Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/E62A9F32CA6611EFAA521732C4F9AE02.roa
File: E62A9F32CA6611EFAA521732C4F9AE02.roa (raw, json)
Hash identifier: vwPT4lr50IGcOZxTvf7JyWM9bGLxcukFrRFH+vh9jsk=
Subject key identifier: 86:81:7D:1A:5D:50:B7:66:56:F5:A6:69:90:76:42:38:F2:2A:6F:13
Certificate issuer: /CN=A91B5073/serialNumber=17817CB8289231B4707E9D5B406D58AFF79D1E01
Certificate serial: 0887
Authority key identifier: 17:81:7C:B8:28:92:31:B4:70:7E:9D:5B:40:6D:58:AF:F7:9D:1E:01
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F4F8uCiSMbRwfp1bQG1Yr_edHgE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/E62A9F32CA6611EFAA521732C4F9AE02.roa
Signing time: Sat 04 Jan 2025 06:42:32 +0000
ROA not before: Sat 04 Jan 2025 06:42:32 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 149311
IP address blocks: 103.134.201.0/24 maxlen: 24
103.134.202.0/24 maxlen: 24
103.134.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/F4F8uCiSMbRwfp1bQG1Yr_edHgE.crl
rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/F4F8uCiSMbRwfp1bQG1Yr_edHgE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F4F8uCiSMbRwfp1bQG1Yr_edHgE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 17:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2183 (0x887)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5073, serialNumber=17817CB8289231B4707E9D5B406D58AFF79D1E01
Validity
Not Before: Jan 4 06:42:32 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6778d857-dfd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:20:ff:ea:d4:01:b3:ff:aa:b5:56:3c:da:aa:
77:8b:63:0f:2c:41:fd:7b:b6:e9:78:31:b8:78:79:
4b:81:7c:cb:11:03:fa:38:42:45:5c:5e:67:e2:ae:
b1:9d:28:b3:3b:4b:60:1d:0e:f4:31:72:1f:dc:54:
1c:80:04:ab:90:8d:ca:5d:eb:73:55:4a:7a:c3:cb:
12:4c:33:07:51:d3:f6:7e:81:d6:c0:8d:5f:e8:65:
35:f6:00:7a:1e:be:5f:87:6c:99:29:02:a5:b5:89:
55:06:8d:2f:06:2e:fb:ae:ab:59:de:01:d7:24:69:
5c:df:2b:e9:e3:1f:53:c6:1c:9c:72:d9:c4:11:1a:
40:97:a7:38:4c:20:42:1e:57:50:75:77:a6:21:d8:
ee:0a:8d:ea:77:d0:fb:60:a8:85:f9:5d:5f:99:12:
3d:16:9c:cb:a3:d1:66:26:8f:d0:f0:d7:21:3e:b7:
ce:d6:3b:16:8e:24:f6:5f:a5:04:5f:d1:15:b4:e2:
42:ae:0e:38:df:4d:f0:45:3d:15:04:6f:24:12:e0:
94:b2:6f:20:c1:67:63:ee:49:e8:19:89:cd:55:c8:
6e:fa:93:00:79:16:4e:cb:a5:37:d5:26:76:a3:0c:
cf:38:4e:5d:bc:d7:30:55:6d:ba:0a:40:5a:6b:99:
39:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:81:7D:1A:5D:50:B7:66:56:F5:A6:69:90:76:42:38:F2:2A:6F:13
X509v3 Authority Key Identifier:
keyid:17:81:7C:B8:28:92:31:B4:70:7E:9D:5B:40:6D:58:AF:F7:9D:1E:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/F4F8uCiSMbRwfp1bQG1Yr_edHgE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F4F8uCiSMbRwfp1bQG1Yr_edHgE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5073/43F16264339511E9BFB1C21AC4F9AE02/E62A9F32CA6611EFAA521732C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.134.201.0-103.134.203.255
Signature Algorithm: sha256WithRSAEncryption
96:c3:32:92:78:2c:34:b2:fb:1e:5c:80:c9:ab:cf:77:77:bc:
b1:ce:67:6a:eb:89:44:a4:3e:8b:f7:6c:ee:e6:69:60:c9:5d:
3c:9b:50:11:c0:04:c7:5c:ec:51:6b:52:a7:22:f1:3d:9f:fa:
94:fa:07:aa:04:c7:ca:04:16:6b:e0:d8:aa:f6:e8:a0:4f:6b:
b7:36:e5:5d:a8:ba:c6:64:37:16:f6:58:a4:d4:ca:d8:e5:08:
a5:f7:1a:75:22:fd:70:6f:09:50:94:41:37:3c:eb:8b:49:03:
35:aa:9f:b9:74:98:cc:91:83:a9:ba:aa:50:89:9a:a9:dd:c3:
3c:36:08:a6:28:80:e6:32:4b:d3:53:88:80:35:ed:d4:70:a3:
f8:05:0d:b2:f2:3e:c3:ce:c3:43:88:44:37:bb:e1:9a:77:27:
db:0f:e6:14:56:af:49:68:90:a6:1a:7c:22:62:ca:af:16:c0:
79:9c:2b:5b:66:d5:c0:e7:02:30:17:93:1d:e1:a9:e0:4a:b2:
ff:00:1e:55:3d:d0:d6:7d:c0:ca:2c:fc:8c:27:65:86:8c:56:
4f:cc:06:e4:42:c6:95:54:22:36:d8:9c:80:8f:ac:f3:30:98:
72:7a:0b:1c:03:ff:f0:f6:08:ca:92:f6:1d:c2:e6:3c:31:79:
7a:5f:59:4e
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICCIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjUwNzMxMTAvBgNVBAUTKDE3ODE3Q0I4Mjg5MjMxQjQ3MDdFOUQ1QjQwNkQ1OEFG
Rjc5RDFFMDEwHhcNMjUwMTA0MDY0MjMyWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc4ZDg1Ny1kZmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1SD/6tQBs/+qtVY82qp3i2MPLEH9e7bpeDG4eHlLgXzLEQP6OEJFXF5n4q6x
nSizO0tgHQ70MXIf3FQcgASrkI3KXetzVUp6w8sSTDMHUdP2foHWwI1f6GU19gB6
Hr5fh2yZKQKltYlVBo0vBi77rqtZ3gHXJGlc3yvp4x9TxhycctnEERpAl6c4TCBC
HldQdXemIdjuCo3qd9D7YKiF+V1fmRI9FpzLo9FmJo/Q8NchPrfO1jsWjiT2X6UE
X9EVtOJCrg44303wRT0VBG8kEuCUsm8gwWdj7knoGYnNVchu+pMAeRZOy6U31SZ2
owzPOE5dvNcwVW26CkBaa5k5TQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFIaBfRpd
ULdmVvWmaZB2QjjyKm8TMB8GA1UdIwQYMBaAFBeBfLgokjG0cH6dW0BtWK/3nR4B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTA3My80M0YxNjI2NDMz
OTUxMUU5QkZCMUMyMUFDNEY5QUUwMi9GNEY4dUNpU01iUndmcDFiUUcxWXJfZWRI
Z0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Y0Rjh1Q2lTTWJSd2ZwMWJRRzFZcl9lZEhnRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjUwNzMvNDNGMTYyNjQzMzk1MTFFOUJGQjFDMjFBQzRGOUFFMDIvRTYyQTlGMzJD
QTY2MTFFRkFBNTIxNzMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGeGyQMEAmeGyDANBgkqhkiG9w0BAQsFAAOCAQEAlsMy
kngsNLL7HlyAyavPd3e8sc5nauuJRKQ+i/ds7uZpYMldPJtQEcAEx1zsUWtSpyLx
PZ/6lPoHqgTHygQWa+DYqvbooE9rtzblXai6xmQ3FvZYpNTK2OUIpfcadSL9cG8J
UJRBNzzri0kDNaqfuXSYzJGDqbqqUImaqd3DPDYIpiiA5jJL01OIgDXt1HCj+AUN
svI+w87DQ4hEN7vhmncn2w/mFFavSWiQphp8ImLKrxbAeZwrW2bVwOcCMBeTHeGp
4Eqy/wAeVT3Q1n3Ayiz8jCdlhoxWT8wG5ELGlVQiNticgI+s8zCYcnoLHAP/8PYI
ypL2HcLmPDF5el9ZTg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 10:41:52 2025 by rpki-client