Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/6C061360105911F08BC6692CC4F9AE02.roa
File: 6C061360105911F08BC6692CC4F9AE02.roa (raw, json)
Hash identifier: fxnKQH+hbVYix2vpYNlA4ryJmehEVWmxPALPrY6fkNI=
Subject key identifier: 30:59:62:19:18:31:45:EF:B2:95:45:F6:05:EF:DD:3F:A9:1B:2A:AE
Certificate issuer: /CN=A9153646/serialNumber=3492EFFE9622B1FFF881597003763C1BA24A1E06
Certificate serial: 0723
Authority key identifier: 34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/6C061360105911F08BC6692CC4F9AE02.roa
Signing time: Thu 03 Apr 2025 07:01:10 +0000
ROA not before: Thu 03 Apr 2025 07:01:10 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 150744
IP address blocks: 103.203.177.0/24 maxlen: 24
223.29.214.0/24 maxlen: 24
2401:b8c0:a::/48 maxlen: 48
2401:b8c0:d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/NJLv_pYisf_4gVlwA3Y8G6JKHgY.crl
rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/NJLv_pYisf_4gVlwA3Y8G6JKHgY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 18:11:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1827 (0x723)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9153646, serialNumber=3492EFFE9622B1FFF881597003763C1BA24A1E06
Validity
Not Before: Apr 3 07:01:10 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67ee3236-21ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:78:6e:28:5e:f7:ce:c2:58:56:35:29:48:08:
e9:5c:ad:6c:73:0f:28:8a:7f:d7:4d:dd:e2:a0:fc:
aa:16:12:51:0e:41:3b:64:62:9b:83:09:30:86:66:
b0:59:c6:bc:a4:cd:cf:53:bc:25:e0:b6:65:4b:54:
53:6e:34:0c:89:51:c6:62:04:e2:8b:ed:99:d6:04:
33:0c:e7:dd:3e:ec:bd:85:eb:b7:5e:ec:dc:ee:70:
07:f9:c6:ed:d0:33:19:72:3b:0c:5a:02:f3:30:ec:
68:04:5e:3a:56:4f:1b:43:07:7a:87:40:9b:4d:61:
72:a3:27:ec:b7:3d:1c:8a:ce:eb:8f:40:f6:0a:b8:
0e:d1:2b:f4:ef:ff:c6:17:df:e1:74:56:20:54:cc:
b1:bc:95:bf:19:b8:69:fc:14:e3:ed:6a:3e:6c:dd:
dd:df:31:e6:77:c0:8f:e5:4b:3f:86:3f:62:67:43:
d2:87:49:07:3a:29:08:da:20:50:81:5c:bd:1a:fa:
d5:f0:f2:44:19:b1:c2:61:71:e1:56:40:21:d7:b5:
04:e4:0f:3d:6c:2d:bd:ce:78:c4:2d:c0:46:43:37:
cf:91:1f:33:32:23:3a:c7:d6:1a:cb:27:03:14:32:
de:c0:bc:67:06:eb:6b:ec:29:eb:28:34:f4:bb:03:
a3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:59:62:19:18:31:45:EF:B2:95:45:F6:05:EF:DD:3F:A9:1B:2A:AE
X509v3 Authority Key Identifier:
keyid:34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/NJLv_pYisf_4gVlwA3Y8G6JKHgY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/6C061360105911F08BC6692CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.177.0/24
223.29.214.0/24
IPv6:
2401:b8c0:a::/48
2401:b8c0:d::/48
Signature Algorithm: sha256WithRSAEncryption
35:7f:8b:d5:8e:e4:03:b6:29:6d:10:75:28:82:34:eb:b6:8e:
f2:97:52:7b:16:a4:d6:d3:f0:34:18:5e:7b:3f:aa:53:d3:2f:
70:73:87:e9:71:bc:b2:a8:b4:ff:e7:f5:e2:2c:67:61:32:31:
47:c0:6a:18:18:57:64:e1:0a:61:d2:47:89:81:1e:64:37:f6:
e1:18:d0:a0:27:b5:8d:55:0e:af:13:97:c0:23:88:b8:04:29:
bb:d6:2d:3d:c9:c3:8a:70:9b:d1:1e:b2:72:19:0d:bc:44:26:
88:fc:2c:09:6a:c2:66:7a:3f:15:71:b1:31:2d:36:78:0d:b6:
5b:81:10:f7:ff:c7:3b:fe:43:84:1f:e2:4a:e8:17:c4:c6:f6:
8e:00:5f:0a:72:9b:7a:d8:19:ee:4d:0f:59:2d:3c:86:ff:42:
9f:5c:7e:0f:88:29:07:1e:8b:da:7c:36:84:00:29:5e:65:43:
f9:8b:b1:4c:51:21:69:89:44:33:2d:6c:87:92:ec:09:d4:ee:
db:0d:b7:fc:36:21:2d:7b:da:85:95:5b:c0:42:2f:92:44:7e:
c7:9c:2d:44:59:ed:11:0e:33:cf:62:4d:24:4d:a6:3c:8f:8a:
25:71:b2:96:2f:db:87:60:49:ec:3a:fd:83:b7:3c:9d:42:15:
dd:6c:37:78
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICByMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM2NDYxMTAvBgNVBAUTKDM0OTJFRkZFOTYyMkIxRkZGODgxNTk3MDAzNzYzQzFC
QTI0QTFFMDYwHhcNMjUwNDAzMDcwMTEwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2VlMzIzNi0yMWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx3huKF73zsJYVjUpSAjpXK1scw8oin/XTd3ioPyqFhJRDkE7ZGKbgwkwhmaw
Wca8pM3PU7wl4LZlS1RTbjQMiVHGYgTii+2Z1gQzDOfdPuy9heu3Xuzc7nAH+cbt
0DMZcjsMWgLzMOxoBF46Vk8bQwd6h0CbTWFyoyfstz0cis7rj0D2CrgO0Sv07//G
F9/hdFYgVMyxvJW/Gbhp/BTj7Wo+bN3d3zHmd8CP5Us/hj9iZ0PSh0kHOikI2iBQ
gVy9GvrV8PJEGbHCYXHhVkAh17UE5A89bC29znjELcBGQzfPkR8zMiM6x9YayycD
FDLewLxnButr7CnrKDT0uwOj4QIDAQABo4ICtTCCArEwHQYDVR0OBBYEFDBZYhkY
MUXvspVF9gXv3T+pGyquMB8GA1UdIwQYMBaAFDSS7/6WIrH/+IFZcAN2PBuiSh4G
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzY0Ni82QjhFRkE1QUZG
OTgxMUU5ODdDODBBNkFDNEY5QUUwMi9OSkx2X3BZaXNmXzRnVmx3QTNZOEc2SktI
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05KTHZfcFlpc2ZfNGdWbHdBM1k4RzZKS0hnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM2NDYvNkI4RUZBNUFGRjk4MTFFOTg3QzgwQTZBQzRGOUFFMDIvNkMwNjEzNjAx
MDU5MTFGMDhCQzY2OTJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMBIEAgABMAwDBABny7EDBADfHdYwGAQCAAIwEgMHACQBuMAACgMHACQBuMAA
DTANBgkqhkiG9w0BAQsFAAOCAQEANX+L1Y7kA7YpbRB1KII067aO8pdSexak1tPw
NBheez+qU9MvcHOH6XG8sqi0/+f14ixnYTIxR8BqGBhXZOEKYdJHiYEeZDf24RjQ
oCe1jVUOrxOXwCOIuAQpu9YtPcnDinCb0R6ychkNvEQmiPwsCWrCZno/FXGxMS02
eA22W4EQ9//HO/5DhB/iSugXxMb2jgBfCnKbetgZ7k0PWS08hv9Cn1x+D4gpBx6L
2nw2hAApXmVD+YuxTFEhaYlEMy1sh5LsCdTu2w23/DYhLXvahZVbwEIvkkR+x5wt
RFntEQ4zz2JNJE2mPI+KJXGyli/bh2BJ7Dr9g7c8nUIV3Ww3eA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:46:04 2025 by rpki-client