Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA594/522B6D6E553C11EB8F085C71C4F9AE02/1B713E1C554F11EB99946233C4F9AE02.roa
File: 1B713E1C554F11EB99946233C4F9AE02.roa (raw, json)
Hash identifier: px8vPMMaIW71viSZHvwgIDzN828jdKyVwys/IvDu8b8=
Subject key identifier: 5A:0E:67:D4:E3:0F:F7:64:F6:CB:4D:A2:37:D6:61:F9:44:71:D7:0D
Certificate issuer: /CN=A91BA594/serialNumber=DB1F7798C00117B20C6F3BC32994802CF2094837
Certificate serial: 06D5
Authority key identifier: DB:1F:77:98:C0:01:17:B2:0C:6F:3B:C3:29:94:80:2C:F2:09:48:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2x93mMABF7IMbzvDKZSALPIJSDc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BA594/522B6D6E553C11EB8F085C71C4F9AE02/1B713E1C554F11EB99946233C4F9AE02.roa
Signing time: Thu 06 Mar 2025 22:13:23 +0000
ROA not before: Thu 06 Mar 2025 22:13:23 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 9381
IP address blocks: 43.224.228.0/22 maxlen: 22
43.225.132.0/22 maxlen: 22
43.248.164.0/22 maxlen: 22
45.120.168.0/22 maxlen: 22
45.124.8.0/22 maxlen: 22
103.6.48.0/22 maxlen: 22
103.6.136.0/22 maxlen: 22
103.6.152.0/22 maxlen: 22
103.6.154.0/23 maxlen: 23
103.6.176.0/22 maxlen: 22
103.25.72.0/22 maxlen: 22
103.28.76.0/22 maxlen: 22
103.30.100.0/22 maxlen: 22
103.31.18.0/23 maxlen: 24
103.247.140.0/22 maxlen: 22
103.247.144.0/22 maxlen: 24
103.247.160.0/22 maxlen: 22
103.247.164.0/22 maxlen: 22
2404:2100::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91BA594/522B6D6E553C11EB8F085C71C4F9AE02/2x93mMABF7IMbzvDKZSALPIJSDc.crl
rsync://rpki.apnic.net/member_repository/A91BA594/522B6D6E553C11EB8F085C71C4F9AE02/2x93mMABF7IMbzvDKZSALPIJSDc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2x93mMABF7IMbzvDKZSALPIJSDc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 22:14:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1749 (0x6d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BA594
Validity
Not Before: Mar 6 22:13:23 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ca1e02-e440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6a:cb:ec:fa:78:c6:37:dc:1f:30:ef:3e:4c:
ea:d9:32:68:a6:91:98:95:bf:75:de:04:25:8b:c9:
b1:5c:83:67:6c:8b:11:2d:01:4e:cc:8b:6b:ae:8e:
5f:e3:46:ed:3e:f1:81:07:d1:07:ce:0d:e1:fd:f1:
21:6c:48:8c:d2:ae:76:bc:3d:ea:21:4e:0f:c8:59:
be:d4:bb:d8:75:3a:22:c1:83:04:64:c5:d5:5a:a4:
e7:ff:06:e3:11:75:54:36:66:32:e3:6e:a7:49:c7:
2b:64:25:e6:3c:fa:2e:d4:d8:a2:a1:4e:82:03:c9:
75:07:73:86:3d:7d:da:8b:a5:8d:fc:b6:75:4d:0a:
6f:9c:25:d9:ed:60:89:3d:2e:67:a1:6d:ac:82:ef:
07:56:63:ec:29:7d:68:4f:35:c2:f2:ef:c6:f2:41:
30:e3:5a:d3:16:e6:b8:b5:c1:56:75:cf:fd:ad:69:
36:9b:2d:6b:bb:42:88:6e:9e:ab:d0:8e:c2:1b:e8:
83:3f:7f:7e:15:39:20:15:82:ac:4a:0f:09:ce:65:
19:67:71:be:59:20:c2:56:d4:43:42:27:38:6b:1f:
da:29:ab:ea:91:69:c1:e0:72:6d:b1:c0:db:82:19:
8b:c8:db:e4:d0:7f:19:78:e7:d4:3a:66:8b:52:20:
f9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:0E:67:D4:E3:0F:F7:64:F6:CB:4D:A2:37:D6:61:F9:44:71:D7:0D
X509v3 Authority Key Identifier:
keyid:DB:1F:77:98:C0:01:17:B2:0C:6F:3B:C3:29:94:80:2C:F2:09:48:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BA594/522B6D6E553C11EB8F085C71C4F9AE02/2x93mMABF7IMbzvDKZSALPIJSDc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2x93mMABF7IMbzvDKZSALPIJSDc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA594/522B6D6E553C11EB8F085C71C4F9AE02/1B713E1C554F11EB99946233C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.228.0/22
43.225.132.0/22
43.248.164.0/22
45.120.168.0/22
45.124.8.0/22
103.6.48.0/22
103.6.136.0/22
103.6.152.0/22
103.6.176.0/22
103.25.72.0/22
103.28.76.0/22
103.30.100.0/22
103.31.18.0/23
103.247.140.0-103.247.147.255
103.247.160.0/21
IPv6:
2404:2100::/32
Signature Algorithm: sha256WithRSAEncryption
07:7b:7b:37:5b:d0:c4:a3:0e:5c:54:4d:d0:5d:86:f8:6b:94:
e1:a1:8c:fa:48:b5:4a:8c:fa:0e:23:a9:c8:bb:98:19:ec:d0:
1a:14:a9:b3:c4:98:fb:88:d3:87:4f:b5:42:36:ab:a5:9d:79:
ac:1c:9f:7b:ef:1f:3e:6e:4f:35:89:38:2b:5c:80:0c:6c:e6:
25:b4:41:f4:5e:c2:55:2c:42:d0:96:85:8d:0a:a6:d7:0e:20:
48:74:bb:89:39:22:71:e9:cb:c7:87:e1:3c:50:9c:77:e2:89:
d9:5f:c3:fc:16:fe:8a:83:ca:1d:a4:9f:c8:da:75:de:a3:7f:
8e:50:43:19:3a:ff:57:e3:6e:8f:3e:42:61:16:6a:07:a0:6f:
1f:47:51:b0:5d:ac:03:f0:f8:52:2b:14:bd:91:7b:36:c9:87:
13:af:0b:1d:42:60:e6:98:77:99:92:3e:8f:3a:51:f6:c5:13:
15:eb:3e:fb:df:13:98:4d:b7:79:e6:f3:d7:b5:f9:ae:10:25:
fe:18:6e:e9:0a:bd:96:a4:a9:23:9a:f5:20:c2:38:03:7c:c0:
94:40:52:5e:be:ee:42:82:a1:86:de:69:ad:84:2d:76:60:a7:
32:48:b6:e8:37:c2:f2:f1:42:90:e3:b9:5a:03:50:f5:33:4d:
65:4b:93:8b
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgICBtUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkE1OTQxMTAvBgNVBAUTKERCMUY3Nzk4QzAwMTE3QjIwQzZGM0JDMzI5OTQ4MDJD
RjIwOTQ4MzcwHhcNMjUwMzA2MjIxMzIzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NhMWUwMi1lNDQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwmrL7Pp4xjfcHzDvPkzq2TJoppGYlb913gQli8mxXINnbIsRLQFOzItrro5f
40btPvGBB9EHzg3h/fEhbEiM0q52vD3qIU4PyFm+1LvYdToiwYMEZMXVWqTn/wbj
EXVUNmYy426nSccrZCXmPPou1NiioU6CA8l1B3OGPX3ai6WN/LZ1TQpvnCXZ7WCJ
PS5noW2sgu8HVmPsKX1oTzXC8u/G8kEw41rTFua4tcFWdc/9rWk2my1ru0KIbp6r
0I7CG+iDP39+FTkgFYKsSg8JzmUZZ3G+WSDCVtRDQic4ax/aKavqkWnB4HJtscDb
ghmLyNvk0H8ZeOfUOmaLUiD5twIDAQABo4IDATCCAv0wHQYDVR0OBBYEFFoOZ9Tj
D/dk9stNojfWYflEcdcNMB8GA1UdIwQYMBaAFNsfd5jAAReyDG87wymUgCzyCUg3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTU5NC81MjJCNkQ2RTU1
M0MxMUVCOEYwODVDNzFDNEY5QUUwMi8yeDkzbU1BQkY3SU1ienZES1pTQUxQSUpT
RGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJ4OTNtTUFCRjdJTWJ6dkRLWlNBTFBJSlNEYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkE1OTQvNTIyQjZENkU1NTNDMTFFQjhGMDg1QzcxQzRGOUFFMDIvMUI3MTNFMUM1
NTRGMTFFQjk5OTQ2MjMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYoGCCsGAQUFBwEHAQH/
BHsweTBoBAIAATBiAwQCK+DkAwQCK+GEAwQCK/ikAwQCLXioAwQCLXwIAwQCZwYw
AwQCZwaIAwQCZwaYAwQCZwawAwQCZxlIAwQCZxxMAwQCZx5kAwQBZx8SMAwDBAJn
94wDBAJn95ADBANn96AwDQQCAAIwBwMFACQEIQAwDQYJKoZIhvcNAQELBQADggEB
AAd7ezdb0MSjDlxUTdBdhvhrlOGhjPpItUqM+g4jqci7mBns0BoUqbPEmPuI04dP
tUI2q6Wdeawcn3vvHz5uTzWJOCtcgAxs5iW0QfRewlUsQtCWhY0KptcOIEh0u4k5
InHpy8eH4TxQnHfiidlfw/wW/oqDyh2kn8jadd6jf45QQxk6/1fjbo8+QmEWageg
bx9HUbBdrAPw+FIrFL2RezbJhxOvCx1CYOaYd5mSPo86UfbFExXrPvvfE5hNt3nm
89e1+a4QJf4YbukKvZakqSOa9SDCOAN8wJRAUl6+7kKCoYbeaa2ELXZgpzJItug3
wvLxQpDjuVoDUPUzTWVLk4s=
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:18:45 2025 by rpki-client