Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9142A1D/454BCDA49E9411EBBC80DF20C4F9AE02/0C65AFCECE8511ECAEF2C52BC4F9AE02.roa
File: 0C65AFCECE8511ECAEF2C52BC4F9AE02.roa (raw, json)
Hash identifier: 5VW5u5nV4cWkOhmuhHmaXAMAI+xByp0pPJ4g2dPBTqE=
Subject key identifier: 8E:5B:F0:54:3D:A8:F9:94:A2:4C:9C:50:E9:0A:0B:00:96:37:63:2E
Certificate issuer: /CN=A9142A1D/serialNumber=47CBEF70BD55B9533331B8BCC2E9829563A2CE94
Certificate serial: 05EC
Authority key identifier: 47:CB:EF:70:BD:55:B9:53:33:31:B8:BC:C2:E9:82:95:63:A2:CE:94
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R8vvcL1VuVMzMbi8wumClWOizpQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9142A1D/454BCDA49E9411EBBC80DF20C4F9AE02/0C65AFCECE8511ECAEF2C52BC4F9AE02.roa
Signing time: Thu 02 Jan 2025 22:52:35 +0000
ROA not before: Thu 02 Jan 2025 22:52:35 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 206888
IP address blocks: 103.146.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9142A1D/454BCDA49E9411EBBC80DF20C4F9AE02/R8vvcL1VuVMzMbi8wumClWOizpQ.crl
rsync://rpki.apnic.net/member_repository/A9142A1D/454BCDA49E9411EBBC80DF20C4F9AE02/R8vvcL1VuVMzMbi8wumClWOizpQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R8vvcL1VuVMzMbi8wumClWOizpQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 22:37:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1516 (0x5ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9142A1D
Validity
Not Before: Jan 2 22:52:35 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677718b2-8ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3c:4d:1c:53:d4:f7:ed:2c:7c:7b:e1:ea:97:
f5:9c:a5:29:c6:d2:7c:37:ed:e0:1c:a9:02:ca:ce:
f3:be:a9:08:12:c8:c0:5f:0a:f6:85:68:87:5d:80:
86:d5:32:c4:70:37:97:6f:91:a1:90:38:bd:f8:ff:
a2:94:71:7d:9d:4f:65:4c:97:20:78:7d:e6:a1:e6:
75:af:a3:54:bb:a4:d1:da:81:05:86:20:93:23:ba:
bb:48:2c:6c:25:5f:95:fd:0f:df:f5:f1:7f:eb:9a:
4a:25:28:96:21:ea:75:13:20:2f:4f:94:99:77:fa:
84:b9:ff:a4:ec:6f:40:b0:0c:89:f9:f5:63:e9:99:
ac:5d:40:8d:dd:75:86:a0:96:37:77:86:66:eb:ec:
da:1f:7f:9e:0d:27:ac:38:f3:53:99:d0:8f:d0:74:
9d:e3:2a:2e:5a:bf:63:22:26:78:d5:ce:57:5f:99:
ee:67:d2:99:d3:16:af:d2:21:99:e3:c5:79:ec:7c:
a5:43:c5:3e:8e:02:40:44:c4:2e:ce:f3:e8:b0:c0:
db:e6:ae:56:35:c4:a6:e3:fa:ba:4d:6d:2d:b5:0b:
3b:7b:4e:83:9e:33:cc:77:48:2c:25:fe:63:21:5d:
63:7f:9e:5d:77:58:c9:19:9f:08:0e:46:a2:71:2f:
02:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:5B:F0:54:3D:A8:F9:94:A2:4C:9C:50:E9:0A:0B:00:96:37:63:2E
X509v3 Authority Key Identifier:
keyid:47:CB:EF:70:BD:55:B9:53:33:31:B8:BC:C2:E9:82:95:63:A2:CE:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9142A1D/454BCDA49E9411EBBC80DF20C4F9AE02/R8vvcL1VuVMzMbi8wumClWOizpQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R8vvcL1VuVMzMbi8wumClWOizpQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142A1D/454BCDA49E9411EBBC80DF20C4F9AE02/0C65AFCECE8511ECAEF2C52BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.146.79.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:ac:8a:a4:84:36:df:df:59:5f:9b:2c:e7:44:58:c3:a5:da:
b2:7b:d7:5d:72:f8:61:72:e0:4d:33:9f:ba:bb:77:d6:b0:c8:
79:41:e4:98:e4:27:2c:c7:df:f1:98:d1:91:d1:dc:55:96:7b:
3a:95:77:e9:c0:2c:e5:d1:ac:f6:96:be:9c:93:c4:99:fa:ca:
8e:47:0b:e8:d4:75:25:31:87:2e:3e:c6:05:c3:fa:03:8b:1e:
59:34:64:be:4d:ad:a5:a6:9e:3e:c9:c8:3a:aa:9d:55:79:77:
08:37:19:bc:b1:3b:97:3f:1d:a0:b2:97:cd:d2:13:60:61:ee:
e5:e5:fc:de:c7:31:85:24:a2:f3:4e:24:7f:25:a1:cd:bf:0b:
44:94:9e:2c:f4:41:d1:d6:e8:82:7e:53:e7:6d:88:0c:ff:2a:
fb:dd:d4:47:85:0e:58:a2:5c:72:cb:9b:ba:7b:8d:a1:bc:84:
f1:b8:f7:00:f9:c0:c0:1c:db:b4:7f:fb:63:10:81:d1:1f:60:
05:7f:2e:2d:0b:f3:52:62:bb:66:c2:c1:23:0a:94:f2:29:c5:
6e:f1:82:7a:8d:4b:1b:62:e0:c1:09:3f:98:4b:05:8f:81:db:
9a:5b:2e:e9:22:3b:6e:f4:66:85:f8:b4:f9:d3:4c:8b:0a:e5:
4d:8c:6e:82
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBewwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDJBMUQxMTAvBgNVBAUTKDQ3Q0JFRjcwQkQ1NUI5NTMzMzMxQjhCQ0MyRTk4Mjk1
NjNBMkNFOTQwHhcNMjUwMTAyMjI1MjM1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc3MThiMi04ZWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvTxNHFPU9+0sfHvh6pf1nKUpxtJ8N+3gHKkCys7zvqkIEsjAXwr2hWiHXYCG
1TLEcDeXb5GhkDi9+P+ilHF9nU9lTJcgeH3moeZ1r6NUu6TR2oEFhiCTI7q7SCxs
JV+V/Q/f9fF/65pKJSiWIep1EyAvT5SZd/qEuf+k7G9AsAyJ+fVj6ZmsXUCN3XWG
oJY3d4Zm6+zaH3+eDSesOPNTmdCP0HSd4youWr9jIiZ41c5XX5nuZ9KZ0xav0iGZ
48V57HylQ8U+jgJARMQuzvPosMDb5q5WNcSm4/q6TW0ttQs7e06DnjPMd0gsJf5j
IV1jf55dd1jJGZ8IDkaicS8CwQIDAQABo4IClTCCApEwHQYDVR0OBBYEFI5b8FQ9
qPmUokycUOkKCwCWN2MuMB8GA1UdIwQYMBaAFEfL73C9VblTMzG4vMLpgpVjos6U
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MkExRC80NTRCQ0RBNDlF
OTQxMUVCQkM4MERGMjBDNEY5QUUwMi9SOHZ2Y0wxVnVWTXpNYmk4d3VtQ2xXT2l6
cFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1I4dnZjTDFWdVZNek1iaTh3dW1DbFdPaXpwUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDJBMUQvNDU0QkNEQTQ5RTk0MTFFQkJDODBERjIwQzRGOUFFMDIvMEM2NUFGQ0VD
RTg1MTFFQ0FFRjJDNTJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnkk8wDQYJKoZIhvcNAQELBQADggEBAKesiqSENt/fWV+b
LOdEWMOl2rJ7111y+GFy4E0zn7q7d9awyHlB5JjkJyzH3/GY0ZHR3FWWezqVd+nA
LOXRrPaWvpyTxJn6yo5HC+jUdSUxhy4+xgXD+gOLHlk0ZL5NraWmnj7JyDqqnVV5
dwg3GbyxO5c/HaCyl83SE2Bh7uXl/N7HMYUkovNOJH8loc2/C0SUniz0QdHW6IJ+
U+dtiAz/Kvvd1EeFDliiXHLLm7p7jaG8hPG49wD5wMAc27R/+2MQgdEfYAV/Li0L
81Jiu2bCwSMKlPIpxW7xgnqNSxti4MEJP5hLBY+B25pbLukiO270ZoX4tPnTTIsK
5U2MboI=
-----END CERTIFICATE-----
Generated at Thu Apr 10 20:51:32 2025 by rpki-client