Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911251C/F8F7E2506BE011ED99196F62C4F9AE02/B2F017A26BE311ED8B83B484C4F9AE02.roa
File: B2F017A26BE311ED8B83B484C4F9AE02.roa (raw, json)
Hash identifier: 6uCw/qXIdZiC4cEobpHAa9i3YEi9P+DFX8n151x7wcY=
Subject key identifier: 9D:AB:D5:1C:7F:19:8E:D3:8F:A8:49:7C:12:76:AF:90:18:AB:20:75
Certificate issuer: /CN=A911251C/serialNumber=97DA419F3BAB3F657AA5A5C04E057C4AD961BC5B
Certificate serial: 018A
Authority key identifier: 97:DA:41:9F:3B:AB:3F:65:7A:A5:A5:C0:4E:05:7C:4A:D9:61:BC:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l9pBnzurP2V6paXATgV8StlhvFs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911251C/F8F7E2506BE011ED99196F62C4F9AE02/B2F017A26BE311ED8B83B484C4F9AE02.roa
Signing time: Sat 21 Dec 2024 02:06:03 +0000
ROA not before: Sat 21 Dec 2024 02:06:03 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 150441
IP address blocks: 103.42.52.0/23 maxlen: 23
103.42.52.0/24 maxlen: 24
103.42.53.0/24 maxlen: 24
2001:df1:8fc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911251C/F8F7E2506BE011ED99196F62C4F9AE02/l9pBnzurP2V6paXATgV8StlhvFs.crl
rsync://rpki.apnic.net/member_repository/A911251C/F8F7E2506BE011ED99196F62C4F9AE02/l9pBnzurP2V6paXATgV8StlhvFs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l9pBnzurP2V6paXATgV8StlhvFs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 394 (0x18a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911251C, serialNumber=97DA419F3BAB3F657AA5A5C04E057C4AD961BC5B
Validity
Not Before: Dec 21 02:06:03 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6766228b-6cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c0:f7:c1:4e:71:54:a0:5f:4f:50:37:fb:66:
38:a2:88:f4:f0:29:21:44:59:ce:ff:e1:ad:fd:ce:
f1:3d:07:07:5a:8a:97:eb:f6:f5:4a:02:bb:58:94:
bd:6a:91:04:75:a9:d4:42:81:8d:0d:98:07:86:20:
2d:de:55:4a:bf:6a:16:b2:da:15:95:f5:ab:6f:9e:
e5:09:ed:91:50:15:10:f2:56:0b:4c:e0:28:dc:6d:
b9:cb:bd:37:2e:88:e8:f0:f7:20:df:b4:d0:75:a6:
37:7e:6b:b6:22:3f:61:57:84:c5:f4:62:77:3b:da:
dc:21:a3:3d:9d:f3:1f:45:d4:c1:12:43:b3:36:39:
37:d3:f1:0d:fb:34:17:b9:e3:04:c7:a5:1c:a3:93:
94:7e:9e:d3:cc:ec:af:57:21:86:00:a4:a8:3e:39:
21:40:35:1e:2f:c9:66:7b:60:e9:74:1d:49:6d:86:
c4:69:67:82:b7:e7:32:5d:b3:1e:d2:e6:85:0f:5e:
fa:a4:3c:e0:d4:54:e5:f1:71:25:5f:74:87:89:db:
35:d8:a6:8c:df:31:7b:62:2d:19:14:5c:a0:8c:3e:
0b:f2:5c:0a:20:87:65:27:f1:e8:2a:78:dd:4f:1e:
bf:25:2b:54:b5:c6:a1:ff:5f:43:42:25:8d:cc:5d:
c9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AB:D5:1C:7F:19:8E:D3:8F:A8:49:7C:12:76:AF:90:18:AB:20:75
X509v3 Authority Key Identifier:
keyid:97:DA:41:9F:3B:AB:3F:65:7A:A5:A5:C0:4E:05:7C:4A:D9:61:BC:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911251C/F8F7E2506BE011ED99196F62C4F9AE02/l9pBnzurP2V6paXATgV8StlhvFs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l9pBnzurP2V6paXATgV8StlhvFs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911251C/F8F7E2506BE011ED99196F62C4F9AE02/B2F017A26BE311ED8B83B484C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.52.0/23
IPv6:
2001:df1:8fc0::/48
Signature Algorithm: sha256WithRSAEncryption
84:c7:53:c0:69:27:6b:e7:1b:3a:8e:2f:cc:b9:5f:cb:0a:f2:
52:8c:56:dd:a5:02:ca:9b:d1:42:cd:bc:be:f0:24:fa:86:70:
75:95:df:bb:6c:69:30:3e:de:6d:c7:c5:42:10:1e:6f:65:a6:
07:50:32:06:0c:38:15:c5:b2:79:6d:7b:64:a0:26:72:fb:36:
71:27:3c:65:48:56:d7:cb:76:0c:bb:83:e4:f1:67:60:e6:f4:
ef:e6:9d:de:1c:17:d8:7a:ae:f8:22:01:df:73:06:bd:56:d8:
72:39:06:23:9c:ee:1b:e4:11:d2:1d:ae:4d:64:c3:8e:2d:4d:
b5:58:95:94:8b:6b:42:23:3d:d7:a8:19:1c:f0:58:cf:7d:7a:
89:13:dc:b0:90:a6:3e:02:38:a3:2f:43:e9:d1:0d:42:32:b0:
a9:0b:1f:80:16:c6:bc:77:a9:5f:51:20:f8:e3:35:3d:ac:f8:
e5:cf:a4:7b:30:65:73:0a:f7:00:1c:ca:1d:fb:ca:3c:c4:f2:
12:fe:9b:af:ca:6e:88:9b:96:ab:6a:f4:bc:d4:87:6a:29:9e:
2b:0b:36:78:39:b4:44:ab:b1:5c:aa:7e:f4:d3:eb:f8:03:5d:
04:a5:bd:83:8a:8d:f9:f8:4d:3d:7d:dd:77:f9:12:e2:6b:84:
de:8c:39:21
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTI1MUMxMTAvBgNVBAUTKDk3REE0MTlGM0JBQjNGNjU3QUE1QTVDMDRFMDU3QzRB
RDk2MUJDNUIwHhcNMjQxMjIxMDIwNjAzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY2MjI4Yi02Y2ZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsMD3wU5xVKBfT1A3+2Y4ooj08CkhRFnO/+Gt/c7xPQcHWoqX6/b1SgK7WJS9
apEEdanUQoGNDZgHhiAt3lVKv2oWstoVlfWrb57lCe2RUBUQ8lYLTOAo3G25y703
Lojo8Pcg37TQdaY3fmu2Ij9hV4TF9GJ3O9rcIaM9nfMfRdTBEkOzNjk30/EN+zQX
ueMEx6Uco5OUfp7TzOyvVyGGAKSoPjkhQDUeL8lme2DpdB1JbYbEaWeCt+cyXbMe
0uaFD176pDzg1FTl8XElX3SHids12KaM3zF7Yi0ZFFygjD4L8lwKIIdlJ/HoKnjd
Tx6/JStUtcah/19DQiWNzF3JHQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJ2r1Rx/
GY7Tj6hJfBJ2r5AYqyB1MB8GA1UdIwQYMBaAFJfaQZ87qz9leqWlwE4FfErZYbxb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMjUxQy9GOEY3RTI1MDZC
RTAxMUVEOTkxOTZGNjJDNEY5QUUwMi9sOXBCbnp1clAyVjZwYVhBVGdWOFN0bGh2
RnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2w5cEJuenVyUDJWNnBhWEFUZ1Y4U3RsaHZGcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTI1MUMvRjhGN0UyNTA2QkUwMTFFRDk5MTk2RjYyQzRGOUFFMDIvQjJGMDE3QTI2
QkUzMTFFRDhCODNCNDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnKjQwDwQCAAIwCQMHACABDfGPwDANBgkqhkiG9w0BAQsF
AAOCAQEAhMdTwGkna+cbOo4vzLlfywryUoxW3aUCypvRQs28vvAk+oZwdZXfu2xp
MD7ebcfFQhAeb2WmB1AyBgw4FcWyeW17ZKAmcvs2cSc8ZUhW18t2DLuD5PFnYOb0
7+ad3hwX2Hqu+CIB33MGvVbYcjkGI5zuG+QR0h2uTWTDji1NtViVlItrQiM916gZ
HPBYz316iRPcsJCmPgI4oy9D6dENQjKwqQsfgBbGvHepX1Eg+OM1Paz45c+kezBl
cwr3ABzKHfvKPMTyEv6br8puiJuWq2r0vNSHaimeKws2eDm0RKuxXKp+9NPr+ANd
BKW9g4qN+fhNPX3dd/kS4muE3ow5IQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 19:13:00 2025 by rpki-client