Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/D9C523A0B05A11EAA233021EC4F9AE02.roa
File: D9C523A0B05A11EAA233021EC4F9AE02.roa (raw, json)
Hash identifier: plSH71jqFHiqVOcppEgGivQOT8E3EqzsKsifhjqPdW8=
Subject key identifier: 8F:27:47:FA:F2:F1:64:C7:6C:06:78:47:AE:BE:BA:1E:3B:65:AA:30
Certificate issuer: /CN=A9193037/serialNumber=CA955914F98B2FC916A4512DA72AB75A11C52BD0
Certificate serial: 08DB
Authority key identifier: CA:95:59:14:F9:8B:2F:C9:16:A4:51:2D:A7:2A:B7:5A:11:C5:2B:D0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypVZFPmLL8kWpFEtpyq3WhHFK9A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/D9C523A0B05A11EAA233021EC4F9AE02.roa
Signing time: Thu 20 Mar 2025 20:30:56 +0000
ROA not before: Thu 20 Mar 2025 20:30:56 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 38473
IP address blocks: 202.20.102.0/24 maxlen: 24
202.20.103.0/24 maxlen: 24
202.20.104.0/24 maxlen: 24
2001:df0:77::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/ypVZFPmLL8kWpFEtpyq3WhHFK9A.crl
rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/ypVZFPmLL8kWpFEtpyq3WhHFK9A.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypVZFPmLL8kWpFEtpyq3WhHFK9A.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 20:17:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2267 (0x8db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9193037
Validity
Not Before: Mar 20 20:30:56 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67dc7b00-85a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cb:91:25:25:17:3e:5a:f2:44:aa:df:58:84:
13:2e:ee:ca:bc:63:65:7f:3e:1d:0d:85:a0:7e:b2:
c3:97:0f:33:f6:f5:d5:f0:b2:d6:90:6d:89:6c:66:
73:5b:9c:80:ef:3c:b8:33:d8:28:f6:ba:de:ac:8f:
e0:19:ae:d7:90:46:2b:af:61:36:0f:e6:3e:72:da:
79:c3:4a:79:cd:b1:4c:d2:6d:27:1e:66:1a:93:b9:
79:2c:24:62:d0:31:19:9d:61:45:4e:71:58:e5:8c:
ee:9c:75:43:b3:b8:aa:0a:f3:bb:aa:1c:31:29:31:
25:af:c1:21:93:20:18:27:b8:27:06:2d:c1:89:21:
34:8a:00:99:10:75:c4:5a:49:fb:97:ca:a4:4a:21:
e1:3d:6a:92:bd:31:8b:25:f6:27:93:e4:c2:63:a3:
1a:9f:b0:4b:93:ae:4b:67:0e:36:8c:cf:ef:45:28:
1b:2a:5c:6c:1e:ae:45:ec:85:14:2e:9b:dc:f3:e2:
06:85:4a:b7:0a:94:5d:1b:b1:a1:89:01:8c:2f:14:
13:87:03:d4:be:ec:48:6a:be:14:00:34:c1:ea:a3:
e6:e6:e6:17:64:0e:86:d4:dd:3a:a4:9c:b0:44:74:
9c:75:83:f8:77:32:da:96:7d:f2:3a:6b:70:e7:4e:
a8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:27:47:FA:F2:F1:64:C7:6C:06:78:47:AE:BE:BA:1E:3B:65:AA:30
X509v3 Authority Key Identifier:
keyid:CA:95:59:14:F9:8B:2F:C9:16:A4:51:2D:A7:2A:B7:5A:11:C5:2B:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/ypVZFPmLL8kWpFEtpyq3WhHFK9A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypVZFPmLL8kWpFEtpyq3WhHFK9A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9193037/940E46B4AABC11EAB106C176C4F9AE02/D9C523A0B05A11EAA233021EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.20.102.0-202.20.104.255
IPv6:
2001:df0:77::/48
Signature Algorithm: sha256WithRSAEncryption
85:e6:b8:32:ef:7f:e3:d9:6f:6d:c5:d5:41:7d:f9:dc:2a:2e:
85:60:a6:30:3a:7e:59:fc:ed:c0:4a:b9:1f:0a:22:73:01:a2:
1b:d2:59:ff:8b:4d:62:4c:17:e6:3c:e8:de:2e:ff:5b:4a:67:
8c:00:fb:f5:3e:d8:b6:3b:c2:48:f4:df:5b:28:d1:ad:b5:08:
49:f4:b6:0c:81:bc:65:a5:27:a2:13:fb:f0:05:62:bd:ef:8d:
72:31:f8:da:9b:3f:d9:f7:dd:cc:fc:68:de:3e:7a:ff:4a:b3:
d7:40:b3:af:50:fd:a1:ca:0a:b9:f2:c5:53:a4:b4:5b:c7:fc:
74:43:df:70:59:5e:9b:66:ea:de:1a:b0:c0:b7:35:95:4c:f2:
d1:9d:86:15:c1:ea:59:70:7a:31:90:da:a5:7b:ff:99:cb:48:
86:e7:7a:f8:40:52:06:65:30:34:4d:68:10:38:f6:b4:21:61:
3c:7d:12:47:ab:21:f8:21:e8:82:58:d9:8a:9e:c6:37:60:ba:
03:15:a4:a5:c8:b1:4e:ad:59:6f:ba:86:37:47:58:39:20:90:
2f:18:87:f2:01:63:3b:6e:7e:10:de:ba:69:fc:78:9f:00:0a:
03:11:49:75:c8:aa:2b:ac:d7:64:45:46:35:f6:db:94:72:22:
84:d5:8a:8f
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICCNswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTMwMzcxMTAvBgNVBAUTKENBOTU1OTE0Rjk4QjJGQzkxNkE0NTEyREE3MkFCNzVB
MTFDNTJCRDAwHhcNMjUwMzIwMjAzMDU2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjN2IwMC04NWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtMuRJSUXPlryRKrfWIQTLu7KvGNlfz4dDYWgfrLDlw8z9vXV8LLWkG2JbGZz
W5yA7zy4M9go9rrerI/gGa7XkEYrr2E2D+Y+ctp5w0p5zbFM0m0nHmYak7l5LCRi
0DEZnWFFTnFY5YzunHVDs7iqCvO7qhwxKTElr8EhkyAYJ7gnBi3BiSE0igCZEHXE
Wkn7l8qkSiHhPWqSvTGLJfYnk+TCY6Man7BLk65LZw42jM/vRSgbKlxsHq5F7IUU
Lpvc8+IGhUq3CpRdG7GhiQGMLxQThwPUvuxIar4UADTB6qPm5uYXZA6G1N06pJyw
RHScdYP4dzLaln3yOmtw506ouQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFI8nR/ry
8WTHbAZ4R66+uh47ZaowMB8GA1UdIwQYMBaAFMqVWRT5iy/JFqRRLacqt1oRxSvQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MzAzNy85NDBFNDZCNEFB
QkMxMUVBQjEwNkMxNzZDNEY5QUUwMi95cFZaRlBtTEw4a1dwRkV0cHlxM1doSEZL
OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lwVlpGUG1MTDhrV3BGRXRweXEzV2hIRks5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTMwMzcvOTQwRTQ2QjRBQUJDMTFFQUIxMDZDMTc2QzRGOUFFMDIvRDlDNTIzQTBC
MDVBMTFFQUEyMzMwMjFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E
KTAnMBQEAgABMA4wDAMEAcoUZgMEAMoUaDAPBAIAAjAJAwcAIAEN8AB3MA0GCSqG
SIb3DQEBCwUAA4IBAQCF5rgy73/j2W9txdVBffncKi6FYKYwOn5Z/O3ASrkfCiJz
AaIb0ln/i01iTBfmPOjeLv9bSmeMAPv1Pti2O8JI9N9bKNGttQhJ9LYMgbxlpSei
E/vwBWK9741yMfjamz/Z993M/GjePnr/SrPXQLOvUP2hygq58sVTpLRbx/x0Q99w
WV6bZureGrDAtzWVTPLRnYYVwepZcHoxkNqle/+Zy0iG53r4QFIGZTA0TWgQOPa0
IWE8fRJHqyH4IeiCWNmKnsY3YLoDFaSlyLFOrVlvuoY3R1g5IJAvGIfyAWM7bn4Q
3rpp/HifAAoDEUl1yKorrNdkRUY19tuUciKE1YqP
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:43:00 2025 by rpki-client