Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91886E3/1247B860669211ED82BE7133C4F9AE02/61141C1671AC11EDAA89DE61C4F9AE02.roa
File: 61141C1671AC11EDAA89DE61C4F9AE02.roa (raw, json)
Hash identifier: Wx96a0pCwu7Is08OfwVpC7A3eb6MBe8Us9jhb4i3wps=
Subject key identifier: 4F:60:8B:71:83:DA:A9:08:3D:4C:5A:CF:10:F5:11:CC:59:74:F9:6A
Certificate issuer: /CN=A91886E3/serialNumber=BBABD3F16E100FD9C95D474884E4DA9CB6FA768D
Certificate serial: 0177
Authority key identifier: BB:AB:D3:F1:6E:10:0F:D9:C9:5D:47:48:84:E4:DA:9C:B6:FA:76:8D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u6vT8W4QD9nJXUdIhOTanLb6do0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91886E3/1247B860669211ED82BE7133C4F9AE02/61141C1671AC11EDAA89DE61C4F9AE02.roa
Signing time: Thu 07 Nov 2024 02:15:56 +0000
ROA not before: Thu 07 Nov 2024 02:15:56 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 59253
IP address blocks: 103.21.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91886E3/1247B860669211ED82BE7133C4F9AE02/u6vT8W4QD9nJXUdIhOTanLb6do0.crl
rsync://rpki.apnic.net/member_repository/A91886E3/1247B860669211ED82BE7133C4F9AE02/u6vT8W4QD9nJXUdIhOTanLb6do0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u6vT8W4QD9nJXUdIhOTanLb6do0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 01:57:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 375 (0x177)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91886E3, serialNumber=BBABD3F16E100FD9C95D474884E4DA9CB6FA768D
Validity
Not Before: Nov 7 02:15:56 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=672c22dc-e763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:50:33:79:34:75:e8:67:0d:aa:99:fc:89:40:
cc:01:ae:f2:f8:3d:fe:bb:10:72:cc:ad:41:f1:97:
f0:29:85:01:88:90:a1:a9:80:08:62:c4:8f:b6:33:
91:af:e0:97:d6:b2:7d:d3:4f:3b:4b:6f:ed:31:1c:
e6:a1:84:33:b5:05:ec:8a:c0:03:4a:7e:07:ab:33:
bf:a2:07:b0:26:6b:33:78:1b:e4:0d:9a:81:f6:3a:
3a:b8:1d:0c:b1:7d:eb:7e:28:b3:a2:5f:87:57:a4:
ab:dc:45:ec:ec:4c:1f:e9:8b:82:87:32:27:b4:1e:
23:49:2b:91:5a:65:1b:ce:2d:87:9b:66:07:13:15:
8f:1a:a0:0b:55:e4:3e:7a:7a:05:f5:d4:e0:f5:c3:
5e:e0:99:b5:fa:89:5a:e7:10:33:3f:4c:27:37:9b:
b5:4b:e6:89:9e:22:c6:27:5b:7d:40:f8:43:39:9b:
72:9f:4f:1d:c5:5b:73:ca:7c:1c:25:c2:8c:10:cc:
45:e8:fe:4c:0c:54:c9:f0:f4:5e:55:4a:f4:b3:5b:
5f:59:21:a6:55:56:23:0e:15:3b:28:fb:16:ed:d8:
57:92:e8:f2:17:ce:4a:58:d9:f4:05:35:90:1e:c0:
cf:19:28:97:3b:ef:46:4a:90:b4:13:ac:1e:a8:07:
cf:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:60:8B:71:83:DA:A9:08:3D:4C:5A:CF:10:F5:11:CC:59:74:F9:6A
X509v3 Authority Key Identifier:
keyid:BB:AB:D3:F1:6E:10:0F:D9:C9:5D:47:48:84:E4:DA:9C:B6:FA:76:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91886E3/1247B860669211ED82BE7133C4F9AE02/u6vT8W4QD9nJXUdIhOTanLb6do0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u6vT8W4QD9nJXUdIhOTanLb6do0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91886E3/1247B860669211ED82BE7133C4F9AE02/61141C1671AC11EDAA89DE61C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.21.221.0/24
Signature Algorithm: sha256WithRSAEncryption
90:e6:a9:c5:98:50:63:51:85:c6:27:df:a2:1e:19:4b:6e:c0:
6a:28:61:de:ae:7c:38:1e:54:d6:47:93:57:bb:2a:43:04:e7:
10:6d:11:f2:81:b4:fe:ec:86:d6:39:5d:04:29:91:02:0b:4e:
77:0a:3b:1d:3f:eb:49:42:cc:e9:53:e9:a4:31:6a:25:b7:8f:
d8:3d:2e:de:43:30:eb:7c:67:81:b4:6d:a0:3e:a5:73:2f:a9:
ab:f0:70:7a:e4:b1:fc:1f:5e:ef:33:83:96:f8:a6:08:50:92:
8e:49:16:c8:84:cf:f6:e8:cd:5c:fe:a5:2d:28:48:f4:6f:d3:
59:6b:cd:d6:6e:ec:d3:c0:9b:32:72:7a:70:8c:f3:7f:d5:b7:
ed:a4:c6:86:c6:bb:bc:83:23:e7:45:bd:1b:2e:15:5c:9c:a4:
98:45:b7:70:3a:5e:f9:91:6e:6b:84:2a:22:f4:1d:3d:b7:3f:
5d:0f:19:87:bc:c3:00:ec:a7:51:4c:d4:02:d2:b5:01:a1:60:
ec:0e:4d:db:f3:2a:51:77:3a:01:00:1c:53:98:60:6a:c2:31:
70:2f:fb:24:11:15:2f:69:93:7b:8c:8a:c9:5c:62:38:99:87:
f4:f2:f1:ed:55:e3:8d:18:43:87:26:04:a3:52:d7:7b:f6:d1:
4b:66:86:3a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAXcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODg2RTMxMTAvBgNVBAUTKEJCQUJEM0YxNkUxMDBGRDlDOTVENDc0ODg0RTREQTlD
QjZGQTc2OEQwHhcNMjQxMTA3MDIxNTU2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJjMjJkYy1lNzYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAolAzeTR16GcNqpn8iUDMAa7y+D3+uxByzK1B8ZfwKYUBiJChqYAIYsSPtjOR
r+CX1rJ90087S2/tMRzmoYQztQXsisADSn4HqzO/ogewJmszeBvkDZqB9jo6uB0M
sX3rfiizol+HV6Sr3EXs7Ewf6YuChzIntB4jSSuRWmUbzi2Hm2YHExWPGqALVeQ+
enoF9dTg9cNe4Jm1+ola5xAzP0wnN5u1S+aJniLGJ1t9QPhDOZtyn08dxVtzynwc
JcKMEMxF6P5MDFTJ8PReVUr0s1tfWSGmVVYjDhU7KPsW7dhXkujyF85KWNn0BTWQ
HsDPGSiXO+9GSpC0E6weqAfPswIDAQABo4IClTCCApEwHQYDVR0OBBYEFE9gi3GD
2qkIPUxazxD1EcxZdPlqMB8GA1UdIwQYMBaAFLur0/FuEA/ZyV1HSITk2py2+naN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4ODZFMy8xMjQ3Qjg2MDY2
OTIxMUVEODJCRTcxMzNDNEY5QUUwMi91NnZUOFc0UUQ5bkpYVWRJaE9UYW5MYjZk
bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3U2dlQ4VzRRRDluSlhVZEloT1RhbkxiNmRvMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODg2RTMvMTI0N0I4NjA2NjkyMTFFRDgyQkU3MTMzQzRGOUFFMDIvNjExNDFDMTY3
MUFDMTFFREFBODlERTYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnFd0wDQYJKoZIhvcNAQELBQADggEBAJDmqcWYUGNRhcYn
36IeGUtuwGooYd6ufDgeVNZHk1e7KkME5xBtEfKBtP7shtY5XQQpkQILTncKOx0/
60lCzOlT6aQxaiW3j9g9Lt5DMOt8Z4G0baA+pXMvqavwcHrksfwfXu8zg5b4pghQ
ko5JFsiEz/bozVz+pS0oSPRv01lrzdZu7NPAmzJyenCM83/Vt+2kxobGu7yDI+dF
vRsuFVycpJhFt3A6XvmRbmuEKiL0HT23P10PGYe8wwDsp1FM1ALStQGhYOwOTdvz
KlF3OgEAHFOYYGrCMXAv+yQRFS9pk3uMislcYjiZh/Ty8e1V440YQ4cmBKNS13v2
0Utmhjo=
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:21:10 2025 by rpki-client