Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD8C2/CED7D3A664AE11ED94100A69C4F9AE02/5026F90264B211ED88A2A380C4F9AE02.roa
File: 5026F90264B211ED88A2A380C4F9AE02.roa (raw, json)
Hash identifier: U2IhKx29cFb2HRrMdKByFOSugmOt/xf7Hgnc2t5fDH0=
Subject key identifier: 5D:7C:45:99:74:20:F5:D3:A9:F4:25:51:2E:13:E5:17:80:87:69:CD
Certificate issuer: /CN=A91BD8C2/serialNumber=F4C4FC75A5068C9258996413AEB7B7391502F09E
Certificate serial: 0176
Authority key identifier: F4:C4:FC:75:A5:06:8C:92:58:99:64:13:AE:B7:B7:39:15:02:F0:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9MT8daUGjJJYmWQTrre3ORUC8J4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BD8C2/CED7D3A664AE11ED94100A69C4F9AE02/5026F90264B211ED88A2A380C4F9AE02.roa
Signing time: Sat 09 Nov 2024 02:15:44 +0000
ROA not before: Sat 09 Nov 2024 02:15:44 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 150419
IP address blocks: 103.37.62.0/23 maxlen: 23
2400:bfe0::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91BD8C2/CED7D3A664AE11ED94100A69C4F9AE02/9MT8daUGjJJYmWQTrre3ORUC8J4.crl
rsync://rpki.apnic.net/member_repository/A91BD8C2/CED7D3A664AE11ED94100A69C4F9AE02/9MT8daUGjJJYmWQTrre3ORUC8J4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9MT8daUGjJJYmWQTrre3ORUC8J4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 01:56:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 374 (0x176)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BD8C2, serialNumber=F4C4FC75A5068C9258996413AEB7B7391502F09E
Validity
Not Before: Nov 9 02:15:44 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=672ec5d0-a424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:77:27:d3:a4:b8:e4:05:38:13:01:6f:8c:29:
20:9c:79:94:99:52:73:5e:97:22:fc:48:d9:71:fb:
b4:9a:11:12:8b:be:2f:78:86:63:94:42:6e:77:bb:
ce:96:2c:37:e8:62:ba:48:08:d9:40:9c:6c:43:fc:
d7:f7:ea:97:20:3c:c0:69:24:bd:e0:6b:f1:55:2e:
ba:67:03:b0:a8:f6:1f:f3:02:8f:4e:d8:f4:2a:a4:
f1:7c:ab:b2:8e:29:44:20:67:36:47:e3:6e:d7:bd:
1c:20:5a:95:d3:1c:82:c2:84:1e:be:d4:c4:2e:8b:
46:fe:27:cf:d7:77:29:53:e5:13:22:b2:b3:77:03:
e4:dd:70:0b:6d:b1:61:c1:60:10:6e:46:36:04:70:
cb:4d:c3:89:e2:b8:36:75:59:9e:e8:c1:b9:e5:f2:
82:59:3f:66:3d:2c:34:dc:90:be:11:3f:86:b5:84:
73:c7:d5:d0:86:ec:f0:52:ee:85:87:fa:d8:fd:d0:
65:c0:d6:51:2e:59:e9:19:43:84:b9:55:e3:1c:26:
51:8c:e8:db:eb:3b:69:db:80:d9:5b:f4:b6:e1:c5:
a9:28:36:72:70:f5:4a:2f:62:b6:fc:9a:f5:ba:4e:
6b:34:01:ea:ab:34:57:37:3e:61:22:2f:c1:f4:54:
6e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:7C:45:99:74:20:F5:D3:A9:F4:25:51:2E:13:E5:17:80:87:69:CD
X509v3 Authority Key Identifier:
keyid:F4:C4:FC:75:A5:06:8C:92:58:99:64:13:AE:B7:B7:39:15:02:F0:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BD8C2/CED7D3A664AE11ED94100A69C4F9AE02/9MT8daUGjJJYmWQTrre3ORUC8J4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9MT8daUGjJJYmWQTrre3ORUC8J4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD8C2/CED7D3A664AE11ED94100A69C4F9AE02/5026F90264B211ED88A2A380C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.37.62.0/23
IPv6:
2400:bfe0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:5c:82:c8:21:12:15:89:d9:03:d2:4e:84:bf:56:ee:33:98:
87:03:7b:ad:0f:c3:27:12:a2:fe:d1:c6:49:48:c6:c4:c0:45:
5c:b9:86:15:e6:93:f7:0d:eb:26:c2:58:34:5c:87:d0:6e:93:
41:bf:1b:7f:ec:cd:7d:eb:68:d9:b2:77:b1:38:52:7d:19:63:
39:78:b7:87:5b:81:dd:8a:c4:a8:ee:d9:46:7b:00:c2:6b:b3:
76:d3:ab:05:66:8e:f6:fa:07:a8:b7:7d:3c:c8:86:81:78:1f:
df:b9:fa:fd:e6:8d:bb:82:05:13:19:5a:69:fe:b1:c7:80:20:
fd:e1:f0:97:be:a5:ae:c2:48:1c:2a:45:18:f1:a3:95:ad:26:
cf:77:91:41:21:3d:b0:06:88:d6:5e:42:fa:6f:4d:4c:72:af:
ac:8e:3c:e1:9f:0d:d7:cc:54:b4:35:0e:42:af:94:09:90:dd:
09:55:66:01:b6:33:2c:f0:29:17:dd:29:42:75:59:11:d6:c0:
0d:e4:c8:88:22:c8:d3:e9:65:6a:52:11:4c:4a:ab:17:26:b3:
c4:d7:9e:d7:2c:77:44:29:a3:10:cc:94:a9:f7:e5:b6:a9:c7:
af:61:bb:3f:c0:43:f1:cb:93:1d:59:e8:65:ca:b4:a5:45:b0:
44:cc:b9:38
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAXYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkQ4QzIxMTAvBgNVBAUTKEY0QzRGQzc1QTUwNjhDOTI1ODk5NjQxM0FFQjdCNzM5
MTUwMkYwOUUwHhcNMjQxMTA5MDIxNTQ0WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJlYzVkMC1hNDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsncn06S45AU4EwFvjCkgnHmUmVJzXpci/EjZcfu0mhESi74veIZjlEJud7vO
liw36GK6SAjZQJxsQ/zX9+qXIDzAaSS94GvxVS66ZwOwqPYf8wKPTtj0KqTxfKuy
jilEIGc2R+Nu170cIFqV0xyCwoQevtTELotG/ifP13cpU+UTIrKzdwPk3XALbbFh
wWAQbkY2BHDLTcOJ4rg2dVme6MG55fKCWT9mPSw03JC+ET+GtYRzx9XQhuzwUu6F
h/rY/dBlwNZRLlnpGUOEuVXjHCZRjOjb6ztp24DZW/S24cWpKDZycPVKL2K2/Jr1
uk5rNAHqqzRXNz5hIi/B9FRu5wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFF18RZl0
IPXTqfQlUS4T5ReAh2nNMB8GA1UdIwQYMBaAFPTE/HWlBoySWJlkE663tzkVAvCe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRDhDMi9DRUQ3RDNBNjY0
QUUxMUVEOTQxMDBBNjlDNEY5QUUwMi85TVQ4ZGFVR2pKSlltV1FUcnJlM09SVUM4
SjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlNVDhkYVVHakpKWW1XUVRycmUzT1JVQzhKNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkQ4QzIvQ0VEN0QzQTY2NEFFMTFFRDk0MTAwQTY5QzRGOUFFMDIvNTAyNkY5MDI2
NEIyMTFFRDg4QTJBMzgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnJT4wDQQCAAIwBwMFACQAv+AwDQYJKoZIhvcNAQELBQAD
ggEBABxcgsghEhWJ2QPSToS/Vu4zmIcDe60PwycSov7RxklIxsTARVy5hhXmk/cN
6ybCWDRch9Buk0G/G3/szX3raNmyd7E4Un0ZYzl4t4dbgd2KxKju2UZ7AMJrs3bT
qwVmjvb6B6i3fTzIhoF4H9+5+v3mjbuCBRMZWmn+sceAIP3h8Je+pa7CSBwqRRjx
o5WtJs93kUEhPbAGiNZeQvpvTUxyr6yOPOGfDdfMVLQ1DkKvlAmQ3QlVZgG2Myzw
KRfdKUJ1WRHWwA3kyIgiyNPpZWpSEUxKqxcms8TXntcsd0QpoxDMlKn35bapx69h
uz/AQ/HLkx1Z6GXKtKVFsETMuTg=
-----END CERTIFICATE-----
Generated at Sun Apr 13 06:15:16 2025 by rpki-client