Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7CF1675CB8F711E9B9C8D587C4F9AE02.roa
File: 7CF1675CB8F711E9B9C8D587C4F9AE02.roa (raw, json)
Hash identifier: b6UoBOf3HVoBw2XMrxkFW+8zlHhPu6YXdG+m5I1yoJ8=
Subject key identifier: 16:EB:64:75:D3:52:D5:4B:13:E6:E0:63:D5:0B:19:B4:72:18:D7:9F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A997
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7CF1675CB8F711E9B9C8D587C4F9AE02.roa
Signing time: Mon 10 Mar 2025 07:40:38 +0000
ROA not before: Mon 10 Mar 2025 07:40:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 131262
IP address blocks: 103.79.220.0/22 maxlen: 24
202.191.64.0/22 maxlen: 22
202.191.64.0/24 maxlen: 24
202.191.65.0/24 maxlen: 24
202.191.66.0/24 maxlen: 24
202.191.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 22:26:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43415 (0xa997)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 10 07:40:38 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67ce9775-6409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d2:50:80:f7:e6:19:78:1e:7e:a2:63:c4:5d:
72:bb:d8:a4:3a:53:94:4e:92:3e:7d:a7:31:97:9e:
ca:21:32:a9:45:a2:86:10:bf:a9:bf:4e:0a:75:1d:
33:cb:4e:12:01:ce:6c:10:a8:d8:dd:77:84:82:58:
12:18:d1:d9:d1:89:be:7b:d5:c1:84:ed:33:e6:10:
88:5d:5a:45:70:b6:ca:37:c5:b6:d8:8b:71:c4:9b:
a7:0c:ae:c1:0a:22:e6:a6:44:27:fa:a4:e8:95:24:
df:5b:8d:d6:af:03:d1:62:81:a7:44:5d:cb:cb:33:
ca:e2:88:db:f9:44:9e:13:e1:1d:07:b0:37:b5:d6:
d0:f5:75:1b:0a:bb:b4:f1:ce:62:a7:f9:38:68:3d:
57:69:41:89:2d:d3:ae:ce:ef:fb:9d:6b:eb:e3:9e:
92:d1:d8:d2:5e:0a:69:0c:93:e7:e7:9a:28:11:3d:
4f:83:a3:fb:dd:45:86:8e:83:6d:b0:1c:4d:8d:d5:
14:7c:10:53:a1:0d:bb:6f:10:78:b7:23:c1:b8:f3:
76:0d:36:18:49:a7:d9:97:95:e0:4d:df:50:22:3f:
3a:70:ab:1e:18:96:4e:0e:21:b3:b5:0b:02:05:07:
82:d6:a4:c3:cb:55:ea:94:46:a5:c1:7f:fd:1f:36:
fc:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:EB:64:75:D3:52:D5:4B:13:E6:E0:63:D5:0B:19:B4:72:18:D7:9F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7CF1675CB8F711E9B9C8D587C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.220.0/22
202.191.64.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:7a:64:14:50:6d:54:8b:c0:5f:0c:88:83:96:78:61:34:2b:
9b:c0:f0:31:de:3a:89:d3:8b:18:7d:2e:98:00:74:a2:03:62:
7d:55:40:e9:47:74:0a:ab:cf:bf:0d:ef:40:e1:47:e1:da:1c:
76:0e:8f:a9:17:25:6a:9e:a1:46:9c:99:c3:d9:7f:8b:7c:0f:
8b:ba:72:98:04:f7:2e:10:2d:fa:f2:14:da:e3:75:38:0f:fe:
ad:a4:6b:cb:eb:2c:92:ae:db:29:66:6f:2b:ab:5a:ad:82:7b:
09:9d:9c:f9:60:34:f9:d6:fa:c5:c7:47:83:e7:a2:6e:f4:1a:
80:2e:13:9f:c1:5c:94:e7:fd:02:28:db:98:2a:9c:e5:ec:9e:
cf:3b:a0:13:13:9e:17:6e:5e:06:1a:4e:bd:86:32:d0:d7:0f:
95:50:54:08:be:40:69:16:03:a2:45:63:dc:31:bb:21:c1:6a:
5a:43:7c:e0:ae:c3:89:d3:46:b5:cd:2c:d2:41:5f:5a:a0:fc:
d3:e9:df:f4:a2:07:a9:5c:57:ba:c5:95:2c:ac:02:af:bb:91:
55:b9:2a:a3:68:af:08:56:1a:ab:1b:29:29:6c:74:d9:99:ba:
5d:39:55:4d:30:cd:dc:60:db:73:56:67:ae:1e:8c:92:72:36:
8b:15:73:4d
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAKmXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMxMDA3NDAzOFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjZTk3NzUtNjQwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPSUID35hl4Hn6iY8RdcrvYpDpTlE6SPn2nMZeeyiEyqUWihhC/qb9OCnUd
M8tOEgHObBCo2N13hIJYEhjR2dGJvnvVwYTtM+YQiF1aRXC2yjfFttiLccSbpwyu
wQoi5qZEJ/qk6JUk31uN1q8D0WKBp0Rdy8szyuKI2/lEnhPhHQewN7XW0PV1Gwq7
tPHOYqf5OGg9V2lBiS3Trs7v+51r6+OektHY0l4KaQyT5+eaKBE9T4Oj+91Fho6D
bbAcTY3VFHwQU6ENu28QeLcjwbjzdg02GEmn2ZeV4E3fUCI/OnCrHhiWTg4hs7UL
AgUHgtakw8tV6pRGpcF//R82/HkCAwEAAaOCApswggKXMB0GA1UdDgQWBBQW62R1
01LVSxPm4GPVCxm0chjXnzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzdDRjE2NzVD
QjhGNzExRTlCOUM4RDU4N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQCZ0/cAwQCyr9AMA0GCSqGSIb3DQEBCwUAA4IBAQCKemQU
UG1Ui8BfDIiDlnhhNCubwPAx3jqJ04sYfS6YAHSiA2J9VUDpR3QKq8+/De9A4Ufh
2hx2Do+pFyVqnqFGnJnD2X+LfA+LunKYBPcuEC368hTa43U4D/6tpGvL6yySrtsp
Zm8rq1qtgnsJnZz5YDT51vrFx0eD56Ju9BqALhOfwVyU5/0CKNuYKpzl7J7PO6AT
E54Xbl4GGk69hjLQ1w+VUFQIvkBpFgOiRWPcMbshwWpaQ3zgrsOJ00a1zSzSQV9a
oPzT6d/0ogepXFe6xZUsrAKvu5FVuSqjaK8IVhqrGykpbHTZmbpdOVVNMM3cYNtz
VmeuHoyScjaLFXNN
-----END CERTIFICATE-----
Generated at Thu Apr 10 21:15:14 2025 by rpki-client