Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/140E693613BF11ECA64D821AC4F9AE02.roa
File: 140E693613BF11ECA64D821AC4F9AE02.roa (raw, json)
Hash identifier: BLN1lKtFOEI4I4kMREMJqKNdevJbMvO6FDfATzwYDjw=
Subject key identifier: E7:1D:BA:C8:4B:69:1F:7D:97:A3:6C:10:F2:8B:51:D2:F0:A0:F3:D2
Certificate issuer: /CN=A914CBF3/serialNumber=E2449E312220131E2E76C42C7CCC6DD193510707
Certificate serial: 0BE9
Authority key identifier: E2:44:9E:31:22:20:13:1E:2E:76:C4:2C:7C:CC:6D:D1:93:51:07:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4kSeMSIgEx4udsQsfMxt0ZNRBwc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/140E693613BF11ECA64D821AC4F9AE02.roa
Signing time: Wed 08 Jan 2025 19:07:49 +0000
ROA not before: Wed 08 Jan 2025 19:07:49 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 58715
IP address blocks: 103.126.20.0/22 maxlen: 23
103.126.20.0/24 maxlen: 24
103.126.21.0/24 maxlen: 24
103.126.22.0/24 maxlen: 24
103.126.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/4kSeMSIgEx4udsQsfMxt0ZNRBwc.crl
rsync://rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/4kSeMSIgEx4udsQsfMxt0ZNRBwc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4kSeMSIgEx4udsQsfMxt0ZNRBwc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 18:35:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3049 (0xbe9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914CBF3, serialNumber=E2449E312220131E2E76C42C7CCC6DD193510707
Validity
Not Before: Jan 8 19:07:49 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677ecd04-67b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c0:0f:38:3e:a3:84:69:b2:ea:e2:8f:13:90:
3d:b7:c8:25:41:c5:d1:ac:d6:54:e3:93:ff:96:87:
3e:2d:6c:5a:43:0d:f9:eb:92:1c:df:2e:10:4f:af:
19:2f:49:90:e1:96:f5:65:3d:8f:f1:09:d1:5e:7b:
b9:d0:65:c4:a2:4e:a6:16:89:37:e4:ab:fe:87:83:
02:0d:26:c8:6d:94:ac:af:18:78:ed:fb:e6:68:14:
08:c0:43:b1:88:ee:41:b9:c6:04:08:fd:3a:02:98:
1d:f9:16:18:9a:e0:15:1f:43:17:a3:66:cb:84:a7:
21:d3:15:ba:ee:2a:46:db:c0:ba:81:ad:18:38:36:
1a:c0:db:66:cd:3b:7b:98:bb:28:3d:1a:5a:9d:21:
07:d1:8d:4f:fa:76:c3:1f:f2:3e:04:1e:ea:4b:15:
ea:58:51:44:89:a4:ec:ce:ab:02:c5:08:69:63:de:
e0:e5:69:e5:66:65:6a:7c:49:9e:81:97:6f:2c:c7:
7d:42:ee:24:6d:e7:0d:4c:94:05:eb:bc:80:a4:97:
8c:d8:c1:c4:a4:8d:c1:e0:16:48:1d:ed:c1:d6:e4:
5c:93:25:66:03:e9:19:ad:be:4a:c9:d3:64:99:38:
1e:32:2e:0b:01:fb:7d:55:e1:92:06:e7:68:16:26:
d4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:1D:BA:C8:4B:69:1F:7D:97:A3:6C:10:F2:8B:51:D2:F0:A0:F3:D2
X509v3 Authority Key Identifier:
keyid:E2:44:9E:31:22:20:13:1E:2E:76:C4:2C:7C:CC:6D:D1:93:51:07:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/4kSeMSIgEx4udsQsfMxt0ZNRBwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4kSeMSIgEx4udsQsfMxt0ZNRBwc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CBF3/1BC6EB2011E711EAB903AA79C4F9AE02/140E693613BF11ECA64D821AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.126.20.0/22
Signature Algorithm: sha256WithRSAEncryption
06:fa:7c:46:b6:ad:cc:b5:e3:41:f0:de:3e:dd:a6:92:08:56:
30:49:16:4f:6b:71:19:92:b6:50:12:87:5d:d7:ed:a4:9a:91:
1c:2a:73:02:dd:a3:e3:a9:63:ff:fc:7b:79:50:4c:f4:3b:ba:
63:c8:6f:46:21:2d:de:4a:dc:3d:97:df:0f:6a:98:b9:b6:c1:
b0:93:b2:79:3d:33:f5:93:69:5e:df:49:31:11:86:f0:ac:2c:
e2:02:e5:29:75:2d:43:7f:5d:93:69:45:4d:8e:cf:1b:f0:83:
35:51:b5:5f:c8:df:8c:04:ad:42:67:48:8f:6e:3c:b7:18:e1:
df:af:e3:17:34:a0:69:28:f1:87:85:a5:a3:28:36:ff:58:c6:
ba:ab:74:89:34:59:b4:06:95:88:5e:cf:87:5a:d4:e7:be:1b:
ac:51:c2:a6:c5:05:43:8a:07:13:31:25:e2:c6:60:64:ed:4e:
08:9d:49:2a:dc:5b:f5:94:c9:b3:0a:2a:2e:5b:2d:a8:be:f1:
55:b0:96:a8:91:f2:71:48:f5:71:bf:ee:8d:30:f0:7b:9b:6b:
df:aa:36:ac:08:41:bf:3a:a4:79:ce:f6:21:da:d2:b6:06:6b:
7c:5a:43:42:64:8f:85:b0:de:e9:24:cb:ee:07:26:c8:8c:99:
99:5c:5b:7b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC+kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENCRjMxMTAvBgNVBAUTKEUyNDQ5RTMxMjIyMDEzMUUyRTc2QzQyQzdDQ0M2REQx
OTM1MTA3MDcwHhcNMjUwMTA4MTkwNzQ5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdlY2QwNC02N2IxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvsAPOD6jhGmy6uKPE5A9t8glQcXRrNZU45P/loc+LWxaQw3565Ic3y4QT68Z
L0mQ4Zb1ZT2P8QnRXnu50GXEok6mFok35Kv+h4MCDSbIbZSsrxh47fvmaBQIwEOx
iO5BucYECP06Apgd+RYYmuAVH0MXo2bLhKch0xW67ipG28C6ga0YODYawNtmzTt7
mLsoPRpanSEH0Y1P+nbDH/I+BB7qSxXqWFFEiaTszqsCxQhpY97g5WnlZmVqfEme
gZdvLMd9Qu4kbecNTJQF67yApJeM2MHEpI3B4BZIHe3B1uRckyVmA+kZrb5KydNk
mTgeMi4LAft9VeGSBudoFibUmQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOcdushL
aR99l6NsEPKLUdLwoPPSMB8GA1UdIwQYMBaAFOJEnjEiIBMeLnbELHzMbdGTUQcH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0JGMy8xQkM2RUIyMDEx
RTcxMUVBQjkwM0FBNzlDNEY5QUUwMi80a1NlTVNJZ0V4NHVkc1FzZk14dDBaTlJC
d2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRrU2VNU0lnRXg0dWRzUXNmTXh0MFpOUkJ3Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENCRjMvMUJDNkVCMjAxMUU3MTFFQUI5MDNBQTc5QzRGOUFFMDIvMTQwRTY5MzYx
M0JGMTFFQ0E2NEQ4MjFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnfhQwDQYJKoZIhvcNAQELBQADggEBAAb6fEa2rcy140Hw
3j7dppIIVjBJFk9rcRmStlASh13X7aSakRwqcwLdo+OpY//8e3lQTPQ7umPIb0Yh
Ld5K3D2X3w9qmLm2wbCTsnk9M/WTaV7fSTERhvCsLOIC5Sl1LUN/XZNpRU2Ozxvw
gzVRtV/I34wErUJnSI9uPLcY4d+v4xc0oGko8YeFpaMoNv9YxrqrdIk0WbQGlYhe
z4da1Oe+G6xRwqbFBUOKBxMxJeLGYGTtTgidSSrcW/WUybMKKi5bLai+8VWwlqiR
8nFI9XG/7o0w8Huba9+qNqwIQb86pHnO9iHa0rYGa3xaQ0Jkj4Ww3ukky+4HJsiM
mZlcW3s=
-----END CERTIFICATE-----
Generated at Sun Apr 13 21:31:15 2025 by rpki-client