Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91376FB/92FB71A083F211ECBB251985C4F9AE02/25C61AECB7ED11ED9CF6A63EC4F9AE02.roa
File: 25C61AECB7ED11ED9CF6A63EC4F9AE02.roa (raw, json)
Hash identifier: HjJMtBZQa4j3w+aIjRMqWS8V5BytX4DObhkkXgOg0NY=
Subject key identifier: EF:AA:F6:0E:DE:6D:AC:EE:86:B0:A2:3B:35:04:93:2A:38:F6:B0:0A
Certificate issuer: /CN=A91376FB/serialNumber=886A0EE6BC7ABDC09FA822E114DF435F0B0E865A
Certificate serial: 034A
Authority key identifier: 88:6A:0E:E6:BC:7A:BD:C0:9F:A8:22:E1:14:DF:43:5F:0B:0E:86:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iGoO5rx6vcCfqCLhFN9DXwsOhlo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91376FB/92FB71A083F211ECBB251985C4F9AE02/25C61AECB7ED11ED9CF6A63EC4F9AE02.roa
Signing time: Sat 03 Aug 2024 02:35:35 +0000
ROA not before: Sat 03 Aug 2024 02:35:35 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 131306
IP address blocks: 103.47.230.0/24 maxlen: 24
103.47.231.0/24 maxlen: 24
103.69.108.0/24 maxlen: 24
103.152.9.0/24 maxlen: 24
2001:df3:3a00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91376FB/92FB71A083F211ECBB251985C4F9AE02/iGoO5rx6vcCfqCLhFN9DXwsOhlo.crl
rsync://rpki.apnic.net/member_repository/A91376FB/92FB71A083F211ECBB251985C4F9AE02/iGoO5rx6vcCfqCLhFN9DXwsOhlo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iGoO5rx6vcCfqCLhFN9DXwsOhlo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 00:21:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 842 (0x34a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91376FB
Validity
Not Before: Aug 3 02:35:35 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66ad9777-6c4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:84:8a:c9:29:82:16:39:b9:b6:5f:f7:d9:b2:
ef:8d:44:02:6f:cc:74:40:ab:2d:08:9d:c5:7f:7b:
f9:56:81:7b:6a:79:2e:48:14:41:0c:21:0d:c8:50:
07:c2:7c:1a:02:8c:03:ea:c5:ac:66:09:3d:bc:0b:
3c:d1:ae:d6:b9:01:cd:16:0c:c5:18:91:97:ba:f1:
d2:b5:5d:ab:88:65:1d:11:70:ce:37:8c:4c:5b:7e:
50:8a:2d:21:5d:d5:b6:98:7a:8e:c6:31:bc:49:ba:
7f:7c:8e:78:b2:dd:74:09:38:a9:f1:d1:5a:11:a2:
8c:35:96:3b:60:ad:ee:9b:d6:e4:03:06:4f:28:10:
73:0a:18:a9:c4:e0:43:f1:7c:bb:f0:0e:2a:ed:d3:
76:68:ce:df:53:08:f1:80:3a:ca:bf:78:f0:aa:6c:
5c:42:68:55:3b:25:e7:55:cd:88:9e:f7:64:05:de:
c0:a5:28:63:5a:d6:e4:ae:f2:df:26:30:1a:43:4c:
7f:7a:bb:15:7e:27:64:05:ee:00:da:96:a1:66:6b:
27:60:c3:3c:e8:6c:da:ea:39:fc:18:c6:93:ba:bb:
99:4b:ba:3c:77:30:cd:dc:a1:e6:31:ca:0e:12:3c:
b1:e3:8a:19:11:ac:90:f9:81:ff:91:45:eb:e8:87:
02:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:AA:F6:0E:DE:6D:AC:EE:86:B0:A2:3B:35:04:93:2A:38:F6:B0:0A
X509v3 Authority Key Identifier:
keyid:88:6A:0E:E6:BC:7A:BD:C0:9F:A8:22:E1:14:DF:43:5F:0B:0E:86:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91376FB/92FB71A083F211ECBB251985C4F9AE02/iGoO5rx6vcCfqCLhFN9DXwsOhlo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iGoO5rx6vcCfqCLhFN9DXwsOhlo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91376FB/92FB71A083F211ECBB251985C4F9AE02/25C61AECB7ED11ED9CF6A63EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.47.230.0/23
103.69.108.0/24
103.152.9.0/24
IPv6:
2001:df3:3a00::/48
Signature Algorithm: sha256WithRSAEncryption
71:70:ed:f7:45:38:f5:53:50:2e:75:a0:a4:09:23:af:47:ac:
80:b6:09:34:c5:44:4b:17:42:94:13:fa:63:35:c4:c0:cb:ce:
56:1f:c1:cd:b4:dc:09:0e:13:95:dd:97:aa:59:84:6c:11:23:
66:b6:a1:51:71:da:bb:45:9b:56:e6:16:d4:d9:d1:40:8c:ef:
a3:63:ac:8e:86:2f:57:be:26:2e:43:32:24:a7:e1:df:78:0a:
f7:29:6f:d0:ad:2a:05:ab:a7:3a:2d:3f:37:75:5b:ba:6f:f4:
1f:fe:1d:b9:64:a2:03:6a:45:89:44:d1:fc:ab:4f:65:fa:58:
13:f1:41:ae:cc:8a:00:11:b0:df:02:6a:81:5c:02:86:e8:1d:
34:f4:3d:21:ea:bc:8a:36:82:1c:21:1d:6a:df:70:57:86:4c:
4a:8b:04:a9:28:5f:3c:26:7c:ee:bc:a0:1f:cf:bd:df:4a:f1:
e5:2e:2c:40:92:0c:65:bd:ce:07:9a:6b:51:a0:21:bc:4f:4e:
2d:92:84:c9:a2:d8:76:8c:cb:64:be:d0:a1:d6:7d:58:23:d6:
5d:39:9b:1c:34:c2:c4:d9:d1:11:27:b3:5e:c7:59:ac:b3:52:
fb:ee:50:49:e1:aa:14:c6:f2:4c:55:60:ae:a4:37:38:05:61:
e1:aa:da:6a
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICA0owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzc2RkIxMTAvBgNVBAUTKDg4NkEwRUU2QkM3QUJEQzA5RkE4MjJFMTE0REY0MzVG
MEIwRTg2NUEwHhcNMjQwODAzMDIzNTM1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFkOTc3Ny02YzRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6YSKySmCFjm5tl/32bLvjUQCb8x0QKstCJ3Ff3v5VoF7ankuSBRBDCENyFAH
wnwaAowD6sWsZgk9vAs80a7WuQHNFgzFGJGXuvHStV2riGUdEXDON4xMW35Qii0h
XdW2mHqOxjG8Sbp/fI54st10CTip8dFaEaKMNZY7YK3um9bkAwZPKBBzChipxOBD
8Xy78A4q7dN2aM7fUwjxgDrKv3jwqmxcQmhVOyXnVc2InvdkBd7ApShjWtbkrvLf
JjAaQ0x/ersVfidkBe4A2pahZmsnYMM86Gza6jn8GMaTuruZS7o8dzDN3KHmMcoO
Ejyx44oZEayQ+YH/kUXr6IcC0QIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFO+q9g7e
bazuhrCiOzUEkyo49rAKMB8GA1UdIwQYMBaAFIhqDua8er3An6gi4RTfQ18LDoZa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNzZGQi85MkZCNzFBMDgz
RjIxMUVDQkIyNTE5ODVDNEY5QUUwMi9pR29PNXJ4NnZjQ2ZxQ0xoRk45RFh3c09o
bG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lHb081cng2dmNDZnFDTGhGTjlEWHdzT2hsby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mzc2RkIvOTJGQjcxQTA4M0YyMTFFQ0JCMjUxOTg1QzRGOUFFMDIvMjVDNjFBRUNC
N0VEMTFFRDlDRjZBNjNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBgEAgABMBIDBAFnL+YDBABnRWwDBABnmAkwDwQCAAIwCQMHACABDfM6ADAN
BgkqhkiG9w0BAQsFAAOCAQEAcXDt90U49VNQLnWgpAkjr0esgLYJNMVESxdClBP6
YzXEwMvOVh/BzbTcCQ4Tld2XqlmEbBEjZrahUXHau0WbVuYW1NnRQIzvo2OsjoYv
V74mLkMyJKfh33gK9ylv0K0qBaunOi0/N3Vbum/0H/4duWSiA2pFiUTR/KtPZfpY
E/FBrsyKABGw3wJqgVwChugdNPQ9Ieq8ijaCHCEdat9wV4ZMSosEqShfPCZ87ryg
H8+930rx5S4sQJIMZb3OB5prUaAhvE9OLZKEyaLYdozLZL7QodZ9WCPWXTmbHDTC
xNnRESezXsdZrLNS++5QSeGqFMbyTFVgrqQ3OAVh4araag==
-----END CERTIFICATE-----
Generated at Fri Apr 11 16:09:06 2025 by rpki-client