Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917D586/8F00C6B6552E11E685042142C4F9AE02/BE82D1863DAC11EEB6C9226BC4F9AE02.roa
File: BE82D1863DAC11EEB6C9226BC4F9AE02.roa (raw, json)
Hash identifier: dDmsnYnpk7eYJRQjeaKR7lmvE3DrcRr0DYnI4h6EWFU=
Subject key identifier: 90:82:AD:AC:76:FC:73:08:1A:E1:C9:51:39:AD:3D:E5:A1:90:78:DD
Certificate issuer: /CN=A917D586/serialNumber=4E10FE1747EDA6ABBBBF2C2130DB45544E6D329F
Certificate serial: 1F3E
Authority key identifier: 4E:10:FE:17:47:ED:A6:AB:BB:BF:2C:21:30:DB:45:54:4E:6D:32:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThD-F0ftpqu7vywhMNtFVE5tMp8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917D586/8F00C6B6552E11E685042142C4F9AE02/BE82D1863DAC11EEB6C9226BC4F9AE02.roa
Signing time: Sat 12 Apr 2025 16:24:09 +0000
ROA not before: Sat 12 Apr 2025 16:24:09 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 58516
IP address blocks: 103.247.138.0/24 maxlen: 26
2001:df0:295::/48 maxlen: 56
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917D586/8F00C6B6552E11E685042142C4F9AE02/ThD-F0ftpqu7vywhMNtFVE5tMp8.crl
rsync://rpki.apnic.net/member_repository/A917D586/8F00C6B6552E11E685042142C4F9AE02/ThD-F0ftpqu7vywhMNtFVE5tMp8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThD-F0ftpqu7vywhMNtFVE5tMp8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 16:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7998 (0x1f3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917D586, serialNumber=4E10FE1747EDA6ABBBBF2C2130DB45544E6D329F
Validity
Not Before: Apr 12 16:24:09 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67fa93a8-7d18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:99:05:e0:7a:0a:ce:e4:f6:c9:6b:82:c9:e0:
12:db:1b:61:85:73:8d:bb:4e:7c:4c:9a:07:5e:be:
13:35:c7:d6:73:99:f8:9b:9b:35:df:f8:9d:6c:b2:
83:4a:7a:39:8a:87:d0:af:5e:5b:3f:c9:18:c5:09:
35:89:e8:1c:e8:c1:46:31:11:bf:1b:7d:28:f1:b6:
8c:b5:6d:ef:f1:8c:d0:39:e4:9f:38:81:1f:85:6c:
d8:81:7c:77:a3:9a:fb:03:f4:50:9f:fb:1a:3a:6c:
f0:af:20:e9:ad:20:52:a4:52:df:d5:83:bc:da:99:
36:1d:7f:bb:ce:e1:7a:1e:ba:63:20:c0:d6:6d:0a:
5e:2a:fd:fa:72:0f:92:60:92:6c:16:a0:bd:6f:a1:
17:f0:f0:42:4f:07:58:e5:42:f9:15:59:07:9c:76:
87:a7:78:e3:bd:61:e4:9f:d2:3a:ba:27:f0:f2:c8:
1b:72:c9:8a:0b:a8:32:8d:cd:4a:49:49:76:52:92:
5c:21:2c:d2:52:37:92:e8:84:c9:0a:d4:18:b7:e7:
7e:5f:3c:bc:d3:58:8f:a7:9d:3d:56:aa:38:19:2c:
45:c8:42:4d:f8:17:27:10:59:31:88:bc:8e:7d:d0:
e8:f2:3d:2b:9f:65:ae:47:71:bd:db:bd:83:c7:5f:
5d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:82:AD:AC:76:FC:73:08:1A:E1:C9:51:39:AD:3D:E5:A1:90:78:DD
X509v3 Authority Key Identifier:
keyid:4E:10:FE:17:47:ED:A6:AB:BB:BF:2C:21:30:DB:45:54:4E:6D:32:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917D586/8F00C6B6552E11E685042142C4F9AE02/ThD-F0ftpqu7vywhMNtFVE5tMp8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThD-F0ftpqu7vywhMNtFVE5tMp8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D586/8F00C6B6552E11E685042142C4F9AE02/BE82D1863DAC11EEB6C9226BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.247.138.0/24
IPv6:
2001:df0:295::/48
Signature Algorithm: sha256WithRSAEncryption
6e:c6:04:39:cf:16:29:b6:5f:fd:19:a4:ff:d9:8a:0b:5b:0f:
49:b2:89:a5:c6:a0:52:8c:d1:0b:20:af:7d:00:fb:6a:bf:cf:
13:f9:38:ec:09:88:6b:c0:7d:7f:30:e6:a6:a4:29:71:64:84:
64:bd:d2:8c:f3:4d:78:e0:2a:04:02:60:a0:a7:d7:4e:23:3c:
6f:bc:e6:55:9c:96:39:e6:fb:87:73:3c:5f:a8:a4:04:7b:69:
bb:23:42:4b:d9:f7:0b:7a:31:93:f1:49:9c:a5:5b:cf:8b:4c:
84:9d:25:24:3c:f1:d0:2e:91:aa:d5:8b:47:7c:e2:e9:c3:2a:
3b:b4:1b:0c:ef:b6:1c:e7:9e:cb:fd:f1:f5:dc:6a:af:e3:a0:
56:53:05:91:8c:85:e3:e3:21:63:6a:0e:34:2d:d7:4b:a9:9c:
89:3a:49:88:0b:1a:23:0d:65:1d:89:b8:5c:3a:83:e2:bd:43:
36:15:59:51:ff:a3:d1:5f:c0:36:9e:72:09:9e:88:47:6d:2b:
89:e7:21:61:1c:ba:87:d0:8e:e2:66:c8:07:a4:65:e5:d5:56:
e4:82:4c:e6:cc:cb:fb:16:e2:89:ee:b5:47:1e:5c:ee:7e:c8:
24:f9:01:ad:56:4b:1a:7c:54:30:8a:4b:16:84:96:44:3e:76:
d1:d2:90:64
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICHz4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Q1ODYxMTAvBgNVBAUTKDRFMTBGRTE3NDdFREE2QUJCQkJGMkMyMTMwREI0NTU0
NEU2RDMyOUYwHhcNMjUwNDEyMTYyNDA5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ZhOTNhOC03ZDE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqpkF4HoKzuT2yWuCyeAS2xthhXONu058TJoHXr4TNcfWc5n4m5s13/idbLKD
Sno5iofQr15bP8kYxQk1iegc6MFGMRG/G30o8baMtW3v8YzQOeSfOIEfhWzYgXx3
o5r7A/RQn/saOmzwryDprSBSpFLf1YO82pk2HX+7zuF6HrpjIMDWbQpeKv36cg+S
YJJsFqC9b6EX8PBCTwdY5UL5FVkHnHaHp3jjvWHkn9I6uifw8sgbcsmKC6gyjc1K
SUl2UpJcISzSUjeS6ITJCtQYt+d+Xzy801iPp509Vqo4GSxFyEJN+BcnEFkxiLyO
fdDo8j0rn2WuR3G9272Dx19dBQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFJCCrax2
/HMIGuHJUTmtPeWhkHjdMB8GA1UdIwQYMBaAFE4Q/hdH7aaru78sITDbRVRObTKf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDU4Ni84RjAwQzZCNjU1
MkUxMUU2ODUwNDIxNDJDNEY5QUUwMi9UaEQtRjBmdHBxdTd2eXdoTU50RlZFNXRN
cDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RoRC1GMGZ0cHF1N3Z5d2hNTnRGVkU1dE1wOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0Q1ODYvOEYwMEM2QjY1NTJFMTFFNjg1MDQyMTQyQzRGOUFFMDIvQkU4MkQxODYz
REFDMTFFRUI2QzkyMjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABn94owDwQCAAIwCQMHACABDfAClTANBgkqhkiG9w0BAQsF
AAOCAQEAbsYEOc8WKbZf/Rmk/9mKC1sPSbKJpcagUozRCyCvfQD7ar/PE/k47AmI
a8B9fzDmpqQpcWSEZL3SjPNNeOAqBAJgoKfXTiM8b7zmVZyWOeb7h3M8X6ikBHtp
uyNCS9n3C3oxk/FJnKVbz4tMhJ0lJDzx0C6RqtWLR3zi6cMqO7QbDO+2HOeey/3x
9dxqr+OgVlMFkYyF4+MhY2oONC3XS6mciTpJiAsaIw1lHYm4XDqD4r1DNhVZUf+j
0V/ANp5yCZ6IR20riechYRy6h9CO4mbIB6Rl5dVW5IJM5szL+xbiie61Rx5c7n7I
JPkBrVZLGnxUMIpLFoSWRD520dKQZA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:41:55 2025 by rpki-client