Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9130128/91BC37526AE811ECA448465BC4F9AE02/BD6C86326AEC11ECB61ECF30C4F9AE02.roa
File: BD6C86326AEC11ECB61ECF30C4F9AE02.roa (raw, json)
Hash identifier: ycvRnCz+W4ba8DDROuCngyAKLqsVfBGFpl90bOtHXMA=
Subject key identifier: C6:81:BF:5E:3B:F9:4A:4F:A4:57:5C:91:2A:E6:77:B4:0E:1D:7D:4C
Certificate issuer: /CN=A9130128/serialNumber=2F4C8C4ACC455C6D5A490C4090B3A352A8AF1CB5
Certificate serial: 03E3
Authority key identifier: 2F:4C:8C:4A:CC:45:5C:6D:5A:49:0C:40:90:B3:A3:52:A8:AF:1C:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L0yMSsxFXG1aSQxAkLOjUqivHLU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9130128/91BC37526AE811ECA448465BC4F9AE02/BD6C86326AEC11ECB61ECF30C4F9AE02.roa
Signing time: Wed 15 Jan 2025 00:23:54 +0000
ROA not before: Wed 15 Jan 2025 00:23:54 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 137403
IP address blocks: 103.178.242.0/23 maxlen: 23
103.178.242.0/24 maxlen: 24
103.178.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9130128/91BC37526AE811ECA448465BC4F9AE02/L0yMSsxFXG1aSQxAkLOjUqivHLU.crl
rsync://rpki.apnic.net/member_repository/A9130128/91BC37526AE811ECA448465BC4F9AE02/L0yMSsxFXG1aSQxAkLOjUqivHLU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L0yMSsxFXG1aSQxAkLOjUqivHLU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 00:12:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 995 (0x3e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9130128
Validity
Not Before: Jan 15 00:23:54 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6787001a-f0ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6f:09:ae:0c:0c:98:cc:42:9c:69:fd:64:83:
56:18:0e:ba:e5:2e:58:bd:c2:ab:29:3f:bb:01:51:
a9:a7:58:97:6d:5c:17:9d:ff:d0:1e:04:fe:c1:ff:
bf:c1:93:54:47:97:12:2e:f3:d7:de:38:a5:31:36:
af:bd:94:0d:8b:ae:7f:bd:5f:78:4f:30:64:38:7e:
ad:3b:48:75:00:ae:9c:bb:bf:21:5d:ef:fb:ca:62:
bc:47:9f:bb:50:92:e2:2e:cd:d2:46:f6:a9:86:38:
0c:87:69:47:24:85:ef:90:9b:ff:37:ca:b5:38:6c:
6a:8e:06:d0:1c:a6:21:14:50:d0:5c:37:17:1e:af:
78:29:8a:13:5c:ba:01:f9:54:aa:34:ce:12:7b:27:
4e:2b:f1:6f:1d:0f:52:c2:bf:d6:64:6c:2b:16:1a:
e5:58:f8:66:57:9a:c1:cf:7e:a9:78:72:cc:93:6e:
01:c1:82:b9:8f:e1:63:80:0f:7a:82:5f:a6:b8:25:
bd:03:5d:0a:61:19:c0:5b:24:8c:be:7c:0b:3c:ee:
f2:64:b3:0d:40:3e:6f:3b:e5:84:67:a1:31:78:dc:
38:37:e8:4a:9f:9d:02:86:83:79:18:ef:9c:8f:a3:
e1:5a:9f:06:59:81:1e:8a:5d:74:7d:8b:cc:4c:b9:
02:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:81:BF:5E:3B:F9:4A:4F:A4:57:5C:91:2A:E6:77:B4:0E:1D:7D:4C
X509v3 Authority Key Identifier:
keyid:2F:4C:8C:4A:CC:45:5C:6D:5A:49:0C:40:90:B3:A3:52:A8:AF:1C:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9130128/91BC37526AE811ECA448465BC4F9AE02/L0yMSsxFXG1aSQxAkLOjUqivHLU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L0yMSsxFXG1aSQxAkLOjUqivHLU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130128/91BC37526AE811ECA448465BC4F9AE02/BD6C86326AEC11ECB61ECF30C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.178.242.0/23
Signature Algorithm: sha256WithRSAEncryption
24:9e:11:34:b8:d8:2e:75:f0:54:15:de:da:bf:1a:57:7a:0c:
aa:9a:ef:13:fb:04:f8:cf:67:5a:6f:d9:2c:36:57:80:50:be:
09:b9:cf:3e:78:34:b8:de:12:b5:c4:12:28:26:44:e8:a0:fd:
7a:cb:8a:40:9b:bf:24:96:c5:3c:0d:7c:a5:52:10:8a:a2:76:
05:6f:bd:98:eb:24:66:76:3d:d5:4c:3c:9f:00:4d:c7:c0:ca:
13:03:ef:38:e4:32:b4:27:b4:4a:ba:22:78:68:86:8e:03:53:
d6:dd:ac:69:76:04:19:e6:f4:8e:54:26:e2:13:45:1a:46:04:
99:0a:a9:d6:1e:29:b1:b9:22:21:76:18:53:c2:e4:39:42:d6:
d0:b1:43:e4:28:e2:f8:5a:cd:30:02:05:61:b9:d2:21:56:b1:
70:8a:f4:ba:28:14:83:e2:18:dc:12:b6:14:20:63:2d:c2:0d:
2a:c4:25:e7:14:7c:4d:ef:a4:73:2e:2b:3c:75:58:ad:e7:ce:
22:0a:9f:58:28:d0:ec:2d:61:95:e3:01:07:27:2b:17:f2:f5:
7e:a7:92:38:58:0f:95:42:c3:42:8f:c8:47:63:5b:e1:ff:4a:
f6:eb:cb:c7:e0:b0:de:c5:43:6c:4b:dc:fa:ee:f2:f6:e3:0c:
04:3b:0a:4b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA+MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzAxMjgxMTAvBgNVBAUTKDJGNEM4QzRBQ0M0NTVDNkQ1QTQ5MEM0MDkwQjNBMzUy
QThBRjFDQjUwHhcNMjUwMTE1MDAyMzU0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg3MDAxYS1mMGFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoW8JrgwMmMxCnGn9ZINWGA665S5YvcKrKT+7AVGpp1iXbVwXnf/QHgT+wf+/
wZNUR5cSLvPX3jilMTavvZQNi65/vV94TzBkOH6tO0h1AK6cu78hXe/7ymK8R5+7
UJLiLs3SRvaphjgMh2lHJIXvkJv/N8q1OGxqjgbQHKYhFFDQXDcXHq94KYoTXLoB
+VSqNM4SeydOK/FvHQ9Swr/WZGwrFhrlWPhmV5rBz36peHLMk24BwYK5j+FjgA96
gl+muCW9A10KYRnAWySMvnwLPO7yZLMNQD5vO+WEZ6ExeNw4N+hKn50ChoN5GO+c
j6PhWp8GWYEeil10fYvMTLkC2QIDAQABo4IClTCCApEwHQYDVR0OBBYEFMaBv147
+UpPpFdckSrmd7QOHX1MMB8GA1UdIwQYMBaAFC9MjErMRVxtWkkMQJCzo1Korxy1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDEyOC85MUJDMzc1MjZB
RTgxMUVDQTQ0ODQ2NUJDNEY5QUUwMi9MMHlNU3N4RlhHMWFTUXhBa0xPalVxaXZI
TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0wweU1Tc3hGWEcxYVNReEFrTE9qVXFpdkhMVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzAxMjgvOTFCQzM3NTI2QUU4MTFFQ0E0NDg0NjVCQzRGOUFFMDIvQkQ2Qzg2MzI2
QUVDMTFFQ0I2MUVDRjMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnsvIwDQYJKoZIhvcNAQELBQADggEBACSeETS42C518FQV
3tq/Gld6DKqa7xP7BPjPZ1pv2Sw2V4BQvgm5zz54NLjeErXEEigmROig/XrLikCb
vySWxTwNfKVSEIqidgVvvZjrJGZ2PdVMPJ8ATcfAyhMD7zjkMrQntEq6Inhoho4D
U9bdrGl2BBnm9I5UJuITRRpGBJkKqdYeKbG5IiF2GFPC5DlC1tCxQ+Qo4vhazTAC
BWG50iFWsXCK9LooFIPiGNwSthQgYy3CDSrEJecUfE3vpHMuKzx1WK3nziIKn1go
0OwtYZXjAQcnKxfy9X6nkjhYD5VCw0KPyEdjW+H/Svbry8fgsN7FQ2xL3Pru8vbj
DAQ7Cks=
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:37:49 2025 by rpki-client