Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/E9472C0C144111EFB247B936C4F9AE02.roa
File: E9472C0C144111EFB247B936C4F9AE02.roa (raw, json)
Hash identifier: PTHz+TbCVt1o9nN9c1heYD8I7FkEF/CBXzTegIAeI4Y=
Subject key identifier: 3A:3B:2A:2C:8F:D7:4C:4A:BD:14:08:4E:13:D5:87:B6:47:DB:09:87
Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Certificate serial: 02C5
Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/E9472C0C144111EFB247B936C4F9AE02.roa
Signing time: Thu 13 Mar 2025 06:03:17 +0000
ROA not before: Thu 13 Mar 2025 06:03:17 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 203020
IP address blocks: 45.125.245.0/24 maxlen: 24
103.3.224.0/22 maxlen: 22
103.66.178.0/23 maxlen: 23
103.77.102.0/24 maxlen: 24
103.77.103.0/24 maxlen: 24
103.77.255.0/24 maxlen: 24
103.85.228.0/22 maxlen: 22
103.102.246.0/23 maxlen: 23
103.104.92.0/22 maxlen: 22
103.104.128.0/23 maxlen: 24
103.117.214.0/23 maxlen: 23
103.139.178.0/24 maxlen: 24
103.221.232.0/24 maxlen: 24
103.221.234.0/24 maxlen: 24
103.221.235.0/24 maxlen: 24
103.228.132.0/24 maxlen: 24
103.241.52.0/22 maxlen: 22
103.252.108.0/24 maxlen: 24
103.252.111.0/24 maxlen: 24
150.107.224.0/23 maxlen: 23
150.107.227.0/24 maxlen: 24
202.94.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 10 Apr 2025 02:40:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 709 (0x2c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6587
Validity
Not Before: Mar 13 06:03:17 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67d27524-4aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:46:7c:fe:ef:4a:15:7d:ca:52:f3:45:da:5f:
56:ad:98:8c:21:f6:68:93:89:c6:dd:99:a3:8e:f1:
0d:fd:49:c2:fe:97:1f:85:4b:78:e3:48:46:37:9b:
a8:bd:01:0b:88:63:ef:85:9c:5e:31:57:b0:f7:b3:
6e:f9:56:1f:98:4e:7a:db:3d:77:a2:58:92:4c:2c:
ff:ad:e6:d1:e2:a1:40:aa:24:bb:af:e6:ad:c9:ef:
ba:7f:68:ba:85:ca:35:be:44:37:db:72:51:7a:b1:
5d:ae:51:b2:f8:29:75:3d:d5:6f:f6:f1:b9:79:af:
b7:3c:3d:0c:37:86:57:53:a5:72:fc:2a:86:6e:42:
eb:2c:74:32:5f:f2:77:e3:ab:72:ba:df:57:f0:18:
7e:b4:89:3f:e5:24:6d:79:9e:41:6b:38:f8:47:28:
28:53:8a:e3:d2:c4:d7:e9:27:c0:4c:d3:0f:fd:d6:
bb:60:8a:a5:43:04:51:40:91:19:26:6f:e8:4a:42:
4e:5b:81:0a:b0:08:9e:08:d6:3e:8b:d9:a4:fd:c7:
5b:10:de:35:3c:c1:51:ae:48:08:15:2b:0a:d1:f2:
37:ec:d5:ba:c4:db:9a:a1:77:c8:73:5c:18:ef:55:
b0:db:8e:d4:89:a3:80:52:e3:f9:b3:50:f5:2a:8e:
dc:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3B:2A:2C:8F:D7:4C:4A:BD:14:08:4E:13:D5:87:B6:47:DB:09:87
X509v3 Authority Key Identifier:
keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/E9472C0C144111EFB247B936C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.245.0/24
103.3.224.0/22
103.66.178.0/23
103.77.102.0/23
103.77.255.0/24
103.85.228.0/22
103.102.246.0/23
103.104.92.0/22
103.104.128.0/23
103.117.214.0/23
103.139.178.0/24
103.221.232.0/24
103.221.234.0/23
103.228.132.0/24
103.241.52.0/22
103.252.108.0/24
103.252.111.0/24
150.107.224.0/23
150.107.227.0/24
202.94.174.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:f1:20:ac:f3:dd:38:8f:f3:70:1b:3f:df:34:32:14:b0:a6:
df:a9:13:a1:99:90:aa:c9:db:b5:80:74:fe:1b:6b:34:49:68:
b0:e0:38:89:96:06:e6:6a:38:56:e2:1b:d5:a4:45:be:af:d7:
78:41:f7:0a:14:b2:bf:ee:a4:20:8b:70:ae:90:d3:73:49:85:
70:40:6a:7d:c9:87:af:48:47:81:3e:ca:97:55:be:b8:7d:6d:
95:7a:c3:6b:a4:12:a9:69:f9:00:86:31:03:13:8f:e3:83:19:
30:03:c2:6d:e6:53:26:64:eb:ff:53:25:40:78:61:ba:bc:08:
42:00:f9:f6:37:5d:b8:12:f6:12:3c:31:89:43:5a:ae:6c:9a:
94:87:79:e1:d7:7e:4c:33:ac:0c:93:1a:26:10:da:1f:92:91:
49:82:83:5c:55:22:cd:ee:47:ab:b6:cc:b3:df:20:22:d2:0b:
82:b4:45:87:b0:5e:36:f4:93:e2:84:a3:3b:25:9b:2a:64:55:
db:06:69:7e:94:6a:41:a9:b9:56:f6:94:66:29:1e:5a:56:d9:
71:2c:6a:08:c3:e4:85:65:ec:69:02:89:b5:0b:7a:91:b8:45:
74:81:8c:5b:c0:2e:a3:46:99:c7:83:2a:eb:67:6b:cc:f4:43:
0c:ca:4f:44
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgICAsUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5
Njk4RkU2MzgwHhcNMjUwMzEzMDYwMzE3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2QyNzUyNC00YWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA10Z8/u9KFX3KUvNF2l9WrZiMIfZok4nG3ZmjjvEN/UnC/pcfhUt440hGN5uo
vQELiGPvhZxeMVew97Nu+VYfmE562z13oliSTCz/rebR4qFAqiS7r+atye+6f2i6
hco1vkQ323JRerFdrlGy+Cl1PdVv9vG5ea+3PD0MN4ZXU6Vy/CqGbkLrLHQyX/J3
46tyut9X8Bh+tIk/5SRteZ5Bazj4RygoU4rj0sTX6SfATNMP/da7YIqlQwRRQJEZ
Jm/oSkJOW4EKsAieCNY+i9mk/cdbEN41PMFRrkgIFSsK0fI37NW6xNuaoXfIc1wY
71Ww247UiaOAUuP5s1D1Ko7cFwIDAQABo4IDCjCCAwYwHQYDVR0OBBYEFDo7KiyP
10xKvRQIThPVh7ZH2wmHMB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx
ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1
amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvRTk0NzJDMEMx
NDQxMTFFRkIyNDdCOTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZMGCCsGAQUFBwEHAQH/
BIGDMIGAMH4EAgABMHgDBAAtffUDBAJnA+ADBAFnQrIDBAFnTWYDBABnTf8DBAJn
VeQDBAFnZvYDBAJnaFwDBAFnaIADBAFnddYDBABni7IDBABn3egDBAFn3eoDBABn
5IQDBAJn8TQDBABn/GwDBABn/G8DBAGWa+ADBACWa+MDBADKXq4wDQYJKoZIhvcN
AQELBQADggEBAFvxIKzz3TiP83AbP980MhSwpt+pE6GZkKrJ27WAdP4bazRJaLDg
OImWBuZqOFbiG9WkRb6v13hB9woUsr/upCCLcK6Q03NJhXBAan3Jh69IR4E+ypdV
vrh9bZV6w2ukEqlp+QCGMQMTj+ODGTADwm3mUyZk6/9TJUB4Ybq8CEIA+fY3XbgS
9hI8MYlDWq5smpSHeeHXfkwzrAyTGiYQ2h+SkUmCg1xVIs3uR6u2zLPfICLSC4K0
RYewXjb0k+KEozslmypkVdsGaX6UakGpuVb2lGYpHlpW2XEsagjD5IVl7GkCibUL
epG4RXSBjFvALqNGmceDKutna8z0QwzKT0Q=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:02:54 2025 by rpki-client