Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D194C/119FEB488A7411EDB3213E3DC4F9AE02/7370EDA48A8D11ED942E6F74C4F9AE02.roa
File: 7370EDA48A8D11ED942E6F74C4F9AE02.roa (raw, json)
Hash identifier: ZsCxHaQ7s0gEoQ1Y8qF+doxJ6vZnHqWDBkgsvdeKdhk=
Subject key identifier: 86:B9:71:46:7D:C4:51:46:9D:FB:73:76:FF:2D:23:67:D2:1B:86:D9
Certificate issuer: /CN=A91D194C/serialNumber=1AE9AF3ABB8A73EF26F934F98B3A6CAB9517ACA6
Certificate serial: 0170
Authority key identifier: 1A:E9:AF:3A:BB:8A:73:EF:26:F9:34:F9:8B:3A:6C:AB:95:17:AC:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GumvOruKc-8m-TT5izpsq5UXrKY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D194C/119FEB488A7411EDB3213E3DC4F9AE02/7370EDA48A8D11ED942E6F74C4F9AE02.roa
Signing time: Wed 11 Dec 2024 02:36:08 +0000
ROA not before: Wed 11 Dec 2024 02:36:08 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 150682
IP address blocks: 103.177.142.0/23 maxlen: 23
103.177.142.0/24 maxlen: 24
103.177.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D194C/119FEB488A7411EDB3213E3DC4F9AE02/GumvOruKc-8m-TT5izpsq5UXrKY.crl
rsync://rpki.apnic.net/member_repository/A91D194C/119FEB488A7411EDB3213E3DC4F9AE02/GumvOruKc-8m-TT5izpsq5UXrKY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GumvOruKc-8m-TT5izpsq5UXrKY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 02:15:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 368 (0x170)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D194C
Validity
Not Before: Dec 11 02:36:08 2024 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6758fa98-fbea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:af:07:19:f9:39:03:4d:3e:95:d3:64:fa:e3:
22:9a:12:88:d4:40:95:f7:bd:8d:0f:a6:fd:bf:e4:
8c:1e:2e:1b:6a:7c:7e:86:0b:a9:61:cd:f2:b4:11:
23:e6:92:20:0c:78:b1:22:ad:8d:f3:00:1d:14:92:
d6:88:8a:db:5e:72:53:a2:7b:1a:ba:72:91:b3:7d:
b4:a7:8d:df:58:5e:f1:97:0b:1f:2b:2a:e8:3e:29:
80:70:e1:0b:c9:08:3e:c3:4c:fd:d3:8d:a5:25:1f:
4b:c7:73:7b:ca:99:00:b1:20:c0:db:52:6c:59:b3:
0d:5e:eb:69:fe:33:e5:3a:66:5f:29:ec:de:c0:91:
2f:f6:79:12:36:89:a9:7a:38:09:1f:fe:80:94:e8:
75:d4:05:59:59:44:de:10:ae:cd:14:5e:c3:ad:8c:
60:21:b3:b3:c2:43:97:99:e9:49:a4:0e:6f:d6:02:
38:f1:9f:1d:58:49:65:5e:73:f0:6a:51:db:f7:5f:
51:95:7c:ee:5d:c2:9e:6c:79:00:5a:3a:e6:e9:de:
46:6b:3c:5c:f9:53:8d:d5:04:48:b0:2b:fe:d0:cd:
dd:15:85:a3:6b:c8:c1:c9:dc:ea:3b:26:76:c2:54:
bb:48:a2:92:6f:cb:44:c7:d1:b7:bd:27:c8:b4:f0:
cf:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B9:71:46:7D:C4:51:46:9D:FB:73:76:FF:2D:23:67:D2:1B:86:D9
X509v3 Authority Key Identifier:
keyid:1A:E9:AF:3A:BB:8A:73:EF:26:F9:34:F9:8B:3A:6C:AB:95:17:AC:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D194C/119FEB488A7411EDB3213E3DC4F9AE02/GumvOruKc-8m-TT5izpsq5UXrKY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GumvOruKc-8m-TT5izpsq5UXrKY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D194C/119FEB488A7411EDB3213E3DC4F9AE02/7370EDA48A8D11ED942E6F74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.142.0/23
Signature Algorithm: sha256WithRSAEncryption
20:5e:f8:0b:fd:03:1a:7a:d5:a4:7d:bb:2a:21:79:af:9a:61:
b2:33:15:dd:d8:e1:bf:d1:54:66:f0:ec:0e:ee:f9:09:09:dd:
d8:be:6f:b5:36:90:7e:5f:a8:d9:e0:dd:57:14:80:30:b9:d0:
36:93:7c:46:18:17:b3:4e:6b:98:da:71:79:1c:9c:67:d6:a3:
1a:18:eb:d8:1a:9b:35:65:7a:ae:a8:cb:a9:f4:00:93:10:7f:
7b:b4:8e:e6:56:22:c2:11:f2:41:e3:c2:f5:a5:f8:ff:c3:e6:
52:83:97:1a:ea:63:83:33:5a:f9:31:0f:09:46:2f:88:67:44:
c0:d2:d3:4c:f2:3c:86:9d:72:38:25:bf:3a:96:2d:49:35:1f:
bc:c3:82:d7:eb:5f:0d:b8:c6:a1:82:69:9d:af:be:28:e4:08:
9f:38:7f:d0:ae:35:eb:59:f9:6a:5f:11:7d:a5:6d:e5:94:d1:
f9:26:e4:59:3c:cf:39:3d:e0:a0:cf:dd:8d:9c:54:52:b9:30:
5b:82:65:f1:e0:e0:60:37:22:60:4f:a6:e5:e3:39:09:ec:01:
c3:ad:94:47:7a:4f:b0:1d:09:12:f5:56:6e:26:ac:e1:ea:0a:
74:11:68:a0:d5:e3:92:f1:db:64:ad:90:4a:a3:73:e7:cc:d7:
e3:d5:21:bc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAXAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE5NEMxMTAvBgNVBAUTKDFBRTlBRjNBQkI4QTczRUYyNkY5MzRGOThCM0E2Q0FC
OTUxN0FDQTYwHhcNMjQxMjExMDIzNjA4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4ZmE5OC1mYmVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5q8HGfk5A00+ldNk+uMimhKI1ECV972ND6b9v+SMHi4banx+hgupYc3ytBEj
5pIgDHixIq2N8wAdFJLWiIrbXnJTonsaunKRs320p43fWF7xlwsfKyroPimAcOEL
yQg+w0z9042lJR9Lx3N7ypkAsSDA21JsWbMNXutp/jPlOmZfKezewJEv9nkSNomp
ejgJH/6AlOh11AVZWUTeEK7NFF7DrYxgIbOzwkOXmelJpA5v1gI48Z8dWEllXnPw
alHb919RlXzuXcKebHkAWjrm6d5Gazxc+VON1QRIsCv+0M3dFYWja8jBydzqOyZ2
wlS7SKKSb8tEx9G3vSfItPDP/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFIa5cUZ9
xFFGnftzdv8tI2fSG4bZMB8GA1UdIwQYMBaAFBrprzq7inPvJvk0+Ys6bKuVF6ym
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTk0Qy8xMTlGRUI0ODhB
NzQxMUVEQjMyMTNFM0RDNEY5QUUwMi9HdW12T3J1S2MtOG0tVFQ1aXpwc3E1VVhy
S1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d1bXZPcnVLYy04bS1UVDVpenBzcTVVWHJLWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE5NEMvMTE5RkVCNDg4QTc0MTFFREIzMjEzRTNEQzRGOUFFMDIvNzM3MEVEQTQ4
QThEMTFFRDk0MkU2Rjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnsY4wDQYJKoZIhvcNAQELBQADggEBACBe+Av9Axp61aR9
uyohea+aYbIzFd3Y4b/RVGbw7A7u+QkJ3di+b7U2kH5fqNng3VcUgDC50DaTfEYY
F7NOa5jacXkcnGfWoxoY69gamzVleq6oy6n0AJMQf3u0juZWIsIR8kHjwvWl+P/D
5lKDlxrqY4MzWvkxDwlGL4hnRMDS00zyPIadcjglvzqWLUk1H7zDgtfrXw24xqGC
aZ2vvijkCJ84f9CuNetZ+WpfEX2lbeWU0fkm5Fk8zzk94KDP3Y2cVFK5MFuCZfHg
4GA3ImBPpuXjOQnsAcOtlEd6T7AdCRL1Vm4mrOHqCnQRaKDV45Lx22StkEqjc+fM
1+PVIbw=
-----END CERTIFICATE-----
Generated at Fri Apr 11 00:18:40 2025 by rpki-client