Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1D0686E6B0A511EFB44A6330C4F9AE02.roa
File: 1D0686E6B0A511EFB44A6330C4F9AE02.roa (raw, json)
Hash identifier: EGHJnr2FQ4okFFgibAhPuPQE+2Qap/yahIdSklOYoBw=
Subject key identifier: D6:EA:63:54:53:2E:CC:C4:0B:0C:EF:09:EC:F0:0E:A8:AB:D0:7D:7E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A28E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1D0686E6B0A511EFB44A6330C4F9AE02.roa
Signing time: Mon 13 Jan 2025 10:37:07 +0000
ROA not before: Mon 13 Jan 2025 10:37:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9830
IP address blocks: 103.21.67.0/24 maxlen: 24
103.60.198.0/24 maxlen: 24
103.60.199.0/24 maxlen: 24
103.169.167.0/24 maxlen: 24
103.170.20.0/24 maxlen: 24
103.239.64.0/23 maxlen: 24
202.91.64.0/24 maxlen: 24
202.91.65.0/24 maxlen: 24
202.91.66.0/24 maxlen: 24
202.91.67.0/24 maxlen: 24
202.91.68.0/24 maxlen: 24
202.91.69.0/24 maxlen: 24
202.91.70.0/24 maxlen: 24
202.91.71.0/24 maxlen: 24
202.91.72.0/24 maxlen: 24
202.91.73.0/24 maxlen: 24
202.91.74.0/24 maxlen: 24
202.91.75.0/24 maxlen: 24
202.91.76.0/24 maxlen: 24
202.91.77.0/24 maxlen: 24
202.91.78.0/24 maxlen: 24
202.91.79.0/24 maxlen: 24
202.91.80.0/24 maxlen: 24
202.91.81.0/24 maxlen: 24
202.91.82.0/24 maxlen: 24
202.91.83.0/24 maxlen: 24
202.91.84.0/24 maxlen: 24
202.91.85.0/24 maxlen: 24
202.91.86.0/24 maxlen: 24
202.91.87.0/24 maxlen: 24
202.91.88.0/24 maxlen: 24
202.91.89.0/24 maxlen: 24
202.91.90.0/24 maxlen: 24
202.91.91.0/24 maxlen: 24
202.91.92.0/24 maxlen: 24
202.91.93.0/24 maxlen: 24
202.91.94.0/24 maxlen: 24
202.91.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Apr 2025 15:28:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41614 (0xa28e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 13 10:37:07 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6784ecd2-f2a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0e:a6:5a:45:58:c7:18:11:18:25:30:21:cb:
03:3d:98:d0:dc:b5:bf:77:a5:80:15:e2:fb:fd:b5:
32:78:fb:eb:bb:cf:e7:4c:e8:7d:c9:9d:d0:f8:59:
95:96:1a:14:bc:d5:e0:1a:df:e1:63:fd:89:9a:40:
d5:82:a4:bc:dc:08:3b:9a:ed:43:6c:f1:a4:4d:1a:
26:05:61:cb:68:d7:27:ae:b6:39:a2:a1:7e:f7:4b:
57:57:3d:cb:55:c7:eb:5a:e4:63:a1:33:e8:29:8a:
ab:77:a1:2b:90:31:03:1f:32:b1:b3:37:e0:a4:bb:
65:60:1f:bb:13:fa:e2:11:4b:3f:6f:04:14:42:b3:
f1:36:08:ee:96:b2:33:d0:d5:e1:bd:18:3e:19:07:
19:de:c6:73:35:5b:4b:e8:64:e9:a4:50:10:06:cb:
dc:62:72:0a:8d:fe:f3:45:f9:79:15:6c:48:f0:5d:
e2:de:21:01:2b:1f:c0:46:97:49:0a:d7:d6:6b:37:
06:07:07:6a:25:42:5a:ed:bd:bb:fe:bc:3c:60:71:
8e:41:8e:43:78:5f:8e:5c:53:fb:9d:9d:b3:c5:1a:
31:ac:20:e4:80:93:cc:a7:7a:b2:86:7f:81:c6:40:
e0:f4:8a:95:50:0f:0b:f7:a1:1c:9b:56:95:be:21:
4d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:EA:63:54:53:2E:CC:C4:0B:0C:EF:09:EC:F0:0E:A8:AB:D0:7D:7E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1D0686E6B0A511EFB44A6330C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.21.67.0/24
103.60.198.0/23
103.169.167.0/24
103.170.20.0/24
103.239.64.0/23
202.91.64.0/19
Signature Algorithm: sha256WithRSAEncryption
b0:8e:74:c4:55:b8:0b:1f:73:e7:8e:11:eb:3f:7e:89:05:32:
1a:df:4e:fe:1c:70:93:41:35:f8:cc:e2:ee:fe:91:83:be:f1:
f2:f2:f9:d8:3d:be:b9:2f:15:ae:2a:36:1d:f8:67:88:9c:76:
46:da:c6:6b:a7:4e:ca:f2:cf:0d:a1:ec:02:cb:87:75:9a:2e:
5f:d7:46:58:63:e7:2a:23:73:3f:5d:59:64:79:a5:b6:1a:31:
d2:20:fc:2f:3b:12:c6:db:e6:b0:d2:e5:c5:5a:87:94:4c:c9:
aa:57:d2:e1:59:96:8d:a0:77:59:4a:11:1c:f6:9a:3b:c4:17:
9b:22:11:d7:c4:d8:a5:5a:3a:0e:77:bf:ac:e2:61:3f:3a:49:
1d:5b:50:db:84:76:20:b1:4d:ef:49:8e:01:f8:ab:62:6a:15:
3d:4f:6d:f0:2f:b0:2d:14:e6:53:c7:48:fc:e3:f1:71:9c:ee:
68:4d:92:42:93:7a:0b:c3:fc:23:c6:ab:80:bc:62:84:29:49:
84:24:57:04:d6:7c:d2:23:7d:f9:70:dd:c2:59:f0:b6:1f:ad:
e8:54:91:e6:82:1c:bb:9f:a1:f3:4b:84:9b:16:26:d0:98:7e:
36:51:54:fb:08:ce:12:3c:d1:a6:ed:93:c6:5c:79:7c:56:88:
dc:77:c6:e1
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAKKOMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDExMzEwMzcwN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc4NGVjZDItZjJhNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALgOplpFWMcYERglMCHLAz2Y0Ny1v3elgBXi+/21Mnj767vP50zofcmd0PhZ
lZYaFLzV4Brf4WP9iZpA1YKkvNwIO5rtQ2zxpE0aJgVhy2jXJ662OaKhfvdLV1c9
y1XH61rkY6Ez6CmKq3ehK5AxAx8ysbM34KS7ZWAfuxP64hFLP28EFEKz8TYI7pay
M9DV4b0YPhkHGd7GczVbS+hk6aRQEAbL3GJyCo3+80X5eRVsSPBd4t4hASsfwEaX
SQrX1ms3BgcHaiVCWu29u/68PGBxjkGOQ3hfjlxT+52ds8UaMawg5ICTzKd6soZ/
gcZA4PSKlVAPC/ehHJtWlb4hTRsCAwEAAaOCArMwggKvMB0GA1UdDgQWBBTW6mNU
Uy7MxAsM7wns8A6oq9B9fjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzFEMDY4NkU2
QjBBNTExRUZCNDRBNjMzMEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMD0GCCsGAQUFBwEHAQH/
BC4wLDAqBAIAATAkAwQAZxVDAwQBZzzGAwQAZ6mnAwQAZ6oUAwQBZ+9AAwQFyltA
MA0GCSqGSIb3DQEBCwUAA4IBAQCwjnTEVbgLH3PnjhHrP36JBTIa307+HHCTQTX4
zOLu/pGDvvHy8vnYPb65LxWuKjYd+GeInHZG2sZrp07K8s8NoewCy4d1mi5f10ZY
Y+cqI3M/XVlkeaW2GjHSIPwvOxLG2+aw0uXFWoeUTMmqV9LhWZaNoHdZShEc9po7
xBebIhHXxNilWjoOd7+s4mE/OkkdW1DbhHYgsU3vSY4B+KtiahU9T23wL7AtFOZT
x0j84/FxnO5oTZJCk3oLw/wjxquAvGKEKUmEJFcE1nzSI335cN3CWfC2H63oVJHm
ghy7n6HzS4SbFibQmH42UVT7CM4SPNGm7ZPGXHl8Vojcd8bh
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:35 2025 by rpki-client