Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0D39/7F24FFD0C85811EBBE0EF834C4F9AE02/33B3C60425FD11EDA4097785C4F9AE02.roa
File: 33B3C60425FD11EDA4097785C4F9AE02.roa (raw, json)
Hash identifier: Lp5cRcJpcFyA63AQkO4t4qxLDnu9yrv3fenr3vhHcUw=
Subject key identifier: 87:5F:19:21:B1:3D:32:DF:19:41:E6:A9:2B:33:79:FD:07:BC:4E:48
Certificate issuer: /CN=A91B0D39/serialNumber=97388EFC45D496EEEEAE94847DA60ACCE5D117F9
Certificate serial: 05CF
Authority key identifier: 97:38:8E:FC:45:D4:96:EE:EE:AE:94:84:7D:A6:0A:CC:E5:D1:17:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lziO_EXUlu7urpSEfaYKzOXRF_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0D39/7F24FFD0C85811EBBE0EF834C4F9AE02/33B3C60425FD11EDA4097785C4F9AE02.roa
Signing time: Wed 02 Apr 2025 23:24:56 +0000
ROA not before: Wed 02 Apr 2025 23:24:56 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 38254
IP address blocks: 103.167.250.0/24 maxlen: 24
2001:df6:c480::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B0D39/7F24FFD0C85811EBBE0EF834C4F9AE02/lziO_EXUlu7urpSEfaYKzOXRF_k.crl
rsync://rpki.apnic.net/member_repository/A91B0D39/7F24FFD0C85811EBBE0EF834C4F9AE02/lziO_EXUlu7urpSEfaYKzOXRF_k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lziO_EXUlu7urpSEfaYKzOXRF_k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 22:57:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1487 (0x5cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0D39
Validity
Not Before: Apr 2 23:24:56 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=67edc747-df17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:28:2f:76:50:74:35:1d:14:d2:01:a6:9e:4d:
89:55:43:d9:fb:29:16:60:63:a2:a0:dc:3f:c6:ea:
39:a2:5f:aa:f7:59:7a:f2:07:38:7e:76:cf:33:22:
1a:73:99:17:83:11:9b:2b:b3:dc:8f:00:9b:16:01:
9d:01:81:9f:e4:7f:81:42:03:40:23:c0:ef:99:34:
d5:2a:fb:70:2f:b2:9a:c6:90:a2:da:50:4c:c9:67:
7f:96:71:1f:be:38:bc:60:14:8f:a4:17:26:05:34:
40:54:cb:1a:86:c2:94:94:1e:70:0c:f0:a4:87:bd:
83:96:05:f6:b2:1c:70:ad:82:cd:a7:ae:46:5e:fd:
27:9e:aa:c1:6d:15:cb:b9:b2:df:f1:ad:79:52:dc:
aa:94:bd:31:de:bd:a2:3a:09:6e:ab:8a:45:97:be:
d8:04:42:6b:9d:dd:88:61:21:c2:b6:1b:ca:e0:55:
67:89:75:8f:cc:2a:fc:7d:72:40:0f:a8:4a:9f:66:
b3:68:c1:cb:f0:e7:4c:4b:be:ce:1f:57:19:06:4b:
e9:18:0b:55:38:33:0f:29:46:4e:a5:8c:65:42:8f:
58:e5:e2:75:38:5b:a2:13:e1:17:5d:de:1e:aa:bb:
25:ef:9c:e4:f4:dc:65:af:ab:00:f2:e8:44:2d:d0:
7a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5F:19:21:B1:3D:32:DF:19:41:E6:A9:2B:33:79:FD:07:BC:4E:48
X509v3 Authority Key Identifier:
keyid:97:38:8E:FC:45:D4:96:EE:EE:AE:94:84:7D:A6:0A:CC:E5:D1:17:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0D39/7F24FFD0C85811EBBE0EF834C4F9AE02/lziO_EXUlu7urpSEfaYKzOXRF_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lziO_EXUlu7urpSEfaYKzOXRF_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0D39/7F24FFD0C85811EBBE0EF834C4F9AE02/33B3C60425FD11EDA4097785C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.250.0/24
IPv6:
2001:df6:c480::/48
Signature Algorithm: sha256WithRSAEncryption
77:3f:b0:b3:2e:2e:8e:ed:a2:28:66:cc:0f:11:4a:a0:37:f4:
ca:8c:48:93:97:32:6b:bd:e0:82:d3:0a:4c:54:e7:3f:ec:7b:
43:be:ae:48:0b:b0:50:de:4c:1d:65:ec:1f:81:e0:75:cd:52:
fc:49:3a:d1:47:2a:61:78:33:d5:25:71:04:2b:3f:2b:05:b9:
1a:41:9f:6b:cf:57:cb:21:64:75:99:f6:09:b6:66:b8:42:8c:
5f:eb:64:89:99:df:64:96:46:8b:bc:f1:8a:d0:b4:bd:86:b3:
de:58:13:a8:01:7b:b7:59:b4:69:d0:be:08:de:3a:73:73:a5:
41:00:37:12:5a:f2:2c:5f:40:ec:43:cd:d5:8f:ac:d2:c1:4a:
69:22:f6:cb:2c:22:48:75:6e:09:94:2c:b2:fe:94:88:7c:de:
b1:20:c1:a3:4f:57:b7:49:84:90:f3:e8:4a:af:54:bd:d3:c6:
1c:28:75:b1:a7:e4:ef:39:18:9b:76:b6:c1:4a:48:03:26:36:
17:0b:3b:81:54:b3:37:26:41:66:1c:ac:24:89:a3:06:66:a4:
78:e6:d1:d7:44:8d:bf:81:37:47:23:34:10:76:38:77:1a:91:
af:50:8c:fe:f9:f2:88:c9:ba:73:9e:4e:6a:9c:18:91:c4:05:
ef:6e:d0:36
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjBEMzkxMTAvBgNVBAUTKDk3Mzg4RUZDNDVENDk2RUVFRUFFOTQ4NDdEQTYwQUND
RTVEMTE3RjkwHhcNMjUwNDAyMjMyNDU2WhcNMjYwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2VkYzc0Ny1kZjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwygvdlB0NR0U0gGmnk2JVUPZ+ykWYGOioNw/xuo5ol+q91l68gc4fnbPMyIa
c5kXgxGbK7PcjwCbFgGdAYGf5H+BQgNAI8DvmTTVKvtwL7KaxpCi2lBMyWd/lnEf
vji8YBSPpBcmBTRAVMsahsKUlB5wDPCkh72DlgX2shxwrYLNp65GXv0nnqrBbRXL
ubLf8a15UtyqlL0x3r2iOgluq4pFl77YBEJrnd2IYSHCthvK4FVniXWPzCr8fXJA
D6hKn2azaMHL8OdMS77OH1cZBkvpGAtVODMPKUZOpYxlQo9Y5eJ1OFuiE+EXXd4e
qrsl75zk9Nxlr6sA8uhELdB6DwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIdfGSGx
PTLfGUHmqSszef0HvE5IMB8GA1UdIwQYMBaAFJc4jvxF1Jbu7q6UhH2mCszl0Rf5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMEQzOS83RjI0RkZEMEM4
NTgxMUVCQkUwRUY4MzRDNEY5QUUwMi9semlPX0VYVWx1N3VycFNFZmFZS3pPWFJG
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2x6aU9fRVhVbHU3dXJwU0VmYVlLek9YUkZfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjBEMzkvN0YyNEZGRDBDODU4MTFFQkJFMEVGODM0QzRGOUFFMDIvMzNCM0M2MDQy
NUZEMTFFREE0MDk3Nzg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnp/owDwQCAAIwCQMHACABDfbEgDANBgkqhkiG9w0BAQsF
AAOCAQEAdz+wsy4uju2iKGbMDxFKoDf0yoxIk5cya73ggtMKTFTnP+x7Q76uSAuw
UN5MHWXsH4Hgdc1S/Ek60UcqYXgz1SVxBCs/KwW5GkGfa89XyyFkdZn2CbZmuEKM
X+tkiZnfZJZGi7zxitC0vYaz3lgTqAF7t1m0adC+CN46c3OlQQA3ElryLF9A7EPN
1Y+s0sFKaSL2yywiSHVuCZQssv6UiHzesSDBo09Xt0mEkPPoSq9UvdPGHCh1safk
7zkYm3a2wUpIAyY2Fws7gVSzNyZBZhysJImjBmakeObR10SNv4E3RyM0EHY4dxqR
r1CM/vnyiMm6c55OapwYkcQF727QNg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 13:40:32 2025 by rpki-client