Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9159ECD/7AC5154C016A11ECB2B00C37C4F9AE02/C309F5BA017011ECB98B2F33C4F9AE02.roa
File: C309F5BA017011ECB98B2F33C4F9AE02.roa (raw, json)
Hash identifier: aXSQnMlRqYHjlA+sWyHQ/h8SKDapqi9yLmH+QCm7j5U=
Subject key identifier: FB:F5:C4:7A:C6:47:36:29:5C:51:6E:BA:4B:72:67:ED:E3:9E:1C:34
Certificate issuer: /CN=A9159ECD/serialNumber=F1BA943C3036C69B44A75970A44D92905689A90F
Certificate serial: 050B
Authority key identifier: F1:BA:94:3C:30:36:C6:9B:44:A7:59:70:A4:4D:92:90:56:89:A9:0F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8bqUPDA2xptEp1lwpE2SkFaJqQ8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9159ECD/7AC5154C016A11ECB2B00C37C4F9AE02/C309F5BA017011ECB98B2F33C4F9AE02.roa
Signing time: Tue 25 Mar 2025 05:28:55 +0000
ROA not before: Tue 25 Mar 2025 05:28:55 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 141196
IP address blocks: 103.156.36.0/24 maxlen: 24
103.206.158.0/24 maxlen: 24
126.209.58.0/23 maxlen: 24
2406:7d40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9159ECD/7AC5154C016A11ECB2B00C37C4F9AE02/8bqUPDA2xptEp1lwpE2SkFaJqQ8.crl
rsync://rpki.apnic.net/member_repository/A9159ECD/7AC5154C016A11ECB2B00C37C4F9AE02/8bqUPDA2xptEp1lwpE2SkFaJqQ8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8bqUPDA2xptEp1lwpE2SkFaJqQ8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 23:22:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1291 (0x50b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9159ECD
Validity
Not Before: Mar 25 05:28:55 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67e23f17-9c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:48:dc:df:b8:79:2f:7c:c5:62:4f:1e:4e:da:
de:b8:25:f3:04:6d:a9:61:b0:aa:b0:5b:eb:36:a7:
85:1c:3c:9c:27:c2:6b:11:71:43:9a:69:4d:32:11:
df:7a:0e:15:fa:70:d5:38:29:76:b1:c4:73:9c:ff:
01:4a:b7:f4:74:5a:35:a1:ce:2e:38:cf:bf:6c:f5:
36:50:5a:ac:f2:2b:3e:50:89:83:ee:80:70:92:90:
1a:72:e9:7b:f4:57:c8:3e:bd:8f:86:b8:eb:c7:c5:
c1:a7:ce:fd:82:d1:5a:48:8f:97:b9:98:49:08:db:
10:aa:c3:86:d1:11:92:22:b9:66:81:00:89:2c:8e:
03:96:8b:85:47:1a:46:a5:0b:ac:c5:95:0e:03:41:
72:7c:59:db:26:55:0d:f8:68:0a:88:14:f1:06:53:
5c:8b:44:94:9f:0a:e6:2b:f4:72:2d:36:6a:af:a5:
b2:aa:89:d6:20:4c:83:5a:9e:f1:97:df:d1:95:67:
60:ed:65:85:55:82:17:af:71:c4:29:a4:1f:1b:57:
51:47:63:52:9b:25:29:14:ee:f8:03:de:00:92:28:
5b:cf:e1:4b:75:6e:24:9b:fa:c0:16:c6:4b:fa:5d:
16:78:4f:98:77:13:23:a8:23:5b:06:b5:22:b3:d2:
20:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F5:C4:7A:C6:47:36:29:5C:51:6E:BA:4B:72:67:ED:E3:9E:1C:34
X509v3 Authority Key Identifier:
keyid:F1:BA:94:3C:30:36:C6:9B:44:A7:59:70:A4:4D:92:90:56:89:A9:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9159ECD/7AC5154C016A11ECB2B00C37C4F9AE02/8bqUPDA2xptEp1lwpE2SkFaJqQ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8bqUPDA2xptEp1lwpE2SkFaJqQ8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9159ECD/7AC5154C016A11ECB2B00C37C4F9AE02/C309F5BA017011ECB98B2F33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.36.0/24
103.206.158.0/24
126.209.58.0/23
IPv6:
2406:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
38:45:23:07:9e:98:a9:43:0e:15:90:9c:49:ab:b5:99:db:da:
de:28:c3:47:d4:4e:c0:e5:90:96:93:29:58:ba:2c:bf:c4:cb:
4a:b2:a7:0e:3f:62:e5:5d:d6:e6:b2:2c:14:7c:37:b8:4b:22:
44:de:3f:3f:d5:52:12:33:df:00:02:8c:0b:50:42:2c:27:3f:
ca:81:56:46:f1:da:f4:94:74:19:c6:0e:4a:25:78:4c:ae:d1:
c3:1f:3e:dc:8b:c6:7b:c7:3e:93:ab:65:59:b6:0c:3c:e7:a9:
5a:6e:ed:cb:02:b1:30:b4:7b:3d:51:cf:82:15:6a:38:0b:cd:
2d:d1:0c:7e:4b:4e:96:26:c7:09:b2:26:70:a5:74:f0:10:91:
15:60:d2:6a:fd:a4:0a:15:9a:e3:4a:bb:fc:fb:e0:dc:b2:88:
11:c0:48:78:c1:85:9b:e9:36:e6:91:fb:b6:37:54:e8:33:0a:
55:46:6f:82:7e:a6:5f:2c:7b:93:c5:b5:b2:02:e7:17:a8:ac:
99:8e:c6:f7:ce:6a:9c:a2:31:95:58:a0:9c:3e:82:d2:03:75:
ea:fb:8c:6e:8b:51:42:41:55:ee:1e:df:d2:6e:c3:63:28:fb:
d1:04:4a:8c:e9:77:7d:8b:20:67:2e:97:a7:17:ae:b6:4f:bd:
b9:ab:0e:e1
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICBQswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTlFQ0QxMTAvBgNVBAUTKEYxQkE5NDNDMzAzNkM2OUI0NEE3NTk3MEE0NEQ5Mjkw
NTY4OUE5MEYwHhcNMjUwMzI1MDUyODU1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UyM2YxNy05YzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt0jc37h5L3zFYk8eTtreuCXzBG2pYbCqsFvrNqeFHDycJ8JrEXFDmmlNMhHf
eg4V+nDVOCl2scRznP8BSrf0dFo1oc4uOM+/bPU2UFqs8is+UImD7oBwkpAacul7
9FfIPr2Phrjrx8XBp879gtFaSI+XuZhJCNsQqsOG0RGSIrlmgQCJLI4DlouFRxpG
pQusxZUOA0FyfFnbJlUN+GgKiBTxBlNci0SUnwrmK/RyLTZqr6WyqonWIEyDWp7x
l9/RlWdg7WWFVYIXr3HEKaQfG1dRR2NSmyUpFO74A94Akihbz+FLdW4km/rAFsZL
+l0WeE+YdxMjqCNbBrUis9IgYQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFPv1xHrG
RzYpXFFuuktyZ+3jnhw0MB8GA1UdIwQYMBaAFPG6lDwwNsabRKdZcKRNkpBWiakP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OUVDRC83QUM1MTU0QzAx
NkExMUVDQjJCMDBDMzdDNEY5QUUwMi84YnFVUERBMnhwdEVwMWx3cEUyU2tGYUpx
UTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhicVVQREEyeHB0RXAxbHdwRTJTa0ZhSnFROC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTlFQ0QvN0FDNTE1NEMwMTZBMTFFQ0IyQjAwQzM3QzRGOUFFMDIvQzMwOUY1QkEw
MTcwMTFFQ0I5OEIyRjMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBABnnCQDBABnzp4DBAF+0TowDQQCAAIwBwMFACQGfUAwDQYJ
KoZIhvcNAQELBQADggEBADhFIweemKlDDhWQnEmrtZnb2t4ow0fUTsDlkJaTKVi6
LL/Ey0qypw4/YuVd1uayLBR8N7hLIkTePz/VUhIz3wACjAtQQiwnP8qBVkbx2vSU
dBnGDkoleEyu0cMfPtyLxnvHPpOrZVm2DDznqVpu7csCsTC0ez1Rz4IVajgLzS3R
DH5LTpYmxwmyJnCldPAQkRVg0mr9pAoVmuNKu/z74NyyiBHASHjBhZvpNuaR+7Y3
VOgzClVGb4J+pl8se5PFtbIC5xeorJmOxvfOapyiMZVYoJw+gtIDder7jG6LUUJB
Ve4e39Juw2Mo+9EESozpd32LIGcul6cXrrZPvbmrDuE=
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:23:41 2025 by rpki-client