp6CpNRQAnNvZIOqJ5ow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlBOTA5LzE2NkU3NDdDMkEz
MzExRUZCRTlBQTg1OUM0RjlBRTAyLzF5RUxicGxDU3A2Q3BOUlFBbk52WklPcUo1
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvMXlFTGJwbENTcDZDcE5SUUFuTnZaSU9xSjVvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
QTkwOS8xNjZFNzQ3QzJBMzMxMUVGQkU5QUE4NTlDNEY5QUUwMi8xRDVDMEI5MDQ3
NUQxMUVGQkQ3NUMxNUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAWnTANBgkqhkiG9w0BAQsFAAOCAQEALJMHwkfZTdemFhGp
3dWqSKjOr3F+ND7CKDhOYFTbG3ygn8bVd4T0oYNfU3FuzC7Y/Jxttb9NJukpNc0f
lDqHo/2RQcpXWMTeN/2qnWnuFr9Kda9pSGdmP2Ou7CQT4Se7DodGaGO7v209vxzJ
TStu4L5vxccs48rBu81Iwg7Hri+tn7e4r0gvgZGXDrRz0syGue+EwmKUvM075QOD
pOhjI4UVoKi1/qDfboh/5J4W6vleCVI2YQDrbmj7vTViGhfC54klRkEdoKVmfFlp
P6qhcEOG/saNbUXBRgJZzhB8ItcYFJopV4Mr8ydEun0Ji9s05RFvYfHqQTQ+IkGt
25pceQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:37:39 2025 by rpki-client