Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/DD7FC172E17D11EFAC0A7E29C4F9AE02.roa
File: DD7FC172E17D11EFAC0A7E29C4F9AE02.roa (raw, json)
Hash identifier: iuR0hKy1te9ReiQAcpbPM6UF6bcHMIJQ871N78hvW5A=
Subject key identifier: 03:50:42:36:2C:26:6F:8D:8C:C1:F1:A9:60:A3:A6:2E:D6:51:93:DD
Certificate issuer: /CN=A91D4413/serialNumber=8AA8786526852346839372631DFB09984BC3005E
Certificate serial: 0A68
Authority key identifier: 8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/DD7FC172E17D11EFAC0A7E29C4F9AE02.roa
Signing time: Fri 14 Mar 2025 16:14:24 +0000
ROA not before: Fri 14 Mar 2025 16:14:24 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 134983
IP address blocks: 103.204.200.0/22 maxlen: 24
202.181.12.0/22 maxlen: 24
2404:c280::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl
rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 15:58:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2664 (0xa68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D4413
Validity
Not Before: Mar 14 16:14:24 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67d455e0-8458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a7:be:cb:36:03:5c:a7:c4:29:22:0b:d7:d0:
c8:ac:6a:fd:24:3b:ad:90:00:c5:98:2a:92:99:e6:
fc:53:29:69:c0:8f:2f:b5:21:aa:4d:fa:d8:10:34:
ec:3d:6d:5d:af:74:4a:57:2f:8e:8a:f5:b5:6e:5c:
d5:33:ef:ce:cf:7e:10:6a:a4:00:4c:7c:30:af:01:
93:44:9b:61:c9:d1:32:a8:aa:0f:5c:73:eb:7d:3b:
8a:09:4c:c1:da:86:19:3d:1b:55:00:ca:2c:99:81:
82:85:8e:b9:32:7e:f8:17:40:17:07:54:59:a0:29:
97:b7:73:79:58:cc:09:bb:6f:57:f5:9b:2c:4c:c2:
8e:38:68:9a:e8:6d:7a:9d:c2:ad:f2:6c:dd:86:28:
00:d8:2c:46:f7:98:8f:9d:b6:13:17:b4:be:12:dd:
cc:f1:bd:28:df:f5:a4:ec:ca:bd:69:63:67:4c:4e:
e7:d9:32:d3:0f:94:b4:ad:5b:75:6e:97:c0:15:8a:
4b:2e:97:42:2b:15:15:40:fe:30:d5:87:b5:54:0c:
f5:36:71:53:3e:21:fc:41:b1:6e:97:71:f8:43:fa:
fb:a9:07:9c:04:b8:1a:0f:b8:5f:0e:4e:d2:c6:4a:
e8:02:07:0a:4a:17:52:de:4a:e5:57:dd:a0:4d:c8:
f8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:50:42:36:2C:26:6F:8D:8C:C1:F1:A9:60:A3:A6:2E:D6:51:93:DD
X509v3 Authority Key Identifier:
keyid:8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/DD7FC172E17D11EFAC0A7E29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.200.0/22
202.181.12.0/22
IPv6:
2404:c280::/32
Signature Algorithm: sha256WithRSAEncryption
55:e0:c3:48:63:9d:18:49:54:d5:0c:f3:d5:43:7d:e4:d2:97:
91:59:8d:5f:e5:0f:6d:6d:b8:18:47:51:24:c6:53:78:15:bb:
02:a5:aa:ca:d5:5c:25:8f:c5:3c:b4:d7:e8:60:89:76:8f:05:
6d:2f:fc:93:09:90:25:f0:6a:d7:8a:a9:ef:2f:c6:fc:41:9d:
59:f5:20:18:5e:b2:11:55:e1:92:52:7d:8b:a5:30:47:d8:ea:
cc:f0:a0:0a:73:8c:ed:ba:40:16:19:fc:d2:0f:9d:1e:fa:0c:
28:9b:12:4a:3e:05:b1:91:df:9e:f9:62:db:15:f4:13:eb:df:
d2:3b:7d:3e:a9:3d:b8:c5:8b:8a:43:70:99:65:5b:8f:3d:11:
c3:fa:7e:89:2f:6b:f6:d8:fd:d8:d4:ef:d5:99:21:95:14:bc:
5c:c3:f5:47:73:c0:52:11:e4:e3:9b:98:a5:71:17:e6:f3:e3:
ac:11:a2:b9:94:99:65:7f:f8:3a:5a:03:5a:19:7d:86:07:59:
d5:cb:79:7f:20:d3:ee:eb:fe:b7:c5:15:cc:9c:66:0c:36:27:
8b:a0:01:32:47:c6:3b:6f:03:e2:27:0d:7c:2c:85:79:2b:ee:
39:49:9d:4e:99:32:0d:f8:5e:f1:a2:8f:7f:f9:d9:b1:dc:bd:
37:36:61:21
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCmgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQ0MTMxMTAvBgNVBAUTKDhBQTg3ODY1MjY4NTIzNDY4MzkzNzI2MzFERkIwOTk4
NEJDMzAwNUUwHhcNMjUwMzE0MTYxNDI0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q0NTVlMC04NDU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu6e+yzYDXKfEKSIL19DIrGr9JDutkADFmCqSmeb8UylpwI8vtSGqTfrYEDTs
PW1dr3RKVy+OivW1blzVM+/Oz34QaqQATHwwrwGTRJthydEyqKoPXHPrfTuKCUzB
2oYZPRtVAMosmYGChY65Mn74F0AXB1RZoCmXt3N5WMwJu29X9ZssTMKOOGia6G16
ncKt8mzdhigA2CxG95iPnbYTF7S+Et3M8b0o3/Wk7Mq9aWNnTE7n2TLTD5S0rVt1
bpfAFYpLLpdCKxUVQP4w1Ye1VAz1NnFTPiH8QbFul3H4Q/r7qQecBLgaD7hfDk7S
xkroAgcKShdS3krlV92gTcj4/QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFANQQjYs
Jm+NjMHxqWCjpi7WUZPdMB8GA1UdIwQYMBaAFIqoeGUmhSNGg5NyYx37CZhLwwBe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDQxMy8wODE2RTc1NEZG
QjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkwYURrM0pqSGZzSm1FdkRB
RjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lxaDRaU2FGSTBhRGszSmpIZnNKbUV2REFGNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQ0MTMvMDgxNkU3NTRGRkI0MTFFNTk0NDMxMDJDQzRGOUFFMDIvREQ3RkMxNzJF
MTdEMTFFRkFDMEE3RTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnzMgDBALKtQwwDQQCAAIwBwMFACQEwoAwDQYJKoZIhvcN
AQELBQADggEBAFXgw0hjnRhJVNUM89VDfeTSl5FZjV/lD21tuBhHUSTGU3gVuwKl
qsrVXCWPxTy01+hgiXaPBW0v/JMJkCXwateKqe8vxvxBnVn1IBheshFV4ZJSfYul
MEfY6szwoApzjO26QBYZ/NIPnR76DCibEko+BbGR3575YtsV9BPr39I7fT6pPbjF
i4pDcJllW489EcP6fokva/bY/djU79WZIZUUvFzD9UdzwFIR5OObmKVxF+bz46wR
ormUmWV/+DpaA1oZfYYHWdXLeX8g0+7r/rfFFcycZgw2J4ugATJHxjtvA+InDXws
hXkr7jlJnU6ZMg34XvGij3/52bHcvTc2YSE=
-----END CERTIFICATE-----
Generated at Fri Apr 11 09:21:30 2025 by rpki-client