Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7A3F/64C33948923511EC96047511C4F9AE02/821CAFEE923811EC955B7A3AC4F9AE02.roa
File: 821CAFEE923811EC955B7A3AC4F9AE02.roa (raw, json)
Hash identifier: 9KQWUlz6QNm+2IJYVtG7dsHf8uD3C5dcvLfvCk8SVA8=
Subject key identifier: F9:78:B8:60:5E:44:0B:4C:EE:4F:E4:BB:BB:C8:26:09:FE:D9:D8:D1
Certificate issuer: /CN=A91B7A3F/serialNumber=576C5447C09B597107B770C101C89327F105BD33
Certificate serial: 0383
Authority key identifier: 57:6C:54:47:C0:9B:59:71:07:B7:70:C1:01:C8:93:27:F1:05:BD:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V2xUR8CbWXEHt3DBAciTJ_EFvTM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7A3F/64C33948923511EC96047511C4F9AE02/821CAFEE923811EC955B7A3AC4F9AE02.roa
Signing time: Thu 13 Feb 2025 02:14:29 +0000
ROA not before: Thu 13 Feb 2025 02:14:29 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 138506
IP address blocks: 103.127.90.0/24 maxlen: 24
103.152.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B7A3F/64C33948923511EC96047511C4F9AE02/V2xUR8CbWXEHt3DBAciTJ_EFvTM.crl
rsync://rpki.apnic.net/member_repository/A91B7A3F/64C33948923511EC96047511C4F9AE02/V2xUR8CbWXEHt3DBAciTJ_EFvTM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V2xUR8CbWXEHt3DBAciTJ_EFvTM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 00:28:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 899 (0x383)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7A3F
Validity
Not Before: Feb 13 02:14:29 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67ad5585-cea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b5:47:0c:59:ec:d0:e4:b3:8d:a1:8c:ad:aa:
88:ea:e4:de:7f:99:55:8f:87:b1:91:51:d2:95:64:
20:aa:b9:a9:f5:25:f1:c4:cc:0c:5e:f8:28:b7:55:
fe:c1:20:ad:aa:6c:e5:2c:52:7e:1b:53:9c:8d:e8:
cb:19:bd:f1:5a:e2:8a:48:a3:d3:dd:28:d9:25:39:
73:79:7f:d1:d6:63:37:5f:1f:4a:97:ce:ae:73:64:
47:ab:ab:55:57:58:49:32:7f:40:94:54:30:e1:7f:
71:f0:3e:38:a3:83:ca:65:b2:b4:2a:25:03:f9:42:
af:ec:d7:7c:cd:26:6a:86:b7:e9:a6:76:bd:c6:9e:
c2:ba:fe:d6:fc:18:2c:55:a6:ad:74:77:a4:97:ed:
26:c7:cd:3f:79:a6:a5:dd:00:ab:9d:3c:42:a1:c0:
65:6c:df:4a:d3:63:c5:53:40:c4:f5:1d:ef:67:4a:
22:24:bb:5b:b1:e0:66:d8:77:20:86:ad:48:cd:fa:
e0:d1:b2:65:d3:36:c0:92:95:e8:c1:29:72:8a:b3:
8f:a4:50:39:0f:6b:c8:18:a0:15:4b:d8:1f:c9:44:
36:ca:fe:7f:44:35:ea:84:93:b4:0c:e7:4b:53:ea:
03:4e:48:53:fe:a3:37:ea:10:24:dc:3f:23:fd:6b:
73:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:78:B8:60:5E:44:0B:4C:EE:4F:E4:BB:BB:C8:26:09:FE:D9:D8:D1
X509v3 Authority Key Identifier:
keyid:57:6C:54:47:C0:9B:59:71:07:B7:70:C1:01:C8:93:27:F1:05:BD:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7A3F/64C33948923511EC96047511C4F9AE02/V2xUR8CbWXEHt3DBAciTJ_EFvTM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/V2xUR8CbWXEHt3DBAciTJ_EFvTM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7A3F/64C33948923511EC96047511C4F9AE02/821CAFEE923811EC955B7A3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.127.90.0/24
103.152.8.0/24
Signature Algorithm: sha256WithRSAEncryption
76:5d:d3:2a:8a:b3:e1:2a:34:97:4e:fd:32:75:b5:34:9b:02:
91:e1:93:0d:cf:fa:f5:ee:28:cf:00:d1:ca:00:6b:20:13:1a:
35:7a:2e:2f:8d:27:9d:23:d2:1c:be:79:f1:61:b9:e5:67:a0:
ad:88:77:02:c3:ee:e9:1e:41:df:b2:e0:0e:db:8e:47:98:d1:
85:ef:de:6f:b4:58:12:1e:ce:27:86:99:08:aa:48:ee:b0:2d:
cb:79:24:f2:2e:cc:d5:eb:15:e0:08:c0:68:81:4a:b1:20:fd:
37:c7:7d:0c:22:b2:e4:e0:fb:14:5c:8c:1a:e5:2b:49:cf:1e:
09:10:b3:8e:38:b5:02:dc:d3:a5:fd:c7:d5:97:5a:21:d6:a9:
87:62:7a:96:ae:0a:47:58:9a:5f:58:ac:1f:0e:6a:59:c7:f5:
2a:8a:06:6b:bc:6f:11:8b:49:aa:cb:1c:bb:8f:8e:18:dc:43:
11:89:c0:9e:d2:64:30:db:f8:e1:f1:ca:bf:ac:0a:67:69:13:
ac:bd:36:5d:3f:c5:4f:0c:be:af:d7:c4:db:4e:9e:64:67:2b:
2a:db:b3:51:75:53:98:02:fe:fa:8c:f2:75:46:34:05:24:9d:
bb:1a:1b:25:1a:31:69:a5:9b:ad:aa:e6:9e:7e:0c:37:3a:61:
29:93:b3:d1
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA4MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjdBM0YxMTAvBgNVBAUTKDU3NkM1NDQ3QzA5QjU5NzEwN0I3NzBDMTAxQzg5MzI3
RjEwNUJEMzMwHhcNMjUwMjEzMDIxNDI5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FkNTU4NS1jZWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs7VHDFns0OSzjaGMraqI6uTef5lVj4exkVHSlWQgqrmp9SXxxMwMXvgot1X+
wSCtqmzlLFJ+G1OcjejLGb3xWuKKSKPT3SjZJTlzeX/R1mM3Xx9Kl86uc2RHq6tV
V1hJMn9AlFQw4X9x8D44o4PKZbK0KiUD+UKv7Nd8zSZqhrfppna9xp7Cuv7W/Bgs
VaatdHekl+0mx80/eaal3QCrnTxCocBlbN9K02PFU0DE9R3vZ0oiJLtbseBm2Hcg
hq1Izfrg0bJl0zbAkpXowSlyirOPpFA5D2vIGKAVS9gfyUQ2yv5/RDXqhJO0DOdL
U+oDTkhT/qM36hAk3D8j/WtzDQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPl4uGBe
RAtM7k/ku7vIJgn+2djRMB8GA1UdIwQYMBaAFFdsVEfAm1lxB7dwwQHIkyfxBb0z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCN0EzRi82NEMzMzk0ODky
MzUxMUVDOTYwNDc1MTFDNEY5QUUwMi9WMnhVUjhDYldYRUh0M0RCQWNpVEpfRUZ2
VE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1YyeFVSOENiV1hFSHQzREJBY2lUSl9FRnZUTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjdBM0YvNjRDMzM5NDg5MjM1MTFFQzk2MDQ3NTExQzRGOUFFMDIvODIxQ0FGRUU5
MjM4MTFFQzk1NUI3QTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnf1oDBABnmAgwDQYJKoZIhvcNAQELBQADggEBAHZd0yqK
s+EqNJdO/TJ1tTSbApHhkw3P+vXuKM8A0coAayATGjV6Li+NJ50j0hy+efFhueVn
oK2IdwLD7ukeQd+y4A7bjkeY0YXv3m+0WBIezieGmQiqSO6wLct5JPIuzNXrFeAI
wGiBSrEg/TfHfQwisuTg+xRcjBrlK0nPHgkQs444tQLc06X9x9WXWiHWqYdiepau
CkdYml9YrB8OalnH9SqKBmu8bxGLSarLHLuPjhjcQxGJwJ7SZDDb+OHxyr+sCmdp
E6y9Nl0/xU8Mvq/XxNtOnmRnKyrbs1F1U5gC/vqM8nVGNAUknbsaGyUaMWmlm62q
5p5+DDc6YSmTs9E=
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:37:42 2025 by rpki-client