Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/DDBFCC3E74D011EDBF68684EC4F9AE02.roa
File: DDBFCC3E74D011EDBF68684EC4F9AE02.roa (raw, json)
Hash identifier: mXZI4ZmDMYGAviVq8q1EXRtaamenFNKJ1D2Wqwa/y+M=
Subject key identifier: C6:A7:FF:85:49:75:CB:38:1B:9D:1A:B8:DD:CE:05:57:ED:B1:2B:73
Certificate issuer: /CN=A91E6304/serialNumber=2596AED0C0CB3BCFE31804B239CF4657712E276A
Certificate serial: 034D
Authority key identifier: 25:96:AE:D0:C0:CB:3B:CF:E3:18:04:B2:39:CF:46:57:71:2E:27:6A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JZau0MDLO8_jGASyOc9GV3EuJ2o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/DDBFCC3E74D011EDBF68684EC4F9AE02.roa
Signing time: Mon 12 May 2025 21:40:44 +0000
ROA not before: Mon 12 May 2025 21:40:44 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 31898
IP address blocks: 2407:30c0:200::/48 maxlen: 48
2407:30c0:201::/48 maxlen: 48
2407:30c0:202::/48 maxlen: 48
2407:30c0:203::/48 maxlen: 48
2407:30c0:204::/48 maxlen: 48
2407:30c0:205::/48 maxlen: 48
2407:30c0:206::/48 maxlen: 48
2407:30c0:207::/48 maxlen: 48
2407:30c0:208::/48 maxlen: 48
2407:30c0:209::/48 maxlen: 48
2407:30c0:20a::/48 maxlen: 48
2407:30c0:20b::/48 maxlen: 48
2407:30c0:20c::/48 maxlen: 48
2407:30c0:20d::/48 maxlen: 48
2407:30c0:20e::/48 maxlen: 48
2407:30c0:20f::/48 maxlen: 48
2407:30c0:211::/48 maxlen: 48
2407:30c0:212::/48 maxlen: 48
2407:30c0:213::/48 maxlen: 48
2407:30c0:214::/48 maxlen: 48
2407:30c0:215::/48 maxlen: 48
2407:30c0:216::/48 maxlen: 48
2407:30c0:217::/48 maxlen: 48
2407:30c0:218::/48 maxlen: 48
2407:30c0:219::/48 maxlen: 48
2407:30c0:21a::/48 maxlen: 48
2407:30c0:21b::/48 maxlen: 48
2407:30c0:21c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/JZau0MDLO8_jGASyOc9GV3EuJ2o.crl
rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/JZau0MDLO8_jGASyOc9GV3EuJ2o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JZau0MDLO8_jGASyOc9GV3EuJ2o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 22 Jun 2025 00:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 845 (0x34d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6304, serialNumber=2596AED0C0CB3BCFE31804B239CF4657712E276A
Validity
Not Before: May 12 21:40:44 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=68226adc-c496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:55:5d:df:a5:b9:ba:39:01:d5:ba:d2:39:5c:
04:8f:1d:86:55:46:c1:ea:ab:f1:a0:5d:ce:e6:fb:
c5:5f:6d:f4:99:ab:5f:f1:4b:55:da:33:6c:3f:0b:
9a:cc:df:c3:d8:4d:97:a9:71:bf:b9:1b:ef:29:94:
6e:37:c5:d2:38:ea:cd:5b:69:6b:cf:b2:11:6b:79:
24:09:70:b3:a8:67:02:09:60:29:a1:69:b5:80:d5:
bd:a7:9c:11:98:0b:05:22:06:77:18:e7:f0:bb:da:
5b:1a:bc:d0:88:ff:5d:3e:29:a0:1c:fd:91:7d:67:
f1:1d:01:b7:e8:a8:10:0f:be:f8:3b:16:9b:cd:31:
f4:af:5c:17:ed:36:1a:20:c9:97:ce:f7:19:d4:b0:
a6:dc:19:3e:f3:c0:6b:41:74:b1:3d:12:1f:e3:87:
ba:53:bd:24:5f:63:60:d0:5d:c3:b3:26:be:b9:bb:
00:ff:66:c1:65:4e:4a:fb:05:f7:e1:6d:4d:3d:0b:
d4:fb:ec:67:e2:b0:24:9f:d7:0d:43:f1:f6:9c:9d:
5a:2e:e6:ae:8b:49:cf:ba:6d:3d:b0:b5:9a:70:86:
05:39:91:60:ec:c2:83:78:80:d7:da:dd:87:8c:07:
3f:32:84:ad:f3:45:2e:63:f7:f9:b8:86:47:dd:64:
d4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A7:FF:85:49:75:CB:38:1B:9D:1A:B8:DD:CE:05:57:ED:B1:2B:73
X509v3 Authority Key Identifier:
keyid:25:96:AE:D0:C0:CB:3B:CF:E3:18:04:B2:39:CF:46:57:71:2E:27:6A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/JZau0MDLO8_jGASyOc9GV3EuJ2o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JZau0MDLO8_jGASyOc9GV3EuJ2o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/DDBFCC3E74D011EDBF68684EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:30c0:200::/44
2407:30c0:211::-2407:30c0:21c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1b:4e:c3:52:d7:57:ea:5b:1e:eb:e3:ec:71:f2:bf:63:c1:af:
0c:69:7a:7b:7b:cf:07:49:31:62:64:e8:5a:59:37:4d:a6:48:
06:41:2e:d0:3e:66:6a:19:e4:7f:e2:49:07:79:ec:1c:41:6e:
39:77:3f:c2:6e:25:99:af:7d:93:47:d1:2f:f2:0b:6a:7d:0d:
0c:cf:b4:d9:59:47:e1:69:21:e8:99:23:cb:b0:9f:01:d5:a5:
20:43:01:7a:3d:0c:78:cf:94:c9:f8:e3:81:72:1e:9c:95:89:
49:b1:fa:64:2b:bd:68:25:9e:75:da:e4:8d:3e:b0:cd:0a:77:
05:8b:99:51:bb:28:82:9e:9d:bd:8b:c5:dd:fc:ad:a0:2d:d9:
37:36:25:a9:61:eb:62:98:bb:11:21:b7:4e:3c:63:87:e5:38:
8e:e5:98:a6:80:08:1a:de:85:93:c7:da:b0:93:22:9c:96:df:
af:b4:6a:58:e0:33:9e:bd:c8:75:6c:cb:60:62:ef:ca:23:63:
bb:7c:32:a5:69:1b:6d:c5:1d:e4:fd:b7:98:cf:61:6b:7b:e0:
13:6a:bf:f1:b1:83:ca:20:84:79:b4:2f:4c:dc:7c:27:29:93:
1f:66:cb:fd:8c:60:3b:43:11:ab:cd:83:5d:91:e2:1b:20:20:
42:a2:f9:bf
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICA00wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYzMDQxMTAvBgNVBAUTKDI1OTZBRUQwQzBDQjNCQ0ZFMzE4MDRCMjM5Q0Y0NjU3
NzEyRTI3NkEwHhcNMjUwNTEyMjE0MDQ0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODIyNmFkYy1jNDk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA81Vd36W5ujkB1brSOVwEjx2GVUbB6qvxoF3O5vvFX230matf8UtV2jNsPwua
zN/D2E2XqXG/uRvvKZRuN8XSOOrNW2lrz7IRa3kkCXCzqGcCCWApoWm1gNW9p5wR
mAsFIgZ3GOfwu9pbGrzQiP9dPimgHP2RfWfxHQG36KgQD774OxabzTH0r1wX7TYa
IMmXzvcZ1LCm3Bk+88BrQXSxPRIf44e6U70kX2Ng0F3Dsya+ubsA/2bBZU5K+wX3
4W1NPQvU++xn4rAkn9cNQ/H2nJ1aLuaui0nPum09sLWacIYFOZFg7MKDeIDX2t2H
jAc/MoSt80UuY/f5uIZH3WTUyQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFMan/4VJ
dcs4G50auN3OBVftsStzMB8GA1UdIwQYMBaAFCWWrtDAyzvP4xgEsjnPRldxLidq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjMwNC8xOUU0REYwNkRC
MDcxMUVDOTkyMkQ3MEZDNEY5QUUwMi9KWmF1ME1ETE84X2pHQVN5T2M5R1YzRXVK
Mm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0paYXUwTURMTzhfakdBU3lPYzlHVjNFdUoyby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYzMDQvMTlFNERGMDZEQjA3MTFFQzk5MjJENzBGQzRGOUFFMDIvRERCRkNDM0U3
NEQwMTFFREJGNjg2ODRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMCMEAgACMB0DBwQkBzDAAgAwEgMHACQHMMACEQMHACQHMMACHDANBgkqhkiG
9w0BAQsFAAOCAQEAG07DUtdX6lse6+PscfK/Y8GvDGl6e3vPB0kxYmToWlk3TaZI
BkEu0D5mahnkf+JJB3nsHEFuOXc/wm4lma99k0fRL/ILan0NDM+02VlH4Wkh6Jkj
y7CfAdWlIEMBej0MeM+UyfjjgXIenJWJSbH6ZCu9aCWeddrkjT6wzQp3BYuZUbso
gp6dvYvF3fytoC3ZNzYlqWHrYpi7ESG3Tjxjh+U4juWYpoAIGt6Fk8fasJMinJbf
r7RqWOAznr3IdWzLYGLvyiNju3wypWkbbcUd5P23mM9ha3vgE2q/8bGDyiCEebQv
TNx8JymTH2bL/YxgO0MRq82DXZHiGyAgQqL5vw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:15:15 2025 by rpki-client