Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912E898/211C64468C2811E9B02BCD80C4F9AE02/6E37C53C72CA11EC8CE7244BC4F9AE02.roa
File: 6E37C53C72CA11EC8CE7244BC4F9AE02.roa (raw, json)
Hash identifier: IptQh9J7jeiBWTQD/hPt8ei062oDoKw0nZ49KCuQKMI=
Subject key identifier: FB:EA:21:A9:65:3C:B8:F2:44:FA:B8:DF:B7:FB:09:48:76:D4:86:26
Certificate issuer: /CN=A912E898/serialNumber=482DADB992DE2CF1BF990836478E19944995B1E0
Certificate serial: 0E76
Authority key identifier: 48:2D:AD:B9:92:DE:2C:F1:BF:99:08:36:47:8E:19:94:49:95:B1:E0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC2tuZLeLPG_mQg2R44ZlEmVseA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912E898/211C64468C2811E9B02BCD80C4F9AE02/6E37C53C72CA11EC8CE7244BC4F9AE02.roa
Signing time: Thu 30 Jan 2025 18:06:36 +0000
ROA not before: Thu 30 Jan 2025 18:06:36 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 134715
IP address blocks: 103.133.216.0/22 maxlen: 24
2404:5540::/32 maxlen: 40
2404:5540:400::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912E898/211C64468C2811E9B02BCD80C4F9AE02/SC2tuZLeLPG_mQg2R44ZlEmVseA.crl
rsync://rpki.apnic.net/member_repository/A912E898/211C64468C2811E9B02BCD80C4F9AE02/SC2tuZLeLPG_mQg2R44ZlEmVseA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC2tuZLeLPG_mQg2R44ZlEmVseA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 17:36:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3702 (0xe76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912E898, serialNumber=482DADB992DE2CF1BF990836478E19944995B1E0
Validity
Not Before: Jan 30 18:06:36 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679bbfac-4757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:00:f9:a4:58:79:e2:72:e9:60:4a:27:e0:77:
a0:97:53:ae:7d:fb:b6:0c:2b:c5:78:95:95:35:00:
e6:7b:46:fd:23:91:9d:9a:00:f3:77:22:a0:56:e4:
91:b1:7e:05:14:9e:71:6e:0a:5c:31:b8:04:ea:d8:
24:4f:ba:0d:5f:32:ce:48:f9:c2:ef:59:32:61:40:
d6:06:1d:59:5e:7b:ce:60:ae:d2:a7:ca:db:59:8b:
73:11:44:8e:12:35:67:c1:99:f0:ee:4e:e3:7d:f5:
75:86:5b:0c:fa:3d:82:48:9b:75:26:f7:00:85:87:
93:9e:ff:b8:bb:ad:6a:03:bf:b0:a4:c7:f4:14:d8:
45:9e:66:f6:e9:51:eb:cc:7d:e4:5d:0d:7b:75:d3:
ce:a6:07:3b:c5:d9:57:17:9d:d2:5b:a7:fc:e7:6e:
60:df:f1:db:87:04:01:b3:c3:ad:ab:e6:e4:d5:51:
01:ec:9d:6b:09:1c:3d:f7:15:ca:ed:2a:9f:de:df:
9b:93:2b:8f:f6:86:10:da:0f:c6:6a:cd:c5:0f:7d:
37:bd:5e:51:c9:be:9b:d6:9e:6a:df:ee:97:95:48:
77:88:6a:85:db:67:71:51:f4:f3:bc:15:1e:6d:53:
1e:16:66:af:07:68:d0:26:6a:fb:b7:66:d2:aa:0f:
fc:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:EA:21:A9:65:3C:B8:F2:44:FA:B8:DF:B7:FB:09:48:76:D4:86:26
X509v3 Authority Key Identifier:
keyid:48:2D:AD:B9:92:DE:2C:F1:BF:99:08:36:47:8E:19:94:49:95:B1:E0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912E898/211C64468C2811E9B02BCD80C4F9AE02/SC2tuZLeLPG_mQg2R44ZlEmVseA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC2tuZLeLPG_mQg2R44ZlEmVseA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E898/211C64468C2811E9B02BCD80C4F9AE02/6E37C53C72CA11EC8CE7244BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.216.0/22
IPv6:
2404:5540::/32
Signature Algorithm: sha256WithRSAEncryption
8f:e3:9e:7b:8b:3b:e3:4f:85:d9:7b:7d:1d:e3:f9:c9:55:43:
87:65:1f:51:3e:7e:c7:29:3d:d6:2c:77:df:08:0d:ee:be:8f:
d4:6a:af:88:76:5b:ba:55:eb:7a:26:32:df:30:16:b7:60:ad:
61:5b:1b:dc:08:c0:59:34:cd:44:5a:c5:d8:d5:5c:c3:d1:62:
08:e8:cd:77:b5:00:51:1e:74:c8:de:ec:a4:9a:23:da:92:ba:
d1:7a:d1:3d:f8:6d:82:b6:61:44:73:ee:4f:fc:69:64:9c:c9:
72:2c:fa:e0:ad:a6:8f:00:79:b5:49:ec:3a:03:14:23:3a:61:
46:4d:31:40:64:be:b7:09:b5:e6:15:15:f9:19:ee:47:12:f0:
3c:52:3c:e7:1f:aa:8e:de:1f:cb:9d:7b:70:30:aa:7e:58:ad:
24:0f:32:10:e6:21:0f:34:39:5a:33:f5:91:9d:a1:7b:7f:e0:
ec:e6:90:fd:70:96:8e:16:e2:3b:1e:a7:e6:1b:6e:c9:f2:a4:
6e:4f:b1:3c:5c:2d:b9:3a:73:54:2f:a3:2e:fd:c9:04:7e:0c:
e8:ae:d3:c7:89:8c:5a:1e:fc:25:5e:ea:9f:41:d4:1e:fd:75:
04:3a:91:c2:a6:0e:8e:3a:c0:e0:38:5e:07:70:3b:d0:5f:28:
1b:9c:da:e9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDnYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkU4OTgxMTAvBgNVBAUTKDQ4MkRBREI5OTJERTJDRjFCRjk5MDgzNjQ3OEUxOTk0
NDk5NUIxRTAwHhcNMjUwMTMwMTgwNjM2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzliYmZhYy00NzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6wD5pFh54nLpYEon4Hegl1Ouffu2DCvFeJWVNQDme0b9I5GdmgDzdyKgVuSR
sX4FFJ5xbgpcMbgE6tgkT7oNXzLOSPnC71kyYUDWBh1ZXnvOYK7Sp8rbWYtzEUSO
EjVnwZnw7k7jffV1hlsM+j2CSJt1JvcAhYeTnv+4u61qA7+wpMf0FNhFnmb26VHr
zH3kXQ17ddPOpgc7xdlXF53SW6f8525g3/HbhwQBs8Otq+bk1VEB7J1rCRw99xXK
7Sqf3t+bkyuP9oYQ2g/Gas3FD303vV5Ryb6b1p5q3+6XlUh3iGqF22dxUfTzvBUe
bVMeFmavB2jQJmr7t2bSqg/8yQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPvqIall
PLjyRPq437f7CUh21IYmMB8GA1UdIwQYMBaAFEgtrbmS3izxv5kINkeOGZRJlbHg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTg5OC8yMTFDNjQ0NjhD
MjgxMUU5QjAyQkNEODBDNEY5QUUwMi9TQzJ0dVpMZUxQR19tUWcyUjQ0WmxFbVZz
ZUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDMnR1WkxlTFBHX21RZzJSNDRabEVtVnNlQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkU4OTgvMjExQzY0NDY4QzI4MTFFOUIwMkJDRDgwQzRGOUFFMDIvNkUzN0M1M0M3
MkNBMTFFQzhDRTcyNDRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnhdgwDQQCAAIwBwMFACQEVUAwDQYJKoZIhvcNAQELBQAD
ggEBAI/jnnuLO+NPhdl7fR3j+clVQ4dlH1E+fscpPdYsd98IDe6+j9Rqr4h2W7pV
63omMt8wFrdgrWFbG9wIwFk0zURaxdjVXMPRYgjozXe1AFEedMje7KSaI9qSutF6
0T34bYK2YURz7k/8aWScyXIs+uCtpo8AebVJ7DoDFCM6YUZNMUBkvrcJteYVFfkZ
7kcS8DxSPOcfqo7eH8ude3Awqn5YrSQPMhDmIQ80OVoz9ZGdoXt/4OzmkP1wlo4W
4jsep+YbbsnypG5PsTxcLbk6c1Qvoy79yQR+DOiu08eJjFoe/CVe6p9B1B79dQQ6
kcKmDo46wOA4XgdwO9BfKBuc2uk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:46:08 2025 by rpki-client