Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D7578/D3C0190CBB9D11EB84F73B3AC4F9AE02/E8542DEA6B8811ECAC731B4EC4F9AE02.roa
File: E8542DEA6B8811ECAC731B4EC4F9AE02.roa (raw, json)
Hash identifier: okKowtfia94t5qx7MGTZQGLAEYnC4fX+ZpQbsyMhCVs=
Subject key identifier: 1B:9E:B9:93:06:95:88:5A:59:2D:7F:70:C4:4D:59:63:80:3A:E0:6C
Certificate issuer: /CN=A91D7578/serialNumber=EC36AF5979091C6BFA580EA3BA225779357570D7
Certificate serial: 05A5
Authority key identifier: EC:36:AF:59:79:09:1C:6B:FA:58:0E:A3:BA:22:57:79:35:75:70:D7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7DavWXkJHGv6WA6juiJXeTV1cNc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D7578/D3C0190CBB9D11EB84F73B3AC4F9AE02/E8542DEA6B8811ECAC731B4EC4F9AE02.roa
Signing time: Tue 24 Dec 2024 01:42:20 +0000
ROA not before: Tue 24 Dec 2024 01:42:20 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 134143
IP address blocks: 45.248.196.0/22 maxlen: 24
103.4.55.0/24 maxlen: 24
103.55.92.0/24 maxlen: 24
103.55.93.0/24 maxlen: 24
103.55.94.0/24 maxlen: 24
103.55.95.0/24 maxlen: 24
103.133.52.0/22 maxlen: 24
103.217.164.0/22 maxlen: 24
103.228.104.0/22 maxlen: 24
2405:e180::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D7578/D3C0190CBB9D11EB84F73B3AC4F9AE02/7DavWXkJHGv6WA6juiJXeTV1cNc.crl
rsync://rpki.apnic.net/member_repository/A91D7578/D3C0190CBB9D11EB84F73B3AC4F9AE02/7DavWXkJHGv6WA6juiJXeTV1cNc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7DavWXkJHGv6WA6juiJXeTV1cNc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 22:50:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1445 (0x5a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D7578
Validity
Not Before: Dec 24 01:42:20 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=676a117c-8ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:66:56:59:a3:c5:1e:c2:63:5b:2f:d0:ee:21:
01:82:00:3a:15:46:e2:c2:f4:31:97:99:24:4a:71:
26:08:2a:e2:f7:53:d8:e7:13:4f:bf:b0:e0:db:d9:
f1:93:0c:fd:cb:63:ac:a7:61:41:a8:d3:ce:bf:80:
35:b4:d6:61:ca:74:c3:61:ca:23:9e:4b:4c:cb:b7:
ae:63:c9:cd:1f:34:25:db:99:71:db:11:f2:07:a1:
c0:82:a5:d6:5a:25:23:c2:c8:80:6a:e1:d9:2c:1f:
38:2f:91:48:68:ea:f2:03:e3:19:c6:45:8a:93:eb:
ed:fe:67:07:eb:da:4d:4f:7a:21:12:4e:e3:4a:20:
e2:05:c0:37:b3:f3:0f:78:5f:91:a9:71:60:f1:be:
25:a2:ff:46:1e:a6:e3:ea:91:1b:d4:78:5e:49:40:
9f:3d:d6:b5:f6:05:c4:d4:9d:14:fe:4c:c4:8e:c3:
78:1c:ff:48:01:68:de:2a:ad:b3:36:63:38:b2:f7:
5b:8f:63:62:e7:bd:76:55:30:c1:11:c5:c1:0b:c1:
4f:99:d8:7b:b8:b7:1d:0a:42:20:c6:fb:c5:ec:33:
24:00:4b:b0:f5:fd:58:a2:dc:1b:41:92:d4:ad:0b:
3e:d6:cb:99:15:4a:d6:c6:c3:52:48:83:37:d1:07:
86:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:9E:B9:93:06:95:88:5A:59:2D:7F:70:C4:4D:59:63:80:3A:E0:6C
X509v3 Authority Key Identifier:
keyid:EC:36:AF:59:79:09:1C:6B:FA:58:0E:A3:BA:22:57:79:35:75:70:D7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D7578/D3C0190CBB9D11EB84F73B3AC4F9AE02/7DavWXkJHGv6WA6juiJXeTV1cNc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7DavWXkJHGv6WA6juiJXeTV1cNc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D7578/D3C0190CBB9D11EB84F73B3AC4F9AE02/E8542DEA6B8811ECAC731B4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.248.196.0/22
103.4.55.0/24
103.55.92.0/22
103.133.52.0/22
103.217.164.0/22
103.228.104.0/22
IPv6:
2405:e180::/32
Signature Algorithm: sha256WithRSAEncryption
a6:e4:1f:92:8a:e0:77:4e:9c:f8:a6:0d:f1:3c:c1:8f:1f:7c:
ba:38:21:46:e0:f6:af:cb:12:e9:5a:24:aa:97:7d:59:14:22:
03:66:d0:77:b0:ea:f0:25:bb:c7:bf:e5:3f:c7:b0:a7:4c:96:
a1:5b:f1:5c:8d:8d:67:85:f4:bc:18:e5:b3:42:6c:f9:23:28:
ca:94:d7:65:1b:9b:3b:52:04:30:74:f7:72:d5:80:51:15:7f:
a9:3c:20:90:b5:bd:73:ce:73:75:8b:18:e5:d2:47:6b:f6:ec:
c6:8d:64:58:5b:ba:99:6d:d0:f8:6a:ed:8b:61:03:42:be:1e:
ac:91:80:50:12:f3:75:c4:4f:7b:99:7d:10:04:ab:d7:bd:d2:
fa:1a:c3:f4:21:db:d0:c9:42:65:64:3e:70:9c:3b:cf:6d:1a:
d0:25:57:2f:ca:10:b9:7f:b7:11:d8:a1:55:ed:be:71:a6:52:
e5:66:e3:39:f6:14:b2:a5:6a:5d:5b:eb:1f:ee:fa:b9:2a:92:
d6:6e:f6:34:be:cc:fa:91:66:aa:b4:57:50:d7:10:c4:62:d1:
f3:77:d4:48:d0:66:c1:b0:18:ae:d2:42:e6:34:ae:fd:90:7d:
df:9b:b4:09:9b:e7:c1:85:eb:2e:25:b5:fc:f5:5e:98:8c:f0:
2d:06:13:81
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICBaUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDc1NzgxMTAvBgNVBAUTKEVDMzZBRjU5NzkwOTFDNkJGQTU4MEVBM0JBMjI1Nzc5
MzU3NTcwRDcwHhcNMjQxMjI0MDE0MjIwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZhMTE3Yy04YWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt2ZWWaPFHsJjWy/Q7iEBggA6FUbiwvQxl5kkSnEmCCri91PY5xNPv7Dg29nx
kwz9y2Osp2FBqNPOv4A1tNZhynTDYcojnktMy7euY8nNHzQl25lx2xHyB6HAgqXW
WiUjwsiAauHZLB84L5FIaOryA+MZxkWKk+vt/mcH69pNT3ohEk7jSiDiBcA3s/MP
eF+RqXFg8b4lov9GHqbj6pEb1HheSUCfPda19gXE1J0U/kzEjsN4HP9IAWjeKq2z
NmM4svdbj2Ni5712VTDBEcXBC8FPmdh7uLcdCkIgxvvF7DMkAEuw9f1YotwbQZLU
rQs+1suZFUrWxsNSSIM30QeG7wIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFBueuZMG
lYhaWS1/cMRNWWOAOuBsMB8GA1UdIwQYMBaAFOw2r1l5CRxr+lgOo7oiV3k1dXDX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENzU3OC9EM0MwMTkwQ0JC
OUQxMUVCODRGNzNCM0FDNEY5QUUwMi83RGF2V1hrSkhHdjZXQTZqdWlKWGVUVjFj
TmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdEYXZXWGtKSEd2NldBNmp1aUpYZVRWMWNOYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDc1NzgvRDNDMDE5MENCQjlEMTFFQjg0RjczQjNBQzRGOUFFMDIvRTg1NDJERUE2
Qjg4MTFFQ0FDNzMxQjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAIt+MQDBABnBDcDBAJnN1wDBAJnhTQDBAJn2aQDBAJn5Ggw
DQQCAAIwBwMFACQF4YAwDQYJKoZIhvcNAQELBQADggEBAKbkH5KK4HdOnPimDfE8
wY8ffLo4IUbg9q/LEulaJKqXfVkUIgNm0Hew6vAlu8e/5T/HsKdMlqFb8VyNjWeF
9LwY5bNCbPkjKMqU12UbmztSBDB093LVgFEVf6k8IJC1vXPOc3WLGOXSR2v27MaN
ZFhbuplt0Phq7YthA0K+HqyRgFAS83XET3uZfRAEq9e90voaw/Qh29DJQmVkPnCc
O89tGtAlVy/KELl/txHYoVXtvnGmUuVm4zn2FLKlal1b6x/u+rkqktZu9jS+zPqR
Zqq0V1DXEMRi0fN31EjQZsGwGK7SQuY0rv2Qfd+btAmb58GF6y4ltfz1XpiM8C0G
E4E=
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:02:04 2025 by rpki-client