Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/AB836E64987711EC929A7B2AC4F9AE02.roa
File: AB836E64987711EC929A7B2AC4F9AE02.roa (raw, json)
Hash identifier: YdnUNTcV3h0Lwm/x+Witf3SgxJvzwuG6ns7pXmpkAp4=
Subject key identifier: AE:64:51:CB:9A:27:16:C6:3C:2C:3A:FE:E6:D3:8E:7D:4B:C7:1A:85
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4676
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/AB836E64987711EC929A7B2AC4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:36:27 +0000
ROA not before: Thu 05 Sep 2024 03:36:27 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 56155
IP address blocks: 103.108.136.0/22 maxlen: 24
103.199.4.0/22 maxlen: 24
2001:df4:2900::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 17 Apr 2025 14:26:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18038 (0x4676)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:36:27 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d9273b-5828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:81:ca:71:d2:f3:a2:a4:43:bf:ca:2a:d7:e1:
17:d2:fd:b7:6b:e5:78:75:1b:fb:8f:18:32:96:af:
ac:fb:55:13:00:ea:da:c6:75:bc:9e:ea:e2:58:ff:
7e:a2:1e:25:21:c0:e1:43:40:f5:d2:f3:d0:47:d5:
41:43:c1:c7:21:fa:c9:fb:02:ff:0d:68:0b:08:a7:
ca:46:a9:ad:88:7a:fb:b6:e4:e7:2f:c0:f3:e4:06:
11:81:08:e3:8f:25:29:ac:95:83:ae:bb:73:a3:5d:
9b:15:42:5a:c1:27:a4:5f:41:15:03:08:ac:e5:20:
95:31:0e:07:f9:89:d8:51:5b:60:11:e1:84:38:42:
52:af:c0:1c:cb:cf:6a:84:49:cb:6e:07:13:d5:5f:
b1:a7:3c:b8:dd:ba:73:7d:a9:96:5f:f0:1c:a0:d9:
ec:57:02:01:6a:de:9d:a3:16:ba:7c:d8:10:ba:16:
13:12:5d:6d:5b:8d:dd:e5:bc:7a:72:92:bb:08:cd:
91:f2:da:d0:df:21:d9:a7:1e:2f:1b:ea:17:a9:4b:
c3:ec:31:ca:9b:c9:49:e5:42:95:f7:7d:6f:a3:a4:
23:a3:13:84:1b:d0:86:ca:7d:9e:96:8f:25:5e:b4:
51:4e:ce:3e:5c:7a:73:aa:ea:b3:f2:0f:30:d2:24:
36:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:64:51:CB:9A:27:16:C6:3C:2C:3A:FE:E6:D3:8E:7D:4B:C7:1A:85
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/AB836E64987711EC929A7B2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.108.136.0/22
103.199.4.0/22
IPv6:
2001:df4:2900::/48
Signature Algorithm: sha256WithRSAEncryption
9c:21:02:2a:b3:c6:aa:a6:aa:25:c6:15:d2:d8:45:d9:f8:91:
bf:6c:25:9b:d6:36:e4:8c:66:4c:30:5a:4f:1e:d6:2d:98:44:
25:b7:d9:9d:2f:08:4a:50:e0:47:7b:8b:de:18:a0:6b:a1:48:
6a:08:6d:0d:43:cf:89:1d:a3:86:0e:86:14:1d:31:8b:2a:80:
0c:42:a8:47:fb:0c:d7:4a:da:f7:f0:5c:35:c9:ae:8e:18:86:
22:31:34:20:b9:65:70:3c:7f:c7:c8:93:55:a3:dd:a3:62:8b:
bb:2c:9b:27:ae:84:34:75:d9:b4:1e:3f:2a:22:70:c7:a1:9c:
c1:f3:06:3b:ba:75:8a:5a:4f:9b:af:6e:6c:83:c5:85:41:1f:
9d:75:bc:52:60:6d:69:32:6d:c2:24:6d:5a:51:10:fb:47:b9:
5b:b8:16:82:50:1a:92:b7:c5:0c:34:ed:1b:85:b6:96:96:bb:
44:7c:fb:71:0c:22:bd:22:3e:9c:19:98:42:6a:44:19:92:5e:
e6:4a:c1:98:d0:ca:f1:46:f7:17:a1:d1:6e:95:1e:10:08:4a:
84:fd:62:be:4c:47:4d:59:26:d1:1d:3d:bc:b7:7a:14:4b:be:
9e:7b:90:22:8d:4c:72:a5:db:aa:e4:b5:08:32:67:86:95:7e:
b6:9c:0d:0b
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICRnYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNjI3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjczYi01ODI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt4HKcdLzoqRDv8oq1+EX0v23a+V4dRv7jxgylq+s+1UTAOraxnW8nuriWP9+
oh4lIcDhQ0D10vPQR9VBQ8HHIfrJ+wL/DWgLCKfKRqmtiHr7tuTnL8Dz5AYRgQjj
jyUprJWDrrtzo12bFUJawSekX0EVAwis5SCVMQ4H+YnYUVtgEeGEOEJSr8Acy89q
hEnLbgcT1V+xpzy43bpzfamWX/AcoNnsVwIBat6doxa6fNgQuhYTEl1tW43d5bx6
cpK7CM2R8trQ3yHZpx4vG+oXqUvD7DHKm8lJ5UKV931vo6QjoxOEG9CGyn2elo8l
XrRRTs4+XHpzquqz8g8w0iQ2wwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFK5kUcua
JxbGPCw6/ubTjn1LxxqFMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQUI4MzZFNjQ5
ODc3MTFFQzkyOUE3QjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAJnbIgDBAJnxwQwDwQCAAIwCQMHACABDfQpADANBgkqhkiG
9w0BAQsFAAOCAQEAnCECKrPGqqaqJcYV0thF2fiRv2wlm9Y25IxmTDBaTx7WLZhE
JbfZnS8ISlDgR3uL3higa6FIaghtDUPPiR2jhg6GFB0xiyqADEKoR/sM10ra9/Bc
NcmujhiGIjE0ILllcDx/x8iTVaPdo2KLuyybJ66ENHXZtB4/KiJwx6GcwfMGO7p1
ilpPm69ubIPFhUEfnXW8UmBtaTJtwiRtWlEQ+0e5W7gWglAakrfFDDTtG4W2lpa7
RHz7cQwivSI+nBmYQmpEGZJe5krBmNDK8Ub3F6HRbpUeEAhKhP1ivkxHTVkm0R09
vLd6FEu+nnuQIo1McqXbquS1CDJnhpV+tpwNCw==
-----END CERTIFICATE-----
Generated at Thu Apr 10 20:06:00 2025 by rpki-client