Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/BAA356B66F5611EB8862606AC4F9AE02.roa
File: BAA356B66F5611EB8862606AC4F9AE02.roa (raw, json)
Hash identifier: hXqRlxWUOgELX8BkSD9GAxJ/+ji0FZnADjlHzze8dU8=
Subject key identifier: 5F:52:9E:C2:3D:81:92:74:2B:5B:E6:AC:B6:04:DF:90:1C:18:F9:96
Certificate issuer: /CN=A9171AD3/serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266
Certificate serial: 0868
Authority key identifier: DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/BAA356B66F5611EB8862606AC4F9AE02.roa
Signing time: Tue 08 Apr 2025 22:59:17 +0000
ROA not before: Tue 08 Apr 2025 22:59:17 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 137199
IP address blocks: 103.152.128.0/23 maxlen: 23
103.152.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.crl
rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 20:27:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2152 (0x868)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9171AD3, serialNumber=DEA07928DE4284960D2CD5E8E7470284260B3266
Validity
Not Before: Apr 8 22:59:17 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67f5aa45-d8ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:11:e0:6e:3e:75:6e:f6:2b:d2:7a:91:24:b5:
ce:7f:ef:28:17:31:c3:62:7c:a1:80:3f:66:40:b1:
2c:13:df:71:e2:69:0a:c9:8d:2c:ac:9d:86:e4:79:
b3:63:e0:ca:82:1c:c4:f5:43:97:c1:c9:a5:79:46:
14:be:4c:cf:72:15:f2:5b:0a:54:a6:65:74:46:4b:
d8:38:38:47:7a:9d:05:4d:78:a9:63:7e:74:25:cf:
22:c9:fc:d2:a5:c0:73:c1:3e:cf:2b:d0:91:f2:c6:
b6:ad:fb:e9:19:23:96:8c:91:04:ee:14:bb:2a:94:
50:96:90:19:98:63:22:9c:39:d5:99:37:f4:40:1c:
73:fd:5a:3b:5d:6c:4a:f3:dd:42:e8:bf:18:f8:2f:
31:10:ac:ea:d6:1a:79:98:46:82:a0:b4:8e:56:f9:
7c:03:3d:5d:f7:0e:7e:12:0b:ad:92:f6:7e:62:57:
80:e9:6e:c5:3f:11:bd:5a:81:a9:94:ec:f3:57:84:
cc:8b:c1:c9:8b:9a:64:0c:f9:a4:05:db:27:7e:0c:
72:19:26:13:5d:65:e6:a0:f6:a4:fc:61:ad:1d:f9:
6f:29:90:ae:6d:c8:46:2f:18:21:ff:08:2b:67:84:
23:ed:af:26:ba:5b:26:72:e1:d3:d8:28:36:05:ef:
4f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:52:9E:C2:3D:81:92:74:2B:5B:E6:AC:B6:04:DF:90:1C:18:F9:96
X509v3 Authority Key Identifier:
keyid:DE:A0:79:28:DE:42:84:96:0D:2C:D5:E8:E7:47:02:84:26:0B:32:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/3qB5KN5ChJYNLNXo50cChCYLMmY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qB5KN5ChJYNLNXo50cChCYLMmY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171AD3/0BC4F840C1B211EA83278767C4F9AE02/BAA356B66F5611EB8862606AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.128.0/23
Signature Algorithm: sha256WithRSAEncryption
72:39:81:8a:c6:29:27:ac:28:4c:c6:6a:83:25:d0:07:c4:75:
4a:c2:ff:dd:4c:07:f1:98:76:7f:c9:58:98:eb:01:ce:e1:7d:
dc:6a:be:a7:cf:7a:ac:16:bf:af:8d:1b:20:1f:74:0b:60:8d:
d0:70:18:ff:e9:08:f8:f9:0e:29:c0:4e:58:4a:b3:e7:42:9b:
44:d3:50:9f:31:f3:64:30:b8:33:81:2d:b3:df:f6:cc:a4:6d:
4f:3a:a7:61:92:a7:2a:c2:90:61:ac:a8:59:c6:c7:d1:0f:fa:
62:29:d2:4d:4c:cc:34:ad:de:0b:d7:06:e4:ea:ad:73:57:46:
2b:f4:b1:46:be:71:d0:58:db:04:09:b6:6b:53:c6:ce:51:b4:
ec:d0:d5:2e:72:6f:54:fb:cc:c0:20:df:e5:3d:83:f3:5a:f0:
cc:7b:0a:fd:34:99:ae:58:64:66:f9:f3:0e:94:36:3c:83:7a:
2d:32:bc:75:ad:63:1f:a8:ca:86:54:59:f6:89:65:03:cc:4f:
2f:23:ad:81:dd:58:47:79:dd:27:f0:68:d9:df:bf:c9:2f:bf:
9f:26:35:b7:11:59:95:c8:eb:86:bd:fe:7b:1f:38:25:48:4b:
ca:6a:66:79:ef:4c:c8:59:65:0d:f8:48:d4:47:47:0a:99:01:
7d:42:ce:95
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzFBRDMxMTAvBgNVBAUTKERFQTA3OTI4REU0Mjg0OTYwRDJDRDVFOEU3NDcwMjg0
MjYwQjMyNjYwHhcNMjUwNDA4MjI1OTE3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y1YWE0NS1kOGFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1hHgbj51bvYr0nqRJLXOf+8oFzHDYnyhgD9mQLEsE99x4mkKyY0srJ2G5Hmz
Y+DKghzE9UOXwcmleUYUvkzPchXyWwpUpmV0RkvYODhHep0FTXipY350Jc8iyfzS
pcBzwT7PK9CR8sa2rfvpGSOWjJEE7hS7KpRQlpAZmGMinDnVmTf0QBxz/Vo7XWxK
891C6L8Y+C8xEKzq1hp5mEaCoLSOVvl8Az1d9w5+EgutkvZ+YleA6W7FPxG9WoGp
lOzzV4TMi8HJi5pkDPmkBdsnfgxyGSYTXWXmoPak/GGtHflvKZCubchGLxgh/wgr
Z4Qj7a8mulsmcuHT2Cg2Be9PEwIDAQABo4IClTCCApEwHQYDVR0OBBYEFF9SnsI9
gZJ0K1vmrLYE35AcGPmWMB8GA1UdIwQYMBaAFN6geSjeQoSWDSzV6OdHAoQmCzJm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUFEMy8wQkM0Rjg0MEMx
QjIxMUVBODMyNzg3NjdDNEY5QUUwMi8zcUI1S041Q2hKWU5MTlhvNTBjQ2hDWUxN
bVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNxQjVLTjVDaEpZTkxOWG81MGNDaENZTE1tWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzFBRDMvMEJDNEY4NDBDMUIyMTFFQTgzMjc4NzY3QzRGOUFFMDIvQkFBMzU2QjY2
RjU2MTFFQjg4NjI2MDZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmIAwDQYJKoZIhvcNAQELBQADggEBAHI5gYrGKSesKEzG
aoMl0AfEdUrC/91MB/GYdn/JWJjrAc7hfdxqvqfPeqwWv6+NGyAfdAtgjdBwGP/p
CPj5DinATlhKs+dCm0TTUJ8x82QwuDOBLbPf9sykbU86p2GSpyrCkGGsqFnGx9EP
+mIp0k1MzDSt3gvXBuTqrXNXRiv0sUa+cdBY2wQJtmtTxs5RtOzQ1S5yb1T7zMAg
3+U9g/Na8Mx7Cv00ma5YZGb58w6UNjyDei0yvHWtYx+oyoZUWfaJZQPMTy8jrYHd
WEd53SfwaNnfv8kvv58mNbcRWZXI64a9/nsfOCVIS8pqZnnvTMhZZQ34SNRHRwqZ
AX1CzpU=
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:06:52 2025 by rpki-client