Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9134B4A/EB393D4E2F8911EFA3D04A6BC4F9AE02/E51087D6F1A011EF8BCCFE7BC4F9AE02.roa
File: E51087D6F1A011EF8BCCFE7BC4F9AE02.roa (raw, json)
Hash identifier: uDkiek+amCMP5fz1my7MuUAYfCGn2cBLkm1ORj4ta5Q=
Subject key identifier: F5:64:E3:B7:AF:82:A5:4C:B4:F6:08:F0:0E:B8:6A:25:6B:CE:47:DA
Certificate issuer: /CN=A9134B4A/serialNumber=ACCBF26A19D9E14C31F5F37E1B966D86A504B46B
Certificate serial: BA
Authority key identifier: AC:CB:F2:6A:19:D9:E1:4C:31:F5:F3:7E:1B:96:6D:86:A5:04:B4:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rMvyahnZ4Uwx9fN-G5ZthqUEtGs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9134B4A/EB393D4E2F8911EFA3D04A6BC4F9AE02/E51087D6F1A011EF8BCCFE7BC4F9AE02.roa
Signing time: Fri 11 Apr 2025 16:04:01 +0000
ROA not before: Fri 11 Apr 2025 16:04:01 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 63150
IP address blocks: 2401:a660:200::/40 maxlen: 48
2401:a660:901::/48 maxlen: 48
2401:a660:902::/48 maxlen: 48
2401:a660:903::/48 maxlen: 48
2401:a660:904::/48 maxlen: 48
2401:a660:905::/48 maxlen: 48
2401:a660:906::/48 maxlen: 48
2401:a660:907::/48 maxlen: 48
2401:a660:908::/48 maxlen: 48
2401:a660:909::/48 maxlen: 48
2401:a660:1000::/48 maxlen: 48
2401:a660:1001::/48 maxlen: 48
2401:a660:1002::/48 maxlen: 48
2401:a660:1003::/48 maxlen: 48
2401:a660:1004::/48 maxlen: 48
2401:a660:1005::/48 maxlen: 48
2401:a660:1006::/48 maxlen: 48
2401:a660:1007::/48 maxlen: 48
2401:a660:1008::/48 maxlen: 48
2401:a660:1009::/48 maxlen: 48
2401:a660:1100::/40 maxlen: 40
2401:a660:1101::/48 maxlen: 48
2401:a660:1102::/48 maxlen: 48
2401:a660:1103::/48 maxlen: 48
2401:a660:1104::/48 maxlen: 48
2401:a660:1105::/48 maxlen: 48
2401:a660:1106::/48 maxlen: 48
2401:a660:1107::/48 maxlen: 48
2401:a660:1108::/48 maxlen: 48
2401:a660:1109::/48 maxlen: 48
2401:a660:110a::/48 maxlen: 48
2401:a660:110b::/48 maxlen: 48
2401:a660:1200::/40 maxlen: 40
2401:a660:1200::/48 maxlen: 48
2401:a660:1201::/48 maxlen: 48
2401:a660:1202::/48 maxlen: 48
2401:a660:1203::/48 maxlen: 48
2401:a660:1204::/48 maxlen: 48
2401:a660:1205::/48 maxlen: 48
2401:a660:1206::/48 maxlen: 48
2401:a660:1207::/48 maxlen: 48
2401:a660:1208::/48 maxlen: 48
2401:a660:1209::/48 maxlen: 48
2401:a660:120a::/48 maxlen: 48
2401:a660:120b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9134B4A/EB393D4E2F8911EFA3D04A6BC4F9AE02/rMvyahnZ4Uwx9fN-G5ZthqUEtGs.crl
rsync://rpki.apnic.net/member_repository/A9134B4A/EB393D4E2F8911EFA3D04A6BC4F9AE02/rMvyahnZ4Uwx9fN-G5ZthqUEtGs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rMvyahnZ4Uwx9fN-G5ZthqUEtGs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 05:13:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186 (0xba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9134B4A, serialNumber=ACCBF26A19D9E14C31F5F37E1B966D86A504B46B
Validity
Not Before: Apr 11 16:04:01 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67f93d71-c357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b1:82:a8:83:95:06:cc:ba:95:af:00:32:db:
6f:7b:f7:0a:8f:2f:6c:f6:35:ce:aa:ca:64:ab:50:
54:11:ee:a9:18:e9:28:31:e5:fc:b1:7e:be:0b:b1:
f2:a6:04:8b:d7:ac:1d:3e:98:95:20:88:d0:1c:cc:
2f:f5:21:d8:7c:70:62:1c:2f:62:f5:00:ca:30:f8:
bd:c5:10:ce:2a:5e:df:cd:29:96:88:f1:74:f7:81:
4b:e9:09:44:27:3d:4f:4b:97:8b:dc:5c:55:fb:ca:
a7:42:84:98:d5:ab:c8:ed:b5:ca:87:fc:6f:da:bf:
01:ad:00:08:13:f1:31:bb:42:db:2a:ca:91:be:95:
8f:b4:43:d1:13:35:cd:dc:23:00:df:b6:a7:14:1a:
62:16:7a:34:79:09:50:a1:ea:dd:82:16:e7:32:d3:
ab:cb:3d:29:68:18:6e:93:97:b2:ac:72:0e:86:d3:
58:a6:b5:5f:1d:2f:a5:d6:a5:b6:e4:62:07:9c:b0:
b1:0b:12:b9:7b:98:fe:90:c6:c0:31:e0:cd:83:ab:
2d:cf:37:71:89:40:ec:55:fb:5d:da:6d:29:f9:c0:
3e:b0:8d:77:bb:d1:bc:80:43:12:90:34:9b:29:af:
8c:3a:14:90:e1:ba:87:8d:0f:0e:b4:63:24:6c:eb:
61:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:64:E3:B7:AF:82:A5:4C:B4:F6:08:F0:0E:B8:6A:25:6B:CE:47:DA
X509v3 Authority Key Identifier:
keyid:AC:CB:F2:6A:19:D9:E1:4C:31:F5:F3:7E:1B:96:6D:86:A5:04:B4:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9134B4A/EB393D4E2F8911EFA3D04A6BC4F9AE02/rMvyahnZ4Uwx9fN-G5ZthqUEtGs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rMvyahnZ4Uwx9fN-G5ZthqUEtGs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134B4A/EB393D4E2F8911EFA3D04A6BC4F9AE02/E51087D6F1A011EF8BCCFE7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:a660:200::/40
2401:a660:901::-2401:a660:909:ffff:ffff:ffff:ffff:ffff
2401:a660:1000::-2401:a660:1009:ffff:ffff:ffff:ffff:ffff
2401:a660:1100::-2401:a660:12ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
50:56:d9:15:e0:cb:ba:59:e0:3d:e1:c0:0c:f6:a1:15:a9:a4:
c6:7c:e9:40:e5:a3:cb:28:1d:a1:c4:ab:85:2c:38:bd:e9:3f:
41:5e:bf:29:5c:f9:d8:1f:06:61:13:58:02:2f:d0:8b:9e:fc:
57:52:b1:d6:73:69:22:8b:c7:76:5a:ee:ce:2a:cb:0e:15:a0:
25:b4:62:2c:f2:c2:50:c4:e9:9c:56:51:8f:fc:60:78:67:3c:
de:f3:75:58:2a:78:6b:8c:6c:db:d6:8b:f8:d5:d6:e2:ac:47:
2c:23:bf:cf:6c:09:63:f8:40:a5:3a:6e:a1:32:9e:3c:06:ab:
3d:42:0f:fe:32:d5:da:54:99:f0:ab:8c:e0:38:a1:09:8a:6a:
5b:d1:63:66:db:49:01:04:fe:40:fe:b7:ed:64:b7:8e:fe:01:
ef:72:d4:51:b5:fa:a7:46:3a:30:f1:56:2f:a2:22:81:ce:e3:
a7:08:e8:8b:a1:14:df:8a:ab:b1:52:7d:43:21:7a:dc:ed:75:
85:a8:33:c1:b9:f7:fb:f6:e5:fe:db:13:c6:7a:b1:92:1a:ff:
00:a2:58:b2:24:09:b0:05:26:d9:17:7d:0a:f5:fd:70:d5:d9:
80:24:50:80:45:ab:45:8a:bd:1d:28:af:ae:65:53:c6:29:6b:
89:22:67:8a
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgICALowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzRCNEExMTAvBgNVBAUTKEFDQ0JGMjZBMTlEOUUxNEMzMUY1RjM3RTFCOTY2RDg2
QTUwNEI0NkIwHhcNMjUwNDExMTYwNDAxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y5M2Q3MS1jMzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy7GCqIOVBsy6la8AMttve/cKjy9s9jXOqspkq1BUEe6pGOkoMeX8sX6+C7Hy
pgSL16wdPpiVIIjQHMwv9SHYfHBiHC9i9QDKMPi9xRDOKl7fzSmWiPF094FL6QlE
Jz1PS5eL3FxV+8qnQoSY1avI7bXKh/xv2r8BrQAIE/Exu0LbKsqRvpWPtEPREzXN
3CMA37anFBpiFno0eQlQoerdghbnMtOryz0paBhuk5eyrHIOhtNYprVfHS+l1qW2
5GIHnLCxCxK5e5j+kMbAMeDNg6stzzdxiUDsVftd2m0p+cA+sI13u9G8gEMSkDSb
Ka+MOhSQ4bqHjQ8OtGMkbOtheQIDAQABo4IC0DCCAswwHQYDVR0OBBYEFPVk47ev
gqVMtPYI8A64aiVrzkfaMB8GA1UdIwQYMBaAFKzL8moZ2eFMMfXzfhuWbYalBLRr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNEI0QS9FQjM5M0Q0RTJG
ODkxMUVGQTNEMDRBNkJDNEY5QUUwMi9yTXZ5YWhuWjRVd3g5Zk4tRzVadGhxVUV0
R3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JNdnlhaG5aNFV3eDlmTi1HNVp0aHFVRXRHcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzRCNEEvRUIzOTNENEUyRjg5MTFFRkEzRDA0QTZCQzRGOUFFMDIvRTUxMDg3RDZG
MUEwMTFFRjhCQ0NGRTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWgYIKwYBBQUHAQcBAf8E
SzBJMEcEAgACMEEDBgAkAaZgAjASAwcAJAGmYAkBAwcBJAGmYAkIMBEDBgQkAaZg
EAMHASQBpmAQCDAQAwYAJAGmYBEDBgAkAaZgEjANBgkqhkiG9w0BAQsFAAOCAQEA
UFbZFeDLulngPeHADPahFamkxnzpQOWjyygdocSrhSw4vek/QV6/KVz52B8GYRNY
Ai/Qi578V1Kx1nNpIovHdlruzirLDhWgJbRiLPLCUMTpnFZRj/xgeGc83vN1WCp4
a4xs29aL+NXW4qxHLCO/z2wJY/hApTpuoTKePAarPUIP/jLV2lSZ8KuM4DihCYpq
W9FjZttJAQT+QP637WS3jv4B73LUUbX6p0Y6MPFWL6Iigc7jpwjoi6EU34qrsVJ9
QyF63O11hagzwbn3+/bl/tsTxnqxkhr/AKJYsiQJsAUm2Rd9CvX9cNXZgCRQgEWr
RYq9HSivrmVTxilriSJnig==
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:43:48 2025 by rpki-client