Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/D411F96C532E11EFB0B63E60C4F9AE02.roa
File: D411F96C532E11EFB0B63E60C4F9AE02.roa (raw, json)
Hash identifier: 838b7qHkfNcVQ+dG+2+ikVBrip48qajejDAv66Es7Do=
Subject key identifier: 40:2B:75:9B:54:AF:B7:8E:EB:8B:BD:9E:05:6C:3F:D6:24:0E:E0:BE
Certificate issuer: /CN=A9146944/serialNumber=ED1F958CB604B576E82214B4CF3CC0FE620EF9F4
Certificate serial: 09C5
Authority key identifier: ED:1F:95:8C:B6:04:B5:76:E8:22:14:B4:CF:3C:C0:FE:62:0E:F9:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/D411F96C532E11EFB0B63E60C4F9AE02.roa
Signing time: Mon 03 Mar 2025 05:20:35 +0000
ROA not before: Mon 03 Mar 2025 05:20:35 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 9825
IP address blocks: 103.202.222.0/24 maxlen: 24
103.209.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/7R-VjLYEtXboIhS0zzzA_mIO-fQ.crl
rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/7R-VjLYEtXboIhS0zzzA_mIO-fQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 19:57:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2501 (0x9c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146944, serialNumber=ED1F958CB604B576E82214B4CF3CC0FE620EF9F4
Validity
Not Before: Mar 3 05:20:35 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67c53c22-fc97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:1c:1c:df:bf:0e:73:2a:00:8c:f2:74:ad:06:
73:f3:88:f0:23:b0:0f:9e:1b:de:0c:44:48:8f:86:
ad:ad:71:d8:b0:d7:c9:2a:ff:77:83:bb:4e:30:97:
ab:26:a6:82:46:fb:37:b4:5e:f8:2a:b4:d7:08:cf:
cc:98:43:90:46:6d:f4:a9:41:b1:c3:1c:16:a6:87:
ad:ec:98:c9:2d:41:5c:66:1d:5c:9e:d4:c2:29:36:
6a:e7:60:e3:25:d1:82:a2:29:b7:46:6c:e8:f9:bf:
a7:68:31:26:b1:03:75:73:44:63:2b:47:e9:0e:1f:
af:c9:5e:7e:6e:95:00:c5:cd:a2:65:1f:13:cf:76:
cd:61:7c:3c:59:e8:89:ff:d2:6f:56:c0:f5:74:91:
2f:bf:24:06:63:58:ed:03:ce:14:9f:c9:c7:9a:03:
f2:b1:f2:8f:17:d8:aa:2c:c6:67:df:f6:e6:ee:93:
09:a0:8b:37:3d:3a:c5:31:13:ab:2c:23:84:bb:f6:
2f:c8:61:36:e4:c0:cb:39:02:72:cd:35:99:c5:f6:
8b:75:4d:0c:1e:81:45:aa:2e:70:1f:77:45:ac:a0:
99:5b:b4:19:2f:d3:10:70:65:c6:c7:b7:a9:0a:f6:
f7:e4:5b:34:97:e0:b3:21:7c:50:b4:9e:0e:f9:2e:
4c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:2B:75:9B:54:AF:B7:8E:EB:8B:BD:9E:05:6C:3F:D6:24:0E:E0:BE
X509v3 Authority Key Identifier:
keyid:ED:1F:95:8C:B6:04:B5:76:E8:22:14:B4:CF:3C:C0:FE:62:0E:F9:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/7R-VjLYEtXboIhS0zzzA_mIO-fQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/D411F96C532E11EFB0B63E60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.202.222.0/24
103.209.198.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:03:f1:bf:69:6d:52:79:8b:e8:58:3d:b5:ec:b5:ea:ee:05:
82:0d:23:b5:7d:80:2b:97:b2:9a:b3:97:2f:07:81:64:08:24:
4c:ee:c4:60:a9:4d:57:98:3f:75:e4:21:a9:dd:70:17:2a:45:
f0:0e:2b:7c:76:9a:75:29:58:9d:6e:f4:1e:d6:90:e6:92:6c:
7d:57:f9:d2:40:70:3a:93:b8:85:46:4e:7d:00:24:ad:8f:d4:
e9:47:37:b7:de:76:65:f2:fa:62:8c:0e:50:e0:9f:7a:bf:c7:
c4:e9:ae:bc:b2:60:e2:cd:1c:de:2c:e6:a0:c0:dc:d9:94:bb:
7d:65:4d:d4:fd:86:34:7e:37:db:45:55:f4:27:1e:4d:98:14:
5c:9e:d7:98:5d:41:53:cd:32:ca:f7:b5:a8:73:a0:5a:5c:50:
c7:0c:5a:70:9e:a2:84:12:a3:d6:29:15:40:cd:83:ab:60:7e:
b9:53:b8:71:b6:3c:9e:76:bc:03:fa:9c:2d:cd:ff:41:e7:08:
0d:6b:57:68:59:53:f0:a2:34:a5:b7:99:e2:e0:40:60:59:1e:
1c:79:7f:a2:05:8f:6c:6d:f4:76:54:c0:8f:b6:33:1a:5b:a8:
67:39:2d:d3:85:88:18:c9:0b:18:2d:93:ef:2c:74:a9:7c:70:
27:c0:d1:c8
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDY5NDQxMTAvBgNVBAUTKEVEMUY5NThDQjYwNEI1NzZFODIyMTRCNENGM0NDMEZF
NjIwRUY5RjQwHhcNMjUwMzAzMDUyMDM1WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M1M2MyMi1mYzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Rwc378OcyoAjPJ0rQZz84jwI7APnhveDERIj4atrXHYsNfJKv93g7tOMJer
JqaCRvs3tF74KrTXCM/MmEOQRm30qUGxwxwWpoet7JjJLUFcZh1cntTCKTZq52Dj
JdGCoim3Rmzo+b+naDEmsQN1c0RjK0fpDh+vyV5+bpUAxc2iZR8Tz3bNYXw8WeiJ
/9JvVsD1dJEvvyQGY1jtA84Un8nHmgPysfKPF9iqLMZn3/bm7pMJoIs3PTrFMROr
LCOEu/YvyGE25MDLOQJyzTWZxfaLdU0MHoFFqi5wH3dFrKCZW7QZL9MQcGXGx7ep
Cvb35Fs0l+CzIXxQtJ4O+S5MhwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEArdZtU
r7eO64u9ngVsP9YkDuC+MB8GA1UdIwQYMBaAFO0flYy2BLV26CIUtM88wP5iDvn0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Njk0NC80M0JEMUM2RThF
OTUxMUVBQTlENzNBMkVDNEY5QUUwMi83Ui1WakxZRXRYYm9JaFMwenp6QV9tSU8t
ZlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdSLVZqTFlFdFhib0loUzB6enpBX21JTy1mUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDY5NDQvNDNCRDFDNkU4RTk1MTFFQUE5RDczQTJFQzRGOUFFMDIvRDQxMUY5NkM1
MzJFMTFFRkIwQjYzRTYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnyt4DBABn0cYwDQYJKoZIhvcNAQELBQADggEBAKYD8b9p
bVJ5i+hYPbXsteruBYINI7V9gCuXspqzly8HgWQIJEzuxGCpTVeYP3XkIandcBcq
RfAOK3x2mnUpWJ1u9B7WkOaSbH1X+dJAcDqTuIVGTn0AJK2P1OlHN7fedmXy+mKM
DlDgn3q/x8TprryyYOLNHN4s5qDA3NmUu31lTdT9hjR+N9tFVfQnHk2YFFye15hd
QVPNMsr3tahzoFpcUMcMWnCeooQSo9YpFUDNg6tgfrlTuHG2PJ52vAP6nC3N/0Hn
CA1rV2hZU/CiNKW3meLgQGBZHhx5f6IFj2xt9HZUwI+2MxpbqGc5LdOFiBjJCxgt
k+8sdKl8cCfA0cg=
-----END CERTIFICATE-----
Generated at Mon Apr 14 11:09:05 2025 by rpki-client