Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91503BB/4725FC78212F11EA830E0A35C4F9AE02/FC90C520213411EA8D675645C4F9AE02.roa
File: FC90C520213411EA8D675645C4F9AE02.roa (raw, json)
Hash identifier: bfvf5p0RJyl+DBh15oeIU1R+cb9fxOcLHABt0IlZccM=
Subject key identifier: 48:6F:F8:A7:07:93:09:CE:B6:E0:23:AB:F8:4F:CC:5A:A7:74:BB:8A
Certificate issuer: /CN=A91503BB/serialNumber=15F07FEFCA05E846D45385125E8BB427758300F9
Certificate serial: 0B6D
Authority key identifier: 15:F0:7F:EF:CA:05:E8:46:D4:53:85:12:5E:8B:B4:27:75:83:00:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FfB_78oF6EbUU4USXou0J3WDAPk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91503BB/4725FC78212F11EA830E0A35C4F9AE02/FC90C520213411EA8D675645C4F9AE02.roa
Signing time: Wed 08 Jan 2025 02:01:11 +0000
ROA not before: Wed 08 Jan 2025 02:01:11 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 58910
IP address blocks: 43.241.96.0/22 maxlen: 24
103.18.88.0/22 maxlen: 24
2400:5380::/32 maxlen: 32
2400:5380::/33 maxlen: 33
2400:5380:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91503BB/4725FC78212F11EA830E0A35C4F9AE02/FfB_78oF6EbUU4USXou0J3WDAPk.crl
rsync://rpki.apnic.net/member_repository/A91503BB/4725FC78212F11EA830E0A35C4F9AE02/FfB_78oF6EbUU4USXou0J3WDAPk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FfB_78oF6EbUU4USXou0J3WDAPk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 18:52:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2925 (0xb6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91503BB, serialNumber=15F07FEFCA05E846D45385125E8BB427758300F9
Validity
Not Before: Jan 8 02:01:11 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=677ddc67-db77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c2:21:57:fa:e2:98:85:b4:cc:c0:dd:b5:6d:
83:34:a1:a9:a8:a3:6c:d0:38:21:cc:34:9e:07:eb:
86:23:aa:3d:17:6f:d6:8b:53:59:52:14:07:67:cf:
8f:6d:e2:b2:9e:a4:2f:67:d3:b5:e0:ed:85:52:58:
31:ab:38:77:72:90:b1:f6:af:34:7a:7b:0c:3b:0c:
54:2b:65:dc:30:2d:d7:53:9d:69:b7:c7:ff:71:b7:
d2:1e:e6:2f:48:66:bd:53:97:c8:31:d9:07:85:2b:
98:fc:20:bd:c0:cd:09:6b:04:9b:69:82:c0:ea:f0:
b3:78:96:78:a2:77:d9:26:29:ed:69:37:55:92:7a:
34:59:60:fb:92:1c:a1:ed:86:cd:c4:82:59:98:af:
92:50:8e:5e:20:a4:34:72:41:e1:26:e0:20:fc:e4:
eb:5b:55:e7:73:5f:39:72:aa:dd:f8:4c:ed:06:96:
8e:38:59:d8:7c:6b:fe:f4:a5:07:82:a8:77:65:95:
ae:90:87:d8:ec:33:ae:bf:47:ee:4c:2c:78:d4:ad:
8e:51:94:b9:e8:10:5a:8c:4d:7b:53:c2:2e:1b:d1:
fd:f4:e6:f0:8b:94:d4:cf:9b:5c:7c:72:d1:8b:21:
55:4d:c9:ad:c8:99:9a:50:f5:f2:b3:04:a9:86:c3:
5f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:6F:F8:A7:07:93:09:CE:B6:E0:23:AB:F8:4F:CC:5A:A7:74:BB:8A
X509v3 Authority Key Identifier:
keyid:15:F0:7F:EF:CA:05:E8:46:D4:53:85:12:5E:8B:B4:27:75:83:00:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91503BB/4725FC78212F11EA830E0A35C4F9AE02/FfB_78oF6EbUU4USXou0J3WDAPk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FfB_78oF6EbUU4USXou0J3WDAPk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91503BB/4725FC78212F11EA830E0A35C4F9AE02/FC90C520213411EA8D675645C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.96.0/22
103.18.88.0/22
IPv6:
2400:5380::/32
Signature Algorithm: sha256WithRSAEncryption
8f:9d:5c:d6:90:0c:99:1e:ee:2f:22:58:c2:8f:38:dc:cb:e1:
00:f6:c2:6f:a1:ff:6f:5d:33:89:57:6f:f4:72:1d:f4:04:5c:
59:13:31:c7:e5:a3:77:f2:db:f6:bf:aa:7c:a4:63:fd:a3:17:
f1:61:c9:ca:1c:e2:cb:5c:bf:29:5a:5a:77:09:f4:2e:34:aa:
a9:2c:be:20:07:fa:92:c7:55:0e:00:92:97:34:60:fd:47:72:
02:ef:b8:f4:32:fb:b5:42:04:c5:cd:91:45:7b:2b:09:d3:29:
1d:ad:66:18:12:c3:fb:fa:1e:99:1a:48:cf:a5:18:0a:b1:c2:
99:32:dc:2a:37:16:c3:b2:f1:2c:e9:cd:90:c9:3c:f4:cf:d6:
63:83:b2:80:12:f4:9a:a8:25:f6:3b:f9:a3:f5:75:a9:08:97:
32:2c:c9:ac:4c:1c:eb:f8:65:cc:21:da:1e:71:60:e5:e9:d6:
9e:fd:4b:2b:fd:73:4e:2f:7e:0d:aa:87:92:fd:dd:29:0f:a6:
01:f3:6d:38:9a:3d:73:55:c2:76:5e:89:5b:45:c3:dd:f6:e4:
4e:98:1f:81:eb:bc:7e:28:24:2a:ff:7b:3f:05:98:4e:40:c5:
29:6e:24:e3:ff:8d:15:bb:22:dd:8c:35:ef:1e:ec:5a:82:32:
a3:a3:2d:bb
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICC20wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTAzQkIxMTAvBgNVBAUTKDE1RjA3RkVGQ0EwNUU4NDZENDUzODUxMjVFOEJCNDI3
NzU4MzAwRjkwHhcNMjUwMTA4MDIwMTExWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdkZGM2Ny1kYjc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA38IhV/rimIW0zMDdtW2DNKGpqKNs0DghzDSeB+uGI6o9F2/Wi1NZUhQHZ8+P
beKynqQvZ9O14O2FUlgxqzh3cpCx9q80ensMOwxUK2XcMC3XU51pt8f/cbfSHuYv
SGa9U5fIMdkHhSuY/CC9wM0JawSbaYLA6vCzeJZ4onfZJintaTdVkno0WWD7khyh
7YbNxIJZmK+SUI5eIKQ0ckHhJuAg/OTrW1Xnc185cqrd+EztBpaOOFnYfGv+9KUH
gqh3ZZWukIfY7DOuv0fuTCx41K2OUZS56BBajE17U8IuG9H99Obwi5TUz5tcfHLR
iyFVTcmtyJmaUPXyswSphsNf1wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEhv+KcH
kwnOtuAjq/hPzFqndLuKMB8GA1UdIwQYMBaAFBXwf+/KBehG1FOFEl6LtCd1gwD5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDNCQi80NzI1RkM3ODIx
MkYxMUVBODMwRTBBMzVDNEY5QUUwMi9GZkJfNzhvRjZFYlVVNFVTWG91MEozV0RB
UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZmQl83OG9GNkViVVU0VVNYb3UwSjNXREFQay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTAzQkIvNDcyNUZDNzgyMTJGMTFFQTgzMEUwQTM1QzRGOUFFMDIvRkM5MEM1MjAy
MTM0MTFFQThENjc1NjQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIr8WADBAJnElgwDQQCAAIwBwMFACQAU4AwDQYJKoZIhvcN
AQELBQADggEBAI+dXNaQDJke7i8iWMKPONzL4QD2wm+h/29dM4lXb/RyHfQEXFkT
Mcflo3fy2/a/qnykY/2jF/Fhycoc4stcvylaWncJ9C40qqksviAH+pLHVQ4Akpc0
YP1HcgLvuPQy+7VCBMXNkUV7KwnTKR2tZhgSw/v6HpkaSM+lGAqxwpky3Co3FsOy
8SzpzZDJPPTP1mODsoAS9JqoJfY7+aP1dakIlzIsyaxMHOv4Zcwh2h5xYOXp1p79
Syv9c04vfg2qh5L93SkPpgHzbTiaPXNVwnZeiVtFw9325E6YH4HrvH4oJCr/ez8F
mE5AxSluJOP/jRW7It2MNe8e7FqCMqOjLbs=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:29:30 2025 by rpki-client