Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
File: 373C0EEEAFB011EC9688644FC4F9AE02.roa (raw, json)
Hash identifier: zn2pA4UTnRVDZFbc6V4w8fKaHK9Tc4ivjtjJRAQ0PCI=
Subject key identifier: E1:A9:AD:E9:25:E1:5B:14:DC:D5:FE:F7:7B:B6:B2:B8:FC:C2:41:5D
Certificate issuer: /CN=A91C9B08/serialNumber=614CCD24F785E9299215916408294042F1463294
Certificate serial: 03C3
Authority key identifier: 61:4C:CD:24:F7:85:E9:29:92:15:91:64:08:29:40:42:F1:46:32:94
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
Signing time: Fri 07 Mar 2025 00:46:23 +0000
ROA not before: Fri 07 Mar 2025 00:46:23 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 200325
IP address blocks: 103.180.114.0/23 maxlen: 24
2400:52e0::/32 maxlen: 32
2400:52e0:1::/48 maxlen: 48
2400:52e0:2::/48 maxlen: 48
2400:52e0:1500::/48 maxlen: 48
2400:52e0:1501::/48 maxlen: 48
2400:52e0:1502::/48 maxlen: 48
2400:52e0:1690::/48 maxlen: 48
2400:52e0:1a00::/48 maxlen: 48
2400:52e0:1a01::/48 maxlen: 48
2400:52e0:1a02::/48 maxlen: 48
2400:52e0:1a03::/48 maxlen: 48
2400:52e0:1a04::/48 maxlen: 48
2400:52e0:1a05::/48 maxlen: 48
2400:52e0:1a06::/48 maxlen: 48
2400:52e0:1a07::/48 maxlen: 48
2400:52e0:1a08::/48 maxlen: 48
2400:52e0:1a09::/48 maxlen: 48
2400:52e0:1e00::/48 maxlen: 48
2400:52e0:1e01::/48 maxlen: 48
2400:52e0:1e02::/48 maxlen: 48
2400:52e0:1e03::/48 maxlen: 48
2400:52e0:1e04::/48 maxlen: 48
2400:52e0:1e05::/48 maxlen: 48
2400:52e0:1e06::/48 maxlen: 48
2400:52e0:1e07::/48 maxlen: 48
2400:52e0:1e08::/48 maxlen: 48
2400:52e0:1e09::/48 maxlen: 48
2400:52e0:1e10::/48 maxlen: 48
2400:52e0:2a00::/48 maxlen: 48
2400:52e0:4000::/48 maxlen: 48
2400:52e0:fff0::/48 maxlen: 48
2400:52e0:fff1::/48 maxlen: 48
2400:52e0:fff2::/48 maxlen: 48
2400:52e0:fff3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.crl
rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 12 Apr 2025 00:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 963 (0x3c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9B08
Validity
Not Before: Mar 7 00:46:23 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ca41de-9e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:68:2b:4f:4a:66:33:dd:87:37:cc:9a:b5:76:
f1:94:ed:f6:58:7d:58:6d:59:ab:d7:53:bd:f7:ff:
ed:73:d9:d9:40:e2:20:73:40:ed:86:55:77:61:a4:
ea:2d:df:70:00:f5:e6:0d:83:bd:39:22:63:1f:c2:
8b:aa:c4:51:b9:a1:51:a9:e8:07:f9:16:5e:11:53:
c8:49:ef:9c:22:bf:9c:90:71:53:90:89:c9:70:2e:
49:63:83:99:aa:7b:fb:50:33:da:c5:2a:e5:8f:42:
a1:62:32:c8:38:50:cc:46:2f:fd:dd:d5:ee:e6:f0:
b4:36:e8:c1:87:af:4c:ef:0b:f4:f3:a4:d6:8c:68:
9b:0f:cf:f4:a1:da:3a:9b:1c:13:c6:7e:6d:75:94:
49:66:c7:08:fb:c0:c5:8b:64:7d:6c:77:d0:2e:be:
97:ba:43:36:3a:03:9a:f1:7f:83:ad:01:60:7a:db:
7a:44:f6:dc:d5:78:46:32:ab:ef:98:d9:3b:20:30:
20:4d:e7:57:96:1e:61:5a:3c:37:23:17:b3:7d:72:
5c:b0:99:64:27:e4:28:96:23:ae:85:18:77:f3:fe:
e1:5c:3e:5e:ef:8b:e9:9a:e7:42:0b:45:9a:d7:c9:
5c:1e:04:31:3d:81:6f:3f:de:ad:e1:ba:86:f9:99:
54:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:A9:AD:E9:25:E1:5B:14:DC:D5:FE:F7:7B:B6:B2:B8:FC:C2:41:5D
X509v3 Authority Key Identifier:
keyid:61:4C:CD:24:F7:85:E9:29:92:15:91:64:08:29:40:42:F1:46:32:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.114.0/23
IPv6:
2400:52e0::/32
Signature Algorithm: sha256WithRSAEncryption
4b:9f:f8:18:9c:9f:40:e5:99:31:1f:28:02:5b:47:d1:de:73:
88:b9:3d:7c:6f:4c:45:f6:15:3c:5e:c8:7e:12:a5:07:aa:97:
4f:52:9a:ec:c2:ef:60:65:24:d3:e5:b5:45:af:17:df:22:3b:
fc:70:c9:09:51:b4:d1:14:08:d5:45:d7:d3:29:33:c2:bc:15:
af:d0:db:e0:56:dd:4a:35:6a:74:9a:4c:be:2c:71:a3:a2:7a:
25:b6:a1:c6:0a:dd:3a:36:d6:b8:28:92:df:12:40:f5:dd:1a:
e8:74:b6:15:0c:0c:a6:fb:40:68:49:47:94:44:19:e1:a0:37:
9b:35:f6:4c:0c:55:9e:68:4c:26:03:15:99:70:e2:3a:28:2c:
a3:35:bb:30:9b:b2:af:3b:a1:31:1c:cb:3d:ab:c9:d4:1d:dc:
a5:de:89:ea:15:66:3b:60:fc:d4:11:7d:75:9a:7f:d5:9d:13:
ef:34:ec:e6:39:0c:0b:c7:cb:a8:07:f7:11:1a:3d:10:38:5a:
16:8d:88:fe:6a:0c:08:a7:86:f6:81:50:72:a8:91:3f:ea:46:
12:54:47:6d:86:da:0b:36:4f:c0:dd:2f:49:f2:b7:03:df:94:
f7:f9:c0:32:d1:54:5a:8e:0d:cb:b9:3f:4a:7b:54:25:f9:28:
92:cf:57:28
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA8MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlCMDgxMTAvBgNVBAUTKDYxNENDRDI0Rjc4NUU5Mjk5MjE1OTE2NDA4Mjk0MDQy
RjE0NjMyOTQwHhcNMjUwMzA3MDA0NjIzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NhNDFkZS05ZTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxmgrT0pmM92HN8yatXbxlO32WH1YbVmr11O99//tc9nZQOIgc0DthlV3YaTq
Ld9wAPXmDYO9OSJjH8KLqsRRuaFRqegH+RZeEVPISe+cIr+ckHFTkInJcC5JY4OZ
qnv7UDPaxSrlj0KhYjLIOFDMRi/93dXu5vC0NujBh69M7wv086TWjGibD8/0odo6
mxwTxn5tdZRJZscI+8DFi2R9bHfQLr6XukM2OgOa8X+DrQFgett6RPbc1XhGMqvv
mNk7IDAgTedXlh5hWjw3IxezfXJcsJlkJ+QoliOuhRh38/7hXD5e74vpmudCC0Wa
18lcHgQxPYFvP96t4bqG+ZlUPQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOGprekl
4VsU3NX+93u2srj8wkFdMB8GA1UdIwQYMBaAFGFMzST3hekpkhWRZAgpQELxRjKU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUIwOC8zNzU1M0E1Njg5
OUQxMUVDOEI0MjRFMEJDNEY5QUUwMi9ZVXpOSlBlRjZTbVNGWkZrQ0NsQVF2RkdN
cFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lVek5KUGVGNlNtU0ZaRmtDQ2xBUXZGR01wUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlCMDgvMzc1NTNBNTY4OTlEMTFFQzhCNDI0RTBCQzRGOUFFMDIvMzczQzBFRUVB
RkIwMTFFQzk2ODg2NDRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFntHIwDQQCAAIwBwMFACQAUuAwDQYJKoZIhvcNAQELBQAD
ggEBAEuf+Bicn0DlmTEfKAJbR9Hec4i5PXxvTEX2FTxeyH4SpQeql09SmuzC72Bl
JNPltUWvF98iO/xwyQlRtNEUCNVF19MpM8K8Fa/Q2+BW3Uo1anSaTL4scaOieiW2
ocYK3To21rgokt8SQPXdGuh0thUMDKb7QGhJR5REGeGgN5s19kwMVZ5oTCYDFZlw
4jooLKM1uzCbsq87oTEcyz2rydQd3KXeieoVZjtg/NQRfXWaf9WdE+807OY5DAvH
y6gH9xEaPRA4WhaNiP5qDAinhvaBUHKokT/qRhJUR22G2gs2T8DdL0nytwPflPf5
wDLRVFqODcu5P0p7VCX5KJLPVyg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:12:22 2025 by rpki-client