Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/A50FD050DA7911EDB0D3866BC4F9AE02.roa
File: A50FD050DA7911EDB0D3866BC4F9AE02.roa (raw, json)
Hash identifier: sq3CtUxJWk/lwN1trxwIddBHXPOdGnUuNzRlPvsNflY=
Subject key identifier: 25:77:F6:93:1A:C8:A4:92:9B:C7:CC:AC:E9:62:A1:F4:3D:09:63:1A
Certificate issuer: /CN=A91613AB/serialNumber=3901AF4A93FEFAAEB879CC9F5994E4E7F01AF838
Certificate serial: 018C
Authority key identifier: 39:01:AF:4A:93:FE:FA:AE:B8:79:CC:9F:59:94:E4:E7:F0:1A:F8:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OQGvSpP--q64ecyfWZTk5_Aa-Dg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/A50FD050DA7911EDB0D3866BC4F9AE02.roa
Signing time: Wed 27 Nov 2024 02:26:07 +0000
ROA not before: Wed 27 Nov 2024 02:26:07 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 150452
IP address blocks: 103.46.184.0/23 maxlen: 24
2400:c620::/32 maxlen: 32
2400:c620:10::/44 maxlen: 48
2400:c620:20::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/OQGvSpP--q64ecyfWZTk5_Aa-Dg.crl
rsync://rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/OQGvSpP--q64ecyfWZTk5_Aa-Dg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OQGvSpP--q64ecyfWZTk5_Aa-Dg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 02:05:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 396 (0x18c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91613AB
Validity
Not Before: Nov 27 02:26:07 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6746833e-22c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8a:20:71:d2:af:84:c5:e4:ba:af:56:1d:6e:
92:f2:f0:df:d5:2c:12:de:a8:ab:c3:47:29:7e:11:
83:05:a9:f1:f9:d8:aa:64:e4:0d:0b:81:64:aa:2c:
47:da:30:56:4a:0a:c8:f0:26:04:20:70:1d:f5:0b:
1b:61:7a:a9:93:9e:43:fb:77:e0:18:ce:91:d1:67:
01:ee:3f:84:cc:1d:4c:ed:b1:34:9e:be:3a:bd:b0:
4b:da:e5:df:9d:1e:f9:9b:1e:40:09:c0:cb:2b:d7:
36:0c:13:25:2d:85:c4:72:d1:61:eb:5a:92:cd:88:
c3:42:6e:6a:6b:36:58:fe:ec:26:40:14:74:94:3e:
48:12:49:c4:34:61:4c:04:6f:40:c3:21:c7:b4:12:
ef:6b:aa:88:ab:c8:71:e8:b4:42:4c:86:ff:0b:ee:
40:04:d0:5c:2a:6c:b2:aa:60:fd:7d:1c:e3:cb:a8:
f6:27:b2:10:f9:3a:e2:d9:c2:0b:9e:64:c7:df:eb:
de:cd:d6:d1:ad:e3:5f:4b:39:e0:51:42:b1:d6:b5:
97:f5:a6:26:1b:cb:1a:6e:72:1d:b9:21:d8:fe:cb:
70:ec:42:a5:5a:73:15:02:bf:fa:0d:34:72:0e:b8:
96:3e:83:57:cc:b9:05:d6:a8:b9:1d:1f:d1:c9:fb:
bb:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:77:F6:93:1A:C8:A4:92:9B:C7:CC:AC:E9:62:A1:F4:3D:09:63:1A
X509v3 Authority Key Identifier:
keyid:39:01:AF:4A:93:FE:FA:AE:B8:79:CC:9F:59:94:E4:E7:F0:1A:F8:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/OQGvSpP--q64ecyfWZTk5_Aa-Dg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OQGvSpP--q64ecyfWZTk5_Aa-Dg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91613AB/9CF7ECDA6F8B11ED8FAE3C11C4F9AE02/A50FD050DA7911EDB0D3866BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.46.184.0/23
IPv6:
2400:c620::/32
Signature Algorithm: sha256WithRSAEncryption
7b:36:84:dc:99:19:27:03:71:ec:6a:15:a0:5c:a7:4f:cb:75:
5b:4c:b9:b3:58:6c:82:78:82:78:fc:d7:5f:db:41:e2:4e:84:
b7:05:84:13:30:09:15:bb:75:92:cd:ec:14:98:f1:bd:f0:e5:
99:8b:ae:2f:4b:af:d4:55:79:1a:76:08:c8:a7:c3:04:49:26:
10:99:c0:a6:a4:67:e9:fd:80:6d:a7:91:59:a8:f6:23:ad:0b:
00:b3:72:03:13:30:0b:6c:e8:e6:c1:02:25:51:04:1a:6f:db:
de:06:fd:e9:bc:7c:65:6b:19:2f:94:b1:e2:e3:9f:8a:6d:fe:
df:15:a0:84:45:90:dd:32:ac:1b:53:3a:86:4a:df:95:55:04:
a7:a2:96:78:11:44:2e:6c:e0:05:ab:de:13:1f:0c:35:44:d1:
68:54:80:c0:86:5e:62:3f:b8:5c:ba:11:1f:76:6f:c4:88:a2:
f3:5c:b2:d8:83:96:21:77:c9:7b:63:63:0a:15:84:44:09:d2:
f4:87:0b:2b:55:23:84:1e:2b:04:ac:b3:14:68:a7:34:82:7f:
cb:70:81:1c:0a:ca:db:96:b9:fc:4c:8b:d0:86:29:5e:43:92:
71:46:11:a3:5f:58:8f:75:d0:d4:32:27:87:80:85:32:e4:47:
86:64:f2:9f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAYwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjEzQUIxMTAvBgNVBAUTKDM5MDFBRjRBOTNGRUZBQUVCODc5Q0M5RjU5OTRFNEU3
RjAxQUY4MzgwHhcNMjQxMTI3MDIyNjA3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ2ODMzZS0yMmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwYogcdKvhMXkuq9WHW6S8vDf1SwS3qirw0cpfhGDBanx+diqZOQNC4FkqixH
2jBWSgrI8CYEIHAd9QsbYXqpk55D+3fgGM6R0WcB7j+EzB1M7bE0nr46vbBL2uXf
nR75mx5ACcDLK9c2DBMlLYXEctFh61qSzYjDQm5qazZY/uwmQBR0lD5IEknENGFM
BG9AwyHHtBLva6qIq8hx6LRCTIb/C+5ABNBcKmyyqmD9fRzjy6j2J7IQ+Tri2cIL
nmTH3+vezdbRreNfSzngUUKx1rWX9aYmG8sabnIduSHY/stw7EKlWnMVAr/6DTRy
DriWPoNXzLkF1qi5HR/Ryfu7+QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFCV39pMa
yKSSm8fMrOliofQ9CWMaMB8GA1UdIwQYMBaAFDkBr0qT/vquuHnMn1mU5OfwGvg4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MTNBQi85Q0Y3RUNEQTZG
OEIxMUVEOEZBRTNDMTFDNEY5QUUwMi9PUUd2U3BQLS1xNjRlY3lmV1pUazVfQWEt
RGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09RR3ZTcFAtLXE2NGVjeWZXWlRrNV9BYS1EZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjEzQUIvOUNGN0VDREE2RjhCMTFFRDhGQUUzQzExQzRGOUFFMDIvQTUwRkQwNTBE
QTc5MTFFREIwRDM4NjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnLrgwDQQCAAIwBwMFACQAxiAwDQYJKoZIhvcNAQELBQAD
ggEBAHs2hNyZGScDcexqFaBcp0/LdVtMubNYbIJ4gnj811/bQeJOhLcFhBMwCRW7
dZLN7BSY8b3w5ZmLri9Lr9RVeRp2CMinwwRJJhCZwKakZ+n9gG2nkVmo9iOtCwCz
cgMTMAts6ObBAiVRBBpv294G/em8fGVrGS+UseLjn4pt/t8VoIRFkN0yrBtTOoZK
35VVBKeilngRRC5s4AWr3hMfDDVE0WhUgMCGXmI/uFy6ER92b8SIovNcstiDliF3
yXtjYwoVhEQJ0vSHCytVI4QeKwSssxRopzSCf8twgRwKytuWufxMi9CGKV5DknFG
EaNfWI910NQyJ4eAhTLkR4Zk8p8=
-----END CERTIFICATE-----
Generated at Thu Apr 10 21:35:55 2025 by rpki-client