Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A64BEEAE22611EFB2F11E4CC4F9AE02.roa
File: 2A64BEEAE22611EFB2F11E4CC4F9AE02.roa (raw, json)
Hash identifier: n/qwSiWd91RSqELMY+UBNLwCHnLex2KrFBrdG3kE61M=
Subject key identifier: 4D:25:20:F4:39:C8:25:AD:D2:DF:20:24:63:DF:22:3E:7F:9D:92:4B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A499
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A64BEEAE22611EFB2F11E4CC4F9AE02.roa
Signing time: Mon 03 Feb 2025 11:58:22 +0000
ROA not before: Mon 03 Feb 2025 11:58:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138738
IP address blocks: 103.70.156.0/22 maxlen: 22
103.70.156.0/24 maxlen: 24
103.70.157.0/24 maxlen: 24
103.70.158.0/24 maxlen: 24
103.70.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 14 Apr 2025 09:21:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42137 (0xa499)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 3 11:58:22 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a0af5e-1428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:53:3b:24:fb:59:b5:f9:16:33:6a:e6:b1:e1:
ef:44:21:b8:5a:ec:4a:98:6f:f5:35:62:a4:45:5e:
37:76:23:2d:55:ab:4f:b2:a9:e7:8a:2e:a5:32:c6:
46:3f:ab:40:99:05:ca:b1:d0:50:4c:4a:38:d2:be:
6d:71:d0:8a:87:be:ff:34:59:47:7b:ee:27:b7:76:
53:b0:71:10:e7:e4:0c:bb:f0:8a:88:c6:72:a1:3d:
3b:47:30:99:4c:4d:be:8e:22:c5:fc:5c:ed:3a:6b:
4d:84:3e:30:a9:37:7a:c0:b0:ab:c1:0c:bd:c8:a4:
08:bb:94:c8:8b:08:9d:fd:e7:b1:ae:2b:fd:84:ba:
81:c4:bd:3e:ee:84:f8:1d:15:14:e3:32:f2:27:1d:
c0:dd:03:16:e9:78:e9:81:f6:39:b8:dd:cc:2f:a9:
d8:26:32:74:7c:eb:43:d4:48:60:f6:0d:6e:c8:1f:
c7:91:7e:e1:e7:58:9c:5e:98:32:10:29:ba:08:c4:
18:8f:60:b7:13:81:0a:e7:52:cc:68:f5:3d:ab:38:
04:82:7c:56:fb:13:aa:c7:56:c6:08:41:98:b2:06:
5c:cf:e6:08:48:07:39:08:21:5f:41:96:b7:3a:86:
8d:b8:15:0a:ce:2c:a7:f5:38:2c:fe:28:79:e5:0a:
79:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:25:20:F4:39:C8:25:AD:D2:DF:20:24:63:DF:22:3E:7F:9D:92:4B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A64BEEAE22611EFB2F11E4CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.70.156.0/22
Signature Algorithm: sha256WithRSAEncryption
45:0c:dc:03:a0:94:54:3f:99:c9:75:3d:bb:39:b7:66:32:8d:
ae:85:96:b4:9d:0f:6e:cc:2c:ad:8e:c5:d6:92:1a:e8:8f:61:
b8:1b:92:f9:a5:dd:85:b1:15:16:4f:2a:e3:2d:37:f7:66:b7:
27:2d:d3:37:5c:cc:59:6d:c4:e3:c5:96:78:d1:f6:6b:ae:1b:
b2:e0:65:d2:da:d6:12:33:0f:80:af:b6:fb:cc:9d:3e:6d:f3:
e0:8f:cc:c3:c8:af:68:b2:b2:d4:ac:09:83:17:59:46:f0:2e:
cc:95:d1:37:72:ed:e3:d9:94:af:af:1b:e4:d2:0a:38:ff:a3:
63:c0:1d:29:39:15:50:b4:44:c4:57:c6:4f:d9:ea:cb:a3:21:
cb:2b:23:7c:0d:e2:5e:75:a5:b6:ea:17:1f:45:fa:1a:12:a6:
6b:fe:d1:99:fd:fc:92:f5:a2:81:bb:fc:db:22:92:2e:3f:04:
04:10:4c:7b:d3:ac:71:20:06:f9:a7:3d:2f:ca:06:15:48:ca:
f0:c3:bb:3c:1e:de:00:39:ee:6c:db:38:9f:b3:6e:92:e9:e8:
5b:2a:36:bd:f0:a2:35:33:c7:b7:67:9e:85:b6:96:2c:d9:40:
8f:22:23:88:c5:68:85:6f:22:dc:99:5b:94:f3:c1:0a:72:14:
72:97:57:e8
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAKSZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIwMzExNTgyMloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdhMGFmNWUtMTQyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO9TOyT7WbX5FjNq5rHh70QhuFrsSphv9TVipEVeN3YjLVWrT7Kp54oupTLG
Rj+rQJkFyrHQUExKONK+bXHQioe+/zRZR3vuJ7d2U7BxEOfkDLvwiojGcqE9O0cw
mUxNvo4ixfxc7TprTYQ+MKk3esCwq8EMvcikCLuUyIsInf3nsa4r/YS6gcS9Pu6E
+B0VFOMy8icdwN0DFul46YH2ObjdzC+p2CYydHzrQ9RIYPYNbsgfx5F+4edYnF6Y
MhApugjEGI9gtxOBCudSzGj1Pas4BIJ8VvsTqsdWxghBmLIGXM/mCEgHOQghX0GW
tzqGjbgVCs4sp/U4LP4oeeUKeTsCAwEAAaOCApUwggKRMB0GA1UdDgQWBBRNJSD0
OcglrdLfICRj3yI+f52SSzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJBNjRCRUVB
RTIyNjExRUZCMkYxMUU0Q0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQCZ0acMA0GCSqGSIb3DQEBCwUAA4IBAQBFDNwDoJRUP5nJ
dT27ObdmMo2uhZa0nQ9uzCytjsXWkhroj2G4G5L5pd2FsRUWTyrjLTf3ZrcnLdM3
XMxZbcTjxZZ40fZrrhuy4GXS2tYSMw+Ar7b7zJ0+bfPgj8zDyK9osrLUrAmDF1lG
8C7MldE3cu3j2ZSvrxvk0go4/6NjwB0pORVQtETEV8ZP2erLoyHLKyN8DeJedaW2
6hcfRfoaEqZr/tGZ/fyS9aKBu/zbIpIuPwQEEEx706xxIAb5pz0vygYVSMrww7s8
Ht4AOe5s2zifs26S6ehbKja98KI1M8e3Z56FtpYs2UCPIiOIxWiFbyLcmVuU88EK
chRyl1fo
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:40:55 2025 by rpki-client