Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9324/EF83E30ED00911EC92A16A3CC4F9AE02/81F21152D1BD11EC9D8FBC52C4F9AE02.roa
File: 81F21152D1BD11EC9D8FBC52C4F9AE02.roa (raw, json)
Hash identifier: z1jWyE7wTAG+vUUdvi1jzxdBdVQ+/IwxY3FhiW3xUxE=
Subject key identifier: 0B:86:FE:3B:29:AC:7E:6B:0D:BD:53:E1:04:E3:AE:55:15:B6:09:34
Certificate issuer: /CN=A91C9324/serialNumber=772841A26326314EA2E4383475DE31B6DCE7DBA5
Certificate serial: 02EE
Authority key identifier: 77:28:41:A2:63:26:31:4E:A2:E4:38:34:75:DE:31:B6:DC:E7:DB:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dyhBomMmMU6i5Dg0dd4xttzn26U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9324/EF83E30ED00911EC92A16A3CC4F9AE02/81F21152D1BD11EC9D8FBC52C4F9AE02.roa
Signing time: Thu 05 Dec 2024 01:15:30 +0000
ROA not before: Thu 05 Dec 2024 01:15:30 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 139739
IP address blocks: 103.144.117.0/24 maxlen: 24
2001:df1:c080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C9324/EF83E30ED00911EC92A16A3CC4F9AE02/dyhBomMmMU6i5Dg0dd4xttzn26U.crl
rsync://rpki.apnic.net/member_repository/A91C9324/EF83E30ED00911EC92A16A3CC4F9AE02/dyhBomMmMU6i5Dg0dd4xttzn26U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dyhBomMmMU6i5Dg0dd4xttzn26U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 00:56:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 750 (0x2ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9324
Validity
Not Before: Dec 5 01:15:30 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6750feb2-5008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:22:d1:b2:f4:42:42:a0:ad:3c:96:d2:86:3a:
24:f9:76:a7:9f:7c:70:a3:68:51:52:64:82:bf:1b:
9f:81:37:3f:32:3c:77:8c:df:6e:af:40:6e:6a:14:
01:a0:d2:52:65:6a:c6:21:12:91:f0:15:ce:5e:28:
04:3e:83:21:72:5c:b8:2e:e5:75:4f:5d:ea:6a:dd:
41:e1:33:25:d7:4c:8f:16:8e:12:8e:8d:fc:ba:9a:
5c:62:59:6b:36:8e:cd:51:75:5f:1a:99:03:94:aa:
50:c5:95:ff:49:78:71:ec:83:58:f3:40:15:03:fd:
72:27:32:3e:73:27:f3:87:49:81:0d:25:48:f9:77:
dc:df:18:23:9d:9e:ca:a1:b4:0e:ce:f6:b5:cf:4a:
13:f4:95:9f:68:9f:c7:1d:5e:1d:e8:7d:5a:a9:b6:
77:84:50:52:ab:40:0b:59:8f:6e:7d:c3:15:a6:7b:
9b:81:54:7c:0d:58:f6:95:b3:37:e8:de:d7:ff:4c:
29:0e:4a:8a:79:13:4e:ed:24:60:77:f5:52:50:94:
80:41:96:62:87:81:35:4d:aa:87:26:71:0a:2b:91:
49:f5:8b:3b:8e:3c:f0:59:bf:43:85:72:3e:ad:8f:
2f:69:3e:90:88:21:88:47:c4:8d:30:ea:cc:07:84:
3c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:86:FE:3B:29:AC:7E:6B:0D:BD:53:E1:04:E3:AE:55:15:B6:09:34
X509v3 Authority Key Identifier:
keyid:77:28:41:A2:63:26:31:4E:A2:E4:38:34:75:DE:31:B6:DC:E7:DB:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9324/EF83E30ED00911EC92A16A3CC4F9AE02/dyhBomMmMU6i5Dg0dd4xttzn26U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dyhBomMmMU6i5Dg0dd4xttzn26U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9324/EF83E30ED00911EC92A16A3CC4F9AE02/81F21152D1BD11EC9D8FBC52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.144.117.0/24
IPv6:
2001:df1:c080::/48
Signature Algorithm: sha256WithRSAEncryption
24:e1:01:2c:83:e2:8b:6d:60:f8:45:bb:f1:89:cf:e8:a5:c5:
c8:45:a9:06:9a:2e:0f:b6:80:a3:95:41:07:11:36:92:6c:48:
30:0a:34:bf:99:a6:9a:e1:8d:64:32:25:00:78:65:f3:c4:d3:
42:c4:27:b9:25:41:02:e2:28:9f:af:14:45:f2:b2:ed:de:e4:
55:ad:83:8d:b2:ac:b9:ef:d5:e6:3e:6f:a9:34:65:ce:1b:76:
bb:47:85:02:9a:96:34:2e:c3:d3:14:77:5e:c8:65:1e:08:3b:
12:b3:9d:a2:0a:96:20:1c:1d:32:4b:45:43:02:9b:05:a5:e8:
0e:a9:b0:03:07:46:12:0d:01:e3:6a:93:4e:20:dc:95:e5:86:
51:b6:fe:82:e5:01:2d:c7:26:56:0f:48:60:2a:17:d6:1b:02:
bc:a4:91:11:45:f6:70:0a:bb:84:4a:6a:65:c0:70:1d:36:58:
9e:75:da:4c:45:41:29:19:28:7a:61:9f:e7:59:32:63:4e:07:
2b:2b:f3:c9:59:c9:f2:4d:71:af:e2:9d:13:2c:5a:b9:01:3e:
94:0e:66:7b:db:e0:7a:2e:f7:a4:f0:b2:97:44:95:cc:d0:de:
37:a3:b6:90:13:57:b4:32:ca:a8:f9:2d:60:1f:94:6e:4f:d2:
98:59:d1:86
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAu4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzkzMjQxMTAvBgNVBAUTKDc3Mjg0MUEyNjMyNjMxNEVBMkU0MzgzNDc1REUzMUI2
RENFN0RCQTUwHhcNMjQxMjA1MDExNTMwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwZmViMi01MDA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7SLRsvRCQqCtPJbShjok+Xann3xwo2hRUmSCvxufgTc/Mjx3jN9ur0BuahQB
oNJSZWrGIRKR8BXOXigEPoMhcly4LuV1T13qat1B4TMl10yPFo4Sjo38uppcYllr
No7NUXVfGpkDlKpQxZX/SXhx7INY80AVA/1yJzI+cyfzh0mBDSVI+Xfc3xgjnZ7K
obQOzva1z0oT9JWfaJ/HHV4d6H1aqbZ3hFBSq0ALWY9ufcMVpnubgVR8DVj2lbM3
6N7X/0wpDkqKeRNO7SRgd/VSUJSAQZZih4E1TaqHJnEKK5FJ9Ys7jjzwWb9DhXI+
rY8vaT6QiCGIR8SNMOrMB4Q8KQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFAuG/jsp
rH5rDb1T4QTjrlUVtgk0MB8GA1UdIwQYMBaAFHcoQaJjJjFOouQ4NHXeMbbc59ul
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTMyNC9FRjgzRTMwRUQw
MDkxMUVDOTJBMTZBM0NDNEY5QUUwMi9keWhCb21NbU1VNmk1RGcwZGQ0eHR0em4y
NlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2R5aEJvbU1tTVU2aTVEZzBkZDR4dHR6bjI2VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzkzMjQvRUY4M0UzMEVEMDA5MTFFQzkyQTE2QTNDQzRGOUFFMDIvODFGMjExNTJE
MUJEMTFFQzlEOEZCQzUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnkHUwDwQCAAIwCQMHACABDfHAgDANBgkqhkiG9w0BAQsF
AAOCAQEAJOEBLIPii21g+EW78YnP6KXFyEWpBpouD7aAo5VBBxE2kmxIMAo0v5mm
muGNZDIlAHhl88TTQsQnuSVBAuIon68URfKy7d7kVa2DjbKsue/V5j5vqTRlzht2
u0eFApqWNC7D0xR3XshlHgg7ErOdogqWIBwdMktFQwKbBaXoDqmwAwdGEg0B42qT
TiDcleWGUbb+guUBLccmVg9IYCoX1hsCvKSREUX2cAq7hEpqZcBwHTZYnnXaTEVB
KRkoemGf51kyY04HKyvzyVnJ8k1xr+KdEyxauQE+lA5me9vgei73pPCyl0SVzNDe
N6O2kBNXtDLKqPktYB+Ubk/SmFnRhg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:02:12 2025 by rpki-client