Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/B394CFAA3B1C11EE9AEE717AC4F9AE02.roa
File: B394CFAA3B1C11EE9AEE717AC4F9AE02.roa (raw, json)
Hash identifier: itui9dWg0G04SAz0tNGsUM1LVCVeybo3ZddvvnrIfd8=
Subject key identifier: C4:E3:54:DB:84:EE:82:2E:01:E7:65:56:44:1A:3A:AE:51:3D:D2:A1
Certificate issuer: /CN=A913345B/serialNumber=846AC847DAC6B04209C72ACF464EBEEA16522052
Certificate serial: 0A5B
Authority key identifier: 84:6A:C8:47:DA:C6:B0:42:09:C7:2A:CF:46:4E:BE:EA:16:52:20:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hGrIR9rGsEIJxyrPRk6-6hZSIFI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/B394CFAA3B1C11EE9AEE717AC4F9AE02.roa
Signing time: Mon 10 Mar 2025 20:09:22 +0000
ROA not before: Mon 10 Mar 2025 20:09:22 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 54600
IP address blocks: 103.149.40.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/hGrIR9rGsEIJxyrPRk6-6hZSIFI.crl
rsync://rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/hGrIR9rGsEIJxyrPRk6-6hZSIFI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hGrIR9rGsEIJxyrPRk6-6hZSIFI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 19:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2651 (0xa5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913345B, serialNumber=846AC847DAC6B04209C72ACF464EBEEA16522052
Validity
Not Before: Mar 10 20:09:22 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67cf46f1-241e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ff:e7:61:79:d0:49:26:b7:29:0c:60:9f:ad:
72:31:fe:98:10:6c:22:6a:7d:f3:de:e6:23:43:48:
d2:9c:74:48:14:5c:7c:fc:ee:2d:3b:62:ba:02:79:
d0:82:79:38:e1:74:90:a8:3c:3f:bd:13:16:0e:3c:
85:e7:d6:7d:ff:0d:79:cc:ea:13:9e:c7:96:bb:30:
1f:e6:df:54:1c:0a:ac:d4:22:30:ff:6e:2f:40:a0:
96:98:46:d4:92:17:aa:87:af:1b:02:dd:65:29:d9:
3e:9d:5c:e1:66:51:b8:8e:dd:a8:e8:7d:24:49:87:
c2:0c:d7:cd:4d:65:83:8f:e2:67:19:4b:a7:59:ba:
ab:14:9b:93:fe:af:f6:5a:ca:75:91:b5:7e:f2:76:
52:ca:75:27:b1:93:ee:ef:c9:fe:c6:82:11:41:44:
3d:66:bf:07:30:7f:12:f3:f2:de:91:9b:01:9c:b1:
ed:34:12:15:b3:92:00:ca:b4:8f:b5:f4:ff:85:39:
5b:45:a1:c2:54:f5:ca:d5:d5:08:d0:c9:3c:06:58:
5a:3a:01:a1:ea:12:f0:67:13:9d:47:87:ba:2e:7f:
64:2a:f0:e4:59:d2:c2:ab:46:4e:a4:06:aa:69:42:
2a:79:7d:1e:c0:d4:46:29:1b:c4:81:34:7d:ab:70:
a1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E3:54:DB:84:EE:82:2E:01:E7:65:56:44:1A:3A:AE:51:3D:D2:A1
X509v3 Authority Key Identifier:
keyid:84:6A:C8:47:DA:C6:B0:42:09:C7:2A:CF:46:4E:BE:EA:16:52:20:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/hGrIR9rGsEIJxyrPRk6-6hZSIFI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hGrIR9rGsEIJxyrPRk6-6hZSIFI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913345B/28D82C825F6E11EA924B9B80C4F9AE02/B394CFAA3B1C11EE9AEE717AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.40.0/23
Signature Algorithm: sha256WithRSAEncryption
38:a0:dd:66:6d:68:30:d8:86:32:ea:f9:b8:6e:6a:b9:a0:47:
6a:b4:10:dc:73:f1:62:87:42:1b:95:36:69:11:58:46:3c:d0:
0b:c2:f6:1e:e0:fc:82:89:b6:b8:2b:65:9c:cc:1f:0a:c5:6e:
f0:66:8b:06:7a:aa:9b:40:9f:7e:c1:e4:d5:24:fc:d3:38:90:
f5:2b:09:f5:46:4d:43:c3:43:62:38:35:eb:bd:01:43:6e:91:
d7:2f:a2:54:87:1d:7d:40:67:68:fb:6e:7b:55:2c:d0:6d:34:
9f:33:16:88:43:ee:f0:d5:ef:3a:a6:da:4c:25:25:d2:71:c8:
2e:2e:41:3c:c5:9c:2b:5d:e6:8e:a0:38:de:c7:35:a6:20:51:
bb:60:1b:36:0d:e7:26:fe:28:58:9a:bb:8d:35:11:d4:9a:32:
7a:45:b2:a3:93:1a:53:c7:90:62:54:d1:6e:4e:1a:57:05:aa:
35:57:3b:af:8f:b2:9b:64:79:fa:25:80:42:f8:a8:32:5c:c7:
6b:b3:dd:2a:7a:a2:89:ba:96:cb:78:c8:11:f6:07:aa:75:ce:
35:ef:cf:bb:e0:14:bd:30:f3:e6:0e:0a:d8:fd:cf:3a:59:78:
41:c5:55:5c:3e:00:a6:77:87:a6:ad:74:ac:27:84:d8:12:f3:
18:81:e5:69
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICClswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzM0NUIxMTAvBgNVBAUTKDg0NkFDODQ3REFDNkIwNDIwOUM3MkFDRjQ2NEVCRUVB
MTY1MjIwNTIwHhcNMjUwMzEwMjAwOTIyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmNDZmMS0yNDFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw//nYXnQSSa3KQxgn61yMf6YEGwian3z3uYjQ0jSnHRIFFx8/O4tO2K6AnnQ
gnk44XSQqDw/vRMWDjyF59Z9/w15zOoTnseWuzAf5t9UHAqs1CIw/24vQKCWmEbU
kheqh68bAt1lKdk+nVzhZlG4jt2o6H0kSYfCDNfNTWWDj+JnGUunWbqrFJuT/q/2
Wsp1kbV+8nZSynUnsZPu78n+xoIRQUQ9Zr8HMH8S8/LekZsBnLHtNBIVs5IAyrSP
tfT/hTlbRaHCVPXK1dUI0Mk8BlhaOgGh6hLwZxOdR4e6Ln9kKvDkWdLCq0ZOpAaq
aUIqeX0ewNRGKRvEgTR9q3ChpQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMTjVNuE
7oIuAedlVkQaOq5RPdKhMB8GA1UdIwQYMBaAFIRqyEfaxrBCCccqz0ZOvuoWUiBS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMzQ1Qi8yOEQ4MkM4MjVG
NkUxMUVBOTI0QjlCODBDNEY5QUUwMi9oR3JJUjlyR3NFSUp4eXJQUms2LTZoWlNJ
RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hHcklSOXJHc0VJSnh5clBSazYtNmhaU0lGSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzM0NUIvMjhEODJDODI1RjZFMTFFQTkyNEI5QjgwQzRGOUFFMDIvQjM5NENGQUEz
QjFDMTFFRTlBRUU3MTdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlSgwDQYJKoZIhvcNAQELBQADggEBADig3WZtaDDYhjLq
+bhuarmgR2q0ENxz8WKHQhuVNmkRWEY80AvC9h7g/IKJtrgrZZzMHwrFbvBmiwZ6
qptAn37B5NUk/NM4kPUrCfVGTUPDQ2I4Neu9AUNukdcvolSHHX1AZ2j7bntVLNBt
NJ8zFohD7vDV7zqm2kwlJdJxyC4uQTzFnCtd5o6gON7HNaYgUbtgGzYN5yb+KFia
u401EdSaMnpFsqOTGlPHkGJU0W5OGlcFqjVXO6+PsptkefolgEL4qDJcx2uz3Sp6
oom6lst4yBH2B6p1zjXvz7vgFL0w8+YOCtj9zzpZeEHFVVw+AKZ3h6atdKwnhNgS
8xiB5Wk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:06:56 2025 by rpki-client