Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9194692/885A32FE429411EB90491A34C4F9AE02/DF0A2BF4B15E11EE8E75695CC4F9AE02.roa
File: DF0A2BF4B15E11EE8E75695CC4F9AE02.roa (raw, json)
Hash identifier: cENNW/nbgAC9wITEnAsu2/v6Nt+Sg/6ucMETk/SBbPU=
Subject key identifier: AF:69:BC:50:1C:4C:77:66:47:E9:57:40:68:EE:66:7E:A4:52:B6:AF
Certificate issuer: /CN=A9194692/serialNumber=AFE5B3CD2DC567AB8A58EB3980D5E5E784290A40
Certificate serial: 06DE
Authority key identifier: AF:E5:B3:CD:2D:C5:67:AB:8A:58:EB:39:80:D5:E5:E7:84:29:0A:40
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-WzzS3FZ6uKWOs5gNXl54QpCkA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9194692/885A32FE429411EB90491A34C4F9AE02/DF0A2BF4B15E11EE8E75695CC4F9AE02.roa
Signing time: Tue 04 Feb 2025 21:41:35 +0000
ROA not before: Tue 04 Feb 2025 21:41:35 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 136429
IP address blocks: 103.158.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9194692/885A32FE429411EB90491A34C4F9AE02/r-WzzS3FZ6uKWOs5gNXl54QpCkA.crl
rsync://rpki.apnic.net/member_repository/A9194692/885A32FE429411EB90491A34C4F9AE02/r-WzzS3FZ6uKWOs5gNXl54QpCkA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-WzzS3FZ6uKWOs5gNXl54QpCkA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 21:40:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1758 (0x6de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9194692, serialNumber=AFE5B3CD2DC567AB8A58EB3980D5E5E784290A40
Validity
Not Before: Feb 4 21:41:35 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67a2898e-8196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:dc:a2:57:88:f2:33:c4:1f:ce:1a:21:33:15:
d7:4c:eb:5d:7b:5d:3a:95:ac:58:17:5c:f2:aa:9f:
cd:1d:f7:66:bd:56:d3:44:57:f4:9a:65:f8:31:f9:
ea:2f:9f:bf:b2:c7:e1:bd:c1:22:2a:b2:d4:bb:97:
7b:ee:a0:f0:4f:75:d3:af:b2:1e:b2:4b:cb:89:d9:
c0:28:2b:3f:38:e1:28:cb:b7:ea:5f:1c:7e:d1:f2:
74:74:3f:cd:b7:c2:5c:ba:f3:fe:61:20:2d:98:93:
af:a5:ab:c9:36:b2:ed:f1:59:0d:24:85:a2:59:15:
5b:75:82:29:88:d3:f1:d1:33:75:d3:ba:c5:63:4c:
84:24:11:42:68:78:bf:e2:cc:dd:0d:6c:91:52:69:
f7:65:d9:f0:f3:d2:d8:20:9c:d8:d6:78:79:5a:22:
da:a5:ca:12:a0:f3:4d:d5:23:01:e5:92:6e:de:82:
32:cd:bb:a3:fa:03:f4:3f:b9:14:c0:b3:6a:ab:c4:
2c:f2:3f:20:01:02:ee:f4:7a:b4:25:48:35:df:04:
c3:42:40:37:a9:de:f3:b4:28:43:67:93:ca:55:ca:
6c:d4:e8:c3:aa:fe:29:75:37:e3:2f:e8:72:73:83:
ec:5d:dd:9b:33:df:bb:88:d8:62:17:2b:3e:b4:c1:
a0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:69:BC:50:1C:4C:77:66:47:E9:57:40:68:EE:66:7E:A4:52:B6:AF
X509v3 Authority Key Identifier:
keyid:AF:E5:B3:CD:2D:C5:67:AB:8A:58:EB:39:80:D5:E5:E7:84:29:0A:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9194692/885A32FE429411EB90491A34C4F9AE02/r-WzzS3FZ6uKWOs5gNXl54QpCkA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-WzzS3FZ6uKWOs5gNXl54QpCkA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194692/885A32FE429411EB90491A34C4F9AE02/DF0A2BF4B15E11EE8E75695CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.211.0/24
Signature Algorithm: sha256WithRSAEncryption
40:be:ce:2c:94:ec:53:5b:04:78:8f:10:d3:97:5f:ea:f6:6c:
7c:70:e8:45:94:30:17:7d:25:77:e8:5a:4d:57:65:65:2a:39:
dc:a4:ff:e5:64:b5:36:1d:5c:8f:9e:60:2a:02:48:4e:7d:c3:
54:3a:d1:dc:ad:cd:ce:76:98:b8:df:e8:40:c9:2b:dd:e0:31:
2b:85:22:07:3c:bf:6c:53:e8:21:dd:c5:bd:0f:61:ef:1d:04:
d0:86:e8:f5:f0:a2:91:1b:d0:7b:05:38:ca:66:3a:54:ad:a4:
c9:3f:77:2f:2f:21:ca:a2:53:e0:83:33:e9:12:77:a8:63:71:
78:cf:83:24:37:f2:1f:2a:61:77:dc:d4:69:20:0f:22:71:67:
cf:9d:f8:f5:db:8a:6f:ec:ca:a5:a5:98:61:77:b0:17:a2:a2:
cd:35:26:3f:75:5f:69:b7:52:88:8f:7a:c9:32:04:83:c3:ca:
ad:d0:ca:d1:82:10:fe:fb:5f:c4:e2:8d:21:0d:a8:48:6d:00:
5a:5a:0c:96:06:e5:c6:20:39:81:81:fd:fa:76:62:69:5a:66:
d8:db:8c:5a:d0:f8:d0:a2:59:0a:f8:20:b4:55:f6:62:91:e2:
14:1b:f7:8e:e5:5c:ee:76:bc:54:33:ee:21:87:22:5e:64:c8:
fe:36:6d:76
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBt4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTQ2OTIxMTAvBgNVBAUTKEFGRTVCM0NEMkRDNTY3QUI4QTU4RUIzOTgwRDVFNUU3
ODQyOTBBNDAwHhcNMjUwMjA0MjE0MTM1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyODk4ZS04MTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5NyiV4jyM8QfzhohMxXXTOtde106laxYF1zyqp/NHfdmvVbTRFf0mmX4Mfnq
L5+/ssfhvcEiKrLUu5d77qDwT3XTr7IeskvLidnAKCs/OOEoy7fqXxx+0fJ0dD/N
t8JcuvP+YSAtmJOvpavJNrLt8VkNJIWiWRVbdYIpiNPx0TN107rFY0yEJBFCaHi/
4szdDWyRUmn3Zdnw89LYIJzY1nh5WiLapcoSoPNN1SMB5ZJu3oIyzbuj+gP0P7kU
wLNqq8Qs8j8gAQLu9Hq0JUg13wTDQkA3qd7ztChDZ5PKVcps1OjDqv4pdTfjL+hy
c4PsXd2bM9+7iNhiFys+tMGgSQIDAQABo4IClTCCApEwHQYDVR0OBBYEFK9pvFAc
THdmR+lXQGjuZn6kUravMB8GA1UdIwQYMBaAFK/ls80txWeriljrOYDV5eeEKQpA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDY5Mi84ODVBMzJGRTQy
OTQxMUVCOTA0OTFBMzRDNEY5QUUwMi9yLVd6elMzRlo2dUtXT3M1Z05YbDU0UXBD
a0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ItV3p6UzNGWjZ1S1dPczVnTlhsNTRRcENrQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTQ2OTIvODg1QTMyRkU0Mjk0MTFFQjkwNDkxQTM0QzRGOUFFMDIvREYwQTJCRjRC
MTVFMTFFRThFNzU2OTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnntMwDQYJKoZIhvcNAQELBQADggEBAEC+ziyU7FNbBHiP
ENOXX+r2bHxw6EWUMBd9JXfoWk1XZWUqOdyk/+VktTYdXI+eYCoCSE59w1Q60dyt
zc52mLjf6EDJK93gMSuFIgc8v2xT6CHdxb0PYe8dBNCG6PXwopEb0HsFOMpmOlSt
pMk/dy8vIcqiU+CDM+kSd6hjcXjPgyQ38h8qYXfc1GkgDyJxZ8+d+PXbim/syqWl
mGF3sBeios01Jj91X2m3UoiPeskyBIPDyq3QytGCEP77X8TijSENqEhtAFpaDJYG
5cYgOYGB/fp2YmlaZtjbjFrQ+NCiWQr4ILRV9mKR4hQb947lXO52vFQz7iGHIl5k
yP42bXY=
-----END CERTIFICATE-----
Generated at Mon Apr 14 08:16:45 2025 by rpki-client