Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9145456/8141425E306611EB85251355C4F9AE02/713028F48D4911EB9335E32FC4F9AE02.roa
File: 713028F48D4911EB9335E32FC4F9AE02.roa (raw, json)
Hash identifier: y5tNXSHIFMDA3JaGsuJYxDUjZjMTH1QaHVdqSkt/Cu8=
Subject key identifier: F0:8D:51:42:41:7A:9B:AD:F9:A3:F6:2B:19:A7:EE:44:67:FD:C3:5A
Certificate issuer: /CN=A9145456/serialNumber=A99B2DB6FAC36CB0203B98E20FD67E019FE1B8FB
Certificate serial: 0714
Authority key identifier: A9:9B:2D:B6:FA:C3:6C:B0:20:3B:98:E2:0F:D6:7E:01:9F:E1:B8:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qZsttvrDbLAgO5jiD9Z-AZ_huPs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9145456/8141425E306611EB85251355C4F9AE02/713028F48D4911EB9335E32FC4F9AE02.roa
Signing time: Fri 24 Jan 2025 21:40:53 +0000
ROA not before: Fri 24 Jan 2025 21:40:53 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 139831
IP address blocks: 103.145.206.0/23 maxlen: 24
2405:8d40::/32 maxlen: 32
2405:8d40:a07::/48 maxlen: 48
2405:8d40:aa0::/48 maxlen: 48
2405:8d40:b00::/40 maxlen: 40
2405:8d40:c00::/40 maxlen: 40
2405:8d40:f00::/40 maxlen: 40
2405:8d40:1000::/42 maxlen: 42
2405:8d40:1040::/42 maxlen: 42
2405:8d40:1080::/42 maxlen: 42
2405:8d40:10c0::/42 maxlen: 42
2405:8d40:1100::/42 maxlen: 42
2405:8d40:1200::/42 maxlen: 42
2405:8d40:1240::/42 maxlen: 42
2405:8d40:1280::/42 maxlen: 42
2405:8d40:12c0::/42 maxlen: 42
2405:8d40:1300::/42 maxlen: 42
2405:8d40:4000::/36 maxlen: 36
2405:8d40:4000::/42 maxlen: 42
2405:8d40:4040::/42 maxlen: 42
2405:8d40:4080::/42 maxlen: 42
2405:8d40:40c0::/42 maxlen: 42
2405:8d40:4100::/42 maxlen: 42
2405:8d40:4400::/42 maxlen: 42
2405:8d40:4440::/42 maxlen: 42
2405:8d40:4480::/42 maxlen: 42
2405:8d40:44c0::/42 maxlen: 42
2405:8d40:4500::/42 maxlen: 42
2405:8d40:4800::/42 maxlen: 42
2405:8d40:4840::/42 maxlen: 42
2405:8d40:4880::/42 maxlen: 42
2405:8d40:48c0::/42 maxlen: 42
2405:8d40:4900::/42 maxlen: 42
2405:8d40:4c00::/42 maxlen: 42
2405:8d40:4c40::/42 maxlen: 42
2405:8d40:4c80::/42 maxlen: 42
2405:8d40:4cc0::/42 maxlen: 42
2405:8d40:4d00::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9145456/8141425E306611EB85251355C4F9AE02/qZsttvrDbLAgO5jiD9Z-AZ_huPs.crl
rsync://rpki.apnic.net/member_repository/A9145456/8141425E306611EB85251355C4F9AE02/qZsttvrDbLAgO5jiD9Z-AZ_huPs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qZsttvrDbLAgO5jiD9Z-AZ_huPs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 22:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1812 (0x714)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9145456
Validity
Not Before: Jan 24 21:40:53 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=679408e5-756b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1c:fb:42:08:2c:eb:48:8a:2e:2d:07:e5:93:
3e:17:39:91:15:7c:db:ad:3f:ac:ff:23:ae:29:42:
69:d1:26:2c:99:c4:82:bd:83:47:32:66:80:b1:73:
5e:62:8f:57:8e:3f:ec:12:85:5b:67:4c:3c:8a:2d:
ea:e3:24:d8:f6:18:9d:33:1e:b6:95:26:24:70:f4:
b0:bd:1f:38:22:6b:ac:ca:de:ac:72:47:d8:bf:76:
bb:14:54:c5:b4:85:9d:27:ab:32:b6:eb:0d:24:e5:
98:58:7e:b3:2f:14:80:ad:a9:ec:e4:c7:cf:79:e3:
0a:7c:37:15:4b:ee:4c:d1:bc:71:1c:db:79:5a:26:
38:b7:d5:47:a3:5e:30:31:24:a3:f0:48:c2:63:5c:
0c:50:33:1c:77:dd:a0:b1:5e:d2:e5:aa:02:47:d7:
1f:66:8d:16:84:fa:04:75:10:71:ef:44:58:a6:8d:
f1:2e:78:a2:2f:99:00:23:b0:bb:ea:23:90:e2:15:
8d:76:e3:15:f8:9b:bd:2f:c5:b1:71:74:58:fa:75:
cd:19:46:14:5d:9c:d9:c2:43:1e:a0:cf:33:b7:eb:
86:2f:f9:3b:3f:44:ac:e8:f8:95:58:10:9e:bc:f7:
72:55:7b:29:4a:5e:60:81:4e:66:4e:a1:4e:ca:fa:
77:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:8D:51:42:41:7A:9B:AD:F9:A3:F6:2B:19:A7:EE:44:67:FD:C3:5A
X509v3 Authority Key Identifier:
keyid:A9:9B:2D:B6:FA:C3:6C:B0:20:3B:98:E2:0F:D6:7E:01:9F:E1:B8:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9145456/8141425E306611EB85251355C4F9AE02/qZsttvrDbLAgO5jiD9Z-AZ_huPs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qZsttvrDbLAgO5jiD9Z-AZ_huPs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145456/8141425E306611EB85251355C4F9AE02/713028F48D4911EB9335E32FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.145.206.0/23
IPv6:
2405:8d40::/32
Signature Algorithm: sha256WithRSAEncryption
3d:32:af:15:25:ff:98:a1:5d:d2:81:3f:23:24:34:71:ac:40:
9c:71:9f:74:f7:33:c4:67:6f:1a:b4:27:b9:30:af:c7:d8:8f:
75:8f:96:2c:98:b2:b8:45:5e:cc:98:bf:30:09:34:0e:37:f1:
2f:cc:50:55:8a:f3:03:04:dc:47:2e:91:4b:b2:e7:e1:e7:5a:
6d:92:e5:78:eb:47:75:28:f2:eb:37:0b:6d:23:52:15:ab:4d:
61:6a:eb:06:6b:f1:0d:bf:29:fc:fb:ed:a5:29:ca:38:1d:60:
b3:b3:45:31:b6:9b:72:26:54:9f:33:b1:4d:80:5d:98:5d:82:
95:2e:9f:69:9d:87:ad:0e:ca:c7:24:93:c4:40:ba:2c:ae:2b:
ba:45:21:e2:db:0d:38:fa:08:69:d8:59:e5:14:ec:ea:6f:1c:
2b:76:29:c0:bb:35:61:7e:cc:8f:ef:b7:d8:8f:b4:a2:83:63:
8f:09:1d:0b:68:34:45:aa:df:2a:9f:b6:a2:4d:22:92:95:3e:
af:f5:a3:e3:d2:8b:5d:46:f4:74:06:ae:b0:93:c5:3f:cc:d8:
d8:b1:d2:99:53:8c:95:ea:d9:5a:19:f7:e8:81:10:77:f9:64:
f9:02:b0:9d:4c:5c:bf:43:09:bb:ac:7b:30:8d:a4:b0:5e:29:
57:e5:c0:a2
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBxQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU0NTYxMTAvBgNVBAUTKEE5OUIyREI2RkFDMzZDQjAyMDNCOThFMjBGRDY3RTAx
OUZFMUI4RkIwHhcNMjUwMTI0MjE0MDUzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk0MDhlNS03NTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0xz7Qggs60iKLi0H5ZM+FzmRFXzbrT+s/yOuKUJp0SYsmcSCvYNHMmaAsXNe
Yo9Xjj/sEoVbZ0w8ii3q4yTY9hidMx62lSYkcPSwvR84Imusyt6sckfYv3a7FFTF
tIWdJ6sytusNJOWYWH6zLxSArans5MfPeeMKfDcVS+5M0bxxHNt5WiY4t9VHo14w
MSSj8EjCY1wMUDMcd92gsV7S5aoCR9cfZo0WhPoEdRBx70RYpo3xLniiL5kAI7C7
6iOQ4hWNduMV+Ju9L8WxcXRY+nXNGUYUXZzZwkMeoM8zt+uGL/k7P0Ss6PiVWBCe
vPdyVXspSl5ggU5mTqFOyvp3cwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPCNUUJB
eput+aP2Kxmn7kRn/cNaMB8GA1UdIwQYMBaAFKmbLbb6w2ywIDuY4g/WfgGf4bj7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTQ1Ni84MTQxNDI1RTMw
NjYxMUVCODUyNTEzNTVDNEY5QUUwMi9xWnN0dHZyRGJMQWdPNWppRDlaLUFaX2h1
UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Fac3R0dnJEYkxBZ081amlEOVotQVpfaHVQcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDU0NTYvODE0MTQyNUUzMDY2MTFFQjg1MjUxMzU1QzRGOUFFMDIvNzEzMDI4RjQ4
RDQ5MTFFQjkzMzVFMzJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnkc4wDQQCAAIwBwMFACQFjUAwDQYJKoZIhvcNAQELBQAD
ggEBAD0yrxUl/5ihXdKBPyMkNHGsQJxxn3T3M8Rnbxq0J7kwr8fYj3WPliyYsrhF
XsyYvzAJNA438S/MUFWK8wME3EcukUuy5+HnWm2S5XjrR3Uo8us3C20jUhWrTWFq
6wZr8Q2/Kfz77aUpyjgdYLOzRTG2m3ImVJ8zsU2AXZhdgpUun2mdh60Oysckk8RA
uiyuK7pFIeLbDTj6CGnYWeUU7OpvHCt2KcC7NWF+zI/vt9iPtKKDY48JHQtoNEWq
3yqftqJNIpKVPq/1o+PSi11G9HQGrrCTxT/M2Nix0plTjJXq2VoZ9+iBEHf5ZPkC
sJ1MXL9DCbusezCNpLBeKVflwKI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:39:30 2025 by rpki-client