Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/1E143AA26E7D11EFBB48F63EC4F9AE02.roa
File: 1E143AA26E7D11EFBB48F63EC4F9AE02.roa (raw, json)
Hash identifier: PVnENrYeIS4iiFtrLcFEnNW4yBRsfLOD9D/GbgEuWKc=
Subject key identifier: 45:CE:F3:B7:27:B1:D0:8A:B6:9C:E5:A7:21:00:46:A3:FF:85:EA:E7
Certificate issuer: /CN=A914BF04/serialNumber=B01E7C1EDE102251EE60741E2E19F060303D71C9
Certificate serial: 0580
Authority key identifier: B0:1E:7C:1E:DE:10:22:51:EE:60:74:1E:2E:19:F0:60:30:3D:71:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sB58Ht4QIlHuYHQeLhnwYDA9cck.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/1E143AA26E7D11EFBB48F63EC4F9AE02.roa
Signing time: Thu 06 Feb 2025 23:01:43 +0000
ROA not before: Thu 06 Feb 2025 23:01:42 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 141681
IP address blocks: 103.161.242.0/24 maxlen: 24
103.170.17.0/24 maxlen: 24
2400:bde0::/32 maxlen: 32
2400:bde0::/48 maxlen: 48
2400:bde0:0:100::/56 maxlen: 56
2400:bde0:0:100::/60 maxlen: 60
2400:bde0:0:108::/64 maxlen: 64
2400:bde0:1::/48 maxlen: 48
2400:bde0:1:150::/64 maxlen: 64
2400:bde0:2::/48 maxlen: 48
2400:bde0:100::/46 maxlen: 46
2400:bde0:100::/48 maxlen: 48
2400:bde0:3000::/46 maxlen: 46
2400:bde0:3000::/48 maxlen: 48
2400:bde0:4000::/44 maxlen: 44
2400:bde0:4000::/45 maxlen: 46
2400:bde0:6000::/46 maxlen: 46
2400:bde0:6004::/46 maxlen: 46
2400:bde0:8000::/44 maxlen: 45
2400:bde0:8000::/45 maxlen: 47
2400:bde0:8008::/46 maxlen: 46
2400:bde0:8008::/47 maxlen: 47
2400:bde0:8010::/44 maxlen: 45
2400:bde0:8010::/45 maxlen: 47
2400:bde0:8018::/46 maxlen: 46
2400:bde0:8018::/47 maxlen: 47
2400:bde0:8020::/44 maxlen: 45
2400:bde0:8020::/45 maxlen: 47
2400:bde0:8028::/46 maxlen: 46
2400:bde0:8028::/47 maxlen: 47
2400:bde0:8030::/44 maxlen: 45
2400:bde0:8030::/45 maxlen: 47
2400:bde0:8038::/46 maxlen: 46
2400:bde0:8038::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/sB58Ht4QIlHuYHQeLhnwYDA9cck.crl
rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/sB58Ht4QIlHuYHQeLhnwYDA9cck.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sB58Ht4QIlHuYHQeLhnwYDA9cck.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 23:34:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1408 (0x580)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BF04
Validity
Not Before: Feb 6 23:01:42 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a53f56-804e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:79:d1:fd:e1:c8:e6:3b:59:3f:b2:bf:95:80:
a5:99:8a:94:5e:70:f2:80:42:24:22:3c:1c:2e:a8:
28:73:e5:00:c6:f3:8f:7a:82:e2:56:02:12:cc:d6:
c0:61:c2:cb:00:27:f6:b4:c4:55:a6:37:70:94:e4:
d7:b7:19:3e:90:e0:61:db:73:fa:ce:02:4c:72:94:
4b:ae:e3:5c:29:dd:6a:2a:ef:88:9c:22:8a:91:85:
ed:c0:3e:8b:a9:3d:ed:d3:bd:23:32:40:c6:9d:0d:
67:2e:5d:59:ea:f4:8e:da:9b:ee:2b:05:c9:6a:10:
89:f2:bd:4b:33:fc:b0:cb:3c:6e:24:ca:1d:5c:68:
70:cc:c4:58:eb:ed:bb:25:da:87:9e:f5:bc:ca:c6:
69:7f:e3:81:9b:10:b7:68:db:51:77:53:4a:37:b3:
95:e8:0e:06:99:3f:86:fe:e5:cf:27:2c:99:3e:75:
74:19:5c:81:f2:98:45:a0:26:1a:b3:4e:83:39:3d:
20:99:c0:ee:90:c0:db:eb:74:b4:1f:18:b8:c9:6f:
f7:08:ec:35:d5:c6:ff:d0:6f:a4:c1:dd:85:57:bc:
2b:8a:e5:2c:45:ae:f0:f5:d6:b6:5a:cc:20:9d:53:
df:dc:b2:f2:1d:f5:31:f0:39:3d:17:45:f5:3b:8a:
11:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:CE:F3:B7:27:B1:D0:8A:B6:9C:E5:A7:21:00:46:A3:FF:85:EA:E7
X509v3 Authority Key Identifier:
keyid:B0:1E:7C:1E:DE:10:22:51:EE:60:74:1E:2E:19:F0:60:30:3D:71:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/sB58Ht4QIlHuYHQeLhnwYDA9cck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sB58Ht4QIlHuYHQeLhnwYDA9cck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BF04/DA538A56EA2811EB9AE60B74C4F9AE02/1E143AA26E7D11EFBB48F63EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.161.242.0/24
103.170.17.0/24
IPv6:
2400:bde0::/32
Signature Algorithm: sha256WithRSAEncryption
16:58:f3:dd:e4:b0:e4:28:73:a9:5b:5d:88:27:dd:79:09:56:
8c:77:d4:6b:cd:7a:e2:53:a8:2e:d6:e4:0a:0f:82:0a:83:b9:
e0:61:7e:33:84:cf:9c:60:7c:a3:ac:ba:aa:28:a5:b4:c2:a8:
fa:57:43:2a:d3:f6:51:50:da:0d:63:2c:6c:03:47:12:92:e1:
97:74:65:e3:ae:02:62:14:15:0f:0c:d8:78:b9:33:e4:02:89:
58:d8:7c:d5:13:eb:a3:1c:e7:f6:13:fb:f7:3e:ac:57:81:31:
cd:19:7e:38:66:d6:27:5a:45:42:ce:b6:9a:62:17:dd:18:14:
f5:05:34:83:9f:e1:23:bd:5a:ad:a2:bd:7f:33:59:0d:c2:78:
b8:2f:af:fe:29:4f:86:6c:1b:ff:d4:ac:3b:18:1b:ad:c8:88:
b0:a0:eb:ff:41:30:9d:48:e9:3c:37:ca:b7:bf:d3:c6:36:62:
89:45:22:57:98:3a:5c:9e:65:5b:50:12:2e:01:2c:48:e6:00:
9d:03:0a:bc:ec:88:a8:ae:dd:aa:10:6d:90:7c:76:15:1a:01:
c3:33:5d:cc:b2:af:26:31:89:5d:f1:b1:dc:a3:10:1a:d1:8d:
ae:8e:00:3a:ba:51:4d:68:60:32:75:9d:48:50:06:2e:eb:cf:
03:c1:ad:bf
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICBYAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJGMDQxMTAvBgNVBAUTKEIwMUU3QzFFREUxMDIyNTFFRTYwNzQxRTJFMTlGMDYw
MzAzRDcxQzkwHhcNMjUwMjA2MjMwMTQyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E1M2Y1Ni04MDRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw3nR/eHI5jtZP7K/lYClmYqUXnDygEIkIjwcLqgoc+UAxvOPeoLiVgISzNbA
YcLLACf2tMRVpjdwlOTXtxk+kOBh23P6zgJMcpRLruNcKd1qKu+InCKKkYXtwD6L
qT3t070jMkDGnQ1nLl1Z6vSO2pvuKwXJahCJ8r1LM/ywyzxuJModXGhwzMRY6+27
JdqHnvW8ysZpf+OBmxC3aNtRd1NKN7OV6A4GmT+G/uXPJyyZPnV0GVyB8phFoCYa
s06DOT0gmcDukMDb63S0Hxi4yW/3COw11cb/0G+kwd2FV7wriuUsRa7w9da2Wswg
nVPf3LLyHfUx8Dk9F0X1O4oRFQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEXO87cn
sdCKtpzlpyEARqP/hernMB8GA1UdIwQYMBaAFLAefB7eECJR7mB0Hi4Z8GAwPXHJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkYwNC9EQTUzOEE1NkVB
MjgxMUVCOUFFNjBCNzRDNEY5QUUwMi9zQjU4SHQ0UUlsSHVZSFFlTGhud1lEQTlj
Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NCNThIdDRRSWxIdVlIUWVMaG53WURBOWNjay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJGMDQvREE1MzhBNTZFQTI4MTFFQjlBRTYwQjc0QzRGOUFFMDIvMUUxNDNBQTI2
RTdEMTFFRkJCNDhGNjNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABnofIDBABnqhEwDQQCAAIwBwMFACQAveAwDQYJKoZIhvcN
AQELBQADggEBABZY893ksOQoc6lbXYgn3XkJVox31GvNeuJTqC7W5AoPggqDueBh
fjOEz5xgfKOsuqoopbTCqPpXQyrT9lFQ2g1jLGwDRxKS4Zd0ZeOuAmIUFQ8M2Hi5
M+QCiVjYfNUT66Mc5/YT+/c+rFeBMc0Zfjhm1idaRULOtppiF90YFPUFNIOf4SO9
Wq2ivX8zWQ3CeLgvr/4pT4ZsG//UrDsYG63IiLCg6/9BMJ1I6Tw3yre/08Y2YolF
IleYOlyeZVtQEi4BLEjmAJ0DCrzsiKiu3aoQbZB8dhUaAcMzXcyyryYxiV3xsdyj
EBrRja6OADq6UU1oYDJ1nUhQBi7rzwPBrb8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:16:45 2025 by rpki-client