Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/860FE244E7F211EEA82C4340C4F9AE02.roa
File: 860FE244E7F211EEA82C4340C4F9AE02.roa (raw, json)
Hash identifier: MOt4/rtczZ2XuWNA4OgwbPaAH6x2sV9WPLPyaiDEfR8=
Subject key identifier: 69:4E:9C:94:90:8D:E8:76:42:64:65:CF:A4:48:36:D6:F9:6E:F9:B1
Certificate issuer: /CN=A91B036A/serialNumber=0F17F37DBC9484D96E1A0ABC78A4F9CACD5EDA8A
Certificate serial: 0107
Authority key identifier: 0F:17:F3:7D:BC:94:84:D9:6E:1A:0A:BC:78:A4:F9:CA:CD:5E:DA:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/860FE244E7F211EEA82C4340C4F9AE02.roa
Signing time: Tue 25 Feb 2025 07:09:21 +0000
ROA not before: Tue 25 Feb 2025 07:09:21 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 24334
IP address blocks: 103.11.88.0/22 maxlen: 24
202.83.240.0/21 maxlen: 21
202.83.240.0/24 maxlen: 24
202.83.241.0/24 maxlen: 24
202.83.242.0/24 maxlen: 24
202.83.243.0/24 maxlen: 24
202.83.244.0/24 maxlen: 24
202.83.245.0/24 maxlen: 24
202.83.246.0/24 maxlen: 24
202.83.247.0/24 maxlen: 24
202.171.208.0/21 maxlen: 21
202.171.208.0/24 maxlen: 24
202.171.209.0/24 maxlen: 24
202.171.210.0/24 maxlen: 24
202.171.211.0/24 maxlen: 24
202.171.212.0/24 maxlen: 24
202.171.213.0/24 maxlen: 24
202.171.214.0/24 maxlen: 24
202.171.215.0/24 maxlen: 24
203.142.88.0/21 maxlen: 21
203.142.88.0/24 maxlen: 24
203.142.89.0/24 maxlen: 24
203.142.90.0/24 maxlen: 24
203.142.91.0/24 maxlen: 24
203.142.92.0/24 maxlen: 24
203.142.93.0/24 maxlen: 24
203.142.94.0/24 maxlen: 24
203.142.95.0/24 maxlen: 24
2404:1a0::/30 maxlen: 32
2404:1a0:1000::/46 maxlen: 46
2404:1a0:1000::/47 maxlen: 47
2404:1a0:1001::/48 maxlen: 48
2404:1a0:1002::/48 maxlen: 48
2404:1a0:2008::/48 maxlen: 48
2404:1a0:fffc::/46 maxlen: 46
2404:1a0:fffc::/47 maxlen: 47
2404:1a0:ffff::/48 maxlen: 48
2404:1a3:1000::/46 maxlen: 46
2404:1a3:1000::/47 maxlen: 47
2404:1a3:1001::/48 maxlen: 48
2404:1a3:fffc::/46 maxlen: 46
2404:1a3:fffc::/47 maxlen: 47
2404:1a3:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.crl
rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Apr 2025 04:54:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 263 (0x107)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B036A
Validity
Not Before: Feb 25 07:09:21 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67bd6ca1-0eae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a7:a6:b7:41:9e:a1:7e:75:7d:ae:07:a7:1b:
86:8f:b7:8d:44:ca:9c:62:bd:ad:87:35:17:78:63:
cb:c1:dd:19:29:61:be:15:a2:08:c5:90:78:55:f9:
26:e6:55:14:64:54:a6:b1:3d:29:3e:7e:74:26:12:
3a:57:c1:94:c7:5e:b6:75:ee:6f:d3:d7:91:84:5b:
6a:40:ee:1f:e6:cf:30:4f:49:fe:a9:b9:b9:44:74:
5b:58:83:8d:67:40:01:6e:ed:b0:2e:14:75:b6:17:
1c:60:d9:c2:21:d4:8d:22:9d:8f:c5:7e:e3:9d:37:
1a:64:a1:fe:d9:3a:4e:8e:ee:11:40:8a:62:30:78:
21:5c:ea:b0:10:6a:56:42:4f:f2:63:02:0e:2e:b9:
90:f4:c8:b9:ca:8c:03:34:81:8b:b1:17:b6:51:a4:
8a:88:21:4a:13:25:3a:c2:96:68:82:b7:23:8f:40:
47:70:8a:1a:16:cd:dc:75:61:81:4d:3c:98:12:fa:
36:a8:12:96:2c:50:8a:95:1a:74:88:13:a6:3b:d3:
32:5d:d7:b1:55:ef:86:62:77:67:0c:4e:f2:17:e6:
5a:84:a7:33:bf:dd:b7:16:ac:25:e5:bf:8e:f7:28:
a0:00:ce:bf:62:28:1b:ba:d7:57:34:14:c5:ea:07:
3c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:4E:9C:94:90:8D:E8:76:42:64:65:CF:A4:48:36:D6:F9:6E:F9:B1
X509v3 Authority Key Identifier:
keyid:0F:17:F3:7D:BC:94:84:D9:6E:1A:0A:BC:78:A4:F9:CA:CD:5E:DA:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/860FE244E7F211EEA82C4340C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.88.0/22
202.83.240.0/21
202.171.208.0/21
203.142.88.0/21
IPv6:
2404:1a0::/30
Signature Algorithm: sha256WithRSAEncryption
10:97:28:69:1e:3c:c5:de:c5:be:97:83:2a:92:e9:06:d4:69:
c9:1a:b2:6f:06:17:21:b5:d3:8e:6e:cf:88:36:fe:64:ba:04:
a1:69:64:48:18:a4:0a:a7:77:23:aa:64:b3:ae:b2:4a:06:e8:
60:1a:ff:80:06:55:86:88:de:c7:95:0b:5b:a7:fd:bb:35:9b:
b1:61:9d:39:29:0f:e6:72:dd:5d:ed:19:3f:fd:8b:91:fc:14:
c4:fa:75:d6:93:d5:56:f3:9e:ad:5f:1a:80:79:89:79:ca:08:
5c:a4:00:95:58:55:60:0b:77:01:3d:1b:76:7f:13:0e:89:98:
e1:e2:02:92:e4:ad:76:b4:55:28:e7:b7:0c:89:d0:e7:bb:c7:
6a:07:3c:07:30:7e:84:33:d5:48:60:cf:b5:62:cf:b9:a7:1a:
63:18:54:be:1f:96:af:aa:1d:a5:64:d4:4d:5d:4f:fd:eb:a9:
77:32:a9:56:2a:68:4b:d6:e8:8a:38:b8:54:2a:ba:74:23:5e:
55:df:7d:de:26:4f:69:1b:81:c6:6d:f6:ea:d9:cd:49:86:6b:
60:2f:62:a6:7d:b6:2a:43:67:3e:06:f8:1d:14:b1:86:7a:cd:
29:9b:65:9d:4d:fe:50:49:0f:4c:ad:50:3e:74:f8:e0:7c:18:
05:59:71:63
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAQcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjAzNkExMTAvBgNVBAUTKDBGMTdGMzdEQkM5NDg0RDk2RTFBMEFCQzc4QTRGOUNB
Q0Q1RURBOEEwHhcNMjUwMjI1MDcwOTIxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JkNmNhMS0wZWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzqemt0GeoX51fa4HpxuGj7eNRMqcYr2thzUXeGPLwd0ZKWG+FaIIxZB4Vfkm
5lUUZFSmsT0pPn50JhI6V8GUx162de5v09eRhFtqQO4f5s8wT0n+qbm5RHRbWION
Z0ABbu2wLhR1thccYNnCIdSNIp2PxX7jnTcaZKH+2TpOju4RQIpiMHghXOqwEGpW
Qk/yYwIOLrmQ9Mi5yowDNIGLsRe2UaSKiCFKEyU6wpZogrcjj0BHcIoaFs3cdWGB
TTyYEvo2qBKWLFCKlRp0iBOmO9MyXdexVe+GYndnDE7yF+ZahKczv923Fqwl5b+O
9yigAM6/YigbutdXNBTF6gc8YwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFGlOnJSQ
jeh2QmRlz6RINtb5bvmxMB8GA1UdIwQYMBaAFA8X8328lITZbhoKvHik+crNXtqK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDM2QS9CQkMyRjc3NkQx
RjExMUVFODYwNTFBNjFDNEY5QUUwMi9EeGZ6ZmJ5VWhObHVHZ3E4ZUtUNXlzMWUy
b28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0R4ZnpmYnlVaE5sdUdncThlS1Q1eXMxZTJvby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjAzNkEvQkJDMkY3NzZEMUYxMTFFRTg2MDUxQTYxQzRGOUFFMDIvODYwRkUyNDRF
N0YyMTFFRUE4MkM0MzQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnC1gDBAPKU/ADBAPKq9ADBAPLjlgwDQQCAAIwBwMFAiQE
AaAwDQYJKoZIhvcNAQELBQADggEBABCXKGkePMXexb6XgyqS6QbUackasm8GFyG1
045uz4g2/mS6BKFpZEgYpAqndyOqZLOuskoG6GAa/4AGVYaI3seVC1un/bs1m7Fh
nTkpD+Zy3V3tGT/9i5H8FMT6ddaT1Vbznq1fGoB5iXnKCFykAJVYVWALdwE9G3Z/
Ew6JmOHiApLkrXa0VSjntwyJ0Oe7x2oHPAcwfoQz1Uhgz7Viz7mnGmMYVL4flq+q
HaVk1E1dT/3rqXcyqVYqaEvW6Io4uFQqunQjXlXffd4mT2kbgcZt9urZzUmGa2Av
YqZ9tipDZz4G+B0UsYZ6zSmbZZ1N/lBJD0ytUD50+OB8GAVZcWM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:50:40 2025 by rpki-client