Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/83DC30E0D0DB11EA9336962FC4F9AE02.roa
File: 83DC30E0D0DB11EA9336962FC4F9AE02.roa (raw, json)
Hash identifier: 1xpqucRPj2sGGfUlw/hjqGcWw2RAvQEPEvj1/o7DLww=
Subject key identifier: 6C:81:10:EE:FB:41:41:BD:F0:71:2D:1B:67:EC:2A:C6:86:40:60:C5
Certificate issuer: /CN=A917F8A9/serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727
Certificate serial: 095E
Authority key identifier: 5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/83DC30E0D0DB11EA9336962FC4F9AE02.roa
Signing time: Thu 20 Mar 2025 20:30:29 +0000
ROA not before: Thu 20 Mar 2025 20:30:29 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 9260
IP address blocks: 103.86.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl
rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 20:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2398 (0x95e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F8A9, serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727
Validity
Not Before: Mar 20 20:30:29 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67dc7ae5-e938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1d:03:c7:88:52:dc:cd:1d:6c:f1:72:7b:69:
29:91:7c:b5:35:d8:ba:7f:60:6e:ac:ed:37:16:98:
f7:e2:a0:28:f4:e4:62:14:d7:26:7c:3b:03:d9:0d:
aa:55:72:44:3b:3a:80:77:48:11:63:a0:b3:e1:96:
b0:f3:d3:53:ff:0c:42:aa:a0:c2:8d:17:19:37:d2:
4a:1d:8d:5c:71:37:d0:df:7a:91:7c:a8:dc:a3:61:
17:41:18:f3:67:3c:01:09:ce:81:32:72:03:1f:f0:
d4:c2:15:39:91:f3:6f:ca:79:7d:a0:55:d1:99:4d:
67:59:d8:25:23:0b:76:fb:a2:db:60:5a:b0:26:23:
3f:58:67:e7:4d:47:77:d4:88:92:9a:68:87:89:46:
b8:5e:c3:15:6f:95:44:70:17:ee:94:b0:ca:69:82:
e0:49:c9:2e:60:2b:ac:c4:ee:77:30:91:c6:6e:7d:
56:57:83:fe:c4:6d:8d:c0:89:5d:03:47:4b:ba:12:
e8:31:fc:6e:fd:7c:b3:c0:fc:a9:a3:96:77:96:69:
b4:d3:b5:63:6a:0f:41:11:2b:8a:1d:10:bb:65:fa:
9f:c9:fe:a0:a4:e2:f3:79:e3:d1:c7:b1:cf:73:95:
a3:23:da:df:7d:80:80:84:37:48:bc:29:dc:ea:ca:
97:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:81:10:EE:FB:41:41:BD:F0:71:2D:1B:67:EC:2A:C6:86:40:60:C5
X509v3 Authority Key Identifier:
keyid:5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/83DC30E0D0DB11EA9336962FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.86.52.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:59:29:80:f2:cb:b9:7c:4b:e1:e0:38:b0:08:d4:1b:42:e6:
ee:ea:a3:46:76:48:14:7b:00:ba:c6:7a:d4:1d:ed:64:70:d2:
11:a3:62:c5:f3:23:a3:53:b0:a3:ef:c0:07:86:2f:c2:12:9e:
c0:87:32:9b:f3:09:d8:0c:42:e6:7d:45:1e:47:0b:96:91:59:
90:63:a8:ca:a2:73:e5:5f:23:79:5c:60:5b:f9:bd:2b:c3:75:
88:bd:80:7e:46:05:f0:cd:a6:5d:e6:ad:a9:5c:5e:5f:bc:eb:
4d:96:c1:e3:a3:5f:45:ec:ef:3a:da:1b:bd:af:20:3c:8b:0d:
e2:90:f1:28:f6:32:19:a0:32:5f:56:3b:5f:8f:1b:fb:8b:87:
5b:94:9e:40:e4:df:29:98:95:29:86:62:9a:85:e9:ca:c2:4e:
7e:0e:70:2a:bb:99:9f:4b:df:63:0f:4a:eb:e9:0d:fe:5b:5a:
21:0e:9b:ec:b3:1c:6b:f0:5f:05:ad:b6:b4:65:c7:db:36:3b:
8d:bd:3f:27:ea:7d:4d:58:be:00:ff:aa:3e:85:80:40:b9:f2:
bc:5d:70:ba:e5:c1:2b:ae:95:e4:8c:af:ec:92:8d:e1:3f:55:
94:23:d7:d2:9a:9c:9d:6e:70:4e:2a:e5:f5:b0:67:e9:87:05:
79:f8:f7:dd
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCV4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0Y4QTkxMTAvBgNVBAUTKDVDMEFCNDI1RjJCNDIzNUUxQzgxNTY4M0JENkM4RThC
N0I4MEI3MjcwHhcNMjUwMzIwMjAzMDI5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjN2FlNS1lOTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2x0Dx4hS3M0dbPFye2kpkXy1Ndi6f2BurO03Fpj34qAo9ORiFNcmfDsD2Q2q
VXJEOzqAd0gRY6Cz4Zaw89NT/wxCqqDCjRcZN9JKHY1ccTfQ33qRfKjco2EXQRjz
ZzwBCc6BMnIDH/DUwhU5kfNvynl9oFXRmU1nWdglIwt2+6LbYFqwJiM/WGfnTUd3
1IiSmmiHiUa4XsMVb5VEcBfulLDKaYLgSckuYCusxO53MJHGbn1WV4P+xG2NwIld
A0dLuhLoMfxu/XyzwPypo5Z3lmm007Vjag9BESuKHRC7Zfqfyf6gpOLzeePRx7HP
c5WjI9rffYCAhDdIvCnc6sqX/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFGyBEO77
QUG98HEtG2fsKsaGQGDFMB8GA1UdIwQYMBaAFFwKtCXytCNeHIFWg71sjot7gLcn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjhBOS8yQUEwNDMzMDk0
RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkxNGNnVmFEdld5T2kzdUF0
eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hBcTBKZkswSTE0Y2dWYUR2V3lPaTN1QXR5Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0Y4QTkvMkFBMDQzMzA5NEYwMTFFQTgzRUYxRTdEQzRGOUFFMDIvODNEQzMwRTBE
MERCMTFFQTkzMzY5NjJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnVjQwDQYJKoZIhvcNAQELBQADggEBAB9ZKYDyy7l8S+Hg
OLAI1BtC5u7qo0Z2SBR7ALrGetQd7WRw0hGjYsXzI6NTsKPvwAeGL8ISnsCHMpvz
CdgMQuZ9RR5HC5aRWZBjqMqic+VfI3lcYFv5vSvDdYi9gH5GBfDNpl3mralcXl+8
602WweOjX0Xs7zraG72vIDyLDeKQ8Sj2MhmgMl9WO1+PG/uLh1uUnkDk3ymYlSmG
YpqF6crCTn4OcCq7mZ9L32MPSuvpDf5bWiEOm+yzHGvwXwWttrRlx9s2O429Pyfq
fU1YvgD/qj6FgEC58rxdcLrlwSuuleSMr+ySjeE/VZQj19KanJ1ucE4q5fWwZ+mH
BXn4990=
-----END CERTIFICATE-----
Generated at Mon Apr 14 05:10:48 2025 by rpki-client