Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5418/0C0B800EF68211E9A8996146C4F9AE02/D3EC028C2AF511EE90800A65C4F9AE02.roa
File: D3EC028C2AF511EE90800A65C4F9AE02.roa (raw, json)
Hash identifier: zIiMG8XFOiJ8fVgB0n1RemI6nwHpnANJJ7roaqe/Oos=
Subject key identifier: 73:B8:1A:5E:58:14:ED:32:E3:56:2B:DA:45:27:67:A5:09:C3:A2:F8
Certificate issuer: /CN=A91B5418/serialNumber=6B5EBFE98A378764C1B12DCB6904E4610B50AC57
Certificate serial: 0C06
Authority key identifier: 6B:5E:BF:E9:8A:37:87:64:C1:B1:2D:CB:69:04:E4:61:0B:50:AC:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a16_6Yo3h2TBsS3LaQTkYQtQrFc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5418/0C0B800EF68211E9A8996146C4F9AE02/D3EC028C2AF511EE90800A65C4F9AE02.roa
Signing time: Mon 06 May 2024 19:28:20 +0000
ROA not before: Mon 06 May 2024 19:28:20 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 135341
IP address blocks: 103.137.72.0/24 maxlen: 24
103.137.73.0/24 maxlen: 24
103.137.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B5418/0C0B800EF68211E9A8996146C4F9AE02/a16_6Yo3h2TBsS3LaQTkYQtQrFc.crl
rsync://rpki.apnic.net/member_repository/A91B5418/0C0B800EF68211E9A8996146C4F9AE02/a16_6Yo3h2TBsS3LaQTkYQtQrFc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a16_6Yo3h2TBsS3LaQTkYQtQrFc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 18:13:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3078 (0xc06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5418
Validity
Not Before: May 6 19:28:20 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66392f53-f014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:c4:40:6c:b9:24:c1:63:10:6d:bc:b9:c5:1c:
3f:07:d1:57:0c:05:53:3e:6e:c4:1f:aa:b0:b6:40:
da:38:ab:15:46:a7:ef:d5:56:21:1f:e8:fc:e2:73:
ea:04:26:fd:c8:d2:ca:48:6a:1c:47:da:e4:de:a6:
89:0a:c5:19:52:f7:1f:ce:03:92:98:58:9c:44:96:
50:d3:aa:00:bb:6e:b5:c3:f6:39:3d:9b:55:c7:cd:
98:e2:0d:26:ea:9b:9f:4d:a4:a6:99:39:c2:f9:e6:
49:d7:cc:9f:07:cf:ab:5e:a4:0f:09:0d:68:0d:39:
13:09:30:12:58:9b:bc:a5:9a:dc:f4:a5:01:2d:0c:
fa:74:6e:ba:b5:70:5d:f6:07:bc:3e:b6:b0:84:72:
cb:2b:8d:98:66:af:d9:8e:a2:2e:44:a5:c9:d9:d6:
42:af:56:13:ec:40:41:76:00:81:a2:4b:c4:bf:5b:
eb:d5:e7:ef:5e:c0:dd:15:f0:00:a3:d3:1f:d9:f7:
9e:2a:04:85:46:b9:d8:1b:83:15:5d:ca:65:06:53:
a1:bc:76:25:e3:c2:1e:d8:fb:de:8e:9b:f4:89:c1:
84:95:60:5e:68:88:06:97:f1:92:66:22:53:13:99:
a7:5e:da:b4:af:a8:85:52:50:34:d8:e0:95:8e:bb:
a0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B8:1A:5E:58:14:ED:32:E3:56:2B:DA:45:27:67:A5:09:C3:A2:F8
X509v3 Authority Key Identifier:
keyid:6B:5E:BF:E9:8A:37:87:64:C1:B1:2D:CB:69:04:E4:61:0B:50:AC:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5418/0C0B800EF68211E9A8996146C4F9AE02/a16_6Yo3h2TBsS3LaQTkYQtQrFc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a16_6Yo3h2TBsS3LaQTkYQtQrFc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5418/0C0B800EF68211E9A8996146C4F9AE02/D3EC028C2AF511EE90800A65C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.72.0-103.137.74.255
Signature Algorithm: sha256WithRSAEncryption
28:db:22:68:96:75:9a:c2:14:78:40:9f:b9:5b:51:e1:1a:3b:
6e:7c:b3:d4:f1:e8:8b:38:df:f1:e2:21:ce:84:f0:22:c8:c3:
20:18:f5:61:2a:1e:2e:4f:30:4c:cb:28:f1:3d:a3:ab:1e:46:
a7:5a:e4:7f:7d:c5:aa:cf:b3:a6:af:dd:ca:69:55:24:74:2c:
19:3e:ef:40:36:2a:05:43:c8:95:8f:eb:9a:96:bb:db:69:54:
f1:3a:0e:93:83:ec:91:8d:9b:d8:1d:f9:97:df:de:a9:a5:cf:
d5:42:31:a1:29:77:85:dc:d6:35:71:41:22:df:a2:10:5f:83:
9f:51:ac:68:bb:ac:06:82:a8:01:6b:66:0b:07:8f:55:35:45:
59:95:3c:b1:3f:6a:69:6d:79:7a:6e:8c:c8:41:4d:a6:14:e4:
9c:22:90:d0:34:24:61:24:a4:45:bb:4c:68:4e:10:95:67:5f:
32:e0:0e:fa:eb:68:91:00:40:c6:1a:cb:c8:1c:45:c8:73:76:
47:44:db:6e:cd:ef:3f:f6:e0:ec:3d:2c:3e:91:55:70:ba:65:
79:81:1c:43:c2:7f:38:09:52:59:d9:a4:f6:14:f8:37:29:31:
ec:51:90:dc:a9:73:2b:67:3a:70:f5:ff:89:13:38:cc:b2:1d:
be:7a:06:75
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICDAYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU0MTgxMTAvBgNVBAUTKDZCNUVCRkU5OEEzNzg3NjRDMUIxMkRDQjY5MDRFNDYx
MEI1MEFDNTcwHhcNMjQwNTA2MTkyODIwWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM5MmY1My1mMDE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8MRAbLkkwWMQbby5xRw/B9FXDAVTPm7EH6qwtkDaOKsVRqfv1VYhH+j84nPq
BCb9yNLKSGocR9rk3qaJCsUZUvcfzgOSmFicRJZQ06oAu261w/Y5PZtVx82Y4g0m
6pufTaSmmTnC+eZJ18yfB8+rXqQPCQ1oDTkTCTASWJu8pZrc9KUBLQz6dG66tXBd
9ge8PrawhHLLK42YZq/ZjqIuRKXJ2dZCr1YT7EBBdgCBokvEv1vr1efvXsDdFfAA
o9Mf2feeKgSFRrnYG4MVXcplBlOhvHYl48Ie2Pvejpv0icGElWBeaIgGl/GSZiJT
E5mnXtq0r6iFUlA02OCVjrugRQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFHO4Gl5Y
FO0y41Yr2kUnZ6UJw6L4MB8GA1UdIwQYMBaAFGtev+mKN4dkwbEty2kE5GELUKxX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTQxOC8wQzBCODAwRUY2
ODIxMUU5QTg5OTYxNDZDNEY5QUUwMi9hMTZfNllvM2gyVEJzUzNMYVFUa1lRdFFy
RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ExNl82WW8zaDJUQnNTM0xhUVRrWVF0UXJGYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjU0MTgvMEMwQjgwMEVGNjgyMTFFOUE4OTk2MTQ2QzRGOUFFMDIvRDNFQzAyOEMy
QUY1MTFFRTkwODAwQTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEA2eJSAMEAGeJSjANBgkqhkiG9w0BAQsFAAOCAQEAKNsi
aJZ1msIUeECfuVtR4Ro7bnyz1PHoizjf8eIhzoTwIsjDIBj1YSoeLk8wTMso8T2j
qx5Gp1rkf33Fqs+zpq/dymlVJHQsGT7vQDYqBUPIlY/rmpa722lU8ToOk4PskY2b
2B35l9/eqaXP1UIxoSl3hdzWNXFBIt+iEF+Dn1GsaLusBoKoAWtmCwePVTVFWZU8
sT9qaW15em6MyEFNphTknCKQ0DQkYSSkRbtMaE4QlWdfMuAO+utokQBAxhrLyBxF
yHN2R0Tbbs3vP/bg7D0sPpFVcLpleYEcQ8J/OAlSWdmk9hT4Nykx7FGQ3KlzK2c6
cPX/iRM4zLIdvnoGdQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 21:12:04 2025 by rpki-client