Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9175300/5EFAD764F18D11E9AD75B860C4F9AE02/68EB3B00F18E11E997528762C4F9AE02.roa
File: 68EB3B00F18E11E997528762C4F9AE02.roa (raw, json)
Hash identifier: ag4btEEr8nwGBlqow86nAvtb1JX6B7t93yhnFSFUrc4=
Subject key identifier: 28:0A:18:84:A2:E6:84:AE:BF:9E:D2:92:3C:C1:F9:B6:71:C8:AF:A3
Certificate issuer: /CN=A9175300/serialNumber=F2A89410A54B0478F602B7312005151C295C7379
Certificate serial: 0C66
Authority key identifier: F2:A8:94:10:A5:4B:04:78:F6:02:B7:31:20:05:15:1C:29:5C:73:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8qiUEKVLBHj2ArcxIAUVHClcc3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9175300/5EFAD764F18D11E9AD75B860C4F9AE02/68EB3B00F18E11E997528762C4F9AE02.roa
Signing time: Fri 10 Jan 2025 18:37:16 +0000
ROA not before: Fri 10 Jan 2025 18:37:16 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 133854
IP address blocks: 27.54.148.0/22 maxlen: 22
27.54.148.0/24 maxlen: 24
27.54.149.0/24 maxlen: 24
27.54.150.0/24 maxlen: 24
27.54.151.0/24 maxlen: 24
103.204.84.0/22 maxlen: 22
103.204.84.0/24 maxlen: 24
103.204.85.0/24 maxlen: 24
103.204.86.0/24 maxlen: 24
103.204.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9175300/5EFAD764F18D11E9AD75B860C4F9AE02/8qiUEKVLBHj2ArcxIAUVHClcc3k.crl
rsync://rpki.apnic.net/member_repository/A9175300/5EFAD764F18D11E9AD75B860C4F9AE02/8qiUEKVLBHj2ArcxIAUVHClcc3k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8qiUEKVLBHj2ArcxIAUVHClcc3k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 18:03:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3174 (0xc66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9175300, serialNumber=F2A89410A54B0478F602B7312005151C295C7379
Validity
Not Before: Jan 10 18:37:16 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=678168dc-5ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f9:fb:d2:8a:1b:1b:a6:1e:a8:c3:f1:1d:3c:
59:58:0e:df:fb:2d:c0:8a:8c:2a:63:4a:00:3e:8b:
ee:68:69:a8:2a:02:a4:cd:c4:05:aa:e2:a4:eb:43:
be:af:7e:6f:83:f1:02:58:7e:b6:f2:59:42:13:e5:
51:d4:9f:94:96:aa:b8:cc:03:f8:76:fe:44:07:97:
71:21:59:5b:e5:0e:4a:2e:d1:b4:db:66:83:16:4a:
10:b0:40:05:18:bf:bf:55:fa:29:59:d0:73:70:83:
b7:bc:24:6d:46:91:29:90:3c:0b:da:1e:27:ac:8a:
a3:73:b7:d0:44:d6:40:5d:3f:42:c3:f0:74:3f:e5:
b7:7a:84:37:73:75:d7:2f:19:a2:db:fa:77:8c:90:
a7:6e:1f:8f:be:cc:e8:9e:d5:69:fd:b2:63:97:8c:
71:7d:53:63:ed:fe:a0:cd:4f:04:da:d3:37:0b:84:
10:bf:9e:92:4a:e0:33:0b:51:a0:1d:32:08:61:f7:
9e:0b:69:98:e1:41:7d:bf:42:05:0a:95:ed:12:2f:
b1:c7:9e:8d:e7:b1:c5:5c:6d:5b:cc:d4:28:60:5c:
ac:0c:fb:14:37:5b:54:02:37:43:b4:d8:6a:6c:a4:
53:09:3e:bf:2f:1b:99:b1:ff:ad:4d:3b:c1:50:b6:
fd:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:0A:18:84:A2:E6:84:AE:BF:9E:D2:92:3C:C1:F9:B6:71:C8:AF:A3
X509v3 Authority Key Identifier:
keyid:F2:A8:94:10:A5:4B:04:78:F6:02:B7:31:20:05:15:1C:29:5C:73:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9175300/5EFAD764F18D11E9AD75B860C4F9AE02/8qiUEKVLBHj2ArcxIAUVHClcc3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8qiUEKVLBHj2ArcxIAUVHClcc3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175300/5EFAD764F18D11E9AD75B860C4F9AE02/68EB3B00F18E11E997528762C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.148.0/22
103.204.84.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:fc:af:d3:d3:b5:fe:b1:4e:eb:37:3c:d4:f6:d6:cb:4a:58:
aa:a9:db:6a:67:1e:e9:6a:7e:45:41:ee:e3:7b:01:0e:2e:2c:
6c:c1:ba:da:44:1f:61:11:f5:a8:6e:89:c9:73:f0:94:63:ea:
94:5e:d6:69:a2:5b:4c:65:cc:79:ab:48:b2:05:b3:e6:c1:9e:
17:fb:51:fc:f0:10:d3:39:0e:59:d1:16:89:ce:91:db:db:c2:
dd:85:1a:fb:0a:28:40:6d:83:50:d9:9d:46:d8:81:5e:82:23:
0e:70:72:f6:f8:a9:39:fa:bb:4a:7e:c3:75:f6:84:a8:2c:53:
9b:df:ef:54:65:2d:e9:04:1b:90:1e:e7:2e:e8:42:22:4f:0e:
b8:d9:5e:e6:5d:2e:7a:54:19:b2:99:46:27:f2:ae:2e:00:22:
cd:93:e1:81:7f:1c:51:b8:a7:50:4a:90:06:1d:58:a0:95:fb:
2d:63:a0:fd:f8:05:70:7a:3b:64:c2:bf:e6:4a:4e:c0:89:5f:
a4:a7:73:75:a9:83:3b:8e:c5:04:62:54:ee:93:dd:f4:d1:14:
13:82:54:88:9d:ef:92:59:bf:ff:b7:df:4f:f5:c5:28:00:b1:
98:8c:4b:f1:c5:34:af:cb:7c:c7:73:0c:9a:fa:1d:cd:9d:b3:
05:bb:28:04
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDGYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzUzMDAxMTAvBgNVBAUTKEYyQTg5NDEwQTU0QjA0NzhGNjAyQjczMTIwMDUxNTFD
Mjk1QzczNzkwHhcNMjUwMTEwMTgzNzE2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzgxNjhkYy01YWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyfn70oobG6YeqMPxHTxZWA7f+y3AiowqY0oAPovuaGmoKgKkzcQFquKk60O+
r35vg/ECWH628llCE+VR1J+Ulqq4zAP4dv5EB5dxIVlb5Q5KLtG022aDFkoQsEAF
GL+/VfopWdBzcIO3vCRtRpEpkDwL2h4nrIqjc7fQRNZAXT9Cw/B0P+W3eoQ3c3XX
Lxmi2/p3jJCnbh+PvszontVp/bJjl4xxfVNj7f6gzU8E2tM3C4QQv56SSuAzC1Gg
HTIIYfeeC2mY4UF9v0IFCpXtEi+xx56N57HFXG1bzNQoYFysDPsUN1tUAjdDtNhq
bKRTCT6/LxuZsf+tTTvBULb9LQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCgKGISi
5oSuv57SkjzB+bZxyK+jMB8GA1UdIwQYMBaAFPKolBClSwR49gK3MSAFFRwpXHN5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTMwMC81RUZBRDc2NEYx
OEQxMUU5QUQ3NUI4NjBDNEY5QUUwMi84cWlVRUtWTEJIajJBcmN4SUFVVkhDbGNj
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhxaVVFS1ZMQkhqMkFyY3hJQVVWSENsY2Mzay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzUzMDAvNUVGQUQ3NjRGMThEMTFFOUFENzVCODYwQzRGOUFFMDIvNjhFQjNCMDBG
MThFMTFFOTk3NTI4NzYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIbNpQDBAJnzFQwDQYJKoZIhvcNAQELBQADggEBAKP8r9PT
tf6xTus3PNT21stKWKqp22pnHulqfkVB7uN7AQ4uLGzButpEH2ER9ahuiclz8JRj
6pRe1mmiW0xlzHmrSLIFs+bBnhf7UfzwENM5DlnRFonOkdvbwt2FGvsKKEBtg1DZ
nUbYgV6CIw5wcvb4qTn6u0p+w3X2hKgsU5vf71RlLekEG5Ae5y7oQiJPDrjZXuZd
LnpUGbKZRifyri4AIs2T4YF/HFG4p1BKkAYdWKCV+y1joP34BXB6O2TCv+ZKTsCJ
X6Snc3WpgzuOxQRiVO6T3fTRFBOCVIid75JZv/+330/1xSgAsZiMS/HFNK/LfMdz
DJr6Hc2dswW7KAQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:35:47 2025 by rpki-client