Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7F99463ED96F11EF9CCF0E7CC4F9AE02.roa
File: 7F99463ED96F11EF9CCF0E7CC4F9AE02.roa (raw, json)
Hash identifier: /k83g5GGInm8Y822vBhozxiZTF5+7d1crvJ6eFA+0FQ=
Subject key identifier: AD:37:35:F8:96:F8:6A:DB:54:34:92:77:8E:ED:C1:6A:EC:7E:E6:63
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4970
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7F99463ED96F11EF9CCF0E7CC4F9AE02.roa
Signing time: Thu 23 Jan 2025 09:53:12 +0000
ROA not before: Thu 23 Jan 2025 09:53:12 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 24086
IP address blocks: 103.84.77.0/24 maxlen: 24
103.84.78.0/23 maxlen: 24
116.96.0.0/16 maxlen: 24
116.97.0.0/17 maxlen: 24
116.97.128.0/19 maxlen: 24
116.97.160.0/20 maxlen: 24
116.97.176.0/21 maxlen: 24
116.97.192.0/18 maxlen: 24
116.98.0.0/16 maxlen: 24
116.99.0.0/16 maxlen: 24
116.100.0.0/16 maxlen: 24
116.101.0.0/16 maxlen: 24
116.102.0.0/16 maxlen: 24
116.103.0.0/18 maxlen: 24
116.103.64.0/19 maxlen: 24
116.103.96.0/21 maxlen: 24
116.103.112.0/20 maxlen: 24
116.103.128.0/17 maxlen: 24
116.104.0.0/16 maxlen: 24
116.105.0.0/16 maxlen: 24
116.106.0.0/16 maxlen: 24
116.107.0.0/16 maxlen: 24
116.108.0.0/16 maxlen: 24
116.109.0.0/16 maxlen: 24
116.110.0.0/16 maxlen: 24
116.111.0.0/17 maxlen: 24
116.111.128.0/19 maxlen: 24
116.111.160.0/20 maxlen: 24
116.111.184.0/21 maxlen: 24
125.214.32.0/23 maxlen: 24
125.214.34.0/24 maxlen: 24
125.214.36.0/22 maxlen: 24
125.214.40.0/23 maxlen: 24
125.214.42.0/24 maxlen: 24
125.214.44.0/23 maxlen: 24
125.214.46.0/24 maxlen: 24
171.242.6.0/24 maxlen: 24
203.190.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 14:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18800 (0x4970)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Jan 23 09:53:12 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67921188-e8aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a3:ba:9e:bd:cc:c8:c1:4c:36:ec:ac:59:5d:
09:61:da:21:15:38:4c:cb:e2:2d:64:9b:b9:94:16:
25:7a:b4:f5:5a:b6:0c:87:76:15:7c:ac:7b:fa:40:
d6:11:80:b0:3a:e5:a8:f3:66:78:9c:1d:8b:3d:e8:
4f:62:4c:a9:73:68:33:e4:f6:65:6e:c2:a0:4b:57:
83:a5:fa:e1:dc:8a:f1:63:d2:32:4b:c0:c7:fb:76:
28:2c:10:a5:18:fb:ef:50:a2:4d:c5:22:02:34:98:
0b:22:4d:3a:a6:f3:c4:ec:1f:e8:37:8d:28:31:6a:
5d:6f:fe:52:85:08:ae:07:a0:b8:d1:d7:c9:d6:8d:
29:48:86:f4:a7:2b:6a:48:2f:32:ba:e9:76:a0:34:
da:1b:35:25:a5:20:d8:ae:26:b0:92:04:0b:bd:22:
5b:14:8d:fd:7c:4a:bb:37:58:a3:b0:3b:26:e5:6f:
56:6a:e5:6f:06:b8:1c:39:82:5d:1f:2b:25:ac:e3:
28:92:0c:3d:d0:fc:db:de:aa:02:1a:75:36:33:ed:
ff:e7:37:c2:51:96:42:5c:cd:a6:11:88:97:6b:6d:
e9:1b:55:ae:4e:4c:f0:b0:5c:cb:2c:db:d3:d3:9d:
17:62:8b:01:1e:b8:97:f4:ce:f8:ec:48:a3:2f:59:
e3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:37:35:F8:96:F8:6A:DB:54:34:92:77:8E:ED:C1:6A:EC:7E:E6:63
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/7F99463ED96F11EF9CCF0E7CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.77.0-103.84.79.255
116.96.0.0-116.97.183.255
116.97.192.0-116.103.103.255
116.103.112.0-116.111.175.255
116.111.184.0/21
125.214.32.0-125.214.34.255
125.214.36.0-125.214.42.255
125.214.44.0-125.214.46.255
171.242.6.0/24
203.190.160.0/20
Signature Algorithm: sha256WithRSAEncryption
49:8e:cd:e4:5e:72:f9:46:af:bd:b3:06:ae:f1:6f:de:5a:d3:
5f:ec:40:71:dc:d9:f0:40:5b:0d:5b:fa:dc:18:53:7b:de:6a:
9e:55:0d:8d:91:03:2b:01:32:33:a3:9f:99:61:23:ef:bf:da:
4e:9e:0e:45:40:1c:05:89:b9:e6:cf:0c:75:8b:09:12:b2:1c:
1c:9b:cb:1f:d7:b6:57:8f:c7:6e:d9:5c:d9:59:f5:ec:a4:4b:
fb:4e:fe:68:3f:b2:d2:b7:af:cc:7a:f7:82:6c:0f:14:5d:98:
78:9d:12:21:ea:66:a1:22:ec:e0:2a:d5:93:a2:7c:35:af:be:
b6:d7:b9:2d:b8:51:d5:4a:e7:41:23:a0:03:84:a8:d8:08:3a:
a5:f3:af:6e:00:d0:6e:3f:49:ad:11:0b:e5:95:7e:b7:73:97:
98:3c:33:b3:75:7f:fe:93:c8:2d:d3:38:b2:bf:63:81:2f:23:
2d:cf:c3:22:3e:d2:ba:f9:28:e0:76:bd:6a:74:48:d4:23:d0:
b3:7f:b3:d5:bd:27:4e:3c:93:64:1a:5b:db:1f:ba:75:3a:95:
e6:58:63:42:d6:27:93:05:1f:c9:c6:ac:93:77:64:79:d4:0a:
42:f2:60:9e:0a:e5:0e:ed:c3:c2:5d:82:87:56:a6:ac:ee:f4:
55:fa:a8:91
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgICSXAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwMTIzMDk1MzEyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkyMTE4OC1lOGFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzKO6nr3MyMFMNuysWV0JYdohFThMy+ItZJu5lBYlerT1WrYMh3YVfKx7+kDW
EYCwOuWo82Z4nB2LPehPYkypc2gz5PZlbsKgS1eDpfrh3IrxY9IyS8DH+3YoLBCl
GPvvUKJNxSICNJgLIk06pvPE7B/oN40oMWpdb/5ShQiuB6C40dfJ1o0pSIb0pytq
SC8yuul2oDTaGzUlpSDYriawkgQLvSJbFI39fEq7N1ijsDsm5W9WauVvBrgcOYJd
HyslrOMokgw90Pzb3qoCGnU2M+3/5zfCUZZCXM2mEYiXa23pG1WuTkzwsFzLLNvT
050XYosBHriX9M747EijL1njBwIDAQABo4IDAzCCAv8wHQYDVR0OBBYEFK03NfiW
+GrbVDSSd47twWrsfuZjMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvN0Y5OTQ2M0VE
OTZGMTFFRjlDQ0YwRTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYwGCCsGAQUFBwEHAQH/
BH0wezB5BAIAATBzMAwDBABnVE0DBARnVEAwCwMDBXRgAwQDdGGwMAwDBAZ0YcAD
BAN0Z2AwDAMEBHRncAMEBHRvoAMEA3RvuDAMAwQFfdYgAwQAfdYiMAwDBAJ91iQD
BAB91iowDAMEAn3WLAMEAH3WLgMEAKvyBgMEBMu+oDANBgkqhkiG9w0BAQsFAAOC
AQEASY7N5F5y+UavvbMGrvFv3lrTX+xAcdzZ8EBbDVv63BhTe95qnlUNjZEDKwEy
M6OfmWEj77/aTp4ORUAcBYm55s8MdYsJErIcHJvLH9e2V4/Hbtlc2Vn17KRL+07+
aD+y0revzHr3gmwPFF2YeJ0SIepmoSLs4CrVk6J8Na++tte5LbhR1UrnQSOgA4So
2Ag6pfOvbgDQbj9JrREL5ZV+t3OXmDwzs3V//pPILdM4sr9jgS8jLc/DIj7Suvko
4Ha9anRI1CPQs3+z1b0nTjyTZBpb2x+6dTqV5lhjQtYnkwUfycask3dkedQKQvJg
ngrlDu3Dwl2Ch1amrO70VfqokQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:22:03 2025 by rpki-client