Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91834AD/0DE4AD0408FE11EA9833C578C4F9AE02/6C3D5766692F11EF9E22F029C4F9AE02.roa
File: 6C3D5766692F11EF9E22F029C4F9AE02.roa (raw, json)
Hash identifier: /S+W07A3aVql6ze6kJn+yDdzoX1dXbrV898MDchVnCY=
Subject key identifier: 6C:BF:1A:FC:EB:A2:06:FE:E5:F2:DB:BD:55:FA:80:2F:9B:9C:21:DC
Certificate issuer: /CN=A91834AD/serialNumber=4D76F793E2B129F46F8FC90E21F9D0FEAF10D040
Certificate serial: 0C20
Authority key identifier: 4D:76:F7:93:E2:B1:29:F4:6F:8F:C9:0E:21:F9:D0:FE:AF:10:D0:40
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXb3k-KxKfRvj8kOIfnQ_q8Q0EA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91834AD/0DE4AD0408FE11EA9833C578C4F9AE02/6C3D5766692F11EF9E22F029C4F9AE02.roa
Signing time: Mon 10 Mar 2025 19:08:45 +0000
ROA not before: Mon 10 Mar 2025 19:08:45 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 137278
IP address blocks: 103.87.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91834AD/0DE4AD0408FE11EA9833C578C4F9AE02/TXb3k-KxKfRvj8kOIfnQ_q8Q0EA.crl
rsync://rpki.apnic.net/member_repository/A91834AD/0DE4AD0408FE11EA9833C578C4F9AE02/TXb3k-KxKfRvj8kOIfnQ_q8Q0EA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXb3k-KxKfRvj8kOIfnQ_q8Q0EA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 18:25:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3104 (0xc20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91834AD, serialNumber=4D76F793E2B129F46F8FC90E21F9D0FEAF10D040
Validity
Not Before: Mar 10 19:08:45 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67cf38bd-c503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b2:54:d7:2f:3d:68:1d:e8:a9:ca:56:61:b4:
4d:df:10:04:a1:2d:19:c4:43:26:59:00:6b:3e:6b:
9d:34:23:a0:28:68:2f:99:1f:69:f8:4c:92:e1:7b:
ae:1e:ea:2c:5b:e6:bf:fd:43:d8:22:07:b3:a0:4b:
02:74:4f:bd:d0:0b:8e:25:fe:c3:25:e5:04:aa:34:
a5:d2:2e:e3:dc:fe:21:76:b7:b5:62:35:43:2a:12:
34:f3:2d:cf:d1:34:6d:93:15:26:4f:9c:fe:76:f7:
d9:38:c8:08:10:84:7a:c8:2f:99:dc:6f:6c:c4:99:
db:a1:83:6b:d5:b1:06:97:19:3f:3c:0e:01:c5:2c:
b0:2f:20:28:60:42:fd:0d:08:fa:5f:ca:68:2a:a8:
02:3a:08:bb:64:5d:d4:dd:15:02:6b:56:3b:19:25:
1e:71:52:45:be:dd:a1:36:c2:58:87:e4:b8:4f:5d:
d2:21:7f:56:6f:37:a1:15:9e:10:d6:ab:44:f1:da:
fb:f0:e2:72:5f:73:87:07:71:0d:40:66:90:bf:c9:
7b:cd:d7:04:5f:66:09:cf:ab:92:ad:8e:67:ca:e2:
db:15:72:81:2d:43:28:d8:2b:a6:b5:99:53:e3:6f:
e2:56:4f:80:5a:d8:4d:a1:c5:0a:91:c1:10:cc:31:
42:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BF:1A:FC:EB:A2:06:FE:E5:F2:DB:BD:55:FA:80:2F:9B:9C:21:DC
X509v3 Authority Key Identifier:
keyid:4D:76:F7:93:E2:B1:29:F4:6F:8F:C9:0E:21:F9:D0:FE:AF:10:D0:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91834AD/0DE4AD0408FE11EA9833C578C4F9AE02/TXb3k-KxKfRvj8kOIfnQ_q8Q0EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXb3k-KxKfRvj8kOIfnQ_q8Q0EA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91834AD/0DE4AD0408FE11EA9833C578C4F9AE02/6C3D5766692F11EF9E22F029C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.87.136.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:55:71:0f:20:80:2a:42:49:bd:e8:c4:60:9c:1d:f4:c6:fe:
a6:4b:d9:f1:16:1a:e1:62:63:63:3d:0f:03:e5:66:a5:8e:e9:
bf:eb:c8:8b:2d:d1:1b:b9:7f:46:eb:61:89:6d:06:bf:71:7f:
6a:72:74:7c:52:02:43:c6:4f:e3:5f:16:f0:d1:84:1d:fa:bc:
11:aa:73:86:b6:3d:5e:7d:b9:12:39:45:c4:14:51:e8:c4:57:
00:53:0f:89:44:b5:1f:9b:be:53:31:70:39:7a:f8:d0:4e:13:
40:ff:07:9e:0c:46:63:f8:56:03:14:5d:ce:bb:71:30:84:2e:
de:02:df:24:57:f7:08:b2:42:77:64:fa:d2:c0:84:c6:ff:70:
bb:42:c6:cb:71:6e:d7:92:d5:63:74:47:33:84:06:de:a4:9b:
9f:23:05:bf:41:d9:87:fc:04:ae:a7:af:55:7b:9a:10:2e:9d:
7c:fc:20:1d:ec:21:25:84:f7:7a:e2:95:49:51:ec:6e:e1:45:
8e:de:18:a7:4b:79:96:53:00:9f:d1:df:63:96:b6:89:2e:dc:
01:55:79:58:fe:24:48:03:00:d1:6d:06:fc:bc:3a:5b:bf:12:
7d:32:28:30:66:5e:bd:24:ec:87:f9:56:5d:1b:3c:10:1a:04:
35:5f:a1:39
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDCAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODM0QUQxMTAvBgNVBAUTKDRENzZGNzkzRTJCMTI5RjQ2RjhGQzkwRTIxRjlEMEZF
QUYxMEQwNDAwHhcNMjUwMzEwMTkwODQ1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmMzhiZC1jNTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmLJU1y89aB3oqcpWYbRN3xAEoS0ZxEMmWQBrPmudNCOgKGgvmR9p+EyS4Xuu
HuosW+a//UPYIgezoEsCdE+90AuOJf7DJeUEqjSl0i7j3P4hdre1YjVDKhI08y3P
0TRtkxUmT5z+dvfZOMgIEIR6yC+Z3G9sxJnboYNr1bEGlxk/PA4BxSywLyAoYEL9
DQj6X8poKqgCOgi7ZF3U3RUCa1Y7GSUecVJFvt2hNsJYh+S4T13SIX9WbzehFZ4Q
1qtE8dr78OJyX3OHB3ENQGaQv8l7zdcEX2YJz6uSrY5nyuLbFXKBLUMo2CumtZlT
42/iVk+AWthNocUKkcEQzDFCowIDAQABo4IClTCCApEwHQYDVR0OBBYEFGy/Gvzr
ogb+5fLbvVX6gC+bnCHcMB8GA1UdIwQYMBaAFE1295PisSn0b4/JDiH50P6vENBA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MzRBRC8wREU0QUQwNDA4
RkUxMUVBOTgzM0M1NzhDNEY5QUUwMi9UWGIzay1LeEtmUnZqOGtPSWZuUV9xOFEw
RUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RYYjNrLUt4S2ZSdmo4a09JZm5RX3E4UTBFQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODM0QUQvMERFNEFEMDQwOEZFMTFFQTk4MzNDNTc4QzRGOUFFMDIvNkMzRDU3NjY2
OTJGMTFFRjlFMjJGMDI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnV4gwDQYJKoZIhvcNAQELBQADggEBAJ1VcQ8ggCpCSb3o
xGCcHfTG/qZL2fEWGuFiY2M9DwPlZqWO6b/ryIst0Ru5f0brYYltBr9xf2pydHxS
AkPGT+NfFvDRhB36vBGqc4a2PV59uRI5RcQUUejEVwBTD4lEtR+bvlMxcDl6+NBO
E0D/B54MRmP4VgMUXc67cTCELt4C3yRX9wiyQndk+tLAhMb/cLtCxstxbteS1WN0
RzOEBt6km58jBb9B2Yf8BK6nr1V7mhAunXz8IB3sISWE93rilUlR7G7hRY7eGKdL
eZZTAJ/R32OWtoku3AFVeVj+JEgDANFtBvy8Olu/En0yKDBmXr0k7If5Vl0bPBAa
BDVfoTk=
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:43:28 2025 by rpki-client