Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919C563/11B6336417C111E981080F6CC4F9AE02/2B2B06B2401E11EBB0588F5FC4F9AE02.roa
File: 2B2B06B2401E11EBB0588F5FC4F9AE02.roa (raw, json)
Hash identifier: njXqnLM6vnU07txVMRRTX8IPNMY9z1UdckP2aMY3pBQ=
Subject key identifier: CA:37:38:A0:FA:05:D8:59:99:A6:60:F1:C5:E8:6F:61:64:04:3C:1B
Certificate issuer: /CN=A919C563/serialNumber=04A0275F5B2B5C180E7E0D1296EED60BC0CF6347
Certificate serial: 10CC
Authority key identifier: 04:A0:27:5F:5B:2B:5C:18:0E:7E:0D:12:96:EE:D6:0B:C0:CF:63:47
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKAnX1srXBgOfg0Slu7WC8DPY0c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919C563/11B6336417C111E981080F6CC4F9AE02/2B2B06B2401E11EBB0588F5FC4F9AE02.roa
Signing time: Fri 24 Jan 2025 17:35:42 +0000
ROA not before: Fri 24 Jan 2025 17:35:41 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 135055
IP address blocks: 103.18.180.0/24 maxlen: 24
103.107.38.0/24 maxlen: 24
103.107.40.0/23 maxlen: 23
103.107.40.0/24 maxlen: 24
103.107.41.0/24 maxlen: 24
2406:eac0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919C563/11B6336417C111E981080F6CC4F9AE02/BKAnX1srXBgOfg0Slu7WC8DPY0c.crl
rsync://rpki.apnic.net/member_repository/A919C563/11B6336417C111E981080F6CC4F9AE02/BKAnX1srXBgOfg0Slu7WC8DPY0c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKAnX1srXBgOfg0Slu7WC8DPY0c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 17:14:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4300 (0x10cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919C563, serialNumber=04A0275F5B2B5C180E7E0D1296EED60BC0CF6347
Validity
Not Before: Jan 24 17:35:41 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6793cf6d-dab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:17:e9:cb:ba:3e:28:c6:b6:c1:d7:83:67:d8:
2e:63:d9:87:29:9f:d5:a1:f4:fb:72:f8:a5:5f:83:
32:c3:d7:3c:f3:6f:cb:86:38:a5:f4:5c:c4:c1:12:
6a:7d:f8:7e:4f:c9:3e:06:89:2d:a3:af:52:e3:90:
8a:6c:d9:df:26:07:a5:7e:81:94:b9:60:31:53:39:
61:63:22:07:67:a4:03:18:eb:de:7c:bd:54:ee:f3:
18:74:04:c9:dd:21:e8:ae:29:23:ae:95:e7:5f:f4:
64:af:28:41:4d:03:53:6a:38:a3:1e:c5:b5:b9:fe:
46:5a:6a:68:3d:a8:aa:8f:28:01:45:23:ac:49:ef:
69:e0:0b:dc:43:79:fa:b9:39:41:d6:04:3c:a2:b0:
71:04:75:b9:a6:85:05:ea:90:df:f5:48:d3:93:f0:
f3:8d:eb:59:96:4c:f4:6f:7f:5d:9b:7f:93:5b:5b:
9f:e4:ea:71:7f:5b:a8:aa:a2:f0:df:e4:f7:3a:1c:
2c:19:c4:c4:9b:1e:ff:7c:74:5c:3e:11:79:71:2e:
db:08:94:54:84:49:ed:df:94:3f:36:a9:dd:df:9e:
4d:0b:08:98:9f:be:e1:82:27:ba:55:49:c4:f9:8c:
8a:81:9d:b5:0d:5e:20:a0:af:47:5a:cf:c5:85:d8:
c9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:37:38:A0:FA:05:D8:59:99:A6:60:F1:C5:E8:6F:61:64:04:3C:1B
X509v3 Authority Key Identifier:
keyid:04:A0:27:5F:5B:2B:5C:18:0E:7E:0D:12:96:EE:D6:0B:C0:CF:63:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919C563/11B6336417C111E981080F6CC4F9AE02/BKAnX1srXBgOfg0Slu7WC8DPY0c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKAnX1srXBgOfg0Slu7WC8DPY0c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C563/11B6336417C111E981080F6CC4F9AE02/2B2B06B2401E11EBB0588F5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.18.180.0/24
103.107.38.0/24
103.107.40.0/23
IPv6:
2406:eac0::/32
Signature Algorithm: sha256WithRSAEncryption
99:59:f7:55:ef:af:7e:44:26:09:2b:80:26:db:27:11:14:5f:
f4:52:5a:80:7e:cb:9f:24:97:4c:8e:69:f1:9a:4a:49:94:ee:
ed:10:81:28:17:06:e8:2e:a1:43:8b:a1:1a:df:f4:f9:50:95:
ff:37:55:85:60:ab:eb:e3:88:89:c2:ee:9a:6b:14:b3:d1:84:
e5:c7:96:ed:a6:10:0c:f5:77:77:b6:57:15:ce:ea:ff:09:37:
c1:b9:0c:72:5d:b2:c6:33:41:36:64:95:c7:d4:b0:81:d4:68:
cd:28:d1:05:1c:23:40:2e:77:40:35:49:79:71:1a:d4:52:49:
51:97:ab:a6:6a:4d:5b:59:7d:a6:5e:b3:15:7c:1b:8a:f4:f9:
f3:bb:cf:69:87:ea:50:1a:62:fc:43:e3:ee:bb:f5:66:94:5a:
3f:bc:fd:90:f1:13:67:fa:84:cf:69:93:c1:42:ed:b2:ae:51:
da:c8:73:12:90:ae:dc:38:f7:8b:64:8b:3d:d2:68:ea:e3:21:
95:84:73:68:19:59:f4:51:30:3b:95:7e:30:68:2f:5c:3d:bc:
92:a2:99:ec:4c:a5:b2:6b:4c:d8:60:fa:12:e6:b2:32:2a:1e:
dd:c9:38:e5:a5:99:ba:d3:5d:be:9a:d7:56:49:8d:9f:3e:d0:
27:3f:af:14
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICEMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUM1NjMxMTAvBgNVBAUTKDA0QTAyNzVGNUIyQjVDMTgwRTdFMEQxMjk2RUVENjBC
QzBDRjYzNDcwHhcNMjUwMTI0MTczNTQxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkzY2Y2ZC1kYWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtxfpy7o+KMa2wdeDZ9guY9mHKZ/VofT7cvilX4Myw9c882/Lhjil9FzEwRJq
ffh+T8k+Bokto69S45CKbNnfJgelfoGUuWAxUzlhYyIHZ6QDGOvefL1U7vMYdATJ
3SHorikjrpXnX/RkryhBTQNTajijHsW1uf5GWmpoPaiqjygBRSOsSe9p4AvcQ3n6
uTlB1gQ8orBxBHW5poUF6pDf9UjTk/DzjetZlkz0b39dm3+TW1uf5Opxf1uoqqLw
3+T3OhwsGcTEmx7/fHRcPhF5cS7bCJRUhEnt35Q/Nqnd355NCwiYn77hgie6VUnE
+YyKgZ21DV4goK9HWs/FhdjJ1QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFMo3OKD6
BdhZmaZg8cXob2FkBDwbMB8GA1UdIwQYMBaAFASgJ19bK1wYDn4NEpbu1gvAz2NH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzU2My8xMUI2MzM2NDE3
QzExMUU5ODEwODBGNkNDNEY5QUUwMi9CS0FuWDFzclhCZ09mZzBTbHU3V0M4RFBZ
MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JLQW5YMXNyWEJnT2ZnMFNsdTdXQzhEUFkwYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUM1NjMvMTFCNjMzNjQxN0MxMTFFOTgxMDgwRjZDQzRGOUFFMDIvMkIyQjA2QjI0
MDFFMTFFQkIwNTg4RjVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBABnErQDBABnayYDBAFnaygwDQQCAAIwBwMFACQG6sAwDQYJ
KoZIhvcNAQELBQADggEBAJlZ91Xvr35EJgkrgCbbJxEUX/RSWoB+y58kl0yOafGa
SkmU7u0QgSgXBuguoUOLoRrf9PlQlf83VYVgq+vjiInC7pprFLPRhOXHlu2mEAz1
d3e2VxXO6v8JN8G5DHJdssYzQTZklcfUsIHUaM0o0QUcI0Aud0A1SXlxGtRSSVGX
q6ZqTVtZfaZesxV8G4r0+fO7z2mH6lAaYvxD4+679WaUWj+8/ZDxE2f6hM9pk8FC
7bKuUdrIcxKQrtw494tkiz3SaOrjIZWEc2gZWfRRMDuVfjBoL1w9vJKimexMpbJr
TNhg+hLmsjIqHt3JOOWlmbrTXb6a11ZJjZ8+0Cc/rxQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 00:38:57 2025 by rpki-client