Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919E3E3/08B8D0D26F3A11EBB113397EC4F9AE02/58B04DD46F3C11EB924C4E2AC4F9AE02.roa
File: 58B04DD46F3C11EB924C4E2AC4F9AE02.roa (raw, json)
Hash identifier: hT6PiTq4VuebMVKql1Edg2h7UOqDcrvg8gjAvmzNu5c=
Subject key identifier: E1:AA:24:EB:74:45:01:19:A6:50:11:B7:FC:70:17:8B:FB:B6:A0:0E
Certificate issuer: /CN=A919E3E3/serialNumber=BBCC760AFE3E9F0A9B88C8EC7A49ED7CDD0396F7
Certificate serial: 05FF
Authority key identifier: BB:CC:76:0A:FE:3E:9F:0A:9B:88:C8:EC:7A:49:ED:7C:DD:03:96:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u8x2Cv4-nwqbiMjsekntfN0Dlvc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919E3E3/08B8D0D26F3A11EBB113397EC4F9AE02/58B04DD46F3C11EB924C4E2AC4F9AE02.roa
Signing time: Sat 10 Aug 2024 23:10:57 +0000
ROA not before: Sat 10 Aug 2024 23:10:57 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 38333
IP address blocks: 103.153.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919E3E3/08B8D0D26F3A11EBB113397EC4F9AE02/u8x2Cv4-nwqbiMjsekntfN0Dlvc.crl
rsync://rpki.apnic.net/member_repository/A919E3E3/08B8D0D26F3A11EBB113397EC4F9AE02/u8x2Cv4-nwqbiMjsekntfN0Dlvc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u8x2Cv4-nwqbiMjsekntfN0Dlvc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 22:03:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1535 (0x5ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919E3E3
Validity
Not Before: Aug 10 23:10:57 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66b7f380-4294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:34:b3:38:bc:cf:5f:d7:83:08:73:b2:86:c2:
e2:30:7a:b2:e4:7c:73:ee:1e:5c:59:3d:e4:2a:75:
78:24:29:29:c3:d3:0b:1b:7d:75:e4:7e:71:ba:d2:
b3:1f:36:b0:2f:3b:ad:d3:62:c9:08:e9:53:de:56:
a8:76:bb:50:0b:51:69:c2:60:5a:4e:71:76:04:74:
a7:65:cf:fc:f2:04:2e:e9:35:b4:60:af:a1:7e:99:
a9:45:f7:bd:a0:88:bf:52:04:76:75:d1:50:4a:24:
2b:30:bc:93:0e:a1:49:d2:9d:de:d0:dc:01:bb:d6:
fb:fc:bd:0c:e2:57:29:2c:06:db:f8:95:67:a9:8c:
e5:e8:6d:21:4e:d5:e6:f7:45:b1:d0:6d:6b:c5:c2:
b0:a5:0b:60:09:fe:ae:19:31:4e:69:90:fc:16:ff:
e4:8b:55:f2:ac:9f:2e:38:67:9f:8f:ad:0a:45:47:
0e:81:b0:7e:d8:6c:11:26:59:bd:be:0c:d7:e2:0f:
e9:63:31:8f:bb:3b:88:b9:c4:b1:b8:d2:c6:16:08:
12:2c:8a:36:d1:20:53:61:f7:d3:ce:00:f1:ff:9f:
e7:a1:f2:88:2e:a7:af:81:b3:9c:c9:65:8c:32:60:
e4:c0:eb:60:a4:52:87:7e:75:79:64:36:e5:61:30:
a7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:AA:24:EB:74:45:01:19:A6:50:11:B7:FC:70:17:8B:FB:B6:A0:0E
X509v3 Authority Key Identifier:
keyid:BB:CC:76:0A:FE:3E:9F:0A:9B:88:C8:EC:7A:49:ED:7C:DD:03:96:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919E3E3/08B8D0D26F3A11EBB113397EC4F9AE02/u8x2Cv4-nwqbiMjsekntfN0Dlvc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u8x2Cv4-nwqbiMjsekntfN0Dlvc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E3E3/08B8D0D26F3A11EBB113397EC4F9AE02/58B04DD46F3C11EB924C4E2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.153.164.0/24
Signature Algorithm: sha256WithRSAEncryption
94:16:df:0c:20:45:d8:12:9a:1c:0d:43:2b:a9:0d:d2:30:68:
f5:53:c7:e3:51:8e:b7:91:df:c7:89:5d:ec:71:7a:38:88:4b:
98:4a:8c:c7:d4:a9:8e:47:ce:1a:d8:8f:cf:0b:b0:5e:ae:94:
c1:8f:ce:90:fb:43:e7:a8:26:77:4b:11:6b:70:7a:6c:90:54:
e1:4a:0b:12:25:af:2a:dd:29:54:19:8f:fe:28:50:03:93:8b:
c7:93:9d:ce:22:38:80:a2:7d:1c:d9:66:03:05:4d:d4:41:da:
e3:ac:b1:f3:42:84:bb:fa:94:37:00:f3:9b:d4:a4:1a:f7:ac:
e2:56:21:2c:36:62:1e:92:fe:c0:ba:ca:fe:a3:c6:cb:55:f6:
84:ae:96:7d:b5:60:1e:cf:82:60:81:99:14:f3:c8:37:df:99:
1d:79:50:d7:93:30:b3:06:ca:0e:96:e5:fb:3f:7a:50:27:6e:
ec:b0:a3:48:a8:b8:12:81:ce:4f:ac:52:db:a9:3b:3c:22:96:
75:aa:f8:79:f8:cc:a6:50:1f:71:41:47:ae:29:3c:06:23:bf:
a8:73:c1:03:e7:47:e9:52:31:f4:ef:79:7a:ee:f5:62:98:fb:
31:1b:5e:14:1b:35:bd:a3:52:8b:67:73:de:ab:dd:1a:b4:8b:
7d:82:53:d0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBf8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUUzRTMxMTAvBgNVBAUTKEJCQ0M3NjBBRkUzRTlGMEE5Qjg4QzhFQzdBNDlFRDdD
REQwMzk2RjcwHhcNMjQwODEwMjMxMDU3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI3ZjM4MC00Mjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnjSzOLzPX9eDCHOyhsLiMHqy5Hxz7h5cWT3kKnV4JCkpw9MLG3115H5xutKz
HzawLzut02LJCOlT3laodrtQC1FpwmBaTnF2BHSnZc/88gQu6TW0YK+hfpmpRfe9
oIi/UgR2ddFQSiQrMLyTDqFJ0p3e0NwBu9b7/L0M4lcpLAbb+JVnqYzl6G0hTtXm
90Wx0G1rxcKwpQtgCf6uGTFOaZD8Fv/ki1XyrJ8uOGefj60KRUcOgbB+2GwRJlm9
vgzX4g/pYzGPuzuIucSxuNLGFggSLIo20SBTYffTzgDx/5/nofKILqevgbOcyWWM
MmDkwOtgpFKHfnV5ZDblYTCnFwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOGqJOt0
RQEZplARt/xwF4v7tqAOMB8GA1UdIwQYMBaAFLvMdgr+Pp8Km4jI7HpJ7XzdA5b3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTNFMy8wOEI4RDBEMjZG
M0ExMUVCQjExMzM5N0VDNEY5QUUwMi91OHgyQ3Y0LW53cWJpTWpzZWtudGZOMERs
dmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3U4eDJDdjQtbndxYmlNanNla250Zk4wRGx2Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUUzRTMvMDhCOEQwRDI2RjNBMTFFQkIxMTMzOTdFQzRGOUFFMDIvNThCMDRERDQ2
RjNDMTFFQjkyNEM0RTJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnmaQwDQYJKoZIhvcNAQELBQADggEBAJQW3wwgRdgSmhwN
QyupDdIwaPVTx+NRjreR38eJXexxejiIS5hKjMfUqY5HzhrYj88LsF6ulMGPzpD7
Q+eoJndLEWtwemyQVOFKCxIlryrdKVQZj/4oUAOTi8eTnc4iOICifRzZZgMFTdRB
2uOssfNChLv6lDcA85vUpBr3rOJWISw2Yh6S/sC6yv6jxstV9oSuln21YB7PgmCB
mRTzyDffmR15UNeTMLMGyg6W5fs/elAnbuywo0iouBKBzk+sUtupOzwilnWq+Hn4
zKZQH3FBR64pPAYjv6hzwQPnR+lSMfTveXru9WKY+zEbXhQbNb2jUotnc96r3Rq0
i32CU9A=
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:37:12 2025 by rpki-client