Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8405/F9C19696321211EA93633A59C4F9AE02/933DE524C2B811EEAA1FD486C4F9AE02.roa
File: 933DE524C2B811EEAA1FD486C4F9AE02.roa (raw, json)
Hash identifier: fUCvUsdE5BjK2E7JovOFAfK5/ksn+RyULPqTK3NyDTE=
Subject key identifier: 6E:3A:CF:B7:0C:BE:0E:38:5C:62:0A:BF:B0:0D:F2:74:15:31:E8:41
Certificate issuer: /CN=A91A8405/serialNumber=2D9ED3D26E635F7CFFE4BBF52087150B7A42188F
Certificate serial: 0B65
Authority key identifier: 2D:9E:D3:D2:6E:63:5F:7C:FF:E4:BB:F5:20:87:15:0B:7A:42:18:8F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LZ7T0m5jX3z_5Lv1IIcVC3pCGI8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A8405/F9C19696321211EA93633A59C4F9AE02/933DE524C2B811EEAA1FD486C4F9AE02.roa
Signing time: Sun 16 Mar 2025 14:23:26 +0000
ROA not before: Sun 16 Mar 2025 14:23:26 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 139841
IP address blocks: 103.112.204.0/24 maxlen: 24
103.112.206.0/24 maxlen: 24
103.112.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A8405/F9C19696321211EA93633A59C4F9AE02/LZ7T0m5jX3z_5Lv1IIcVC3pCGI8.crl
rsync://rpki.apnic.net/member_repository/A91A8405/F9C19696321211EA93633A59C4F9AE02/LZ7T0m5jX3z_5Lv1IIcVC3pCGI8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LZ7T0m5jX3z_5Lv1IIcVC3pCGI8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 18:57:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2917 (0xb65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A8405, serialNumber=2D9ED3D26E635F7CFFE4BBF52087150B7A42188F
Validity
Not Before: Mar 16 14:23:26 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67d6dede-66af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:24:a0:a9:1e:34:d3:08:91:43:41:a4:ac:5f:
4f:43:82:5d:b9:f8:26:d6:55:fe:d9:99:10:d7:23:
42:d9:bd:21:f6:cc:f5:af:dc:37:a6:a6:34:cd:82:
b5:3d:80:5e:a4:e1:c0:e1:01:e9:ed:20:c6:c6:90:
2e:25:fb:bc:12:28:5e:c8:47:2e:e8:ed:c3:25:2f:
e3:11:b2:72:82:22:96:df:99:3d:e7:dc:3a:2e:22:
f2:22:38:a4:98:db:56:97:38:36:51:a1:fa:03:ea:
c3:1a:a5:46:ac:2e:a5:0f:c1:45:dc:0b:ba:ba:ab:
6f:fd:9d:05:1e:7e:5b:5f:ba:38:cc:65:b5:23:3a:
1b:71:89:81:81:b6:bf:f4:6f:1d:b9:b3:c2:fb:1b:
23:54:bf:74:e5:57:34:51:75:b9:27:bd:9b:20:25:
e0:ea:7a:a6:2c:a3:28:48:d5:9d:5e:0a:0a:0f:5a:
e2:61:1c:6c:b7:37:06:fd:dc:95:de:90:44:5d:c1:
a9:18:35:9f:87:3c:eb:59:72:72:f7:1e:70:df:d9:
82:cd:4e:28:c4:b1:98:39:6f:eb:50:b0:47:3a:bc:
72:25:ac:c7:9f:a6:f6:92:1e:df:38:84:63:b5:22:
83:16:f9:38:97:39:12:fe:ca:e9:04:98:50:3d:b1:
e8:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:3A:CF:B7:0C:BE:0E:38:5C:62:0A:BF:B0:0D:F2:74:15:31:E8:41
X509v3 Authority Key Identifier:
keyid:2D:9E:D3:D2:6E:63:5F:7C:FF:E4:BB:F5:20:87:15:0B:7A:42:18:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A8405/F9C19696321211EA93633A59C4F9AE02/LZ7T0m5jX3z_5Lv1IIcVC3pCGI8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LZ7T0m5jX3z_5Lv1IIcVC3pCGI8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8405/F9C19696321211EA93633A59C4F9AE02/933DE524C2B811EEAA1FD486C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.112.204.0/24
103.112.206.0/23
Signature Algorithm: sha256WithRSAEncryption
44:fc:28:f3:dc:4e:c9:8d:ab:b1:a7:da:61:33:1a:00:1d:7c:
82:46:20:9a:b5:84:dc:3a:ac:c0:40:6a:ed:77:a2:0c:f7:da:
27:c1:46:3c:03:8a:49:ee:98:3b:e7:c2:ef:17:a6:34:8b:c0:
59:6b:86:04:91:95:fc:4f:b5:f2:ad:dd:69:4c:84:be:9b:d0:
47:cd:4c:1c:21:f0:0e:32:ef:e9:38:6e:82:1d:e6:a7:6d:d7:
1e:7a:0e:20:5e:36:92:c6:5c:44:b0:06:82:48:0c:e1:be:f9:
64:b5:93:c5:b8:48:3f:83:e8:a6:0e:8b:37:22:fe:1b:2a:71:
93:79:3c:3a:85:fc:62:da:7c:c2:fd:a3:d5:a0:54:ee:01:76:
ef:0f:42:1b:0c:60:77:0c:ee:de:b5:44:bf:05:1d:d5:65:94:
de:2b:e8:aa:a3:d8:6a:d6:26:a0:d8:04:12:0c:f1:aa:1e:0c:
b2:31:11:83:61:36:c8:c6:7c:30:dc:b6:80:35:7d:ec:42:dc:
09:af:32:84:6a:19:1d:93:df:10:3f:cc:1f:ee:44:e3:57:16:
b5:4d:2f:c8:90:19:be:c0:cf:6f:98:06:83:32:2a:98:2d:3b:
7c:1a:4e:84:5a:62:d0:6c:6c:62:5d:87:2f:f8:46:35:b5:28:
00:4d:d1:2a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC2UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTg0MDUxMTAvBgNVBAUTKDJEOUVEM0QyNkU2MzVGN0NGRkU0QkJGNTIwODcxNTBC
N0E0MjE4OEYwHhcNMjUwMzE2MTQyMzI2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q2ZGVkZS02NmFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6ySgqR400wiRQ0GkrF9PQ4Jdufgm1lX+2ZkQ1yNC2b0h9sz1r9w3pqY0zYK1
PYBepOHA4QHp7SDGxpAuJfu8EiheyEcu6O3DJS/jEbJygiKW35k959w6LiLyIjik
mNtWlzg2UaH6A+rDGqVGrC6lD8FF3Au6uqtv/Z0FHn5bX7o4zGW1IzobcYmBgba/
9G8dubPC+xsjVL905Vc0UXW5J72bICXg6nqmLKMoSNWdXgoKD1riYRxstzcG/dyV
3pBEXcGpGDWfhzzrWXJy9x5w39mCzU4oxLGYOW/rULBHOrxyJazHn6b2kh7fOIRj
tSKDFvk4lzkS/srpBJhQPbHoLwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFG46z7cM
vg44XGIKv7AN8nQVMehBMB8GA1UdIwQYMBaAFC2e09JuY198/+S79SCHFQt6QhiP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBODQwNS9GOUMxOTY5NjMy
MTIxMUVBOTM2MzNBNTlDNEY5QUUwMi9MWjdUMG01algzel81THYxSUljVkMzcENH
STguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xaN1QwbTVqWDN6XzVMdjFJSWNWQzNwQ0dJOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTg0MDUvRjlDMTk2OTYzMjEyMTFFQTkzNjMzQTU5QzRGOUFFMDIvOTMzREU1MjRD
MkI4MTFFRUFBMUZENDg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABncMwDBAFncM4wDQYJKoZIhvcNAQELBQADggEBAET8KPPc
TsmNq7Gn2mEzGgAdfIJGIJq1hNw6rMBAau13ogz32ifBRjwDiknumDvnwu8XpjSL
wFlrhgSRlfxPtfKt3WlMhL6b0EfNTBwh8A4y7+k4boId5qdt1x56DiBeNpLGXESw
BoJIDOG++WS1k8W4SD+D6KYOizci/hsqcZN5PDqF/GLafML9o9WgVO4Bdu8PQhsM
YHcM7t61RL8FHdVllN4r6Kqj2GrWJqDYBBIM8aoeDLIxEYNhNsjGfDDctoA1fexC
3AmvMoRqGR2T3xA/zB/uRONXFrVNL8iQGb7Az2+YBoMyKpgtO3waToRaYtBsbGJd
hy/4RjW1KABN0So=
-----END CERTIFICATE-----
Generated at Sun Apr 13 17:50:14 2025 by rpki-client