Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/DDBFCC3E74D011EDBF68684EC4F9AE02.roa
File: DDBFCC3E74D011EDBF68684EC4F9AE02.roa (raw, json)
Hash identifier: sAJg3DCCYRdjAFCi7QXgAP3kSOdimSLLMFAsyPc69fQ=
Subject key identifier: 4A:97:F8:AA:E3:77:B0:11:A2:EC:12:9F:A0:11:30:F6:99:75:84:8A
Certificate issuer: /CN=A91E6304/serialNumber=2596AED0C0CB3BCFE31804B239CF4657712E276A
Certificate serial: 0341
Authority key identifier: 25:96:AE:D0:C0:CB:3B:CF:E3:18:04:B2:39:CF:46:57:71:2E:27:6A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JZau0MDLO8_jGASyOc9GV3EuJ2o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/DDBFCC3E74D011EDBF68684EC4F9AE02.roa
Signing time: Wed 23 Apr 2025 18:08:55 +0000
ROA not before: Wed 23 Apr 2025 18:08:55 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 31898
IP address blocks: 2407:30c0:200::/48 maxlen: 48
2407:30c0:201::/48 maxlen: 48
2407:30c0:202::/48 maxlen: 48
2407:30c0:203::/48 maxlen: 48
2407:30c0:204::/48 maxlen: 48
2407:30c0:205::/48 maxlen: 48
2407:30c0:206::/48 maxlen: 48
2407:30c0:207::/48 maxlen: 48
2407:30c0:208::/48 maxlen: 48
2407:30c0:209::/48 maxlen: 48
2407:30c0:20a::/48 maxlen: 48
2407:30c0:20b::/48 maxlen: 48
2407:30c0:20c::/48 maxlen: 48
2407:30c0:20d::/48 maxlen: 48
2407:30c0:20e::/48 maxlen: 48
2407:30c0:20f::/48 maxlen: 48
2407:30c0:211::/48 maxlen: 48
2407:30c0:212::/48 maxlen: 48
2407:30c0:213::/48 maxlen: 48
2407:30c0:214::/48 maxlen: 48
2407:30c0:215::/48 maxlen: 48
2407:30c0:216::/48 maxlen: 48
2407:30c0:217::/48 maxlen: 48
2407:30c0:218::/48 maxlen: 48
2407:30c0:219::/48 maxlen: 48
2407:30c0:21a::/48 maxlen: 48
2407:30c0:21b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/JZau0MDLO8_jGASyOc9GV3EuJ2o.crl
rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/JZau0MDLO8_jGASyOc9GV3EuJ2o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JZau0MDLO8_jGASyOc9GV3EuJ2o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 01:05:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 833 (0x341)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6304, serialNumber=2596AED0C0CB3BCFE31804B239CF4657712E276A
Validity
Not Before: Apr 23 18:08:55 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=68092cb7-dfcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:27:a9:9a:1a:8a:82:97:8b:e2:36:97:95:d4:
88:ac:13:7b:f8:5e:08:ab:69:da:5e:98:2c:01:07:
7d:22:26:ae:d7:45:13:6a:69:bf:57:1a:f4:79:a2:
a5:02:e7:d0:a6:88:de:cf:d7:15:e6:9c:20:de:44:
14:70:bc:37:00:f8:ed:cf:26:36:e4:66:28:1e:20:
27:d9:6d:f9:9c:35:20:e6:e1:98:8b:14:16:b5:8d:
c3:f5:df:f0:4c:bb:62:ff:70:20:d2:01:88:19:0f:
ea:3b:ec:29:85:c4:ae:e3:cb:f3:16:1b:db:1d:7d:
a0:ac:5e:d5:0b:6b:bc:d1:10:9a:7c:dc:ea:74:f4:
04:ca:c5:05:2b:f1:67:a5:ba:f0:8e:a0:d7:a8:41:
cb:1b:24:f1:56:75:25:7a:bc:e9:05:7d:15:7d:3a:
b4:a2:5e:bf:39:2e:b4:ba:ae:9d:a5:38:e3:ff:9e:
ee:b7:8e:2e:cf:fd:00:62:58:a3:28:85:02:a7:a1:
53:79:52:97:f3:c2:90:a5:0d:4f:b2:d1:11:d0:a9:
a9:ea:72:41:50:65:1a:32:80:98:d5:1a:dd:e0:31:
db:88:15:96:12:03:54:97:52:9e:96:45:01:6f:ad:
03:1e:5e:4d:64:e0:01:97:b7:98:97:25:a9:40:2e:
66:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:97:F8:AA:E3:77:B0:11:A2:EC:12:9F:A0:11:30:F6:99:75:84:8A
X509v3 Authority Key Identifier:
keyid:25:96:AE:D0:C0:CB:3B:CF:E3:18:04:B2:39:CF:46:57:71:2E:27:6A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/JZau0MDLO8_jGASyOc9GV3EuJ2o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JZau0MDLO8_jGASyOc9GV3EuJ2o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6304/19E4DF06DB0711EC9922D70FC4F9AE02/DDBFCC3E74D011EDBF68684EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:30c0:200::/44
2407:30c0:211::-2407:30c0:21b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
47:5a:f4:cc:89:b8:7f:2b:35:f9:f1:fc:b9:f4:b3:3a:c5:29:
29:ed:e2:46:a7:ce:2f:45:f5:f6:32:0f:e3:b1:43:0e:4b:ae:
38:07:5d:0e:00:42:7f:dd:58:a2:88:b0:ff:2f:7a:73:ba:3d:
53:7c:25:ac:2a:9f:40:6c:17:49:b0:f9:c6:1e:b4:33:d1:59:
cd:61:be:f7:43:4e:52:bd:97:6a:f3:c6:85:ab:9b:95:de:e1:
f8:b6:ec:6f:1d:ce:b1:30:e9:e0:b6:b6:ea:c9:17:fa:48:d5:
40:59:ba:63:37:1c:19:4d:1a:b4:6b:3d:09:7d:ca:47:b3:a9:
b8:9c:13:17:5e:a4:5e:46:aa:5e:1b:2d:b0:a5:82:1b:65:2f:
4e:79:4c:ce:77:ff:46:02:2f:b0:a6:80:ef:17:ce:fe:d8:97:
f1:1b:ea:99:4a:30:84:b9:a0:e4:4c:3e:49:43:56:53:e2:c8:
4f:13:f1:be:1b:78:ca:d3:d5:36:d2:8c:0a:be:2e:94:06:83:
bd:76:0f:13:07:9b:39:25:8e:40:ca:29:e0:65:99:c0:12:8d:
93:48:39:9b:e1:5e:e6:6b:d7:44:bc:48:be:aa:72:b7:d4:5a:
50:a8:4a:d6:4b:8a:17:f7:4e:bf:2f:9c:8a:de:39:41:ce:72:
bb:91:77:48
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICA0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYzMDQxMTAvBgNVBAUTKDI1OTZBRUQwQzBDQjNCQ0ZFMzE4MDRCMjM5Q0Y0NjU3
NzEyRTI3NkEwHhcNMjUwNDIzMTgwODU1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA5MmNiNy1kZmNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArCepmhqKgpeL4jaXldSIrBN7+F4Iq2naXpgsAQd9Iiau10UTamm/Vxr0eaKl
AufQpojez9cV5pwg3kQUcLw3APjtzyY25GYoHiAn2W35nDUg5uGYixQWtY3D9d/w
TLti/3Ag0gGIGQ/qO+wphcSu48vzFhvbHX2grF7VC2u80RCafNzqdPQEysUFK/Fn
pbrwjqDXqEHLGyTxVnUlerzpBX0VfTq0ol6/OS60uq6dpTjj/57ut44uz/0AYlij
KIUCp6FTeVKX88KQpQ1PstER0Kmp6nJBUGUaMoCY1Rrd4DHbiBWWEgNUl1KelkUB
b60DHl5NZOABl7eYlyWpQC5m0QIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFEqX+Krj
d7ARouwSn6ARMPaZdYSKMB8GA1UdIwQYMBaAFCWWrtDAyzvP4xgEsjnPRldxLidq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjMwNC8xOUU0REYwNkRC
MDcxMUVDOTkyMkQ3MEZDNEY5QUUwMi9KWmF1ME1ETE84X2pHQVN5T2M5R1YzRXVK
Mm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0paYXUwTURMTzhfakdBU3lPYzlHVjNFdUoyby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYzMDQvMTlFNERGMDZEQjA3MTFFQzk5MjJENzBGQzRGOUFFMDIvRERCRkNDM0U3
NEQwMTFFREJGNjg2ODRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMCMEAgACMB0DBwQkBzDAAgAwEgMHACQHMMACEQMHAiQHMMACGDANBgkqhkiG
9w0BAQsFAAOCAQEAR1r0zIm4fys1+fH8ufSzOsUpKe3iRqfOL0X19jIP47FDDkuu
OAddDgBCf91Yooiw/y96c7o9U3wlrCqfQGwXSbD5xh60M9FZzWG+90NOUr2XavPG
haubld7h+Lbsbx3OsTDp4La26skX+kjVQFm6YzccGU0atGs9CX3KR7OpuJwTF16k
XkaqXhstsKWCG2UvTnlMznf/RgIvsKaA7xfO/tiX8RvqmUowhLmg5Ew+SUNWU+LI
TxPxvht4ytPVNtKMCr4ulAaDvXYPEwebOSWOQMop4GWZwBKNk0g5m+Fe5mvXRLxI
vqpyt9RaUKhK1kuKF/dOvy+cit45Qc5yu5F3SA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:36:44 2025 by rpki-client