Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917B4BF/B8CC693C855C11EC8E3CBB51C4F9AE02/21ECD84A856011EC924B3E58C4F9AE02.roa
File: 21ECD84A856011EC924B3E58C4F9AE02.roa (raw, json)
Hash identifier: vx+toULPOCZ0nASP5Ye7Mi6PO9RJnf/5+aW7CpW+qSo=
Subject key identifier: BE:22:F0:C7:8A:2B:D8:4E:86:A6:38:4C:E4:AB:5C:10:90:C4:D9:4A
Certificate issuer: /CN=A917B4BF/serialNumber=8035090A057327E1200593C20C88C519A45C9ECB
Certificate serial: 03F9
Authority key identifier: 80:35:09:0A:05:73:27:E1:20:05:93:C2:0C:88:C5:19:A4:5C:9E:CB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gDUJCgVzJ-EgBZPCDIjFGaRcnss.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917B4BF/B8CC693C855C11EC8E3CBB51C4F9AE02/21ECD84A856011EC924B3E58C4F9AE02.roa
Signing time: Sat 05 Apr 2025 01:05:49 +0000
ROA not before: Sat 05 Apr 2025 01:05:49 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 38008
IP address blocks: 103.181.44.0/23 maxlen: 24
2400:58a0::/32 maxlen: 32
2400:58a0:100::/44 maxlen: 48
2400:58a0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917B4BF/B8CC693C855C11EC8E3CBB51C4F9AE02/gDUJCgVzJ-EgBZPCDIjFGaRcnss.crl
rsync://rpki.apnic.net/member_repository/A917B4BF/B8CC693C855C11EC8E3CBB51C4F9AE02/gDUJCgVzJ-EgBZPCDIjFGaRcnss.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gDUJCgVzJ-EgBZPCDIjFGaRcnss.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 00:23:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1017 (0x3f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917B4BF
Validity
Not Before: Apr 5 01:05:49 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67f081ed-0343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9a:08:36:8a:08:e0:9f:50:ba:cd:03:e0:be:
91:01:0a:a3:48:3b:af:b1:41:4e:57:55:5f:a9:ee:
aa:45:28:c1:78:28:2e:a3:94:fd:e0:1a:5b:2c:1e:
05:6a:6a:11:fe:31:4d:c8:10:9f:f6:67:50:0d:65:
db:f8:38:63:a1:b8:4c:a7:ef:d5:e2:9e:8e:f4:7f:
87:06:01:71:7a:f6:91:21:75:ab:03:9b:69:54:2f:
75:62:20:e4:3c:d0:bf:a0:e1:81:e7:23:39:e6:78:
60:81:fa:1c:59:09:fc:41:ed:3d:a2:5d:2f:bc:4b:
e3:0f:44:74:dc:61:21:4a:88:19:e8:30:7d:cf:aa:
31:16:2c:b6:0f:7a:00:0d:b5:11:7a:8f:9f:54:7f:
30:01:5c:fc:36:ab:f3:70:19:2a:c6:6d:c3:76:f3:
5e:aa:3a:b9:db:aa:ca:29:2d:d0:d2:3e:7e:ca:e2:
3d:00:e0:56:0b:a7:3c:ab:2e:ef:67:36:86:a4:6c:
d3:1e:04:51:bb:22:4a:df:cf:e2:6d:d1:67:a7:a3:
8c:97:1b:b5:36:62:55:1b:1a:27:6a:f3:24:f8:4a:
a0:e7:6d:aa:15:15:c3:43:d4:f6:0b:6b:c4:64:75:
9e:d0:78:11:a4:f0:fd:3c:22:b6:3b:44:3e:ba:aa:
0c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:22:F0:C7:8A:2B:D8:4E:86:A6:38:4C:E4:AB:5C:10:90:C4:D9:4A
X509v3 Authority Key Identifier:
keyid:80:35:09:0A:05:73:27:E1:20:05:93:C2:0C:88:C5:19:A4:5C:9E:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917B4BF/B8CC693C855C11EC8E3CBB51C4F9AE02/gDUJCgVzJ-EgBZPCDIjFGaRcnss.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gDUJCgVzJ-EgBZPCDIjFGaRcnss.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B4BF/B8CC693C855C11EC8E3CBB51C4F9AE02/21ECD84A856011EC924B3E58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.181.44.0/23
IPv6:
2400:58a0::/32
Signature Algorithm: sha256WithRSAEncryption
80:a3:b3:2c:dc:11:ed:67:ca:95:f8:9c:a6:45:ea:7b:c2:e6:
42:2a:3c:4c:aa:3a:68:6e:10:1a:70:5d:9d:ef:f9:24:d3:b5:
f8:bf:8d:5a:f8:14:ef:2b:c9:d7:4f:19:b1:1b:84:e9:b0:a1:
f3:ff:5b:36:ce:e3:a9:c5:2d:ad:da:e9:dc:97:ff:11:dd:4d:
aa:aa:6b:68:72:86:98:ec:51:5a:cb:84:33:91:4b:e2:bf:4f:
2d:77:a9:d9:47:21:45:84:b4:93:fd:73:c6:48:f4:85:e1:21:
53:3c:c6:15:ac:56:4d:77:2b:1e:d4:65:31:b0:66:f1:fb:f0:
34:e1:6b:b3:19:26:61:7b:8d:2d:f8:7d:2f:c9:a7:a3:83:8a:
38:e4:de:8d:25:90:cb:bf:aa:81:99:dd:c6:cd:33:a5:d6:b5:
ff:21:cf:47:5d:fe:7d:57:69:06:e5:b3:bb:79:65:c1:5a:1a:
a9:f0:01:73:c7:81:b7:94:85:ee:94:ec:6a:2b:f6:b6:2b:ca:
ca:df:07:10:f7:20:d5:a5:9b:11:25:f0:b0:ab:ae:01:6e:7c:
d5:d7:1e:f3:6a:e2:15:22:a2:00:d2:a6:54:2f:ee:7f:48:56:
a0:b3:74:a8:8e:74:74:8e:f4:27:2c:c4:f1:38:ca:2d:1f:5b:
0e:c0:ec:b6
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0I0QkYxMTAvBgNVBAUTKDgwMzUwOTBBMDU3MzI3RTEyMDA1OTNDMjBDODhDNTE5
QTQ1QzlFQ0IwHhcNMjUwNDA1MDEwNTQ5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2YwODFlZC0wMzQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApZoINooI4J9Qus0D4L6RAQqjSDuvsUFOV1Vfqe6qRSjBeCguo5T94BpbLB4F
amoR/jFNyBCf9mdQDWXb+DhjobhMp+/V4p6O9H+HBgFxevaRIXWrA5tpVC91YiDk
PNC/oOGB5yM55nhggfocWQn8Qe09ol0vvEvjD0R03GEhSogZ6DB9z6oxFiy2D3oA
DbUReo+fVH8wAVz8NqvzcBkqxm3DdvNeqjq526rKKS3Q0j5+yuI9AOBWC6c8qy7v
ZzaGpGzTHgRRuyJK38/ibdFnp6OMlxu1NmJVGxonavMk+Eqg522qFRXDQ9T2C2vE
ZHWe0HgRpPD9PCK2O0Q+uqoMwQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFL4i8MeK
K9hOhqY4TOSrXBCQxNlKMB8GA1UdIwQYMBaAFIA1CQoFcyfhIAWTwgyIxRmkXJ7L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjRCRi9COENDNjkzQzg1
NUMxMUVDOEUzQ0JCNTFDNEY5QUUwMi9nRFVKQ2dWekotRWdCWlBDRElqRkdhUmNu
c3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dEVUpDZ1Z6Si1FZ0JaUENESWpGR2FSY25zcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0I0QkYvQjhDQzY5M0M4NTVDMTFFQzhFM0NCQjUxQzRGOUFFMDIvMjFFQ0Q4NEE4
NTYwMTFFQzkyNEIzRTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFntSwwDQQCAAIwBwMFACQAWKAwDQYJKoZIhvcNAQELBQAD
ggEBAICjsyzcEe1nypX4nKZF6nvC5kIqPEyqOmhuEBpwXZ3v+STTtfi/jVr4FO8r
yddPGbEbhOmwofP/WzbO46nFLa3a6dyX/xHdTaqqa2hyhpjsUVrLhDORS+K/Ty13
qdlHIUWEtJP9c8ZI9IXhIVM8xhWsVk13Kx7UZTGwZvH78DTha7MZJmF7jS34fS/J
p6ODijjk3o0lkMu/qoGZ3cbNM6XWtf8hz0dd/n1XaQbls7t5ZcFaGqnwAXPHgbeU
he6U7Gor9rYrysrfBxD3INWlmxEl8LCrrgFufNXXHvNq4hUiogDSplQv7n9IVqCz
dKiOdHSO9CcsxPE4yi0fWw7A7LY=
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:14:13 2025 by rpki-client