Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91527F9/6ED2EBAA1D9A11E2AE93AD8708B02CD2/909C5126F0A711EEA6150174C4F9AE02.roa
File: 909C5126F0A711EEA6150174C4F9AE02.roa (raw, json)
Hash identifier: HW9R1Ep56SryGIz4W6P5CqXSgSxlXz4KavtGaF387a4=
Subject key identifier: 1C:DA:AA:D4:E1:6A:75:8D:A5:E3:19:F7:5A:B6:74:35:47:F0:BC:52
Certificate issuer: /CN=A91527F9/serialNumber=E6BF46E530DF92298FAC032AFBC98409C4430439
Certificate serial: 343F
Authority key identifier: E6:BF:46:E5:30:DF:92:29:8F:AC:03:2A:FB:C9:84:09:C4:43:04:39
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5r9G5TDfkimPrAMq-8mECcRDBDk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91527F9/6ED2EBAA1D9A11E2AE93AD8708B02CD2/909C5126F0A711EEA6150174C4F9AE02.roa
Signing time: Sat 02 Nov 2024 15:20:58 +0000
ROA not before: Sat 02 Nov 2024 15:20:58 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 9241
IP address blocks: 110.35.88.0/21 maxlen: 21
113.20.64.0/19 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91527F9/6ED2EBAA1D9A11E2AE93AD8708B02CD2/5r9G5TDfkimPrAMq-8mECcRDBDk.crl
rsync://rpki.apnic.net/member_repository/A91527F9/6ED2EBAA1D9A11E2AE93AD8708B02CD2/5r9G5TDfkimPrAMq-8mECcRDBDk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5r9G5TDfkimPrAMq-8mECcRDBDk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 14:54:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13375 (0x343f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91527F9, serialNumber=E6BF46E530DF92298FAC032AFBC98409C4430439
Validity
Not Before: Nov 2 15:20:58 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6726435a-4361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fc:3b:45:d2:d7:eb:34:db:01:10:ce:90:6a:
61:63:c5:11:4e:67:e6:95:2c:d4:d3:1d:0a:d8:84:
38:4d:21:78:1c:e8:23:8d:a4:34:2b:20:1a:a7:52:
6b:a2:2d:93:9d:bc:a1:7d:19:1e:aa:31:12:d3:57:
8c:74:a1:13:b8:5d:23:21:18:57:bb:8a:c9:a8:9e:
56:ea:62:86:60:75:28:b5:41:4a:07:d1:85:0d:d3:
d3:21:7b:54:a3:15:43:e7:69:e0:72:5a:c4:bb:48:
36:77:ca:e8:3e:e2:c1:46:ff:e9:b3:cf:ec:b6:ae:
dd:35:40:8d:73:2c:f1:99:8a:16:34:fe:67:44:7f:
23:61:83:7d:4f:3f:45:93:e3:5e:be:1b:f4:a1:65:
1b:9a:a1:b3:32:43:86:f7:1f:bb:c0:06:c3:70:43:
6d:4c:a3:d2:b1:30:95:11:20:64:df:05:4c:09:7d:
4c:9e:2a:16:bc:53:ed:f3:43:2b:5b:d1:34:e2:96:
0a:90:01:a6:bc:18:94:85:ea:a7:24:b7:ca:a4:5b:
aa:03:fe:b3:d3:11:1e:bd:33:19:0a:47:72:91:f2:
72:5b:cb:6e:7c:53:91:f4:c2:c8:81:3f:3e:8d:c9:
f7:47:95:93:73:87:4b:dd:bb:ff:e0:41:a6:ac:08:
8b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DA:AA:D4:E1:6A:75:8D:A5:E3:19:F7:5A:B6:74:35:47:F0:BC:52
X509v3 Authority Key Identifier:
keyid:E6:BF:46:E5:30:DF:92:29:8F:AC:03:2A:FB:C9:84:09:C4:43:04:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91527F9/6ED2EBAA1D9A11E2AE93AD8708B02CD2/5r9G5TDfkimPrAMq-8mECcRDBDk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5r9G5TDfkimPrAMq-8mECcRDBDk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91527F9/6ED2EBAA1D9A11E2AE93AD8708B02CD2/909C5126F0A711EEA6150174C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.35.88.0/21
113.20.64.0/19
Signature Algorithm: sha256WithRSAEncryption
bc:c7:d7:e0:70:7a:53:fd:6e:bf:b5:30:5a:6b:3b:bb:68:b9:
eb:9d:c5:77:1e:8e:83:60:4e:37:42:22:5d:c4:ba:2f:81:d5:
4d:17:d3:bb:38:96:42:8e:69:2d:f2:2f:a3:01:0a:1b:c0:40:
70:eb:27:08:1e:89:7c:22:04:3f:d4:4b:f5:db:23:f6:2e:72:
71:fe:55:56:dc:8f:ec:fd:fa:04:4b:24:68:9a:0c:eb:56:af:
f9:36:04:c2:14:39:8e:90:87:7b:ae:ae:ae:54:42:f7:1c:56:
77:35:fa:5f:c0:27:12:69:6c:34:76:74:bf:c4:23:94:e0:69:
d8:37:62:aa:2d:02:dc:02:2f:ee:8e:75:53:56:21:a9:b1:f3:
27:58:40:ed:54:e1:45:d7:64:66:91:bc:6b:46:8f:51:05:d9:
20:09:3d:20:7e:5c:a1:a6:de:0d:fd:80:26:a4:16:81:52:db:
9c:6b:df:60:5b:06:ee:92:f1:75:89:7c:0c:86:81:00:43:97:
63:41:94:35:b9:ab:fd:da:77:91:0c:dc:12:c8:0c:6c:0c:58:
5e:66:57:bc:93:cb:77:f8:04:0d:96:a8:ec:70:ab:28:7c:68:
7a:e1:3a:43:bb:89:38:71:9c:7d:2c:05:a1:55:e4:af:50:62:
c5:cd:f5:b3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICND8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTI3RjkxMTAvBgNVBAUTKEU2QkY0NkU1MzBERjkyMjk4RkFDMDMyQUZCQzk4NDA5
QzQ0MzA0MzkwHhcNMjQxMTAyMTUyMDU4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI2NDM1YS00MzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvfw7RdLX6zTbARDOkGphY8URTmfmlSzU0x0K2IQ4TSF4HOgjjaQ0KyAap1Jr
oi2TnbyhfRkeqjES01eMdKETuF0jIRhXu4rJqJ5W6mKGYHUotUFKB9GFDdPTIXtU
oxVD52ngclrEu0g2d8roPuLBRv/ps8/stq7dNUCNcyzxmYoWNP5nRH8jYYN9Tz9F
k+Nevhv0oWUbmqGzMkOG9x+7wAbDcENtTKPSsTCVESBk3wVMCX1MnioWvFPt80Mr
W9E04pYKkAGmvBiUheqnJLfKpFuqA/6z0xEevTMZCkdykfJyW8tufFOR9MLIgT8+
jcn3R5WTc4dL3bv/4EGmrAiLlQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBzaqtTh
anWNpeMZ91q2dDVH8LxSMB8GA1UdIwQYMBaAFOa/RuUw35Ipj6wDKvvJhAnEQwQ5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjdGOS82RUQyRUJBQTFE
OUExMUUyQUU5M0FEODcwOEIwMkNEMi81cjlHNVREZmtpbVByQU1xLThtRUNjUkRC
RGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVyOUc1VERma2ltUHJBTXEtOG1FQ2NSREJEay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTI3RjkvNkVEMkVCQUExRDlBMTFFMkFFOTNBRDg3MDhCMDJDRDIvOTA5QzUxMjZG
MEE3MTFFRUE2MTUwMTc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBANuI1gDBAVxFEAwDQYJKoZIhvcNAQELBQADggEBALzH1+Bw
elP9br+1MFprO7toueudxXcejoNgTjdCIl3Eui+B1U0X07s4lkKOaS3yL6MBChvA
QHDrJwgeiXwiBD/US/XbI/YucnH+VVbcj+z9+gRLJGiaDOtWr/k2BMIUOY6Qh3uu
rq5UQvccVnc1+l/AJxJpbDR2dL/EI5Tgadg3YqotAtwCL+6OdVNWIamx8ydYQO1U
4UXXZGaRvGtGj1EF2SAJPSB+XKGm3g39gCakFoFS25xr32BbBu6S8XWJfAyGgQBD
l2NBlDW5q/3ad5EM3BLIDGwMWF5mV7yTy3f4BA2WqOxwqyh8aHrhOkO7iThxnH0s
BaFV5K9QYsXN9bM=
-----END CERTIFICATE-----
Generated at Sun Apr 13 13:21:57 2025 by rpki-client