Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91702B9/3B72EE90C60511ECAB74D962C4F9AE02/A047A07AD56811EFB57A5D33C4F9AE02.roa
File: A047A07AD56811EFB57A5D33C4F9AE02.roa (raw, json)
Hash identifier: sculBNu+C3bTcMWuMUqGiXBXDN/H8rYURoXjaVPMA2Q=
Subject key identifier: D0:31:CF:98:11:6F:AF:25:CF:32:43:8F:73:EA:AB:E5:DA:1F:99:87
Certificate issuer: /CN=A91702B9/serialNumber=ACE2C4CCB089D21B370454B00E6B593AF28862F6
Certificate serial: 02F2
Authority key identifier: AC:E2:C4:CC:B0:89:D2:1B:37:04:54:B0:0E:6B:59:3A:F2:88:62:F6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rOLEzLCJ0hs3BFSwDmtZOvKIYvY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91702B9/3B72EE90C60511ECAB74D962C4F9AE02/A047A07AD56811EFB57A5D33C4F9AE02.roa
Signing time: Sat 18 Jan 2025 06:51:21 +0000
ROA not before: Sat 18 Jan 2025 06:51:21 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 153494
IP address blocks: 45.115.240.0/22 maxlen: 24
103.56.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91702B9/3B72EE90C60511ECAB74D962C4F9AE02/rOLEzLCJ0hs3BFSwDmtZOvKIYvY.crl
rsync://rpki.apnic.net/member_repository/A91702B9/3B72EE90C60511ECAB74D962C4F9AE02/rOLEzLCJ0hs3BFSwDmtZOvKIYvY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rOLEzLCJ0hs3BFSwDmtZOvKIYvY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 00:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 754 (0x2f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91702B9, serialNumber=ACE2C4CCB089D21B370454B00E6B593AF28862F6
Validity
Not Before: Jan 18 06:51:21 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=678b4f69-446f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1f:2c:bd:1e:3f:ca:b7:63:cb:32:d4:53:f2:
f9:2e:0b:45:6f:11:f0:2a:94:94:5a:b2:a5:08:84:
c1:07:ae:fa:8b:75:1d:94:44:7b:92:f7:59:ec:18:
9b:93:c0:37:a7:2b:f3:a2:dd:d0:14:72:4d:54:e9:
f6:d1:34:f9:1e:3f:c2:7f:fe:75:e9:f4:57:b2:4d:
b4:44:d2:e7:2b:97:71:40:26:79:47:81:a8:30:0a:
00:30:c1:05:32:d9:f8:8e:5e:3a:14:8d:e9:4a:03:
0b:08:85:17:99:4f:0b:2c:e5:72:7f:f6:09:88:8d:
fd:b1:24:8a:1d:e0:fe:01:e3:9f:f6:9d:53:38:c3:
ff:4c:96:e6:c7:21:bd:72:f7:0c:c4:ad:ec:c0:7d:
c0:8c:51:67:68:56:3d:7a:22:8e:66:03:1d:a8:46:
64:c6:df:e3:45:6e:6d:9d:31:18:2c:57:fc:89:3f:
92:20:95:6c:da:df:40:e2:e5:ed:e1:89:3f:e1:29:
6b:0d:5c:6a:10:e3:e4:da:37:6b:f0:9d:27:ac:5e:
fd:a5:61:8b:49:06:b9:7d:62:c5:c6:b1:0a:45:4c:
61:6d:61:28:3d:d9:81:4f:70:d2:69:b8:b6:27:5c:
db:ef:86:f9:9e:0f:74:26:68:e7:fe:27:55:c1:59:
c5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:31:CF:98:11:6F:AF:25:CF:32:43:8F:73:EA:AB:E5:DA:1F:99:87
X509v3 Authority Key Identifier:
keyid:AC:E2:C4:CC:B0:89:D2:1B:37:04:54:B0:0E:6B:59:3A:F2:88:62:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91702B9/3B72EE90C60511ECAB74D962C4F9AE02/rOLEzLCJ0hs3BFSwDmtZOvKIYvY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rOLEzLCJ0hs3BFSwDmtZOvKIYvY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91702B9/3B72EE90C60511ECAB74D962C4F9AE02/A047A07AD56811EFB57A5D33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.115.240.0/22
103.56.24.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:c4:49:c0:cb:99:30:fd:55:1a:1c:3a:ea:38:8a:64:3b:7d:
66:92:b7:c3:d8:70:17:d0:d4:82:e0:91:76:45:64:4d:40:98:
f8:c9:29:6c:26:eb:07:f2:ec:b4:18:cc:2c:b5:60:45:a7:95:
3d:7f:af:79:22:78:d4:bb:6c:29:1d:6e:71:58:51:c9:b7:45:
86:5e:c6:2a:2c:d3:55:f2:94:ca:76:71:ab:4c:43:24:db:2d:
dc:e3:59:1a:d4:17:96:dd:f0:94:a7:77:51:ca:44:24:c4:c3:
c7:ce:91:7a:5f:69:6d:4f:c6:1f:68:7d:92:b7:40:d7:07:95:
d7:42:be:07:e1:26:0c:d5:7b:c0:c9:e5:70:54:41:95:21:3d:
34:94:4f:f2:37:ed:71:cf:52:8a:c9:8e:63:2d:13:ce:60:cd:
e4:af:bb:87:fd:4f:75:62:12:d7:ae:ad:ab:8e:fc:6f:ab:d4:
ec:85:67:e6:4a:40:28:f6:43:6f:47:56:08:9f:57:3b:67:d8:
82:95:b3:cf:e5:3e:01:65:98:8c:73:c0:1e:28:e3:28:9f:a6:
2c:7c:b0:bb:7b:87:bd:15:bf:d4:30:58:be:03:7b:47:49:92:
3a:ef:e7:59:bb:01:0a:a9:2d:ad:85:ea:88:a2:31:fb:94:01:
d8:80:cf:3b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAvIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzAyQjkxMTAvBgNVBAUTKEFDRTJDNENDQjA4OUQyMUIzNzA0NTRCMDBFNkI1OTNB
RjI4ODYyRjYwHhcNMjUwMTE4MDY1MTIxWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhiNGY2OS00NDZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArx8svR4/yrdjyzLUU/L5LgtFbxHwKpSUWrKlCITBB676i3UdlER7kvdZ7Bib
k8A3pyvzot3QFHJNVOn20TT5Hj/Cf/516fRXsk20RNLnK5dxQCZ5R4GoMAoAMMEF
Mtn4jl46FI3pSgMLCIUXmU8LLOVyf/YJiI39sSSKHeD+AeOf9p1TOMP/TJbmxyG9
cvcMxK3swH3AjFFnaFY9eiKOZgMdqEZkxt/jRW5tnTEYLFf8iT+SIJVs2t9A4uXt
4Yk/4SlrDVxqEOPk2jdr8J0nrF79pWGLSQa5fWLFxrEKRUxhbWEoPdmBT3DSabi2
J1zb74b5ng90Jmjn/idVwVnFOQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNAxz5gR
b68lzzJDj3Pqq+XaH5mHMB8GA1UdIwQYMBaAFKzixMywidIbNwRUsA5rWTryiGL2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDJCOS8zQjcyRUU5MEM2
MDUxMUVDQUI3NEQ5NjJDNEY5QUUwMi9yT0xFekxDSjBoczNCRlN3RG10Wk92S0lZ
dlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JPTEV6TENKMGhzM0JGU3dEbXRaT3ZLSVl2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzAyQjkvM0I3MkVFOTBDNjA1MTFFQ0FCNzREOTYyQzRGOUFFMDIvQTA0N0EwN0FE
NTY4MTFFRkI1N0E1RDMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAItc/ADBAJnOBgwDQYJKoZIhvcNAQELBQADggEBAD/EScDL
mTD9VRocOuo4imQ7fWaSt8PYcBfQ1ILgkXZFZE1AmPjJKWwm6wfy7LQYzCy1YEWn
lT1/r3kieNS7bCkdbnFYUcm3RYZexios01XylMp2catMQyTbLdzjWRrUF5bd8JSn
d1HKRCTEw8fOkXpfaW1Pxh9ofZK3QNcHlddCvgfhJgzVe8DJ5XBUQZUhPTSUT/I3
7XHPUorJjmMtE85gzeSvu4f9T3ViEteurauO/G+r1OyFZ+ZKQCj2Q29HVgifVztn
2IKVs8/lPgFlmIxzwB4o4yifpix8sLt7h70Vv9QwWL4De0dJkjrv51m7AQqpLa2F
6oiiMfuUAdiAzzs=
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:29:12 2025 by rpki-client