Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/03BA8B36824411EF94479387C4F9AE02.roa
File: 03BA8B36824411EF94479387C4F9AE02.roa (raw, json)
Hash identifier: Zg67mtsRPmH+mIuPO6H9TG0Bz8V1VI6Op+1VjZiZR1s=
Subject key identifier: BD:73:40:19:23:86:82:AC:86:BF:77:37:06:A5:F8:1D:34:AD:65:28
Certificate issuer: /CN=A9157D7A/serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Certificate serial: 0729
Authority key identifier: 40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/03BA8B36824411EF94479387C4F9AE02.roa
Signing time: Wed 26 Mar 2025 08:44:57 +0000
ROA not before: Wed 26 Mar 2025 08:44:57 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 55740
IP address blocks: 14.195.78.0/24 maxlen: 24
14.195.79.0/24 maxlen: 24
14.195.91.0/24 maxlen: 24
14.195.124.0/24 maxlen: 24
49.249.1.0/24 maxlen: 24
49.249.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 22:28:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1833 (0x729)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D7A, serialNumber=401B429906C90EA03ECFC61B15BA4EF123903379
Validity
Not Before: Mar 26 08:44:57 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67e3be89-d8b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:01:e1:fc:16:36:f4:b7:1b:52:13:be:d2:a4:
17:dd:c4:e4:75:b5:aa:ce:eb:00:28:79:6b:05:c4:
32:5a:bf:a3:5c:81:92:ea:c1:70:23:6d:f6:97:d9:
4e:d8:5c:ca:d8:30:e5:f9:83:69:55:9a:a1:69:9a:
33:a0:76:eb:ca:92:f7:a3:00:17:b7:33:4b:7b:01:
d5:b1:f9:82:55:b2:c4:80:3b:90:c6:c7:96:78:36:
5f:5b:e0:db:8c:c6:bc:c3:4e:27:a3:94:7a:e0:12:
9c:12:93:bf:b1:3c:2a:ee:27:48:31:98:dd:7d:1e:
e5:73:49:91:b8:fe:73:ae:f7:99:c7:34:da:66:58:
0f:b5:d6:f9:cc:6c:a9:06:89:7c:bd:c0:a9:f1:a9:
56:6e:38:b5:e8:b8:0e:83:37:11:ae:03:f8:3b:fc:
20:b9:5b:33:aa:d1:d8:21:f6:37:33:f9:8a:c5:c2:
4b:3c:7c:7e:01:71:1a:4a:92:b8:d2:0c:ed:75:66:
dd:af:8d:20:b6:39:49:3e:25:d9:86:f8:97:27:fc:
59:b6:5a:0a:fe:38:0d:0c:55:f8:3b:f1:5d:19:2c:
06:a4:3c:d0:d9:c7:d2:ca:c6:7e:99:64:f4:90:3e:
9d:03:9d:b4:21:f6:d6:e0:20:1a:d0:27:dd:83:9c:
83:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:73:40:19:23:86:82:AC:86:BF:77:37:06:A5:F8:1D:34:AD:65:28
X509v3 Authority Key Identifier:
keyid:40:1B:42:99:06:C9:0E:A0:3E:CF:C6:1B:15:BA:4E:F1:23:90:33:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/QBtCmQbJDqA-z8YbFbpO8SOQM3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QBtCmQbJDqA-z8YbFbpO8SOQM3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D7A/5DDCCCC6991511EB96727243C4F9AE02/03BA8B36824411EF94479387C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.195.78.0/23
14.195.91.0/24
14.195.124.0/24
49.249.1.0/24
49.249.27.0/24
Signature Algorithm: sha256WithRSAEncryption
af:47:04:29:39:f5:0f:d0:68:18:92:8e:e3:49:6a:b5:9b:97:
9c:a1:b5:73:ca:10:98:43:69:fb:2d:97:5f:ef:58:81:07:b1:
53:ba:80:da:54:d0:e2:0a:01:7c:b1:15:4c:98:3f:67:b8:bc:
ec:af:9b:ef:4d:b6:e5:8a:c8:25:f0:e2:c8:1d:f6:cd:42:b3:
cb:39:c0:3b:25:a4:48:0f:89:f0:08:e1:d1:3c:d6:4c:ce:d5:
40:0e:7a:5c:2e:cb:90:da:c5:b0:38:dd:c8:05:a8:5b:1c:3b:
6c:14:ee:d0:86:9b:1c:fd:16:b0:bf:57:f6:35:6a:c1:b2:49:
a3:15:e5:de:0c:33:11:1f:1a:1f:d4:d8:06:0d:84:3d:ea:c6:
27:82:2c:80:55:09:c6:5f:b5:0b:e7:6b:1f:14:9d:2d:80:72:
7f:4c:a9:1b:99:ad:65:8e:c8:0e:e1:ac:ff:81:ee:e8:f2:ba:
52:55:bf:64:30:05:2b:d1:2a:b0:8c:47:62:1d:89:d4:af:e0:
25:2b:50:36:fa:e4:f2:ff:b6:70:5b:d4:7f:75:70:76:61:a4:
60:52:5b:a1:a3:ec:a7:63:9f:1b:f3:49:0a:05:0b:a5:8f:82:
41:1a:46:a0:92:40:f2:98:41:e9:ec:aa:d1:db:a4:ac:f0:26:
1a:36:23:a1
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBykwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdEN0ExMTAvBgNVBAUTKDQwMUI0Mjk5MDZDOTBFQTAzRUNGQzYxQjE1QkE0RUYx
MjM5MDMzNzkwHhcNMjUwMzI2MDg0NDU3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UzYmU4OS1kOGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwAHh/BY29LcbUhO+0qQX3cTkdbWqzusAKHlrBcQyWr+jXIGS6sFwI232l9lO
2FzK2DDl+YNpVZqhaZozoHbrypL3owAXtzNLewHVsfmCVbLEgDuQxseWeDZfW+Db
jMa8w04no5R64BKcEpO/sTwq7idIMZjdfR7lc0mRuP5zrveZxzTaZlgPtdb5zGyp
Bol8vcCp8alWbji16LgOgzcRrgP4O/wguVszqtHYIfY3M/mKxcJLPHx+AXEaSpK4
0gztdWbdr40gtjlJPiXZhviXJ/xZtloK/jgNDFX4O/FdGSwGpDzQ2cfSysZ+mWT0
kD6dA520IfbW4CAa0Cfdg5yDbQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFL1zQBkj
hoKshr93Nwal+B00rWUoMB8GA1UdIwQYMBaAFEAbQpkGyQ6gPs/GGxW6TvEjkDN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q3QS81RERDQ0NDNjk5
MTUxMUVCOTY3MjcyNDNDNEY5QUUwMi9RQnRDbVFiSkRxQS16OFliRmJwTzhTT1FN
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FCdENtUWJKRHFBLXo4WWJGYnBPOFNPUU0zay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdEN0EvNUREQ0NDQzY5OTE1MTFFQjk2NzI3MjQzQzRGOUFFMDIvMDNCQThCMzY4
MjQ0MTFFRjk0NDc5Mzg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAEOw04DBAAOw1sDBAAOw3wDBAAx+QEDBAAx+RswDQYJKoZI
hvcNAQELBQADggEBAK9HBCk59Q/QaBiSjuNJarWbl5yhtXPKEJhDafstl1/vWIEH
sVO6gNpU0OIKAXyxFUyYP2e4vOyvm+9NtuWKyCXw4sgd9s1Cs8s5wDslpEgPifAI
4dE81kzO1UAOelwuy5DaxbA43cgFqFscO2wU7tCGmxz9FrC/V/Y1asGySaMV5d4M
MxEfGh/U2AYNhD3qxieCLIBVCcZftQvnax8UnS2Acn9MqRuZrWWOyA7hrP+B7ujy
ulJVv2QwBSvRKrCMR2IdidSv4CUrUDb65PL/tnBb1H91cHZhpGBSW6Gj7Kdjnxvz
SQoFC6WPgkEaRqCSQPKYQensqtHbpKzwJho2I6E=
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:35:43 2025 by rpki-client