Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/F7D11060619811ED9437B344C4F9AE02.roa
File: F7D11060619811ED9437B344C4F9AE02.roa (raw, json)
Hash identifier: qAnnelNEaBIcl+tlBGt8/4Pa4w6K1hQge4BvLhS2BHE=
Subject key identifier: 51:C8:7C:85:E9:49:32:33:5B:72:0E:C2:E8:04:CC:EA:DF:7E:0A:6D
Certificate issuer: /CN=A9124679/serialNumber=0A480517741076FE763E4E9E32F35BD459893292
Certificate serial: 01C9
Authority key identifier: 0A:48:05:17:74:10:76:FE:76:3E:4E:9E:32:F3:5B:D4:59:89:32:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/F7D11060619811ED9437B344C4F9AE02.roa
Signing time: Thu 20 Feb 2025 06:37:55 +0000
ROA not before: Thu 20 Feb 2025 06:37:55 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 134840
IP address blocks: 103.57.204.0/24 maxlen: 24
103.57.205.0/24 maxlen: 24
103.57.206.0/24 maxlen: 24
103.57.207.0/24 maxlen: 24
103.203.132.0/24 maxlen: 24
103.203.133.0/24 maxlen: 24
103.203.134.0/24 maxlen: 24
103.203.135.0/24 maxlen: 24
103.237.112.0/24 maxlen: 24
103.237.113.0/24 maxlen: 24
103.237.114.0/24 maxlen: 24
103.237.115.0/24 maxlen: 24
116.206.192.0/24 maxlen: 24
116.206.193.0/24 maxlen: 24
116.206.194.0/24 maxlen: 24
116.206.195.0/24 maxlen: 24
121.46.71.0/24 maxlen: 24
180.235.116.0/24 maxlen: 24
180.235.117.0/24 maxlen: 24
180.235.118.0/24 maxlen: 24
180.235.119.0/24 maxlen: 24
2403:c280::/32 maxlen: 32
2403:c280::/48 maxlen: 48
2403:c280:1::/48 maxlen: 48
2403:c280:2::/48 maxlen: 48
2403:c280:3::/48 maxlen: 48
2403:c280:4::/48 maxlen: 48
2403:c280:5::/48 maxlen: 48
2403:c280:6::/48 maxlen: 48
2403:c280:7::/48 maxlen: 48
2403:c280:8::/48 maxlen: 48
2403:c280:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.crl
rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 01:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 457 (0x1c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9124679, serialNumber=0A480517741076FE763E4E9E32F35BD459893292
Validity
Not Before: Feb 20 06:37:55 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67b6cdc3-c6bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:80:4b:c2:0d:08:9c:0c:16:8f:7c:e1:c8:55:
d9:8b:b6:46:b4:97:d6:93:64:0d:4f:ed:7b:32:05:
e2:67:9d:b8:19:35:a0:55:0d:97:5e:db:61:69:26:
41:01:cb:ea:3b:ab:17:aa:1d:a3:cb:19:25:52:62:
fb:7f:57:85:69:f5:7e:4e:68:56:e4:09:ba:18:e8:
20:01:ec:a6:43:3b:2e:8e:f4:10:1f:fc:f1:39:7e:
d1:d7:dc:87:ac:bd:7c:19:ed:de:d1:ef:b6:4f:32:
d5:58:c0:8e:ff:94:ca:88:49:e2:c4:5e:41:cd:98:
a5:3e:e2:ec:fa:04:9a:e0:59:13:29:95:e5:99:41:
d5:2a:63:8d:cf:b8:dd:5e:dd:54:56:3d:8f:ff:ee:
e5:5f:5b:54:04:31:ce:80:0c:7f:6d:0a:93:e4:2f:
10:42:32:de:b1:09:d7:43:58:a0:f3:6a:4a:e8:5a:
76:f7:b5:83:e7:17:5e:22:21:e9:fd:f1:d2:d4:7f:
02:d9:96:cf:22:d3:94:a5:10:76:a6:2c:c7:60:32:
26:44:c4:f4:6d:57:2e:41:d8:31:6e:56:0e:d2:f4:
fa:90:d9:b2:ec:a5:56:d5:d8:ae:df:7f:db:f4:81:
8e:a4:5f:3b:3e:16:85:cd:87:5e:a6:ba:cd:88:a4:
b8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C8:7C:85:E9:49:32:33:5B:72:0E:C2:E8:04:CC:EA:DF:7E:0A:6D
X509v3 Authority Key Identifier:
keyid:0A:48:05:17:74:10:76:FE:76:3E:4E:9E:32:F3:5B:D4:59:89:32:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/F7D11060619811ED9437B344C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.57.204.0/22
103.203.132.0/22
103.237.112.0/22
116.206.192.0/22
121.46.71.0/24
180.235.116.0/22
IPv6:
2403:c280::/32
Signature Algorithm: sha256WithRSAEncryption
b6:a0:3c:d6:a4:b4:46:ea:47:8c:15:ed:40:ce:2a:47:96:a6:
e9:81:b9:86:5a:94:1f:54:f6:50:36:aa:60:38:5e:12:7b:23:
18:03:6e:01:34:d7:a3:5d:32:1d:c8:b1:ff:73:61:4e:e0:0e:
cc:b3:b6:84:3a:14:69:8a:fd:94:a9:7d:95:85:71:60:9a:93:
62:99:24:b0:6f:0d:6b:09:f7:0b:22:a6:5a:7b:13:5a:b2:aa:
df:dd:bd:c7:d1:7f:e5:fd:68:f7:64:65:88:25:81:e2:21:66:
9b:b7:a2:e9:ee:32:07:58:d9:fa:c3:28:65:ae:40:72:ea:c8:
26:94:02:27:c0:84:f2:51:d7:8b:d4:98:26:cd:d8:fb:82:d3:
a1:90:1e:19:5e:00:d4:41:18:70:d3:d9:91:86:1a:92:63:48:
45:a8:41:7c:95:dc:03:bd:6e:38:e4:75:35:93:bb:e4:0a:8d:
ae:05:cf:9e:c3:36:85:3c:44:78:e7:6b:df:dc:55:54:34:df:
a5:8c:b9:1f:07:75:af:a1:65:2c:39:be:cd:4f:e7:69:3c:3d:
74:1d:0f:0b:9a:5f:e4:cb:7f:2d:c1:97:90:da:f0:ed:28:25:
be:88:4f:6f:e9:40:3c:42:1c:af:c6:35:53:11:f9:bb:0c:6e:
83:0b:be:72
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICAckwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQ2NzkxMTAvBgNVBAUTKDBBNDgwNTE3NzQxMDc2RkU3NjNFNEU5RTMyRjM1QkQ0
NTk4OTMyOTIwHhcNMjUwMjIwMDYzNzU1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I2Y2RjMy1jNmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0YBLwg0InAwWj3zhyFXZi7ZGtJfWk2QNT+17MgXiZ524GTWgVQ2XXtthaSZB
AcvqO6sXqh2jyxklUmL7f1eFafV+TmhW5Am6GOggAeymQzsujvQQH/zxOX7R19yH
rL18Ge3e0e+2TzLVWMCO/5TKiEnixF5BzZilPuLs+gSa4FkTKZXlmUHVKmONz7jd
Xt1UVj2P/+7lX1tUBDHOgAx/bQqT5C8QQjLesQnXQ1ig82pK6Fp297WD5xdeIiHp
/fHS1H8C2ZbPItOUpRB2pizHYDImRMT0bVcuQdgxblYO0vT6kNmy7KVW1diu33/b
9IGOpF87PhaFzYdeprrNiKS4zwIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFFHIfIXp
STIzW3IOwugEzOrffgptMB8GA1UdIwQYMBaAFApIBRd0EHb+dj5OnjLzW9RZiTKS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDY3OS9GNUI3OEE4ODYx
OTQxMUVEOENEQkEyM0VDNEY5QUUwMi9Da2dGRjNRUWR2NTJQazZlTXZOYjFGbUpN
cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NrZ0ZGM1FRZHY1MlBrNmVNdk5iMUZtSk1wSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ2NzkvRjVCNzhBODg2MTk0MTFFRDhDREJBMjNFQzRGOUFFMDIvRjdEMTEwNjA2
MTk4MTFFRDk0MzdCMzQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAJnOcwDBAJny4QDBAJn7XADBAJ0zsADBAB5LkcDBAK063Qw
DQQCAAIwBwMFACQDwoAwDQYJKoZIhvcNAQELBQADggEBALagPNaktEbqR4wV7UDO
KkeWpumBuYZalB9U9lA2qmA4XhJ7IxgDbgE016NdMh3Isf9zYU7gDsyztoQ6FGmK
/ZSpfZWFcWCak2KZJLBvDWsJ9wsiplp7E1qyqt/dvcfRf+X9aPdkZYglgeIhZpu3
ounuMgdY2frDKGWuQHLqyCaUAifAhPJR14vUmCbN2PuC06GQHhleANRBGHDT2ZGG
GpJjSEWoQXyV3AO9bjjkdTWTu+QKja4Fz57DNoU8RHjna9/cVVQ036WMuR8Hda+h
ZSw5vs1P52k8PXQdDwuaX+TLfy3Bl5Da8O0oJb6IT2/pQDxCHK/GNVMR+bsMboML
vnI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:10:25 2025 by rpki-client