Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/DCF1073E26B211E9B0DD0155C4F9AE02.roa
File: DCF1073E26B211E9B0DD0155C4F9AE02.roa (raw, json)
Hash identifier: c/srnZIsH3NNTNRc/nGdxh//V7+M+xfvwY4cIz74cKM=
Subject key identifier: 6F:C0:2B:C4:D3:C2:C3:2E:E4:92:3E:A5:7B:7A:10:9E:7E:1C:9A:30
Certificate issuer: /CN=A91912DD/serialNumber=DAE7508D11E47228DA1FE0032597BBD29F75890C
Certificate serial: 1667
Authority key identifier: DA:E7:50:8D:11:E4:72:28:DA:1F:E0:03:25:97:BB:D2:9F:75:89:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2udQjRHkcijaH-ADJZe70p91iQw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/DCF1073E26B211E9B0DD0155C4F9AE02.roa
Signing time: Wed 08 Jan 2025 17:04:47 +0000
ROA not before: Wed 08 Jan 2025 17:04:47 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 17804
IP address blocks: 103.26.103.0/24 maxlen: 24
103.82.56.0/22 maxlen: 22
103.228.101.0/24 maxlen: 24
2400:81c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/2udQjRHkcijaH-ADJZe70p91iQw.crl
rsync://rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/2udQjRHkcijaH-ADJZe70p91iQw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2udQjRHkcijaH-ADJZe70p91iQw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 16:38:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5735 (0x1667)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91912DD, serialNumber=DAE7508D11E47228DA1FE0032597BBD29F75890C
Validity
Not Before: Jan 8 17:04:47 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677eb02f-61b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f3:97:62:35:fd:89:fa:37:42:ba:ad:0c:58:
91:62:4b:8c:96:df:d5:e2:02:9a:0d:45:01:04:2e:
05:f6:0c:80:92:56:f4:1f:b8:fa:52:ca:85:21:10:
f9:f0:da:ee:b5:c2:43:56:3a:79:fd:f5:84:35:77:
3a:b8:7d:04:0f:fd:fc:6c:22:c3:b2:47:b0:ad:2b:
e9:44:dd:c2:36:32:ca:8c:7f:3f:95:63:53:a4:94:
96:41:c2:af:65:b8:f8:8a:e5:01:b8:bc:a6:23:f7:
ca:54:75:b4:1f:a1:d0:fd:6f:e7:c2:28:5f:b3:11:
32:3d:8a:09:4f:d6:fb:26:7c:14:27:16:06:a6:11:
33:05:a3:14:85:45:3f:09:15:a2:d2:a5:69:28:a8:
eb:82:8a:e6:9d:6e:b3:dd:09:34:d0:bc:db:6d:2d:
20:65:45:9e:ff:fb:5c:88:63:57:bc:14:d4:52:de:
71:ec:a9:1d:1d:0d:c0:7d:8f:74:e0:f2:d4:5d:89:
b4:37:0f:6b:f5:f4:79:27:b1:c2:fc:63:6f:e4:7e:
7f:85:cc:e9:4d:fe:d8:94:80:73:91:da:82:4c:58:
9e:52:da:c8:3d:2b:8d:82:1f:7d:27:38:de:35:a5:
06:6d:da:98:cd:d8:96:3b:ff:c1:fc:11:0a:cc:da:
8c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C0:2B:C4:D3:C2:C3:2E:E4:92:3E:A5:7B:7A:10:9E:7E:1C:9A:30
X509v3 Authority Key Identifier:
keyid:DA:E7:50:8D:11:E4:72:28:DA:1F:E0:03:25:97:BB:D2:9F:75:89:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/2udQjRHkcijaH-ADJZe70p91iQw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2udQjRHkcijaH-ADJZe70p91iQw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/DCF1073E26B211E9B0DD0155C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.26.103.0/24
103.82.56.0/22
103.228.101.0/24
IPv6:
2400:81c0::/32
Signature Algorithm: sha256WithRSAEncryption
16:9e:55:36:f0:b0:9a:e0:08:36:63:41:55:d2:66:b5:9b:0d:
02:43:65:0f:cd:bc:56:0c:1b:f5:9f:7a:dc:11:d1:65:85:b0:
f1:6f:c8:6b:e8:a7:dd:dc:38:de:78:6d:54:99:57:51:0f:4e:
3d:32:f7:c5:ac:78:f0:55:e9:1b:6e:09:57:17:6a:c2:0f:15:
82:75:f9:5b:f1:42:5a:89:aa:7b:91:0c:f5:f9:15:99:f6:83:
9a:92:07:55:af:f8:18:8c:f2:2b:a9:36:29:90:f0:20:18:c4:
b5:e8:06:cb:9c:a1:c8:d0:40:79:65:f3:d8:18:55:7d:93:66:
1b:42:81:95:b9:97:61:7e:83:be:a3:86:69:43:c9:07:5d:8e:
0e:a5:f3:cf:e0:f3:1c:3f:91:bd:44:09:12:c4:b0:b0:4b:79:
65:0d:a1:ac:0c:75:c9:94:eb:8c:d9:8b:f4:5b:42:e4:b5:2c:
79:75:39:be:70:a5:53:b8:0c:e9:c7:d4:7d:c6:bf:94:c1:17:
8a:3c:2e:4b:b2:94:e2:7a:5f:76:6b:d0:53:fb:aa:bb:01:2e:
7a:04:4b:71:93:7a:ff:95:1a:b9:f9:e8:31:b9:f5:b9:71:a6:
07:3a:d5:02:fd:0a:23:07:54:45:70:b2:f6:9e:56:74:9b:35:
b7:76:f1:dd
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICFmcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTEyREQxMTAvBgNVBAUTKERBRTc1MDhEMTFFNDcyMjhEQTFGRTAwMzI1OTdCQkQy
OUY3NTg5MEMwHhcNMjUwMTA4MTcwNDQ3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdlYjAyZi02MWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArPOXYjX9ifo3QrqtDFiRYkuMlt/V4gKaDUUBBC4F9gyAklb0H7j6UsqFIRD5
8NrutcJDVjp5/fWENXc6uH0ED/38bCLDskewrSvpRN3CNjLKjH8/lWNTpJSWQcKv
Zbj4iuUBuLymI/fKVHW0H6HQ/W/nwihfsxEyPYoJT9b7JnwUJxYGphEzBaMUhUU/
CRWi0qVpKKjrgormnW6z3Qk00LzbbS0gZUWe//tciGNXvBTUUt5x7KkdHQ3AfY90
4PLUXYm0Nw9r9fR5J7HC/GNv5H5/hczpTf7YlIBzkdqCTFieUtrIPSuNgh99Jzje
NaUGbdqYzdiWO//B/BEKzNqM0wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFG/AK8TT
wsMu5JI+pXt6EJ5+HJowMB8GA1UdIwQYMBaAFNrnUI0R5HIo2h/gAyWXu9KfdYkM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTJERC80NjI4QkVDNDAw
RDgxMUU4OTA2MTA2MzdDNEY5QUUwMi8ydWRRalJIa2NpamFILUFESlplNzBwOTFp
UXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJ1ZFFqUkhrY2lqYUgtQURKWmU3MHA5MWlRdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTEyREQvNDYyOEJFQzQwMEQ4MTFFODkwNjEwNjM3QzRGOUFFMDIvRENGMTA3M0Uy
NkIyMTFFOUIwREQwMTU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBABnGmcDBAJnUjgDBABn5GUwDQQCAAIwBwMFACQAgcAwDQYJ
KoZIhvcNAQELBQADggEBABaeVTbwsJrgCDZjQVXSZrWbDQJDZQ/NvFYMG/WfetwR
0WWFsPFvyGvop93cON54bVSZV1EPTj0y98WsePBV6RtuCVcXasIPFYJ1+VvxQlqJ
qnuRDPX5FZn2g5qSB1Wv+BiM8iupNimQ8CAYxLXoBsucocjQQHll89gYVX2TZhtC
gZW5l2F+g76jhmlDyQddjg6l88/g8xw/kb1ECRLEsLBLeWUNoawMdcmU64zZi/Rb
QuS1LHl1Ob5wpVO4DOnH1H3Gv5TBF4o8LkuylOJ6X3Zr0FP7qrsBLnoES3GTev+V
Grn56DG59blxpgc61QL9CiMHVEVwsvaeVnSbNbd28d0=
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:46:05 2025 by rpki-client