Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9163609/23F9E8BA8FDE11EDAE369A53C4F9AE02/F2AB2F288FE011EDA9919C57C4F9AE02.roa
File: F2AB2F288FE011EDA9919C57C4F9AE02.roa (raw, json)
Hash identifier: Rf57xWILJOvL68EEABL6r6dfZw+gyCnJxd924tHN+AU=
Subject key identifier: BD:92:8E:2A:E8:B9:44:9B:64:28:1A:F9:5F:00:9C:AD:F0:A8:71:61
Certificate issuer: /CN=A9163609/serialNumber=1C422BB1FC96FE60D4B2FF5F6C12450ECC9EE96C
Certificate serial: 019F
Authority key identifier: 1C:42:2B:B1:FC:96:FE:60:D4:B2:FF:5F:6C:12:45:0E:CC:9E:E9:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HEIrsfyW_mDUsv9fbBJFDsye6Ww.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9163609/23F9E8BA8FDE11EDAE369A53C4F9AE02/F2AB2F288FE011EDA9919C57C4F9AE02.roa
Signing time: Fri 21 Mar 2025 02:38:29 +0000
ROA not before: Fri 21 Mar 2025 02:38:29 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 136174
IP address blocks: 103.122.158.0/24 maxlen: 24
103.122.159.0/24 maxlen: 24
103.209.52.0/24 maxlen: 24
103.209.53.0/24 maxlen: 24
2404:c040::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9163609/23F9E8BA8FDE11EDAE369A53C4F9AE02/HEIrsfyW_mDUsv9fbBJFDsye6Ww.crl
rsync://rpki.apnic.net/member_repository/A9163609/23F9E8BA8FDE11EDAE369A53C4F9AE02/HEIrsfyW_mDUsv9fbBJFDsye6Ww.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HEIrsfyW_mDUsv9fbBJFDsye6Ww.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 02:17:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 415 (0x19f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9163609
Validity
Not Before: Mar 21 02:38:29 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67dcd124-4ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:84:42:c0:60:78:0d:d6:e7:7e:5b:4d:88:39:
1d:73:8f:00:ff:d2:18:43:e6:eb:6e:d4:a1:81:5c:
e0:dc:d1:b1:b3:a4:d8:20:25:48:43:42:4b:6e:d3:
62:7c:06:09:99:9c:79:07:89:4e:50:5f:15:72:af:
00:a3:4c:a3:b4:1c:b9:d9:92:fa:94:c2:c6:a1:17:
9e:12:19:d2:5c:15:ef:98:1f:da:5a:11:93:71:a9:
b7:ba:2d:72:1a:24:eb:ca:77:8d:92:d6:2b:70:11:
23:43:83:46:95:2a:8b:f4:2e:f5:fb:3f:c1:f6:6f:
a6:e1:b7:09:af:56:13:27:e5:f8:5a:17:80:28:30:
74:35:98:57:a8:c8:93:e4:d6:f2:2a:d1:7d:5e:1a:
cf:6d:e7:62:d0:58:33:18:07:84:cf:5e:90:43:b3:
b0:01:24:c8:3c:09:df:20:6d:22:31:d4:10:20:8f:
46:99:2e:0a:51:ae:52:7f:94:7c:1c:6a:8b:b4:5a:
94:35:fa:63:23:aa:e3:b9:b9:f9:cb:38:0d:48:d7:
e3:08:0d:e1:10:48:a2:1f:9d:e2:f7:0d:54:3f:5d:
96:2f:66:da:fb:8e:c8:b0:79:8e:58:28:81:71:1f:
74:cf:43:86:fd:63:70:f2:2b:62:58:95:7e:a0:f5:
2b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:92:8E:2A:E8:B9:44:9B:64:28:1A:F9:5F:00:9C:AD:F0:A8:71:61
X509v3 Authority Key Identifier:
keyid:1C:42:2B:B1:FC:96:FE:60:D4:B2:FF:5F:6C:12:45:0E:CC:9E:E9:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9163609/23F9E8BA8FDE11EDAE369A53C4F9AE02/HEIrsfyW_mDUsv9fbBJFDsye6Ww.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HEIrsfyW_mDUsv9fbBJFDsye6Ww.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9163609/23F9E8BA8FDE11EDAE369A53C4F9AE02/F2AB2F288FE011EDA9919C57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.158.0/23
103.209.52.0/23
IPv6:
2404:c040::/32
Signature Algorithm: sha256WithRSAEncryption
e7:1d:41:d4:2a:8b:c0:bc:c6:3b:bb:da:d7:0b:b5:18:0b:29:
d6:0f:e5:da:f5:d6:77:da:e0:9e:51:0a:e9:c4:5d:bf:50:37:
e4:f3:e3:fa:bf:00:39:fe:14:66:77:bd:71:71:b9:79:47:36:
99:fe:6d:a4:7d:b7:ab:28:00:bd:f1:24:b3:0b:c0:cc:32:4c:
90:f4:98:10:0b:a5:6a:6c:0c:55:d3:5b:7e:b1:d5:7d:08:62:
8c:52:8e:6b:9a:bf:64:52:e9:20:e8:34:0e:39:0f:86:ab:4f:
8b:70:68:d0:6b:ec:94:d6:72:28:23:b1:7f:b5:00:83:a2:46:
e4:d7:58:7d:4a:fc:47:fa:2f:6f:ac:b0:ca:2d:01:f7:2d:e8:
33:bf:c2:25:4a:bc:d7:72:36:8f:05:e3:5d:c6:12:a9:aa:3d:
95:d0:14:8a:d7:f3:ca:a7:cd:9f:09:2d:f5:62:4f:80:24:bc:
75:24:4b:57:e8:ec:fc:ad:43:60:7d:7d:da:df:f4:8a:35:f9:
9b:50:a8:1f:de:f8:b1:e4:fe:82:c4:f9:59:f0:5c:5b:40:92:
56:30:43:df:cc:1e:54:0f:25:bc:e7:25:ea:d9:42:82:37:90:
92:c7:bd:a5:22:3c:f6:db:22:c2:98:64:0b:a5:76:ac:51:1d:
c0:56:e7:7d
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICAZ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjM2MDkxMTAvBgNVBAUTKDFDNDIyQkIxRkM5NkZFNjBENEIyRkY1RjZDMTI0NTBF
Q0M5RUU5NkMwHhcNMjUwMzIxMDIzODI5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjZDEyNC00ZmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAloRCwGB4DdbnfltNiDkdc48A/9IYQ+brbtShgVzg3NGxs6TYICVIQ0JLbtNi
fAYJmZx5B4lOUF8Vcq8Ao0yjtBy52ZL6lMLGoReeEhnSXBXvmB/aWhGTcam3ui1y
GiTryneNktYrcBEjQ4NGlSqL9C71+z/B9m+m4bcJr1YTJ+X4WheAKDB0NZhXqMiT
5NbyKtF9XhrPbedi0FgzGAeEz16QQ7OwASTIPAnfIG0iMdQQII9GmS4KUa5Sf5R8
HGqLtFqUNfpjI6rjubn5yzgNSNfjCA3hEEiiH53i9w1UP12WL2ba+47IsHmOWCiB
cR90z0OG/WNw8itiWJV+oPUrAQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFL2Sjiro
uUSbZCga+V8AnK3wqHFhMB8GA1UdIwQYMBaAFBxCK7H8lv5g1LL/X2wSRQ7Mnuls
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MzYwOS8yM0Y5RThCQThG
REUxMUVEQUUzNjlBNTNDNEY5QUUwMi9IRUlyc2Z5V19tRFVzdjlmYkJKRkRzeWU2
V3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hFSXJzZnlXX21EVXN2OWZiQkpGRHN5ZTZXdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjM2MDkvMjNGOUU4QkE4RkRFMTFFREFFMzY5QTUzQzRGOUFFMDIvRjJBQjJGMjg4
RkUwMTFFREE5OTE5QzU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAFnep4DBAFn0TQwDQQCAAIwBwMFACQEwEAwDQYJKoZIhvcN
AQELBQADggEBAOcdQdQqi8C8xju72tcLtRgLKdYP5dr11nfa4J5RCunEXb9QN+Tz
4/q/ADn+FGZ3vXFxuXlHNpn+baR9t6soAL3xJLMLwMwyTJD0mBALpWpsDFXTW36x
1X0IYoxSjmuav2RS6SDoNA45D4arT4twaNBr7JTWcigjsX+1AIOiRuTXWH1K/Ef6
L2+ssMotAfct6DO/wiVKvNdyNo8F413GEqmqPZXQFIrX88qnzZ8JLfViT4AkvHUk
S1fo7PytQ2B9fdrf9Io1+ZtQqB/e+LHk/oLE+VnwXFtAklYwQ9/MHlQPJbznJerZ
QoI3kJLHvaUiPPbbIsKYZAuldqxRHcBW530=
-----END CERTIFICATE-----
Generated at Fri Apr 11 06:00:56 2025 by rpki-client