Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919D539/C1265DC0E38911EAB73A3659C4F9AE02/903E8812E38A11EAA3B8AE59C4F9AE02.roa
File: 903E8812E38A11EAA3B8AE59C4F9AE02.roa (raw, json)
Hash identifier: HYLlaeYCfOhwQIw7Fb2O6gPao8D0dgK0DzH31riAA30=
Subject key identifier: 1B:DF:16:54:C4:CC:59:B5:B3:3A:5E:B9:A3:7F:D7:FB:60:B4:FA:E7
Certificate issuer: /CN=A919D539/serialNumber=221F50143E1D5F93C4CD31C9FEE7A24DE801F2D7
Certificate serial: 07AF
Authority key identifier: 22:1F:50:14:3E:1D:5F:93:C4:CD:31:C9:FE:E7:A2:4D:E8:01:F2:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ih9QFD4dX5PEzTHJ_ueiTegB8tc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919D539/C1265DC0E38911EAB73A3659C4F9AE02/903E8812E38A11EAA3B8AE59C4F9AE02.roa
Signing time: Wed 04 Dec 2024 21:10:31 +0000
ROA not before: Wed 04 Dec 2024 21:10:31 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 59268
IP address blocks: 103.66.88.0/24 maxlen: 24
103.66.89.0/24 maxlen: 24
103.66.90.0/24 maxlen: 24
103.66.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919D539/C1265DC0E38911EAB73A3659C4F9AE02/Ih9QFD4dX5PEzTHJ_ueiTegB8tc.crl
rsync://rpki.apnic.net/member_repository/A919D539/C1265DC0E38911EAB73A3659C4F9AE02/Ih9QFD4dX5PEzTHJ_ueiTegB8tc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ih9QFD4dX5PEzTHJ_ueiTegB8tc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 20:43:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1967 (0x7af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919D539, serialNumber=221F50143E1D5F93C4CD31C9FEE7A24DE801F2D7
Validity
Not Before: Dec 4 21:10:31 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6750c547-f95a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a4:89:ce:b1:05:bd:ce:3e:d4:51:b5:dd:28:
95:9f:4c:2a:a4:3e:32:86:3f:8e:a7:b3:96:0e:d4:
cc:e6:ba:05:e1:85:03:61:25:a7:39:80:cc:52:00:
e3:14:05:b5:b3:88:c2:b0:e3:b5:ec:8a:5c:13:80:
bb:7c:a3:82:50:08:1d:80:c8:7f:56:82:3f:c2:00:
a9:18:0d:78:dd:95:f2:c8:ee:73:5f:5b:e7:86:13:
64:82:b4:42:53:0c:0d:df:ac:9f:e2:25:9c:a5:78:
ad:f1:8a:70:16:b8:42:08:e3:e0:08:12:c9:ed:8e:
11:40:05:35:11:7b:72:ea:ab:1d:5e:e7:c1:11:f0:
e5:1d:4f:4d:e5:23:58:e7:9f:ae:bf:b3:76:93:35:
9b:85:db:f9:cd:57:e1:8a:9d:45:6c:05:7f:3f:e0:
0a:25:6e:6a:98:db:d4:6c:e2:66:30:0e:64:3a:a2:
5e:4d:7d:45:2c:67:6e:65:42:3a:2a:5e:39:b9:2c:
6e:fd:3c:b5:f5:c0:a3:e1:6c:9f:59:a2:2f:0e:e4:
a6:85:82:06:a8:7f:0a:cb:02:72:61:6f:e8:78:72:
5a:18:d5:36:ab:18:ab:76:70:31:d4:82:fa:ed:9d:
19:fc:52:e4:a3:f2:33:48:28:73:5d:62:b6:3c:9b:
f5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DF:16:54:C4:CC:59:B5:B3:3A:5E:B9:A3:7F:D7:FB:60:B4:FA:E7
X509v3 Authority Key Identifier:
keyid:22:1F:50:14:3E:1D:5F:93:C4:CD:31:C9:FE:E7:A2:4D:E8:01:F2:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919D539/C1265DC0E38911EAB73A3659C4F9AE02/Ih9QFD4dX5PEzTHJ_ueiTegB8tc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ih9QFD4dX5PEzTHJ_ueiTegB8tc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D539/C1265DC0E38911EAB73A3659C4F9AE02/903E8812E38A11EAA3B8AE59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.88.0/22
Signature Algorithm: sha256WithRSAEncryption
70:81:a9:14:44:4d:05:c6:7f:91:fb:28:74:f3:f0:71:d3:01:
96:2d:77:d6:a0:ad:66:61:14:10:58:47:64:a4:62:fd:8f:33:
a9:08:91:9e:43:74:20:87:3c:c0:fc:9b:62:a7:9d:68:8a:38:
fd:95:ca:c1:7a:5a:1d:10:05:21:a2:27:aa:71:7a:dd:c9:0c:
4d:a2:88:c8:f7:3d:6b:88:fc:fc:e0:d2:98:d8:4f:41:ba:a5:
0f:60:8a:24:32:a4:89:f7:89:25:aa:34:e7:dd:80:7a:28:ef:
a9:b6:c3:8e:d7:68:98:ff:9c:cf:09:f9:9a:a5:1a:a1:ba:32:
d0:b2:92:44:bb:6f:8a:44:8e:fa:73:d2:87:97:1c:bf:a1:9f:
86:c9:47:64:9f:bc:ce:60:07:0b:7e:ad:69:f8:39:2b:14:ef:
d1:f6:76:95:13:75:15:f2:5a:40:f5:52:24:95:bf:98:a8:f9:
61:7f:86:b4:fb:9f:9f:a8:d6:05:81:77:2e:00:b1:24:27:9f:
71:95:a7:bc:8c:ae:11:fd:d5:b8:23:aa:f9:58:84:c8:0d:3b:
5d:30:42:d7:a0:48:73:9e:6c:dd:2d:fb:f6:48:fb:ce:71:03:
33:94:a0:0f:23:ee:b6:2b:26:3d:25:4b:3f:be:dc:6c:b7:a7:
c8:61:38:55
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUQ1MzkxMTAvBgNVBAUTKDIyMUY1MDE0M0UxRDVGOTNDNENEMzFDOUZFRTdBMjRE
RTgwMUYyRDcwHhcNMjQxMjA0MjExMDMxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwYzU0Ny1mOTVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs6SJzrEFvc4+1FG13SiVn0wqpD4yhj+Op7OWDtTM5roF4YUDYSWnOYDMUgDj
FAW1s4jCsOO17IpcE4C7fKOCUAgdgMh/VoI/wgCpGA143ZXyyO5zX1vnhhNkgrRC
UwwN36yf4iWcpXit8YpwFrhCCOPgCBLJ7Y4RQAU1EXty6qsdXufBEfDlHU9N5SNY
55+uv7N2kzWbhdv5zVfhip1FbAV/P+AKJW5qmNvUbOJmMA5kOqJeTX1FLGduZUI6
Kl45uSxu/Ty19cCj4WyfWaIvDuSmhYIGqH8KywJyYW/oeHJaGNU2qxirdnAx1IL6
7Z0Z/FLko/IzSChzXWK2PJv17QIDAQABo4IClTCCApEwHQYDVR0OBBYEFBvfFlTE
zFm1szpeuaN/1/tgtPrnMB8GA1UdIwQYMBaAFCIfUBQ+HV+TxM0xyf7nok3oAfLX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RDUzOS9DMTI2NURDMEUz
ODkxMUVBQjczQTM2NTlDNEY5QUUwMi9JaDlRRkQ0ZFg1UEV6VEhKX3VlaVRlZ0I4
dGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0loOVFGRDRkWDVQRXpUSEpfdWVpVGVnQjh0Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUQ1MzkvQzEyNjVEQzBFMzg5MTFFQUI3M0EzNjU5QzRGOUFFMDIvOTAzRTg4MTJF
MzhBMTFFQUEzQjhBRTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnQlgwDQYJKoZIhvcNAQELBQADggEBAHCBqRRETQXGf5H7
KHTz8HHTAZYtd9agrWZhFBBYR2SkYv2PM6kIkZ5DdCCHPMD8m2KnnWiKOP2VysF6
Wh0QBSGiJ6pxet3JDE2iiMj3PWuI/Pzg0pjYT0G6pQ9giiQypIn3iSWqNOfdgHoo
76m2w47XaJj/nM8J+ZqlGqG6MtCykkS7b4pEjvpz0oeXHL+hn4bJR2SfvM5gBwt+
rWn4OSsU79H2dpUTdRXyWkD1UiSVv5io+WF/hrT7n5+o1gWBdy4AsSQnn3GVp7yM
rhH91bgjqvlYhMgNO10wQtegSHOebN0t+/ZI+85xAzOUoA8j7rYrJj0lSz++3Gy3
p8hhOFU=
-----END CERTIFICATE-----
Generated at Mon Apr 14 10:55:21 2025 by rpki-client