Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9185B41/A1EDCFFE679911EAB67B3484C4F9AE02/5042B970E25B11EA9E988045C4F9AE02.roa
File: 5042B970E25B11EA9E988045C4F9AE02.roa (raw, json)
Hash identifier: m9vtjIJIq2t72L0Goc5PW0dIrS3vnSSj4P2xta8ZeoM=
Subject key identifier: C7:97:CB:D9:80:C7:80:26:73:EA:64:34:A9:C6:88:47:3D:96:F3:F3
Certificate issuer: /CN=A9185B41/serialNumber=2521EDA46CD70B83972606D30D880D703495B8B3
Certificate serial: 0743
Authority key identifier: 25:21:ED:A4:6C:D7:0B:83:97:26:06:D3:0D:88:0D:70:34:95:B8:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSHtpGzXC4OXJgbTDYgNcDSVuLM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9185B41/A1EDCFFE679911EAB67B3484C4F9AE02/5042B970E25B11EA9E988045C4F9AE02.roa
Signing time: Sun 12 May 2024 21:00:00 +0000
ROA not before: Sun 12 May 2024 21:00:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137532
IP address blocks: 103.112.64.0/24 maxlen: 24
103.112.65.0/24 maxlen: 24
2405:e6c0::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9185B41/A1EDCFFE679911EAB67B3484C4F9AE02/JSHtpGzXC4OXJgbTDYgNcDSVuLM.crl
rsync://rpki.apnic.net/member_repository/A9185B41/A1EDCFFE679911EAB67B3484C4F9AE02/JSHtpGzXC4OXJgbTDYgNcDSVuLM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSHtpGzXC4OXJgbTDYgNcDSVuLM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 23 Apr 2025 19:34:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1859 (0x743)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9185B41, serialNumber=2521EDA46CD70B83972606D30D880D703495B8B3
Validity
Not Before: May 12 21:00:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66412dd0-7f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:7a:a5:66:06:84:8a:03:a3:ad:aa:58:34:48:
f1:8f:d7:a9:a1:ca:9d:d0:1f:3f:9b:50:05:b5:6f:
ba:bd:2a:80:c3:66:46:24:4e:39:6a:f1:94:62:b8:
83:0d:e2:b8:81:b6:9b:fd:57:a1:a7:47:e2:a2:5e:
1b:62:47:91:3a:be:80:c7:c3:ae:62:b2:63:ca:c2:
21:66:af:f9:6d:b3:04:62:54:81:76:0a:b1:ef:c4:
4c:ba:b6:4c:a2:26:21:3b:5d:63:51:0a:47:0c:58:
d1:52:04:b2:3b:c0:5b:5d:6a:36:c9:fd:fe:af:67:
76:84:20:8e:63:a0:e0:f2:75:64:c6:0a:3c:a0:ca:
ce:62:ba:a2:75:33:fb:ad:69:de:0e:d7:41:77:be:
20:61:5c:a3:a1:d2:02:11:05:9f:83:73:7b:92:7d:
52:b0:66:1c:53:40:16:d3:1a:dc:8d:89:b1:67:7e:
83:c5:3a:90:f9:23:cd:86:ca:e1:ed:52:7b:c8:ba:
ab:2d:33:12:5c:c3:4c:b6:8e:64:d1:f5:a1:ed:f3:
95:92:43:2c:62:a7:94:19:0a:62:70:37:5d:72:18:
21:c5:b3:a8:4e:be:5c:7e:3d:9f:69:e5:ad:3c:54:
86:c8:e1:bb:1e:f4:b4:af:5f:a7:bb:35:d8:22:75:
12:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:97:CB:D9:80:C7:80:26:73:EA:64:34:A9:C6:88:47:3D:96:F3:F3
X509v3 Authority Key Identifier:
keyid:25:21:ED:A4:6C:D7:0B:83:97:26:06:D3:0D:88:0D:70:34:95:B8:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9185B41/A1EDCFFE679911EAB67B3484C4F9AE02/JSHtpGzXC4OXJgbTDYgNcDSVuLM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JSHtpGzXC4OXJgbTDYgNcDSVuLM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185B41/A1EDCFFE679911EAB67B3484C4F9AE02/5042B970E25B11EA9E988045C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.64.0/23
IPv6:
2405:e6c0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:d7:93:f8:0b:90:43:2c:50:f5:21:80:94:8e:a4:9c:4d:15:
85:48:89:48:ad:c5:8d:47:d9:eb:f2:7b:c8:66:19:93:a8:c5:
c3:a6:b7:da:6d:fc:dd:17:46:a8:62:7e:ad:45:fa:2e:09:7d:
03:4a:f8:35:7d:a7:81:59:db:0d:b5:dc:2c:32:7b:98:7b:45:
34:be:63:a2:0c:f6:d9:4c:c2:47:80:90:97:a7:39:33:b7:89:
dc:90:53:36:44:26:c8:11:ce:81:61:36:07:19:3d:46:8d:ee:
c3:59:47:d3:50:94:53:28:e4:79:d5:0c:20:b9:53:a4:f2:2a:
05:e8:4a:22:39:19:14:2d:72:32:1c:a3:13:4d:54:eb:55:e6:
70:7c:22:72:3c:6b:f1:8c:8a:9c:8c:62:3e:90:06:5e:27:b6:
83:51:db:70:df:2e:5b:25:d1:a7:c9:d8:75:d9:09:e9:81:7a:
bf:fb:aa:5b:41:64:11:15:0f:5b:c2:7c:77:a9:eb:40:a3:eb:
2a:3f:56:59:c9:f5:60:5c:a7:c1:13:5d:34:4d:11:81:6c:0a:
8f:a7:7c:d9:29:1d:d8:b6:1c:22:bf:3c:c1:e9:04:af:f2:ac:
eb:ef:52:f9:e4:cf:b1:49:cf:c8:c3:78:f0:ff:9d:69:77:b6:
53:5a:f8:9b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICB0MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODVCNDExMTAvBgNVBAUTKDI1MjFFREE0NkNENzBCODM5NzI2MDZEMzBEODgwRDcw
MzQ5NUI4QjMwHhcNMjQwNTEyMjEwMDAwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQxMmRkMC03ZjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9HqlZgaEigOjrapYNEjxj9epocqd0B8/m1AFtW+6vSqAw2ZGJE45avGUYriD
DeK4gbab/Vehp0fiol4bYkeROr6Ax8OuYrJjysIhZq/5bbMEYlSBdgqx78RMurZM
oiYhO11jUQpHDFjRUgSyO8BbXWo2yf3+r2d2hCCOY6Dg8nVkxgo8oMrOYrqidTP7
rWneDtdBd74gYVyjodICEQWfg3N7kn1SsGYcU0AW0xrcjYmxZ36DxTqQ+SPNhsrh
7VJ7yLqrLTMSXMNMto5k0fWh7fOVkkMsYqeUGQpicDddchghxbOoTr5cfj2faeWt
PFSGyOG7HvS0r1+nuzXYInUS1QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMeXy9mA
x4Amc+pkNKnGiEc9lvPzMB8GA1UdIwQYMBaAFCUh7aRs1wuDlyYG0w2IDXA0lbiz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUI0MS9BMUVEQ0ZGRTY3
OTkxMUVBQjY3QjM0ODRDNEY5QUUwMi9KU0h0cEd6WEM0T1hKZ2JURFlnTmNEU1Z1
TE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pTSHRwR3pYQzRPWEpnYlREWWdOY0RTVnVMTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODVCNDEvQTFFRENGRkU2Nzk5MTFFQUI2N0IzNDg0QzRGOUFFMDIvNTA0MkI5NzBF
MjVCMTFFQTlFOTg4MDQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFncEAwDQQCAAIwBwMFACQF5sAwDQYJKoZIhvcNAQELBQAD
ggEBAE7Xk/gLkEMsUPUhgJSOpJxNFYVIiUitxY1H2evye8hmGZOoxcOmt9pt/N0X
Rqhifq1F+i4JfQNK+DV9p4FZ2w213Cwye5h7RTS+Y6IM9tlMwkeAkJenOTO3idyQ
UzZEJsgRzoFhNgcZPUaN7sNZR9NQlFMo5HnVDCC5U6TyKgXoSiI5GRQtcjIcoxNN
VOtV5nB8InI8a/GMipyMYj6QBl4ntoNR23DfLlsl0afJ2HXZCemBer/7qltBZBEV
D1vCfHep60Cj6yo/VlnJ9WBcp8ETXTRNEYFsCo+nfNkpHdi2HCK/PMHpBK/yrOvv
Uvnkz7FJz8jDePD/nWl3tlNa+Js=
-----END CERTIFICATE-----
Generated at Thu Apr 17 11:11:13 2025 by rpki-client