Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4502/40E2DFCCB50211EAA29F277AC4F9AE02/F407F0D49B8C11EC98C88432C4F9AE02.roa
File: F407F0D49B8C11EC98C88432C4F9AE02.roa (raw, json)
Hash identifier: S/k+u3wzST4BAkpqg+O7+3Um9PXES4RfHWYozst9ucQ=
Subject key identifier: 1D:22:18:24:36:36:18:44:CB:C0:83:AD:04:0B:FE:C2:38:06:20:69
Certificate issuer: /CN=A91C4502/serialNumber=CB4C95F839E21D1DE0F458553D9A4CE28E414D88
Certificate serial: 081C
Authority key identifier: CB:4C:95:F8:39:E2:1D:1D:E0:F4:58:55:3D:9A:4C:E2:8E:41:4D:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y0yV-DniHR3g9FhVPZpM4o5BTYg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C4502/40E2DFCCB50211EAA29F277AC4F9AE02/F407F0D49B8C11EC98C88432C4F9AE02.roa
Signing time: Wed 10 Apr 2024 22:00:43 +0000
ROA not before: Wed 10 Apr 2024 22:00:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41378
IP address blocks: 103.149.248.0/23 maxlen: 24
2405:f3c0::/40 maxlen: 48
2405:f3c0:100::/40 maxlen: 48
2405:f3c0:200::/40 maxlen: 48
2405:f3c0:300::/40 maxlen: 48
2405:f3c0:400::/40 maxlen: 48
2405:f3c0:500::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C4502/40E2DFCCB50211EAA29F277AC4F9AE02/y0yV-DniHR3g9FhVPZpM4o5BTYg.crl
rsync://rpki.apnic.net/member_repository/A91C4502/40E2DFCCB50211EAA29F277AC4F9AE02/y0yV-DniHR3g9FhVPZpM4o5BTYg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y0yV-DniHR3g9FhVPZpM4o5BTYg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 20:23:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2076 (0x81c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C4502
Validity
Not Before: Apr 10 22:00:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66170c0b-9bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:44:01:d5:07:1f:36:58:05:4c:a1:92:b8:c3:
4a:43:cd:b7:fc:b7:17:f8:fd:14:a7:83:ed:d6:f9:
19:4d:4d:90:1b:3e:e3:ae:c5:a5:7b:b4:e7:2e:5c:
bc:5f:6d:7f:0b:27:ab:89:74:72:3a:fc:d9:ad:20:
35:9d:f0:f4:d2:7c:9c:99:3c:d9:43:09:2b:01:fe:
27:eb:46:dc:ce:d6:3f:70:ff:f1:50:3d:a9:1a:5c:
f3:ff:98:48:62:22:b4:9f:e5:10:46:83:90:ff:6a:
9b:33:64:8f:1c:0b:03:5f:23:ed:99:64:6c:37:4d:
55:10:2d:77:c5:2a:c5:aa:ae:de:a7:54:5e:8e:eb:
3b:63:9f:09:3d:60:4e:5f:6f:22:8d:b7:e7:fa:b7:
97:cf:0d:f4:62:7f:62:41:5b:9d:d0:5d:cb:14:42:
0e:2b:09:9d:30:0a:c1:56:a6:21:24:2c:ff:84:f9:
de:b1:c8:2e:1c:76:72:7f:3e:4e:cd:4b:32:09:27:
1c:d2:64:44:d3:84:e2:be:6b:46:90:6b:31:d7:64:
0f:9d:90:72:c1:63:ca:28:2d:54:1f:76:e3:31:d5:
59:e0:1f:46:a3:e1:99:dd:3e:1e:f8:a4:f9:aa:e6:
18:d5:fa:0e:b7:95:16:1b:bf:46:a6:2d:05:b2:4b:
3f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:22:18:24:36:36:18:44:CB:C0:83:AD:04:0B:FE:C2:38:06:20:69
X509v3 Authority Key Identifier:
keyid:CB:4C:95:F8:39:E2:1D:1D:E0:F4:58:55:3D:9A:4C:E2:8E:41:4D:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C4502/40E2DFCCB50211EAA29F277AC4F9AE02/y0yV-DniHR3g9FhVPZpM4o5BTYg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y0yV-DniHR3g9FhVPZpM4o5BTYg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4502/40E2DFCCB50211EAA29F277AC4F9AE02/F407F0D49B8C11EC98C88432C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.248.0/23
IPv6:
2405:f3c0::-2405:f3c0:5ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
45:47:f1:03:d7:53:7e:49:cd:68:55:39:39:02:fd:8d:70:8a:
10:8d:1b:cc:ef:70:60:05:aa:63:d4:b6:d6:25:b0:d3:65:90:
8a:a3:26:0f:2d:6d:aa:e1:95:8a:a7:e9:52:17:7d:5f:31:91:
2a:f2:32:6f:83:72:31:49:3f:9b:a4:dd:5b:d1:e1:94:5f:c1:
a9:d3:83:6e:d0:55:d9:ec:26:2a:c0:40:3b:27:06:f5:ca:38:
25:e8:f1:c1:89:6b:d6:96:4e:3f:67:82:c4:9d:39:e8:61:ab:
c4:43:b3:a8:10:54:6a:ac:3f:ab:7e:4f:97:65:33:a6:d8:7c:
4d:42:47:3d:04:8c:22:1c:ed:46:c8:69:7e:40:0a:5b:d2:d7:
fe:e0:d5:9f:24:a5:52:ef:45:8d:ca:1d:e0:72:73:88:72:72:
cb:43:eb:3e:16:2c:19:32:82:94:dc:0d:e5:0a:6d:89:0c:0e:
f7:03:f0:9c:a9:b8:9a:08:c2:73:78:3e:ee:3f:05:77:05:42:
fc:53:d3:65:42:a1:37:97:c9:ee:30:46:3e:59:8f:23:e2:15:
4a:2c:77:f1:38:ff:88:93:16:61:e8:7f:bf:7f:ed:00:d5:57:
c6:8a:72:c9:9b:6c:eb:18:34:69:16:db:0c:15:59:f7:0b:f5:
60:47:ae:16
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgICCBwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzQ1MDIxMTAvBgNVBAUTKENCNEM5NUY4MzlFMjFEMURFMEY0NTg1NTNEOUE0Q0Uy
OEU0MTREODgwHhcNMjQwNDEwMjIwMDQzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE3MGMwYi05YmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz0QB1QcfNlgFTKGSuMNKQ823/LcX+P0Up4Pt1vkZTU2QGz7jrsWle7TnLly8
X21/CyeriXRyOvzZrSA1nfD00nycmTzZQwkrAf4n60bcztY/cP/xUD2pGlzz/5hI
YiK0n+UQRoOQ/2qbM2SPHAsDXyPtmWRsN01VEC13xSrFqq7ep1Rejus7Y58JPWBO
X28ijbfn+reXzw30Yn9iQVud0F3LFEIOKwmdMArBVqYhJCz/hPnescguHHZyfz5O
zUsyCScc0mRE04TivmtGkGsx12QPnZBywWPKKC1UH3bjMdVZ4B9Go+GZ3T4e+KT5
quYY1foOt5UWG79Gpi0Fsks/9wIDAQABo4ICrjCCAqowHQYDVR0OBBYEFB0iGCQ2
NhhEy8CDrQQL/sI4BiBpMB8GA1UdIwQYMBaAFMtMlfg54h0d4PRYVT2aTOKOQU2I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNDUwMi80MEUyREZDQ0I1
MDIxMUVBQTI5RjI3N0FDNEY5QUUwMi95MHlWLURuaUhSM2c5RmhWUFpwTTRvNUJU
WWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3kweVYtRG5pSFIzZzlGaFZQWnBNNG81QlRZZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzQ1MDIvNDBFMkRGQ0NCNTAyMTFFQUEyOUYyNzdBQzRGOUFFMDIvRjQwN0YwRDQ5
QjhDMTFFQzk4Qzg4NDMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOAYIKwYBBQUHAQcBAf8E
KTAnMAwEAgABMAYDBAFnlfgwFwQCAAIwETAPAwUGJAXzwAMGASQF88AEMA0GCSqG
SIb3DQEBCwUAA4IBAQBFR/ED11N+Sc1oVTk5Av2NcIoQjRvM73BgBapj1LbWJbDT
ZZCKoyYPLW2q4ZWKp+lSF31fMZEq8jJvg3IxST+bpN1b0eGUX8Gp04Nu0FXZ7CYq
wEA7Jwb1yjgl6PHBiWvWlk4/Z4LEnTnoYavEQ7OoEFRqrD+rfk+XZTOm2HxNQkc9
BIwiHO1GyGl+QApb0tf+4NWfJKVS70WNyh3gcnOIcnLLQ+s+FiwZMoKU3A3lCm2J
DA73A/CcqbiaCMJzeD7uPwV3BUL8U9NlQqE3l8nuMEY+WY8j4hVKLHfxOP+IkxZh
6H+/f+0A1VfGinLJm2zrGDRpFtsMFVn3C/VgR64W
-----END CERTIFICATE-----
Generated at Thu Apr 10 11:18:09 2025 by rpki-client