Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/46D7B1B468F911EFAB3D9424C4F9AE02.roa
File: 46D7B1B468F911EFAB3D9424C4F9AE02.roa (raw, json)
Hash identifier: onDSKcNFc/pDMIziyGqjtuK2E8Imk/xI2T23hdeIbB0=
Subject key identifier: 1C:44:C3:43:DB:CB:1F:42:00:47:89:40:E7:5B:FF:BC:68:C7:22:64
Certificate issuer: /CN=A91A16CF/serialNumber=829F0F40884DD991121005B07D09A2CBFFB4DEC6
Certificate serial: 0B93
Authority key identifier: 82:9F:0F:40:88:4D:D9:91:12:10:05:B0:7D:09:A2:CB:FF:B4:DE:C6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gp8PQIhN2ZESEAWwfQmiy_-03sY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/46D7B1B468F911EFAB3D9424C4F9AE02.roa
Signing time: Fri 06 Dec 2024 19:08:25 +0000
ROA not before: Fri 06 Dec 2024 19:08:25 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 134734
IP address blocks: 103.198.132.0/24 maxlen: 24
2403:60c0::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/gp8PQIhN2ZESEAWwfQmiy_-03sY.crl
rsync://rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/gp8PQIhN2ZESEAWwfQmiy_-03sY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gp8PQIhN2ZESEAWwfQmiy_-03sY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 18:41:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2963 (0xb93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A16CF, serialNumber=829F0F40884DD991121005B07D09A2CBFFB4DEC6
Validity
Not Before: Dec 6 19:08:25 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67534ba8-1951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:49:cc:a1:1a:6a:92:ff:da:a9:c6:ae:f9:91:
1e:55:0b:a7:d3:3e:c9:50:b3:77:02:dd:cd:fa:c7:
b1:10:71:c1:dd:eb:a8:4b:c1:99:f2:3d:9f:bf:73:
4e:37:77:eb:05:5d:95:b5:39:19:55:b2:5d:d4:4c:
d1:60:41:72:8e:eb:b0:33:69:28:24:2f:a6:fc:78:
56:95:7d:77:e7:fd:72:7b:91:37:09:05:2c:ba:d0:
56:60:5f:30:13:fa:16:6b:71:1e:46:e1:fe:e8:77:
ff:6a:e1:d5:09:5e:d0:00:a4:3a:9c:6c:83:e7:aa:
8a:c2:dc:ab:c6:53:2c:24:c4:90:d6:d8:6a:0f:96:
5d:4d:ac:10:4d:0a:a0:69:8e:4e:57:95:89:f3:fb:
f5:bc:d4:a2:8e:87:74:29:9a:6b:8e:bf:e5:8f:8d:
a7:1f:ba:65:53:55:27:0f:59:ea:6f:18:fa:4a:b0:
56:59:a1:e7:dd:36:da:eb:1f:4d:88:b5:81:99:ca:
a9:69:6a:6c:e2:bf:4d:04:d4:09:4b:ab:40:2f:0b:
1c:0f:be:f7:0c:d7:69:7e:f1:9f:c8:ff:e8:09:21:
2b:a1:3a:d8:aa:64:86:df:74:64:e3:48:56:36:c8:
b3:15:ef:42:4c:6c:c1:eb:8d:65:ee:a0:ba:b0:ad:
2a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:44:C3:43:DB:CB:1F:42:00:47:89:40:E7:5B:FF:BC:68:C7:22:64
X509v3 Authority Key Identifier:
keyid:82:9F:0F:40:88:4D:D9:91:12:10:05:B0:7D:09:A2:CB:FF:B4:DE:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/gp8PQIhN2ZESEAWwfQmiy_-03sY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gp8PQIhN2ZESEAWwfQmiy_-03sY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A16CF/2CAD508819A211EAAE811C71C4F9AE02/46D7B1B468F911EFAB3D9424C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.198.132.0/24
IPv6:
2403:60c0::/32
Signature Algorithm: sha256WithRSAEncryption
98:d2:5b:6e:74:d7:46:9d:7a:af:f3:41:57:52:34:f1:1a:47:
67:f2:1e:98:ef:9d:43:cf:4a:4d:20:c7:22:f3:5e:ea:c1:fb:
fd:4a:2b:68:6a:8d:66:b2:9c:0f:bf:01:dd:ba:f2:4d:1f:87:
5c:18:a3:f5:05:36:5c:df:9d:bf:71:b7:fb:2b:af:94:8d:2c:
c1:4d:b3:97:43:38:5d:b0:80:c5:bc:49:3d:a1:96:13:cb:87:
bd:2d:4c:46:e5:ba:e9:c0:2b:49:be:7f:76:3d:d3:86:a3:b4:
0c:0f:db:42:18:53:0b:a0:1a:53:2f:4f:11:0a:e3:51:df:bb:
90:88:3b:54:7f:bb:fc:f1:8d:16:36:25:58:12:f8:b1:3a:29:
95:f2:46:19:dd:20:c5:76:53:d2:c5:5f:48:87:b2:af:47:aa:
b7:db:9f:05:48:bf:9a:b0:c1:5c:2c:01:de:ec:88:81:fa:f0:
87:03:16:fb:83:38:c2:16:c1:db:fb:87:93:30:b1:1f:35:f1:
a2:bd:c9:e2:ae:0c:67:d8:24:af:5e:3f:dc:7a:74:e3:4d:19:
cf:48:1f:53:50:d5:56:fc:52:1f:32:4d:aa:fd:3b:5d:1a:0d:
31:ab:bd:60:d6:2d:49:df:d8:3e:b7:be:8e:b1:bc:31:74:32:
af:5e:a7:ee
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC5MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTE2Q0YxMTAvBgNVBAUTKDgyOUYwRjQwODg0REQ5OTExMjEwMDVCMDdEMDlBMkNC
RkZCNERFQzYwHhcNMjQxMjA2MTkwODI1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUzNGJhOC0xOTUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr0nMoRpqkv/aqcau+ZEeVQun0z7JULN3At3N+sexEHHB3euoS8GZ8j2fv3NO
N3frBV2VtTkZVbJd1EzRYEFyjuuwM2koJC+m/HhWlX135/1ye5E3CQUsutBWYF8w
E/oWa3EeRuH+6Hf/auHVCV7QAKQ6nGyD56qKwtyrxlMsJMSQ1thqD5ZdTawQTQqg
aY5OV5WJ8/v1vNSijod0KZprjr/lj42nH7plU1UnD1nqbxj6SrBWWaHn3Tba6x9N
iLWBmcqpaWps4r9NBNQJS6tALwscD773DNdpfvGfyP/oCSEroTrYqmSG33Rk40hW
NsizFe9CTGzB641l7qC6sK0qXQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBxEw0Pb
yx9CAEeJQOdb/7xoxyJkMB8GA1UdIwQYMBaAFIKfD0CITdmREhAFsH0Josv/tN7G
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMTZDRi8yQ0FENTA4ODE5
QTIxMUVBQUU4MTFDNzFDNEY5QUUwMi9ncDhQUUloTjJaRVNFQVd3ZlFtaXlfLTAz
c1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dwOFBRSWhOMlpFU0VBV3dmUW1peV8tMDNzWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTE2Q0YvMkNBRDUwODgxOUEyMTFFQUFFODExQzcxQzRGOUFFMDIvNDZEN0IxQjQ2
OEY5MTFFRkFCM0Q5NDI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnxoQwDQQCAAIwBwMFACQDYMAwDQYJKoZIhvcNAQELBQAD
ggEBAJjSW25010adeq/zQVdSNPEaR2fyHpjvnUPPSk0gxyLzXurB+/1KK2hqjWay
nA+/Ad268k0fh1wYo/UFNlzfnb9xt/srr5SNLMFNs5dDOF2wgMW8ST2hlhPLh70t
TEbluunAK0m+f3Y904ajtAwP20IYUwugGlMvTxEK41Hfu5CIO1R/u/zxjRY2JVgS
+LE6KZXyRhndIMV2U9LFX0iHsq9HqrfbnwVIv5qwwVwsAd7siIH68IcDFvuDOMIW
wdv7h5MwsR818aK9yeKuDGfYJK9eP9x6dONNGc9IH1NQ1Vb8Uh8yTar9O10aDTGr
vWDWLUnf2D63vo6xvDF0Mq9ep+4=
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:35:52 2025 by rpki-client