Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3843C1C8FA5411EFA4D3FD75C4F9AE02.roa
File: 3843C1C8FA5411EFA4D3FD75C4F9AE02.roa (raw, json)
Hash identifier: pY3M6nNBumH7rBoPkWOedPfAN2DlLXgId3Qamjs5vvA=
Subject key identifier: 1A:57:5F:0C:1C:31:57:45:A3:5E:0A:73:71:33:C9:66:56:3E:CD:6D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A946
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3843C1C8FA5411EFA4D3FD75C4F9AE02.roa
Signing time: Thu 06 Mar 2025 06:28:30 +0000
ROA not before: Thu 06 Mar 2025 06:28:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132960
IP address blocks: 45.115.172.0/22 maxlen: 24
103.96.48.0/22 maxlen: 24
103.224.184.0/22 maxlen: 24
2407:3780::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 22:26:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43334 (0xa946)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 6 06:28:30 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c9408e-6676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a1:8f:eb:7b:dc:f3:ae:4c:12:b8:3f:05:3d:
9c:3d:5a:a3:1e:58:9b:37:9f:7a:48:0b:c9:a9:ee:
de:1f:28:82:27:fb:d0:9f:10:7a:3f:19:89:0c:fa:
4f:c8:b9:ab:23:8e:2b:a6:4c:b3:55:4d:c9:e6:9d:
2f:94:25:2e:7c:0b:82:e4:05:21:06:92:4a:40:67:
39:7b:79:01:21:45:0f:7a:c3:0f:14:c4:92:b0:b0:
cc:31:f4:11:ad:28:c2:a1:99:51:4d:ff:ae:7d:08:
0b:bc:2a:7b:82:e8:bd:0b:4e:78:cb:ca:dd:5e:7f:
8d:0c:e9:31:a7:03:a2:2a:44:37:01:8e:bd:46:83:
23:5a:95:11:48:f0:94:fe:81:1e:17:b0:ab:ab:dc:
cf:e3:a2:d8:60:8d:c6:7f:7f:75:88:6e:22:ec:93:
52:8a:32:9c:9a:f2:d1:01:35:d9:8d:77:d0:19:b6:
4a:f8:e6:ee:27:f6:09:4b:19:a8:e2:7d:4f:5b:ec:
af:e7:94:66:84:91:63:e9:ec:49:83:0e:27:4c:88:
a6:6b:b8:55:53:41:cc:ce:a8:9f:70:59:fd:5f:ca:
0b:0f:13:69:ba:c7:c0:6c:b1:c2:cc:14:c4:1d:c2:
36:4f:fb:bf:93:56:b3:f1:ae:85:63:97:5a:41:5f:
c6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:57:5F:0C:1C:31:57:45:A3:5E:0A:73:71:33:C9:66:56:3E:CD:6D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3843C1C8FA5411EFA4D3FD75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.115.172.0/22
103.96.48.0/22
103.224.184.0/22
IPv6:
2407:3780::/32
Signature Algorithm: sha256WithRSAEncryption
b0:2a:7b:78:71:5b:ab:32:5e:f1:74:9c:fb:c4:15:18:48:3c:
4f:51:c7:b2:57:0e:96:7a:de:a6:a8:0a:22:4b:a6:bd:03:05:
3e:f1:a4:68:2c:4f:95:fd:be:e7:68:d2:fc:a7:8e:ac:c0:77:
1a:c1:ef:44:4a:2f:84:7e:07:1c:35:20:f9:81:e7:29:bd:47:
6f:32:cc:72:32:f3:38:31:cf:96:f7:9c:9d:b0:55:67:f6:8b:
3e:dc:61:15:65:7e:72:5a:c7:c2:c4:36:34:e9:5f:b2:63:e2:
45:01:3b:1e:c0:dc:c7:c9:1d:04:95:0b:8f:02:02:59:6e:60:
d1:b2:67:ea:ef:4d:0e:56:c6:3a:43:43:b4:91:a5:5d:59:aa:
fa:61:0e:d8:76:c6:91:35:98:26:9b:7e:ec:01:de:fa:1f:70:
3a:dd:3f:a4:dd:6c:78:3c:b7:ee:04:c5:e6:30:db:b6:8b:92:
06:e1:ca:39:59:ca:f6:07:56:ad:19:37:8e:e6:cb:52:9a:5d:
4c:12:0d:27:db:af:07:ff:8e:f6:8b:96:b0:77:cc:2d:18:4d:
8d:33:f4:9c:c0:82:f2:47:f5:25:83:b3:fe:e8:bf:f4:f2:ed:
27:82:a3:4d:a6:de:b8:58:96:31:ff:3a:63:69:0c:b0:a1:aa:
18:b5:9d:4b
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAKlGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMwNjA2MjgzMFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjOTQwOGUtNjY3NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuhj+t73POuTBK4PwU9nD1aox5YmzefekgLyanu3h8ogif70J8Qej8ZiQz6
T8i5qyOOK6ZMs1VNyeadL5QlLnwLguQFIQaSSkBnOXt5ASFFD3rDDxTEkrCwzDH0
Ea0owqGZUU3/rn0IC7wqe4LovQtOeMvK3V5/jQzpMacDoipENwGOvUaDI1qVEUjw
lP6BHhewq6vcz+Oi2GCNxn9/dYhuIuyTUooynJry0QE12Y130Bm2Svjm7if2CUsZ
qOJ9T1vsr+eUZoSRY+nsSYMOJ0yIpmu4VVNBzM6on3BZ/V/KCw8TabrHwGyxwswU
xB3CNk/7v5NWs/GuhWOXWkFfxhsCAwEAAaOCArAwggKsMB0GA1UdDgQWBBQaV18M
HDFXRaNeCnNxM8lmVj7NbTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM4NDNDMUM4
RkE1NDExRUZBNEQzRkQ3NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDoGCCsGAQUFBwEHAQH/
BCswKTAYBAIAATASAwQCLXOsAwQCZ2AwAwQCZ+C4MA0EAgACMAcDBQAkBzeAMA0G
CSqGSIb3DQEBCwUAA4IBAQCwKnt4cVurMl7xdJz7xBUYSDxPUceyVw6Wet6mqAoi
S6a9AwU+8aRoLE+V/b7naNL8p46swHcawe9ESi+EfgccNSD5gecpvUdvMsxyMvM4
Mc+W95ydsFVn9os+3GEVZX5yWsfCxDY06V+yY+JFATsewNzHyR0ElQuPAgJZbmDR
smfq700OVsY6Q0O0kaVdWar6YQ7YdsaRNZgmm37sAd76H3A63T+k3Wx4PLfuBMXm
MNu2i5IG4co5Wcr2B1atGTeO5stSml1MEg0n268H/472i5awd8wtGE2NM/ScwILy
R/Ulg7P+6L/08u0ngqNNpt64WJYx/zpjaQywoaoYtZ1L
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:56:28 2025 by rpki-client