Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A9E0E/472C392210EE11EA9852957FC4F9AE02/15FB452EE46E11EABA2FD316C4F9AE02.roa
File: 15FB452EE46E11EABA2FD316C4F9AE02.roa (raw, json)
Hash identifier: Dj1n5Ws5ZOwUHxV0iXhdVuXnGHZDTpjS0z8ntITqHGo=
Subject key identifier: 97:E7:FF:42:64:36:5B:F4:44:7F:77:17:23:CF:26:F2:C5:86:B6:9D
Certificate issuer: /CN=A91A9E0E/serialNumber=DACA636996E819AA1F951DC66FF29AD0979C05C8
Certificate serial: 0C0D
Authority key identifier: DA:CA:63:69:96:E8:19:AA:1F:95:1D:C6:6F:F2:9A:D0:97:9C:05:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2spjaZboGaoflR3Gb_Ka0JecBcg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A9E0E/472C392210EE11EA9852957FC4F9AE02/15FB452EE46E11EABA2FD316C4F9AE02.roa
Signing time: Fri 28 Mar 2025 18:59:35 +0000
ROA not before: Fri 28 Mar 2025 18:59:35 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 135346
IP address blocks: 103.109.212.0/22 maxlen: 22
103.109.212.0/24 maxlen: 24
103.109.213.0/24 maxlen: 24
103.109.214.0/24 maxlen: 24
103.109.215.0/24 maxlen: 24
2402:7e40::/32 maxlen: 32
2402:7e40:212::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A9E0E/472C392210EE11EA9852957FC4F9AE02/2spjaZboGaoflR3Gb_Ka0JecBcg.crl
rsync://rpki.apnic.net/member_repository/A91A9E0E/472C392210EE11EA9852957FC4F9AE02/2spjaZboGaoflR3Gb_Ka0JecBcg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2spjaZboGaoflR3Gb_Ka0JecBcg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 18:34:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3085 (0xc0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A9E0E, serialNumber=DACA636996E819AA1F951DC66FF29AD0979C05C8
Validity
Not Before: Mar 28 18:59:35 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e6f197-7190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:72:aa:cb:30:58:55:91:2e:cc:be:eb:4e:0f:
4b:3f:3b:ec:b9:2b:0c:d3:f4:c6:80:57:f7:ca:15:
fe:7e:69:ea:31:82:98:42:81:ce:cf:d8:b3:58:ad:
43:d3:19:6a:a0:6f:66:d3:a7:89:f7:b5:fd:ad:ff:
37:7f:3b:20:06:fd:e9:d9:76:c3:d6:bc:f6:6d:6c:
68:e3:d5:29:c4:fb:03:8a:98:af:cd:56:a2:89:5a:
a4:d8:6e:f5:e6:dd:f8:3f:c9:21:7a:c2:b1:fd:17:
96:33:85:48:9e:78:84:39:37:e8:6a:2a:5c:77:71:
9b:fb:8e:1f:70:7e:38:b9:40:72:df:71:d6:e3:84:
ae:99:d8:57:19:29:62:19:eb:9c:d7:2c:ae:70:20:
49:c7:b5:ae:78:42:e3:8d:d1:ed:8a:08:0c:87:6b:
be:cb:7b:bb:f1:bd:6a:19:bb:31:c9:53:5f:2d:3a:
18:ce:92:d1:6a:69:a0:61:e3:41:fc:2f:86:d7:50:
a2:59:50:6e:0f:39:70:de:74:3f:1a:90:ea:73:1f:
e9:36:11:15:ec:35:47:9f:48:3d:c1:48:3a:ff:c2:
26:bd:3b:5e:82:ef:ac:96:62:4d:73:8f:24:a1:9e:
03:ce:d0:13:3e:c3:9b:97:f3:d5:b3:9c:0e:33:27:
0f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E7:FF:42:64:36:5B:F4:44:7F:77:17:23:CF:26:F2:C5:86:B6:9D
X509v3 Authority Key Identifier:
keyid:DA:CA:63:69:96:E8:19:AA:1F:95:1D:C6:6F:F2:9A:D0:97:9C:05:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A9E0E/472C392210EE11EA9852957FC4F9AE02/2spjaZboGaoflR3Gb_Ka0JecBcg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2spjaZboGaoflR3Gb_Ka0JecBcg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A9E0E/472C392210EE11EA9852957FC4F9AE02/15FB452EE46E11EABA2FD316C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.109.212.0/22
IPv6:
2402:7e40::/32
Signature Algorithm: sha256WithRSAEncryption
8a:0a:b1:b9:94:ab:ac:6c:6a:72:70:56:2f:70:fe:95:41:f4:
0e:4f:b4:9a:62:b7:74:25:43:d4:0f:25:61:7c:5c:4b:99:b6:
f5:8d:99:19:f3:80:67:9a:f0:87:fa:d6:47:9c:c4:fd:9a:03:
5d:c3:cf:d3:e6:24:ae:61:54:0e:00:9e:db:3a:d4:4b:58:cf:
9f:38:4d:d7:01:8e:49:74:0b:91:55:3b:38:90:68:9b:11:57:
7b:c6:f5:47:e8:4a:7a:49:95:9b:bc:17:f1:b1:c1:06:c0:ca:
9e:a6:ff:e3:b0:79:93:ae:60:dd:b9:3f:17:5d:2d:50:c3:a0:
ee:87:ff:71:1d:7d:36:b7:56:a1:e5:16:dc:22:89:bc:18:74:
61:45:a8:50:82:96:04:72:bd:e4:ef:03:79:fc:fa:fb:d1:2a:
8f:20:c4:49:bb:08:00:97:e3:f2:7a:d0:8a:60:69:be:ae:cb:
7a:1d:77:fe:a0:1d:96:dd:68:3a:68:45:95:09:4a:0b:ee:c4:
5f:33:7f:ee:db:4e:f6:df:de:a5:89:d7:a0:35:e8:be:dd:6f:
56:1e:df:4c:d4:89:6a:f5:b5:19:10:34:09:de:b5:e8:b0:f6:
47:5c:70:47:bb:eb:f3:85:14:83:09:ad:33:7b:d0:f0:b0:09:
87:45:8a:55
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDA0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTlFMEUxMTAvBgNVBAUTKERBQ0E2MzY5OTZFODE5QUExRjk1MURDNjZGRjI5QUQw
OTc5QzA1QzgwHhcNMjUwMzI4MTg1OTM1WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U2ZjE5Ny03MTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyXKqyzBYVZEuzL7rTg9LPzvsuSsM0/TGgFf3yhX+fmnqMYKYQoHOz9izWK1D
0xlqoG9m06eJ97X9rf83fzsgBv3p2XbD1rz2bWxo49UpxPsDipivzVaiiVqk2G71
5t34P8khesKx/ReWM4VInniEOTfoaipcd3Gb+44fcH44uUBy33HW44SumdhXGSli
Geuc1yyucCBJx7WueELjjdHtiggMh2u+y3u78b1qGbsxyVNfLToYzpLRammgYeNB
/C+G11CiWVBuDzlw3nQ/GpDqcx/pNhEV7DVHn0g9wUg6/8ImvTtegu+slmJNc48k
oZ4DztATPsObl/PVs5wOMycPkwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJfn/0Jk
Nlv0RH93FyPPJvLFhradMB8GA1UdIwQYMBaAFNrKY2mW6BmqH5Udxm/ymtCXnAXI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOUUwRS80NzJDMzkyMjEw
RUUxMUVBOTg1Mjk1N0ZDNEY5QUUwMi8yc3BqYVpib0dhb2ZsUjNHYl9LYTBKZWNC
Y2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJzcGphWmJvR2FvZmxSM0diX0thMEplY0JjZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTlFMEUvNDcyQzM5MjIxMEVFMTFFQTk4NTI5NTdGQzRGOUFFMDIvMTVGQjQ1MkVF
NDZFMTFFQUJBMkZEMzE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnbdQwDQQCAAIwBwMFACQCfkAwDQYJKoZIhvcNAQELBQAD
ggEBAIoKsbmUq6xsanJwVi9w/pVB9A5PtJpit3QlQ9QPJWF8XEuZtvWNmRnzgGea
8If61kecxP2aA13Dz9PmJK5hVA4Ants61EtYz584TdcBjkl0C5FVOziQaJsRV3vG
9UfoSnpJlZu8F/GxwQbAyp6m/+OweZOuYN25PxddLVDDoO6H/3EdfTa3VqHlFtwi
ibwYdGFFqFCClgRyveTvA3n8+vvRKo8gxEm7CACX4/J60Ipgab6uy3odd/6gHZbd
aDpoRZUJSgvuxF8zf+7bTvbf3qWJ16A16L7db1Ye30zUiWr1tRkQNAneteiw9kdc
cEe76/OFFIMJrTN70PCwCYdFilU=
-----END CERTIFICATE-----
Generated at Mon Apr 14 06:22:30 2025 by rpki-client