Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C11A/C086EA985A3911EB8E59C266C4F9AE02/4002E4BA5A3B11EBA4020D68C4F9AE02.roa
File: 4002E4BA5A3B11EBA4020D68C4F9AE02.roa (raw, json)
Hash identifier: owZNdsc75aBAEeMxk8dZOIuYb/+Ukc36obf7oLhTJGg=
Subject key identifier: 3A:ED:91:14:52:F5:D3:90:9A:4B:85:7F:A2:CD:16:AA:5E:2F:21:E0
Certificate issuer: /CN=A917C11A/serialNumber=DE8173E7D28FEAD1EC3A92C97658DA73285093E5
Certificate serial: 0682
Authority key identifier: DE:81:73:E7:D2:8F:EA:D1:EC:3A:92:C9:76:58:DA:73:28:50:93:E5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3oFz59KP6tHsOpLJdljacyhQk-U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C11A/C086EA985A3911EB8E59C266C4F9AE02/4002E4BA5A3B11EBA4020D68C4F9AE02.roa
Signing time: Wed 08 Jan 2025 22:01:39 +0000
ROA not before: Wed 08 Jan 2025 22:01:39 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 134474
IP address blocks: 103.160.66.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917C11A/C086EA985A3911EB8E59C266C4F9AE02/3oFz59KP6tHsOpLJdljacyhQk-U.crl
rsync://rpki.apnic.net/member_repository/A917C11A/C086EA985A3911EB8E59C266C4F9AE02/3oFz59KP6tHsOpLJdljacyhQk-U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3oFz59KP6tHsOpLJdljacyhQk-U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 21:49:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1666 (0x682)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C11A, serialNumber=DE8173E7D28FEAD1EC3A92C97658DA73285093E5
Validity
Not Before: Jan 8 22:01:39 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677ef5c2-8ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:93:9b:61:ab:1a:9e:f2:f4:0b:bb:cf:6d:3b:
d1:c8:de:a3:b4:07:6e:fa:df:4a:ce:3e:29:03:f3:
45:36:09:8f:ee:26:eb:f0:e8:32:86:ac:ff:3a:b3:
f7:b5:bb:ff:10:06:f2:ab:f5:91:59:1e:60:ff:19:
4b:2b:2d:70:24:58:69:bb:60:aa:10:4c:c9:de:c2:
ea:b6:4c:7f:ef:22:22:8f:8f:ac:31:94:98:a9:a8:
bb:62:02:a9:09:f8:4d:12:32:f0:72:5a:80:0c:df:
bb:38:04:3c:0b:cf:79:0f:35:fb:db:b8:f8:19:27:
d0:e3:50:6e:f1:aa:00:03:8a:bb:b0:4f:c8:2b:c3:
2d:2c:72:dc:90:ae:b2:ad:36:a0:28:c6:58:42:87:
6f:59:3c:58:cb:83:04:dc:88:01:8a:b1:4f:c9:87:
4d:58:08:46:74:86:b6:5b:8a:8b:8f:04:03:94:6a:
95:c6:2b:e1:7c:4a:0e:5c:b2:d7:06:5d:d1:38:e5:
3b:85:da:56:b5:18:10:3b:50:7b:e6:95:85:b2:ac:
f9:62:20:23:ed:d3:76:5f:58:cb:e5:bb:65:17:5a:
71:ff:53:33:33:dd:8b:2b:a5:27:d8:60:e9:96:f1:
9a:f0:fa:13:ae:75:42:4f:6c:61:ee:ad:00:c1:25:
34:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:ED:91:14:52:F5:D3:90:9A:4B:85:7F:A2:CD:16:AA:5E:2F:21:E0
X509v3 Authority Key Identifier:
keyid:DE:81:73:E7:D2:8F:EA:D1:EC:3A:92:C9:76:58:DA:73:28:50:93:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C11A/C086EA985A3911EB8E59C266C4F9AE02/3oFz59KP6tHsOpLJdljacyhQk-U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3oFz59KP6tHsOpLJdljacyhQk-U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C11A/C086EA985A3911EB8E59C266C4F9AE02/4002E4BA5A3B11EBA4020D68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.66.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:46:f6:24:25:08:e9:52:af:5b:79:c4:92:30:e4:48:fb:7e:
94:b9:cb:78:17:5c:46:54:ee:da:73:17:a5:a3:df:49:4e:fe:
6c:29:de:e9:fe:7b:13:41:d5:90:71:0b:a6:26:ef:0a:f8:d2:
57:f4:88:96:fa:6a:11:bf:38:a6:ce:21:ee:65:39:30:70:c8:
a8:5b:cd:2d:d9:be:79:57:ec:89:83:c9:9a:fc:8a:60:8a:a5:
20:02:70:86:8b:5c:1f:9c:40:e9:70:2c:4e:e2:ba:84:7b:51:
c6:67:44:3f:83:63:98:d1:e2:4b:21:a7:fb:f5:bb:37:c3:ae:
c7:0d:5a:44:3b:08:9b:f3:74:0a:e8:44:00:d0:f6:b2:29:95:
80:5b:6b:80:cb:5a:11:83:41:93:f3:7e:48:67:fb:13:db:ad:
a6:23:c6:23:71:15:9c:46:ad:a0:52:20:00:fa:59:91:a3:c4:
c0:c6:70:95:c9:9a:23:90:7c:1d:ae:01:94:25:bf:c7:05:e7:
79:ad:8f:58:64:b9:a0:12:aa:82:8d:cc:27:3f:a8:3d:ac:7a:
36:e9:84:ba:c8:7d:de:7d:a6:3d:3d:2c:20:65:12:e0:41:2b:
e4:de:ac:2f:d5:2c:bc:e5:7c:45:18:fb:78:cb:e6:df:36:85:
5e:85:e8:a6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBoIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MxMUExMTAvBgNVBAUTKERFODE3M0U3RDI4RkVBRDFFQzNBOTJDOTc2NThEQTcz
Mjg1MDkzRTUwHhcNMjUwMTA4MjIwMTM5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdlZjVjMi04Y2ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvpObYasanvL0C7vPbTvRyN6jtAdu+t9Kzj4pA/NFNgmP7ibr8Ogyhqz/OrP3
tbv/EAbyq/WRWR5g/xlLKy1wJFhpu2CqEEzJ3sLqtkx/7yIij4+sMZSYqai7YgKp
CfhNEjLwclqADN+7OAQ8C895DzX727j4GSfQ41Bu8aoAA4q7sE/IK8MtLHLckK6y
rTagKMZYQodvWTxYy4ME3IgBirFPyYdNWAhGdIa2W4qLjwQDlGqVxivhfEoOXLLX
Bl3ROOU7hdpWtRgQO1B75pWFsqz5YiAj7dN2X1jL5btlF1px/1MzM92LK6Un2GDp
lvGa8PoTrnVCT2xh7q0AwSU0hwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDrtkRRS
9dOQmkuFf6LNFqpeLyHgMB8GA1UdIwQYMBaAFN6Bc+fSj+rR7DqSyXZY2nMoUJPl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzExQS9DMDg2RUE5ODVB
MzkxMUVCOEU1OUMyNjZDNEY5QUUwMi8zb0Z6NTlLUDZ0SHNPcExKZGxqYWN5aFFr
LVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNvRno1OUtQNnRIc09wTEpkbGphY3loUWstVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0MxMUEvQzA4NkVBOTg1QTM5MTFFQjhFNTlDMjY2QzRGOUFFMDIvNDAwMkU0QkE1
QTNCMTFFQkE0MDIwRDY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnoEIwDQYJKoZIhvcNAQELBQADggEBAKdG9iQlCOlSr1t5
xJIw5Ej7fpS5y3gXXEZU7tpzF6Wj30lO/mwp3un+exNB1ZBxC6Ym7wr40lf0iJb6
ahG/OKbOIe5lOTBwyKhbzS3ZvnlX7ImDyZr8imCKpSACcIaLXB+cQOlwLE7iuoR7
UcZnRD+DY5jR4kshp/v1uzfDrscNWkQ7CJvzdAroRADQ9rIplYBba4DLWhGDQZPz
fkhn+xPbraYjxiNxFZxGraBSIAD6WZGjxMDGcJXJmiOQfB2uAZQlv8cF53mtj1hk
uaASqoKNzCc/qD2sejbphLrIfd59pj09LCBlEuBBK+TerC/VLLzlfEUY+3jL5t82
hV6F6KY=
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:46:53 2025 by rpki-client