Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0277/D419D81075CB11EB952DD66AC4F9AE02/56A937F2360411EF8AA77687C4F9AE02.roa
File: 56A937F2360411EF8AA77687C4F9AE02.roa (raw, json)
Hash identifier: jBtUWO90hOewkZT/IOz6vgpi/ww1P3BMTXwB63qoFnQ=
Subject key identifier: 84:70:41:C9:1A:74:4B:A0:C9:79:69:35:A9:3B:9B:E7:2F:ED:A8:9E
Certificate issuer: /CN=A91A0277/serialNumber=61D909494AAC099E5DC67BD9DECCFEBE44B77779
Certificate serial: 0677
Authority key identifier: 61:D9:09:49:4A:AC:09:9E:5D:C6:7B:D9:DE:CC:FE:BE:44:B7:77:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YdkJSUqsCZ5dxnvZ3sz-vkS3d3k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0277/D419D81075CB11EB952DD66AC4F9AE02/56A937F2360411EF8AA77687C4F9AE02.roa
Signing time: Tue 18 Mar 2025 22:14:32 +0000
ROA not before: Tue 18 Mar 2025 22:14:32 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 136991
IP address blocks: 103.162.244.0/23 maxlen: 23
103.162.244.0/24 maxlen: 24
103.162.245.0/24 maxlen: 24
2407:1fc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A0277/D419D81075CB11EB952DD66AC4F9AE02/YdkJSUqsCZ5dxnvZ3sz-vkS3d3k.crl
rsync://rpki.apnic.net/member_repository/A91A0277/D419D81075CB11EB952DD66AC4F9AE02/YdkJSUqsCZ5dxnvZ3sz-vkS3d3k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YdkJSUqsCZ5dxnvZ3sz-vkS3d3k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 22:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1655 (0x677)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0277, serialNumber=61D909494AAC099E5DC67BD9DECCFEBE44B77779
Validity
Not Before: Mar 18 22:14:32 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67d9f048-4c46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6e:a8:f9:cc:e7:2b:40:5b:13:3e:fd:36:10:
b3:25:ea:64:bb:bc:27:9f:a8:fc:bf:b4:90:c6:06:
8d:a4:5a:bd:70:2b:8a:0e:42:90:f6:1f:08:b4:0b:
9d:44:45:8f:35:76:e8:eb:71:60:8b:f3:db:fa:02:
de:42:09:ef:eb:1a:b4:65:0c:b3:54:84:53:84:a3:
7e:87:71:37:5a:11:4e:bf:a6:88:dd:75:a8:c3:e6:
f2:5e:69:65:ed:95:17:81:86:31:cf:9f:65:d2:9c:
0a:58:29:e4:47:40:7f:b5:ae:1c:94:51:d9:44:28:
c1:d8:08:1d:46:8f:47:70:b2:ac:10:df:72:a0:46:
9d:53:02:9b:29:4d:f0:ec:8a:4b:99:ab:65:67:01:
d2:ce:ae:e1:9a:39:74:0b:cb:0a:d2:2d:ff:05:dd:
06:fe:68:81:bb:bb:9f:91:1d:fb:00:c7:a0:86:4c:
05:bb:f4:ca:41:d5:31:b2:6b:aa:fd:cd:64:3e:fd:
be:b5:29:cc:7c:7e:f0:f9:da:99:41:59:42:0f:9d:
8c:32:3c:cf:a0:58:dd:4b:24:9b:2d:09:1c:17:00:
e5:40:e2:ea:cb:58:2b:db:0b:16:b2:32:13:24:ca:
82:71:51:09:0c:d7:bb:b6:ed:a3:f7:4f:08:86:c5:
91:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:70:41:C9:1A:74:4B:A0:C9:79:69:35:A9:3B:9B:E7:2F:ED:A8:9E
X509v3 Authority Key Identifier:
keyid:61:D9:09:49:4A:AC:09:9E:5D:C6:7B:D9:DE:CC:FE:BE:44:B7:77:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0277/D419D81075CB11EB952DD66AC4F9AE02/YdkJSUqsCZ5dxnvZ3sz-vkS3d3k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YdkJSUqsCZ5dxnvZ3sz-vkS3d3k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0277/D419D81075CB11EB952DD66AC4F9AE02/56A937F2360411EF8AA77687C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.162.244.0/23
IPv6:
2407:1fc0::/32
Signature Algorithm: sha256WithRSAEncryption
1a:21:6f:42:ea:c9:9c:e2:79:af:f4:c4:b7:1d:85:18:ec:fe:
c6:86:5e:cb:8f:c4:15:0c:48:08:51:6e:3e:40:74:f2:d0:9f:
96:ca:1f:68:70:97:94:b0:31:38:55:bf:5c:05:a0:6a:2a:ee:
31:1b:0d:5a:61:68:c9:c9:f8:71:9a:30:3e:17:45:f8:f5:6c:
29:5f:39:66:75:dc:d0:60:64:0f:e3:41:d8:f5:27:07:d2:2b:
32:2d:74:63:a9:be:7f:cc:51:b3:22:d8:0d:25:9f:36:54:6e:
4b:a9:d6:6a:48:ed:cd:09:5f:d8:f0:43:b3:f8:54:49:a6:4e:
08:74:d7:f4:40:a8:ff:e9:25:db:4c:3d:dc:9c:dd:cb:e5:c0:
f8:10:92:cd:b1:be:1d:3f:ff:21:da:f9:11:5f:05:88:35:e7:
e9:6e:fd:7f:5a:8d:da:cf:3c:a2:ab:14:83:24:a5:ce:71:8d:
34:b5:ea:91:c5:78:97:84:55:f3:bf:e4:fd:8c:bd:c1:53:75:
a2:05:f5:1e:9e:e7:11:7d:31:54:8e:3e:00:c2:9e:3e:89:86:
1e:c4:6e:bd:a9:23:b4:2e:a2:ca:13:3c:24:ed:85:0d:bb:40:
76:5b:28:20:2d:1f:0e:13:10:ab:f4:c9:05:25:9e:55:25:72:
1c:79:83:e5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBncwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTAyNzcxMTAvBgNVBAUTKDYxRDkwOTQ5NEFBQzA5OUU1REM2N0JEOURFQ0NGRUJF
NDRCNzc3NzkwHhcNMjUwMzE4MjIxNDMyWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q5ZjA0OC00YzQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtm6o+cznK0BbEz79NhCzJepku7wnn6j8v7SQxgaNpFq9cCuKDkKQ9h8ItAud
REWPNXbo63Fgi/Pb+gLeQgnv6xq0ZQyzVIRThKN+h3E3WhFOv6aI3XWow+byXmll
7ZUXgYYxz59l0pwKWCnkR0B/ta4clFHZRCjB2AgdRo9HcLKsEN9yoEadUwKbKU3w
7IpLmatlZwHSzq7hmjl0C8sK0i3/Bd0G/miBu7ufkR37AMeghkwFu/TKQdUxsmuq
/c1kPv2+tSnMfH7w+dqZQVlCD52MMjzPoFjdSySbLQkcFwDlQOLqy1gr2wsWsjIT
JMqCcVEJDNe7tu2j908IhsWRowIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFIRwQcka
dEugyXlpNak7m+cv7aieMB8GA1UdIwQYMBaAFGHZCUlKrAmeXcZ72d7M/r5Et3d5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDI3Ny9ENDE5RDgxMDc1
Q0IxMUVCOTUyREQ2NkFDNEY5QUUwMi9ZZGtKU1Vxc0NaNWR4bnZaM3N6LXZrUzNk
M2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lka0pTVXFzQ1o1ZHhudlozc3otdmtTM2Qzay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTAyNzcvRDQxOUQ4MTA3NUNCMTFFQjk1MkRENjZBQzRGOUFFMDIvNTZBOTM3RjIz
NjA0MTFFRjhBQTc3Njg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnovQwDQQCAAIwBwMFACQHH8AwDQYJKoZIhvcNAQELBQAD
ggEBABohb0LqyZziea/0xLcdhRjs/saGXsuPxBUMSAhRbj5AdPLQn5bKH2hwl5Sw
MThVv1wFoGoq7jEbDVphaMnJ+HGaMD4XRfj1bClfOWZ13NBgZA/jQdj1JwfSKzIt
dGOpvn/MUbMi2A0lnzZUbkup1mpI7c0JX9jwQ7P4VEmmTgh01/RAqP/pJdtMPdyc
3cvlwPgQks2xvh0//yHa+RFfBYg15+lu/X9ajdrPPKKrFIMkpc5xjTS16pHFeJeE
VfO/5P2MvcFTdaIF9R6e5xF9MVSOPgDCnj6Jhh7Ebr2pI7QuosoTPCTthQ27QHZb
KCAtHw4TEKv0yQUlnlUlchx5g+U=
-----END CERTIFICATE-----
Generated at Mon Apr 14 06:35:08 2025 by rpki-client