Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/CB04F4409BE611EF8AFF947CC4F9AE02.roa
File: CB04F4409BE611EF8AFF947CC4F9AE02.roa (raw, json)
Hash identifier: xCoGLzXH0o2fU2zmUG8/SFNRjo0IkmsetsLkqXjuT7s=
Subject key identifier: 62:E8:3E:56:4F:EF:7D:63:C3:8A:22:CF:1B:FC:F6:8C:B0:B1:2B:FF
Certificate issuer: /CN=A91415AA/serialNumber=0CFCCC5980F57E6BC84DF11B4C571935D25DACCA
Certificate serial: 03
Authority key identifier: 0C:FC:CC:59:80:F5:7E:6B:C8:4D:F1:1B:4C:57:19:35:D2:5D:AC:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DPzMWYD1fmvITfEbTFcZNdJdrMo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/CB04F4409BE611EF8AFF947CC4F9AE02.roa
Signing time: Wed 06 Nov 2024 02:28:22 +0000
ROA not before: Wed 06 Nov 2024 02:28:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139025
IP address blocks: 103.138.155.0/24 maxlen: 24
103.160.158.0/24 maxlen: 24
2001:df2:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DPzMWYD1fmvITfEbTFcZNdJdrMo.crl
rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DPzMWYD1fmvITfEbTFcZNdJdrMo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DPzMWYD1fmvITfEbTFcZNdJdrMo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 19:34:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91415AA
Validity
Not Before: Nov 6 02:28:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=672ad446-f109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bb:70:0e:aa:bd:53:eb:9b:53:d5:60:93:3b:
54:f5:53:5e:70:87:5a:3a:ef:b0:06:66:6f:c2:da:
98:d3:2b:b5:18:59:4f:dc:6b:97:67:c9:23:34:69:
f9:ec:16:f2:d7:f6:8d:a9:95:df:80:23:29:d4:fa:
30:33:59:05:33:06:f7:6b:a0:25:16:92:9b:3a:ad:
ba:bb:a1:d8:94:8a:cd:c3:f0:ab:3e:24:dd:66:c4:
21:cf:ea:52:da:c2:03:1c:65:4f:cf:12:b5:7c:5d:
00:d4:4e:ae:ee:68:18:a6:22:a3:ce:80:30:42:5b:
45:d7:03:85:36:31:39:88:fe:b4:cc:f0:aa:64:56:
b8:84:da:e0:0d:a1:69:1b:97:56:d7:00:24:b6:6d:
4f:c4:dc:eb:24:9c:b0:df:f6:9c:f1:6b:6e:20:34:
34:67:e1:ec:7c:c0:d0:ed:15:88:02:fe:4d:a0:e0:
f8:7d:df:06:8c:cb:e2:b6:03:4e:67:fb:39:0c:f6:
9f:e6:1c:58:b4:93:14:10:ac:22:cd:63:5b:3b:d6:
e8:a6:70:34:ac:b1:8a:43:ca:3b:d0:d4:c0:18:d4:
78:5e:a9:bd:c8:54:16:e9:65:d7:c4:ff:05:6a:2c:
ef:42:5a:ca:04:45:e1:64:6a:af:41:21:68:30:f4:
2e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:E8:3E:56:4F:EF:7D:63:C3:8A:22:CF:1B:FC:F6:8C:B0:B1:2B:FF
X509v3 Authority Key Identifier:
keyid:0C:FC:CC:59:80:F5:7E:6B:C8:4D:F1:1B:4C:57:19:35:D2:5D:AC:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/DPzMWYD1fmvITfEbTFcZNdJdrMo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DPzMWYD1fmvITfEbTFcZNdJdrMo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91415AA/3EFA241462E011EAA6D59A2CC4F9AE02/CB04F4409BE611EF8AFF947CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.155.0/24
103.160.158.0/24
IPv6:
2001:df2:c080::/48
Signature Algorithm: sha256WithRSAEncryption
8e:16:46:71:97:2a:21:ce:d8:9d:94:3c:1e:ae:10:a0:ba:4a:
9c:56:e0:4b:4f:2b:bb:dd:5d:63:14:89:9b:00:2e:fe:7a:bb:
1d:8e:08:3e:de:c9:0e:0a:58:33:23:ae:09:3c:14:ed:8c:31:
99:e2:2c:fc:b9:30:29:4f:5f:38:cb:98:fa:9a:c7:76:ad:0c:
94:96:eb:88:0f:73:09:67:c4:83:91:06:7e:c8:30:f9:60:42:
64:34:87:d7:20:7b:9c:1c:d7:64:59:95:cf:96:64:75:1c:6c:
32:c7:8c:4f:0c:31:9a:97:49:6c:54:ef:c8:21:bb:83:57:35:
a2:69:79:cf:b8:82:77:14:9a:2e:1b:18:1a:11:c0:5c:bb:db:
60:a8:89:61:ee:ea:09:ed:85:9f:1e:4e:83:a5:a9:51:af:9a:
65:4b:90:77:c1:a7:b7:44:68:85:f1:b0:18:56:5f:29:62:b6:
9b:43:c7:60:91:cb:12:d0:61:04:d3:e0:18:8a:81:2d:af:bd:
aa:b8:db:22:17:65:f4:93:60:e0:8b:7c:ba:df:9e:01:a4:a5:
98:69:3c:af:d6:4c:e7:b0:12:19:38:fa:5c:e3:59:7f:4c:d8:
f1:c2:fb:64:dd:80:87:22:80:5a:42:89:0e:8f:aa:43:1c:6d:
d9:83:53:bd
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MTVBQTExMC8GA1UEBRMoMENGQ0NDNTk4MEY1N0U2QkM4NERGMTFCNEM1NzE5MzVE
MjVEQUNDQTAeFw0yNDExMDYwMjI4MjJaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MmFkNDQ2LWYxMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+u3AOqr1T65tT1WCTO1T1U15wh1o677AGZm/C2pjTK7UYWU/ca5dnySM0afns
FvLX9o2pld+AIynU+jAzWQUzBvdroCUWkps6rbq7odiUis3D8Ks+JN1mxCHP6lLa
wgMcZU/PErV8XQDUTq7uaBimIqPOgDBCW0XXA4U2MTmI/rTM8KpkVriE2uANoWkb
l1bXACS2bU/E3OsknLDf9pzxa24gNDRn4ex8wNDtFYgC/k2g4Ph93waMy+K2A05n
+zkM9p/mHFi0kxQQrCLNY1s71uimcDSssYpDyjvQ1MAY1Hheqb3IVBbpZdfE/wVq
LO9CWsoEReFkaq9BIWgw9C4VAgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUYug+Vk/v
fWPDiiLPG/z2jLCxK/8wHwYDVR0jBBgwFoAUDPzMWYD1fmvITfEbTFcZNdJdrMow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQxNUFBLzNFRkEyNDE0NjJF
MDExRUFBNkQ1OUEyQ0M0RjlBRTAyL0RQek1XWUQxZm12SVRmRWJURmNaTmRKZHJN
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRFB6TVdZRDFmbXZJVGZFYlRGY1pOZEpkck1vLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MTVBQS8zRUZBMjQxNDYyRTAxMUVBQTZENTlBMkNDNEY5QUUwMi9DQjA0RjQ0MDlC
RTYxMUVGOEFGRjk0N0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn
MCUwEgQCAAEwDAMEAGeKmwMEAGegnjAPBAIAAjAJAwcAIAEN8sCAMA0GCSqGSIb3
DQEBCwUAA4IBAQCOFkZxlyohztidlDwerhCgukqcVuBLTyu73V1jFImbAC7+ersd
jgg+3skOClgzI64JPBTtjDGZ4iz8uTApT184y5j6msd2rQyUluuID3MJZ8SDkQZ+
yDD5YEJkNIfXIHucHNdkWZXPlmR1HGwyx4xPDDGal0lsVO/IIbuDVzWiaXnPuIJ3
FJouGxgaEcBcu9tgqIlh7uoJ7YWfHk6DpalRr5plS5B3wae3RGiF8bAYVl8pYrab
Q8dgkcsS0GEE0+AYioEtr72quNsiF2X0k2Dgi3y6354BpKWYaTyv1kznsBIZOPpc
41l/TNjxwvtk3YCHIoBaQokOj6pDHG3Zg1O9
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:46:52 2025 by rpki-client