Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B927E/CCD6ED1C68DF11EA97B15524C4F9AE02/6243075E653411EB98060C17C4F9AE02.roa
File: 6243075E653411EB98060C17C4F9AE02.roa (raw, json)
Hash identifier: NDLfyb46b0G5U2WbOhSmMW5qTZe1rxLw2rEopJT9V6w=
Subject key identifier: 51:0B:0F:7A:B6:54:E8:1D:57:67:F0:AC:C9:77:23:51:C5:5D:EA:29
Certificate issuer: /CN=A91B927E/serialNumber=2AC0AB4B5F3BB5B0EF79BD21A649CAFFE7F9C20A
Certificate serial: 06D7
Authority key identifier: 2A:C0:AB:4B:5F:3B:B5:B0:EF:79:BD:21:A6:49:CA:FF:E7:F9:C2:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KsCrS187tbDveb0hpknK_-f5wgo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B927E/CCD6ED1C68DF11EA97B15524C4F9AE02/6243075E653411EB98060C17C4F9AE02.roa
Signing time: Sat 15 Mar 2025 16:02:36 +0000
ROA not before: Sat 15 Mar 2025 16:02:36 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 135130
IP address blocks: 103.122.249.0/24 maxlen: 24
103.122.250.0/23 maxlen: 23
103.122.250.0/24 maxlen: 24
103.122.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B927E/CCD6ED1C68DF11EA97B15524C4F9AE02/KsCrS187tbDveb0hpknK_-f5wgo.crl
rsync://rpki.apnic.net/member_repository/A91B927E/CCD6ED1C68DF11EA97B15524C4F9AE02/KsCrS187tbDveb0hpknK_-f5wgo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KsCrS187tbDveb0hpknK_-f5wgo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 19:38:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1751 (0x6d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B927E
Validity
Not Before: Mar 15 16:02:36 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67d5a49c-bd48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:77:f3:57:55:0e:22:f0:85:3b:2f:65:58:91:
df:30:3c:c6:79:6d:90:09:50:5e:cc:c9:b6:b5:a3:
89:9c:fd:fc:d5:90:a4:be:f9:9f:8a:d8:69:ea:35:
98:dd:2c:16:c2:3b:47:ac:11:ee:6f:84:a2:18:29:
f8:0e:7e:32:8e:44:e8:6c:b0:5b:5f:db:83:11:af:
62:18:0a:5e:98:8d:be:d1:fc:22:7a:57:de:c5:ee:
87:f3:ee:e4:1c:12:12:c9:73:28:53:1f:f2:4d:0b:
37:44:44:c6:85:b8:29:ba:23:4c:96:5f:fd:d4:59:
ce:2c:2d:2a:33:fd:26:32:04:ca:9e:dc:8d:22:73:
b0:2f:49:bd:4e:42:49:78:38:74:f6:df:d1:f0:76:
bc:ae:7c:7c:5a:95:ac:11:b8:da:42:d8:df:8d:18:
98:be:27:aa:80:0a:3f:67:73:ca:34:c7:b1:33:63:
4b:dd:ac:06:3e:c8:39:b8:eb:79:42:84:b3:f1:8f:
ea:0d:64:cc:7e:dd:23:dd:ea:67:09:34:47:6c:27:
d2:0a:a3:cb:be:c8:03:a2:b8:ec:0e:6e:02:fc:a4:
e1:a4:64:f7:c6:ed:ea:48:5a:ae:11:1a:62:4c:18:
04:f1:02:61:3d:78:b5:ba:cf:1f:a6:98:f4:9f:77:
83:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:0B:0F:7A:B6:54:E8:1D:57:67:F0:AC:C9:77:23:51:C5:5D:EA:29
X509v3 Authority Key Identifier:
keyid:2A:C0:AB:4B:5F:3B:B5:B0:EF:79:BD:21:A6:49:CA:FF:E7:F9:C2:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B927E/CCD6ED1C68DF11EA97B15524C4F9AE02/KsCrS187tbDveb0hpknK_-f5wgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KsCrS187tbDveb0hpknK_-f5wgo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B927E/CCD6ED1C68DF11EA97B15524C4F9AE02/6243075E653411EB98060C17C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.249.0-103.122.251.255
Signature Algorithm: sha256WithRSAEncryption
39:9b:fd:ba:d2:10:3c:5d:a3:e3:c5:a0:17:e4:19:7b:e2:e5:
a0:d0:c7:a7:46:f0:74:4a:dd:a3:ea:93:9b:aa:d3:7b:2a:0e:
37:61:7d:b6:3d:32:e0:cf:dc:e0:ea:b3:cc:ea:c1:34:34:15:
a3:6c:de:bd:4a:55:99:00:4b:2c:e0:37:eb:00:29:32:25:9b:
6e:ae:a9:6f:e8:73:a2:b5:57:79:ba:d0:49:73:3f:f8:82:d1:
88:e1:55:3f:6f:c2:58:6c:44:e0:cb:ef:24:12:92:4c:aa:e6:
b8:3e:32:45:82:f0:51:6a:ef:43:c8:60:de:b4:69:09:dc:47:
51:16:41:51:51:eb:70:2b:24:6b:68:2f:6b:ed:1d:d0:f1:66:
c8:c8:84:5d:a8:44:2a:be:29:62:4b:ca:53:47:d2:86:74:57:
78:cb:58:e3:75:09:84:01:da:01:40:16:3f:c5:e2:cb:77:a8:
c1:2c:b8:e5:a3:ba:fb:a4:e5:50:4b:eb:67:1f:6e:dd:11:17:
c4:99:29:cd:d4:68:80:de:a1:72:aa:72:6a:f9:5d:18:a4:5d:
5f:52:2f:07:cf:ef:be:56:62:ce:e1:7a:73:ee:82:63:7e:82:
9e:46:a3:5e:f4:7e:44:ea:1e:6b:e9:56:b9:9b:4a:8d:54:c7:
f9:ed:34:5c
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICBtcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjkyN0UxMTAvBgNVBAUTKDJBQzBBQjRCNUYzQkI1QjBFRjc5QkQyMUE2NDlDQUZG
RTdGOUMyMEEwHhcNMjUwMzE1MTYwMjM2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q1YTQ5Yy1iZDQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnHfzV1UOIvCFOy9lWJHfMDzGeW2QCVBezMm2taOJnP381ZCkvvmfithp6jWY
3SwWwjtHrBHub4SiGCn4Dn4yjkTobLBbX9uDEa9iGApemI2+0fwielfexe6H8+7k
HBISyXMoUx/yTQs3RETGhbgpuiNMll/91FnOLC0qM/0mMgTKntyNInOwL0m9TkJJ
eDh09t/R8Ha8rnx8WpWsEbjaQtjfjRiYvieqgAo/Z3PKNMexM2NL3awGPsg5uOt5
QoSz8Y/qDWTMft0j3epnCTRHbCfSCqPLvsgDorjsDm4C/KThpGT3xu3qSFquERpi
TBgE8QJhPXi1us8fppj0n3eD+QIDAQABo4ICnTCCApkwHQYDVR0OBBYEFFELD3q2
VOgdV2fwrMl3I1HFXeopMB8GA1UdIwQYMBaAFCrAq0tfO7Ww73m9IaZJyv/n+cIK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTI3RS9DQ0Q2RUQxQzY4
REYxMUVBOTdCMTU1MjRDNEY5QUUwMi9Lc0NyUzE4N3RiRHZlYjBocGtuS18tZjV3
Z28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tzQ3JTMTg3dGJEdmViMGhwa25LXy1mNXdnby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjkyN0UvQ0NENkVEMUM2OERGMTFFQTk3QjE1NTI0QzRGOUFFMDIvNjI0MzA3NUU2
NTM0MTFFQjk4MDYwQzE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGd6+QMEAmd6+DANBgkqhkiG9w0BAQsFAAOCAQEAOZv9
utIQPF2j48WgF+QZe+LloNDHp0bwdErdo+qTm6rTeyoON2F9tj0y4M/c4OqzzOrB
NDQVo2zevUpVmQBLLOA36wApMiWbbq6pb+hzorVXebrQSXM/+ILRiOFVP2/CWGxE
4MvvJBKSTKrmuD4yRYLwUWrvQ8hg3rRpCdxHURZBUVHrcCska2gva+0d0PFmyMiE
XahEKr4pYkvKU0fShnRXeMtY43UJhAHaAUAWP8Xiy3eowSy45aO6+6TlUEvrZx9u
3REXxJkpzdRogN6hcqpyavldGKRdX1IvB8/vvlZizuF6c+6CY36CnkajXvR+ROoe
a+lWuZtKjVTH+e00XA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 07:54:00 2025 by rpki-client