Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9127342/6DDBC7FC932711E5A81F303EC4F9AE02/DA37C95AB14511E5B83D2120C4F9AE02.roa
File: DA37C95AB14511E5B83D2120C4F9AE02.roa (raw, json)
Hash identifier: 6e21k1t3PwcFuMYhxFKByN0N0S9Vi6EW4w95vWK0udo=
Subject key identifier: E2:70:08:13:84:A8:70:D1:D3:03:A3:48:28:EA:59:B5:DE:08:75:D2
Certificate issuer: /CN=A9127342/serialNumber=C49663D96BC932D743840BC67FD87BF8E015467C
Certificate serial: 22C6
Authority key identifier: C4:96:63:D9:6B:C9:32:D7:43:84:0B:C6:7F:D8:7B:F8:E0:15:46:7C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xJZj2WvJMtdDhAvGf9h7-OAVRnw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9127342/6DDBC7FC932711E5A81F303EC4F9AE02/DA37C95AB14511E5B83D2120C4F9AE02.roa
Signing time: Sat 04 Jan 2025 16:06:10 +0000
ROA not before: Sat 04 Jan 2025 16:06:10 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 134831
IP address blocks: 103.222.238.0/24 maxlen: 24
103.247.180.0/24 maxlen: 24
2001:df7:a400::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9127342/6DDBC7FC932711E5A81F303EC4F9AE02/xJZj2WvJMtdDhAvGf9h7-OAVRnw.crl
rsync://rpki.apnic.net/member_repository/A9127342/6DDBC7FC932711E5A81F303EC4F9AE02/xJZj2WvJMtdDhAvGf9h7-OAVRnw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xJZj2WvJMtdDhAvGf9h7-OAVRnw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 15:52:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8902 (0x22c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9127342
Validity
Not Before: Jan 4 16:06:10 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67795c72-2159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:09:fa:af:56:79:0d:a2:b9:1c:08:c6:6c:6b:
41:c3:14:9b:17:10:e8:ae:ad:6c:2d:64:0a:17:d1:
27:93:dc:63:d0:48:61:29:6c:a5:ef:b1:23:a0:9c:
7d:fb:5a:d6:76:91:f2:70:b9:79:c7:3b:ea:95:d4:
e1:13:df:02:1c:5c:01:b8:a5:c0:3b:9e:c3:46:40:
17:31:76:d1:75:f2:ee:ca:c3:fa:93:fc:1a:f4:1d:
c7:b8:fa:93:8f:9e:6b:e6:e6:1b:7a:cf:b5:e9:b8:
53:c3:e7:a6:48:58:9f:a8:8a:ea:d1:98:cb:47:f9:
ed:44:f8:84:09:8e:f7:a1:32:cf:58:79:b5:fb:df:
be:f9:c4:f6:9e:bb:88:02:ca:a4:2e:12:e7:db:0b:
b6:29:eb:77:d6:5b:df:91:aa:fd:48:50:9e:dd:75:
1e:32:7f:55:d9:7f:4a:70:50:92:16:03:79:0a:59:
4b:58:79:1c:92:ad:92:a4:d9:61:06:6f:89:26:08:
3f:8c:93:62:b9:6f:a7:7f:55:02:a0:26:f0:0f:47:
4b:97:9f:c0:77:2d:39:cf:20:41:3f:ef:eb:c8:b5:
50:b2:20:f9:cc:36:cf:91:be:9f:8c:ec:72:c5:d1:
d3:dc:a4:64:5d:81:62:13:8a:e7:1a:7e:8e:3c:35:
ad:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:70:08:13:84:A8:70:D1:D3:03:A3:48:28:EA:59:B5:DE:08:75:D2
X509v3 Authority Key Identifier:
keyid:C4:96:63:D9:6B:C9:32:D7:43:84:0B:C6:7F:D8:7B:F8:E0:15:46:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9127342/6DDBC7FC932711E5A81F303EC4F9AE02/xJZj2WvJMtdDhAvGf9h7-OAVRnw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xJZj2WvJMtdDhAvGf9h7-OAVRnw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127342/6DDBC7FC932711E5A81F303EC4F9AE02/DA37C95AB14511E5B83D2120C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.222.238.0/24
103.247.180.0/24
IPv6:
2001:df7:a400::/48
Signature Algorithm: sha256WithRSAEncryption
43:ef:f5:a9:6d:66:1f:ae:16:81:ca:99:8f:ba:77:b5:43:28:
22:47:33:d1:c4:97:02:55:59:ac:2d:36:da:58:34:77:e2:4e:
19:d1:c3:f6:e8:7f:b1:80:11:2c:5f:cb:36:42:8e:29:ed:59:
eb:fa:03:be:04:87:ca:b3:7b:c0:b1:bb:5e:05:8a:a7:9f:e9:
fa:e0:e6:b4:4d:f0:a4:2c:9a:6c:7e:6b:19:35:f4:fa:56:41:
95:f3:d4:00:ef:4d:93:42:18:6f:c7:d6:cc:97:4a:f0:9d:5b:
36:8c:48:c1:53:d9:61:36:e6:aa:e8:45:ff:3b:04:58:1e:53:
b6:26:0a:ab:34:c9:7f:8a:41:20:62:ff:08:76:ae:8f:b0:b7:
b4:2c:c0:56:4c:4e:d9:72:63:dd:68:44:0f:ae:30:f4:31:aa:
4e:b2:75:8f:c6:a2:33:a7:ba:5f:db:56:31:d1:b8:c7:aa:ef:
cb:29:0d:2f:6f:78:24:44:3f:42:63:93:39:57:f3:d0:b2:8c:
6e:99:87:b2:28:52:20:87:aa:56:9a:b3:4a:3a:57:bb:eb:19:
d4:14:af:09:1c:7a:e3:e1:7d:82:3e:db:0a:7f:16:0a:1e:6a:
7b:c7:dd:94:f3:b8:11:bf:67:11:7b:ed:d8:cd:d9:9d:09:6e:
0f:70:38:40
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICIsYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjczNDIxMTAvBgNVBAUTKEM0OTY2M0Q5NkJDOTMyRDc0Mzg0MEJDNjdGRDg3QkY4
RTAxNTQ2N0MwHhcNMjUwMTA0MTYwNjEwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc5NWM3Mi0yMTU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxwn6r1Z5DaK5HAjGbGtBwxSbFxDorq1sLWQKF9Enk9xj0EhhKWyl77EjoJx9
+1rWdpHycLl5xzvqldThE98CHFwBuKXAO57DRkAXMXbRdfLuysP6k/wa9B3HuPqT
j55r5uYbes+16bhTw+emSFifqIrq0ZjLR/ntRPiECY73oTLPWHm1+9+++cT2nruI
AsqkLhLn2wu2Ket31lvfkar9SFCe3XUeMn9V2X9KcFCSFgN5CllLWHkckq2SpNlh
Bm+JJgg/jJNiuW+nf1UCoCbwD0dLl5/Ady05zyBBP+/ryLVQsiD5zDbPkb6fjOxy
xdHT3KRkXYFiE4rnGn6OPDWtkwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFOJwCBOE
qHDR0wOjSCjqWbXeCHXSMB8GA1UdIwQYMBaAFMSWY9lryTLXQ4QLxn/Ye/jgFUZ8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzM0Mi82RERCQzdGQzkz
MjcxMUU1QTgxRjMwM0VDNEY5QUUwMi94SlpqMld2Sk10ZERoQXZHZjloNy1PQVZS
bncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hKWmoyV3ZKTXRkRGhBdkdmOWg3LU9BVlJudy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjczNDIvNkREQkM3RkM5MzI3MTFFNUE4MUYzMDNFQzRGOUFFMDIvREEzN0M5NUFC
MTQ1MTFFNUI4M0QyMTIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABn3u4DBABn97QwDwQCAAIwCQMHACABDfekADANBgkqhkiG
9w0BAQsFAAOCAQEAQ+/1qW1mH64WgcqZj7p3tUMoIkcz0cSXAlVZrC022lg0d+JO
GdHD9uh/sYARLF/LNkKOKe1Z6/oDvgSHyrN7wLG7XgWKp5/p+uDmtE3wpCyabH5r
GTX0+lZBlfPUAO9Nk0IYb8fWzJdK8J1bNoxIwVPZYTbmquhF/zsEWB5TtiYKqzTJ
f4pBIGL/CHauj7C3tCzAVkxO2XJj3WhED64w9DGqTrJ1j8aiM6e6X9tWMdG4x6rv
yykNL294JEQ/QmOTOVfz0LKMbpmHsihSIIeqVpqzSjpXu+sZ1BSvCRx64+F9gj7b
Cn8WCh5qe8fdlPO4Eb9nEXvt2M3ZnQluD3A4QA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:59:05 2025 by rpki-client