Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/9B5A7020522911ED9136DF2AC4F9AE02.roa
File: 9B5A7020522911ED9136DF2AC4F9AE02.roa (raw, json)
Hash identifier: U4a8o1KXqQZowZ9aJ6tXOocb6xkGyoj65dTRVzeEvrE=
Subject key identifier: 0A:FF:63:44:A4:1A:FD:27:03:D8:E7:7C:56:60:97:20:BD:CF:8C:A4
Certificate issuer: /CN=A915D85E/serialNumber=D458051F6DA952297475B484BDDD0FBBE3490E70
Certificate serial: 06F1
Authority key identifier: D4:58:05:1F:6D:A9:52:29:74:75:B4:84:BD:DD:0F:BB:E3:49:0E:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FgFH22pUil0dbSEvd0Pu-NJDnA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/9B5A7020522911ED9136DF2AC4F9AE02.roa
Signing time: Tue 14 Jan 2025 21:40:50 +0000
ROA not before: Tue 14 Jan 2025 21:40:50 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 141448
IP address blocks: 103.159.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/1FgFH22pUil0dbSEvd0Pu-NJDnA.crl
rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/1FgFH22pUil0dbSEvd0Pu-NJDnA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FgFH22pUil0dbSEvd0Pu-NJDnA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 21:42:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1777 (0x6f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D85E
Validity
Not Before: Jan 14 21:40:50 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6786d9e2-076e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7f:42:59:cf:dd:a4:07:02:20:41:aa:6c:fa:
90:34:ce:ca:3d:71:6c:67:eb:b2:3c:e6:1f:38:69:
29:a9:e3:a5:33:2e:69:ed:64:e1:1d:8e:b7:fc:b2:
8f:50:ff:dc:4f:ac:8f:b7:54:a3:19:53:9c:92:2e:
e5:72:97:32:53:cd:55:91:12:7b:f1:13:02:41:51:
0b:0a:71:d9:89:d9:7f:b7:6c:ad:2c:b0:20:37:68:
d5:86:43:c0:61:16:a3:2a:3a:71:55:cd:ff:3a:81:
7b:01:84:77:06:cd:b7:78:e5:7c:fa:0f:99:10:7d:
b4:c9:70:ab:a5:8b:49:c8:3f:01:f8:00:fd:7e:b3:
75:42:ec:65:d2:07:af:1d:46:4b:da:f6:2c:bb:56:
6f:96:2a:a7:84:db:c7:de:a9:7e:14:9b:39:67:cc:
c7:01:d3:36:40:4e:85:0e:95:98:91:a6:87:66:fb:
99:bf:59:5a:41:0d:c8:1c:dc:2b:c1:88:da:52:50:
92:a3:4a:3f:57:53:64:c9:9c:65:f4:23:9f:08:fc:
9c:cc:44:f9:17:c1:0e:0b:e5:96:e7:c6:00:81:ef:
88:a0:b8:23:75:b9:9d:9e:5f:08:72:85:13:0f:1d:
79:d1:68:45:f5:28:ff:17:4b:2d:e1:51:eb:2f:56:
1d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:FF:63:44:A4:1A:FD:27:03:D8:E7:7C:56:60:97:20:BD:CF:8C:A4
X509v3 Authority Key Identifier:
keyid:D4:58:05:1F:6D:A9:52:29:74:75:B4:84:BD:DD:0F:BB:E3:49:0E:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/1FgFH22pUil0dbSEvd0Pu-NJDnA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1FgFH22pUil0dbSEvd0Pu-NJDnA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D85E/73EF909C3BB511EBB4D1377DC4F9AE02/9B5A7020522911ED9136DF2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.170.0/24
Signature Algorithm: sha256WithRSAEncryption
47:1d:91:24:7c:01:4f:24:99:7a:6e:4f:88:8e:80:1b:1e:61:
9c:4c:e6:c1:42:2b:2b:e8:80:0d:24:37:71:c3:27:eb:a1:8d:
a2:6d:47:56:0f:e1:4f:e1:d0:92:00:64:a5:fe:9e:58:7c:47:
c9:de:82:a1:3a:fd:23:d0:80:22:2b:7f:78:ce:08:ba:74:42:
2a:cb:57:07:37:49:ae:46:74:44:19:a1:8e:6b:a1:a3:16:2c:
a1:cd:5d:9d:4a:51:e7:30:6e:53:10:29:51:73:88:3c:d8:52:
1a:64:5d:ef:39:d0:c2:64:74:94:b9:85:55:85:8a:54:f3:82:
e2:5d:92:d3:f4:47:75:35:c6:b4:8b:b9:3e:11:8e:02:cb:d4:
eb:55:75:ef:f7:9c:07:40:82:32:91:05:b2:26:dd:f8:d2:b0:
75:be:2e:e0:ff:75:c2:a5:34:4c:e5:bf:42:5c:5f:d5:75:61:
56:5a:9f:17:11:2f:ff:f4:ac:a5:a4:cd:b5:15:b9:ad:95:07:
a8:6e:dc:53:8f:dd:88:5e:c1:60:99:1b:4d:7e:8c:db:78:ae:
0d:b2:c0:bc:be:d1:56:6e:61:29:eb:b6:16:c0:23:82:df:f7:
36:b2:f1:42:2d:cb:28:7a:a0:0f:45:23:bb:94:24:71:f9:4c:
04:a7:6c:b1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBvEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQ4NUUxMTAvBgNVBAUTKEQ0NTgwNTFGNkRBOTUyMjk3NDc1QjQ4NEJEREQwRkJC
RTM0OTBFNzAwHhcNMjUwMTE0MjE0MDUwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2ZDllMi0wNzZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAun9CWc/dpAcCIEGqbPqQNM7KPXFsZ+uyPOYfOGkpqeOlMy5p7WThHY63/LKP
UP/cT6yPt1SjGVOcki7lcpcyU81VkRJ78RMCQVELCnHZidl/t2ytLLAgN2jVhkPA
YRajKjpxVc3/OoF7AYR3Bs23eOV8+g+ZEH20yXCrpYtJyD8B+AD9frN1Quxl0gev
HUZL2vYsu1ZvliqnhNvH3ql+FJs5Z8zHAdM2QE6FDpWYkaaHZvuZv1laQQ3IHNwr
wYjaUlCSo0o/V1NkyZxl9COfCPyczET5F8EOC+WW58YAge+IoLgjdbmdnl8IcoUT
Dx150WhF9Sj/F0st4VHrL1YdHwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAr/Y0Sk
Gv0nA9jnfFZglyC9z4ykMB8GA1UdIwQYMBaAFNRYBR9tqVIpdHW0hL3dD7vjSQ5w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDg1RS83M0VGOTA5QzNC
QjUxMUVCQjREMTM3N0RDNEY5QUUwMi8xRmdGSDIycFVpbDBkYlNFdmQwUHUtTkpE
bkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFGZ0ZIMjJwVWlsMGRiU0V2ZDBQdS1OSkRuQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQ4NUUvNzNFRjkwOUMzQkI1MTFFQkI0RDEzNzdEQzRGOUFFMDIvOUI1QTcwMjA1
MjI5MTFFRDkxMzZERjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnn6owDQYJKoZIhvcNAQELBQADggEBAEcdkSR8AU8kmXpu
T4iOgBseYZxM5sFCKyvogA0kN3HDJ+uhjaJtR1YP4U/h0JIAZKX+nlh8R8negqE6
/SPQgCIrf3jOCLp0QirLVwc3Sa5GdEQZoY5roaMWLKHNXZ1KUecwblMQKVFziDzY
UhpkXe850MJkdJS5hVWFilTzguJdktP0R3U1xrSLuT4RjgLL1OtVde/3nAdAgjKR
BbIm3fjSsHW+LuD/dcKlNEzlv0JcX9V1YVZanxcRL//0rKWkzbUVua2VB6hu3FOP
3YhewWCZG01+jNt4rg2ywLy+0VZuYSnrthbAI4Lf9zay8UItyyh6oA9FI7uUJHH5
TASnbLE=
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:29:22 2025 by rpki-client