Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91386E8/4889594EA80011EB90650A15C4F9AE02/65C6DD42E15211EC8EEE9668C4F9AE02.roa
File: 65C6DD42E15211EC8EEE9668C4F9AE02.roa (raw, json)
Hash identifier: LDk3Seu3QVripuVl2tqg++SzvTjmU8fS2eeY7JVY2JQ=
Subject key identifier: 76:8B:42:AF:0C:59:43:E4:8B:1E:B3:0C:02:59:57:7F:FE:EB:43:FF
Certificate issuer: /CN=A91386E8/serialNumber=30E2361CDDA5EBA705F3A6B2FBEBE5DB7DAF10F1
Certificate serial: 0554
Authority key identifier: 30:E2:36:1C:DD:A5:EB:A7:05:F3:A6:B2:FB:EB:E5:DB:7D:AF:10:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOI2HN2l66cF86ay--vl232vEPE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91386E8/4889594EA80011EB90650A15C4F9AE02/65C6DD42E15211EC8EEE9668C4F9AE02.roa
Signing time: Thu 23 May 2024 01:04:53 +0000
ROA not before: Thu 23 May 2024 01:04:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142124
IP address blocks: 103.166.170.0/24 maxlen: 24
103.166.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91386E8/4889594EA80011EB90650A15C4F9AE02/MOI2HN2l66cF86ay--vl232vEPE.crl
rsync://rpki.apnic.net/member_repository/A91386E8/4889594EA80011EB90650A15C4F9AE02/MOI2HN2l66cF86ay--vl232vEPE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOI2HN2l66cF86ay--vl232vEPE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 23 Apr 2025 22:37:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1364 (0x554)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91386E8, serialNumber=30E2361CDDA5EBA705F3A6B2FBEBE5DB7DAF10F1
Validity
Not Before: May 23 01:04:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=664e9635-50d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:90:f8:34:2b:56:5c:34:e4:31:f7:5b:23:22:
f5:ff:c0:2c:5c:1b:e8:e6:9b:10:b5:5e:8a:cb:8b:
fd:9f:62:a6:56:6d:49:67:36:d1:9d:a3:b7:f3:51:
b2:26:36:69:cb:e6:17:e7:2d:60:2e:61:0e:ab:60:
0f:0e:e8:5c:d7:dc:ae:a2:c5:25:a5:ef:5d:61:87:
d2:03:39:16:03:d5:5d:26:1d:b2:c8:77:36:0e:56:
1c:1f:62:b7:0e:f1:09:7f:3f:3d:bb:a4:25:41:d2:
f1:71:94:b9:50:f0:41:1b:4d:32:68:13:e7:bd:bc:
d1:06:87:12:be:9c:9d:b7:39:bd:a7:5d:24:64:3b:
d0:67:7b:01:98:bb:fa:29:0a:82:13:9d:0a:cf:ad:
68:55:89:c0:17:d7:ce:9f:10:1e:ce:f6:f9:73:95:
8b:1a:9c:0d:bf:ce:fe:0b:a8:f3:61:36:eb:59:e0:
5e:be:6e:16:3e:9b:c7:a9:d1:4c:2b:38:69:c7:01:
13:a8:c2:7c:95:44:ac:c1:88:94:9c:6e:e4:2d:17:
ac:bc:33:d3:74:a0:62:65:13:0c:d2:dc:69:02:c5:
6a:a5:b7:c8:46:de:11:ba:64:5e:fe:e3:10:b6:14:
1f:9e:20:a1:a5:e4:6a:c7:af:b5:38:15:bd:93:56:
4e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8B:42:AF:0C:59:43:E4:8B:1E:B3:0C:02:59:57:7F:FE:EB:43:FF
X509v3 Authority Key Identifier:
keyid:30:E2:36:1C:DD:A5:EB:A7:05:F3:A6:B2:FB:EB:E5:DB:7D:AF:10:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91386E8/4889594EA80011EB90650A15C4F9AE02/MOI2HN2l66cF86ay--vl232vEPE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOI2HN2l66cF86ay--vl232vEPE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91386E8/4889594EA80011EB90650A15C4F9AE02/65C6DD42E15211EC8EEE9668C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.166.170.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:e5:16:0d:cf:66:6b:06:3f:5b:f0:72:c7:1d:68:57:3d:ce:
87:fe:d2:d3:d3:f0:ce:af:df:9f:67:22:4b:a2:9e:ba:c2:a7:
80:e8:a6:d5:e2:e6:9d:3b:d6:25:65:01:ed:94:b6:d8:77:8a:
8d:ea:1e:4d:1e:46:cc:cb:11:bc:85:dc:5d:fa:44:0f:cd:cb:
d0:f6:51:37:96:b3:b2:9e:75:c7:41:ec:8c:61:0c:15:34:9f:
ee:cc:43:e4:30:9e:ac:67:c5:33:13:2b:e1:8c:71:96:ad:fe:
7a:a0:08:f7:3b:d8:e5:f2:89:76:7a:9b:38:44:0f:d1:8a:45:
91:45:e5:95:13:03:27:93:4a:15:fa:54:6b:b7:7d:ae:77:7a:
6c:b0:b0:24:20:4e:f8:3f:ae:29:10:b2:87:f3:fb:00:04:e7:
36:c3:36:f9:51:42:70:bd:70:b7:b8:6c:8a:1f:25:48:20:2f:
4d:97:ea:f9:59:59:39:cf:82:0a:6a:e4:80:1c:c5:61:a0:24:
02:1d:ef:4e:96:8d:1d:58:d2:3e:2f:2d:95:82:ae:ff:fa:b1:
1f:0d:74:3c:c4:5c:da:47:2a:23:1d:0b:6f:0c:a7:af:d2:c3:
33:62:93:18:ac:21:74:05:67:86:66:de:de:65:a1:4d:f6:30:
df:85:23:2e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBVQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mzg2RTgxMTAvBgNVBAUTKDMwRTIzNjFDRERBNUVCQTcwNUYzQTZCMkZCRUJFNURC
N0RBRjEwRjEwHhcNMjQwNTIzMDEwNDUzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRlOTYzNS01MGQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzpD4NCtWXDTkMfdbIyL1/8AsXBvo5psQtV6Ky4v9n2KmVm1JZzbRnaO381Gy
JjZpy+YX5y1gLmEOq2APDuhc19yuosUlpe9dYYfSAzkWA9VdJh2yyHc2DlYcH2K3
DvEJfz89u6QlQdLxcZS5UPBBG00yaBPnvbzRBocSvpydtzm9p10kZDvQZ3sBmLv6
KQqCE50Kz61oVYnAF9fOnxAezvb5c5WLGpwNv87+C6jzYTbrWeBevm4WPpvHqdFM
KzhpxwETqMJ8lUSswYiUnG7kLResvDPTdKBiZRMM0txpAsVqpbfIRt4RumRe/uMQ
thQfniChpeRqx6+1OBW9k1ZO0QIDAQABo4IClTCCApEwHQYDVR0OBBYEFHaLQq8M
WUPkix6zDAJZV3/+60P/MB8GA1UdIwQYMBaAFDDiNhzdpeunBfOmsvvr5dt9rxDx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzODZFOC80ODg5NTk0RUE4
MDAxMUVCOTA2NTBBMTVDNEY5QUUwMi9NT0kySE4ybDY2Y0Y4NmF5LS12bDIzMnZF
UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01PSTJITjJsNjZjRjg2YXktLXZsMjMydkVQRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mzg2RTgvNDg4OTU5NEVBODAwMTFFQjkwNjUwQTE1QzRGOUFFMDIvNjVDNkRENDJF
MTUyMTFFQzhFRUU5NjY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnpqowDQYJKoZIhvcNAQELBQADggEBAKblFg3PZmsGP1vw
cscdaFc9zof+0tPT8M6v359nIkuinrrCp4DoptXi5p071iVlAe2Utth3io3qHk0e
RszLEbyF3F36RA/Ny9D2UTeWs7KedcdB7IxhDBU0n+7MQ+QwnqxnxTMTK+GMcZat
/nqgCPc72OXyiXZ6mzhED9GKRZFF5ZUTAyeTShX6VGu3fa53emywsCQgTvg/rikQ
sofz+wAE5zbDNvlRQnC9cLe4bIofJUggL02X6vlZWTnPggpq5IAcxWGgJAId706W
jR1Y0j4vLZWCrv/6sR8NdDzEXNpHKiMdC28Mp6/SwzNikxisIXQFZ4Zm3t5loU32
MN+FIy4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:10:25 2025 by rpki-client