Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D7771/55F2F0FEB17D11ECB9736241C4F9AE02/DD7E5CF29C3F11EFAB09C331C4F9AE02.roa
File: DD7E5CF29C3F11EFAB09C331C4F9AE02.roa (raw, json)
Hash identifier: 3MlVoyZinyCwKTl1//T9IkdR0ms/O99hruez1af7KEU=
Subject key identifier: E8:6D:F6:ED:28:FC:AB:E1:5F:BF:D8:CB:49:59:A8:45:D4:CF:8A:35
Certificate issuer: /CN=A91D7771/serialNumber=30C582B6799252BAAC3B381ABA4CC337ABF97DE3
Certificate serial: 0344
Authority key identifier: 30:C5:82:B6:79:92:52:BA:AC:3B:38:1A:BA:4C:C3:37:AB:F9:7D:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MMWCtnmSUrqsOzgaukzDN6v5feM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D7771/55F2F0FEB17D11ECB9736241C4F9AE02/DD7E5CF29C3F11EFAB09C331C4F9AE02.roa
Signing time: Mon 03 Feb 2025 01:05:17 +0000
ROA not before: Mon 03 Feb 2025 01:05:17 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 142063
IP address blocks: 103.172.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D7771/55F2F0FEB17D11ECB9736241C4F9AE02/MMWCtnmSUrqsOzgaukzDN6v5feM.crl
rsync://rpki.apnic.net/member_repository/A91D7771/55F2F0FEB17D11ECB9736241C4F9AE02/MMWCtnmSUrqsOzgaukzDN6v5feM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MMWCtnmSUrqsOzgaukzDN6v5feM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 00:43:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 836 (0x344)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D7771
Validity
Not Before: Feb 3 01:05:17 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=67a0164d-8912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:72:26:6b:c7:84:44:7e:db:72:d8:6c:2a:47:
16:8d:d6:40:d8:fb:e9:c1:e2:15:db:dc:ad:43:b4:
f2:10:9b:0b:12:ca:44:b7:5b:07:6f:0f:38:10:dd:
01:77:2e:35:1a:8c:de:97:4c:22:09:b8:6d:fb:36:
07:67:4f:08:54:2e:33:c7:38:20:75:83:8a:c0:50:
44:b2:37:82:c6:ea:05:8e:3e:fe:00:04:3f:98:76:
73:b4:99:65:05:82:3e:9c:65:7c:a9:47:a0:15:d5:
92:5d:04:4f:23:8d:a9:52:fa:aa:f2:65:de:db:0b:
99:97:ca:c8:fd:09:07:b7:a7:97:d2:75:cf:c2:1f:
66:03:47:11:c7:85:f0:27:e9:13:53:23:c4:25:b5:
5f:bc:70:56:ab:bb:c6:85:c1:ee:3d:15:7e:99:55:
a5:c3:1e:52:0e:ff:2f:e4:df:ec:67:84:52:62:6c:
e0:5c:19:2b:52:19:01:d7:d6:94:0b:88:df:41:71:
fa:41:9b:5f:6f:a5:c4:8a:8f:da:63:e0:53:5f:26:
8e:72:90:11:07:d3:49:2f:95:13:2a:12:25:07:f4:
68:38:05:09:90:a2:e8:eb:91:0d:50:bd:22:49:c1:
74:e2:06:27:5f:9f:6f:98:b6:d8:0e:b3:7d:f1:8e:
90:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:6D:F6:ED:28:FC:AB:E1:5F:BF:D8:CB:49:59:A8:45:D4:CF:8A:35
X509v3 Authority Key Identifier:
keyid:30:C5:82:B6:79:92:52:BA:AC:3B:38:1A:BA:4C:C3:37:AB:F9:7D:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D7771/55F2F0FEB17D11ECB9736241C4F9AE02/MMWCtnmSUrqsOzgaukzDN6v5feM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MMWCtnmSUrqsOzgaukzDN6v5feM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D7771/55F2F0FEB17D11ECB9736241C4F9AE02/DD7E5CF29C3F11EFAB09C331C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.166.0/24
Signature Algorithm: sha256WithRSAEncryption
85:20:e1:01:49:77:fe:55:3e:8c:02:43:6c:c6:fd:3c:09:25:
29:22:b7:48:42:a9:e1:c7:00:1d:5b:91:57:cf:eb:4c:7d:ea:
d4:a7:c9:e7:2a:d6:55:ce:69:3e:4a:49:22:fa:ad:fc:c8:e4:
c1:73:a1:d1:9b:28:46:cb:f8:49:a6:b8:c2:9e:39:c7:ad:2e:
71:1d:f9:3b:bb:0b:49:ab:d0:6e:d6:1c:54:87:33:43:3c:e6:
5d:a2:e2:5f:86:15:d7:87:42:5b:9a:eb:51:5c:ce:2c:23:31:
a2:8b:dc:22:7c:34:c9:0e:77:d3:fc:54:41:40:83:8d:7d:c5:
11:b4:31:6d:e5:5b:98:7a:4a:4d:39:85:39:3d:97:25:d4:c1:
92:a4:02:f7:a3:06:4a:de:35:36:7c:cd:f9:36:d2:56:32:a0:
a9:38:8b:0c:e9:bc:19:32:65:66:e0:10:48:0f:96:3b:8f:c6:
90:4b:d3:3e:89:88:6e:22:0c:13:07:75:c6:06:eb:99:86:4e:
3d:d5:ec:c5:21:57:d1:b8:bf:ac:b4:be:3e:e4:0c:38:95:ed:
b1:8d:d6:4b:1c:04:1a:5c:59:27:f8:1e:83:9d:81:77:da:a7:
b8:63:b1:88:a2:b3:dd:de:b6:4a:36:04:1f:ad:a3:d7:5a:a8:
6e:3c:75:bf
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA0QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDc3NzExMTAvBgNVBAUTKDMwQzU4MkI2Nzk5MjUyQkFBQzNCMzgxQUJBNENDMzM3
QUJGOTdERTMwHhcNMjUwMjAzMDEwNTE3WhcNMjUwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EwMTY0ZC04OTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzXIma8eERH7bcthsKkcWjdZA2PvpweIV29ytQ7TyEJsLEspEt1sHbw84EN0B
dy41Gozel0wiCbht+zYHZ08IVC4zxzggdYOKwFBEsjeCxuoFjj7+AAQ/mHZztJll
BYI+nGV8qUegFdWSXQRPI42pUvqq8mXe2wuZl8rI/QkHt6eX0nXPwh9mA0cRx4Xw
J+kTUyPEJbVfvHBWq7vGhcHuPRV+mVWlwx5SDv8v5N/sZ4RSYmzgXBkrUhkB19aU
C4jfQXH6QZtfb6XEio/aY+BTXyaOcpARB9NJL5UTKhIlB/RoOAUJkKLo65ENUL0i
ScF04gYnX59vmLbYDrN98Y6QHQIDAQABo4IClTCCApEwHQYDVR0OBBYEFOht9u0o
/KvhX7/Yy0lZqEXUz4o1MB8GA1UdIwQYMBaAFDDFgrZ5klK6rDs4GrpMwzer+X3j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENzc3MS81NUYyRjBGRUIx
N0QxMUVDQjk3MzYyNDFDNEY5QUUwMi9NTVdDdG5tU1VycXNPemdhdWt6RE42djVm
ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01NV0N0bm1TVXJxc096Z2F1a3pETjZ2NWZlTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDc3NzEvNTVGMkYwRkVCMTdEMTFFQ0I5NzM2MjQxQzRGOUFFMDIvREQ3RTVDRjI5
QzNGMTFFRkFCMDlDMzMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnrKYwDQYJKoZIhvcNAQELBQADggEBAIUg4QFJd/5VPowC
Q2zG/TwJJSkit0hCqeHHAB1bkVfP60x96tSnyecq1lXOaT5KSSL6rfzI5MFzodGb
KEbL+EmmuMKeOcetLnEd+Tu7C0mr0G7WHFSHM0M85l2i4l+GFdeHQlua61Fcziwj
MaKL3CJ8NMkOd9P8VEFAg419xRG0MW3lW5h6Sk05hTk9lyXUwZKkAvejBkreNTZ8
zfk20lYyoKk4iwzpvBkyZWbgEEgPljuPxpBL0z6JiG4iDBMHdcYG65mGTj3V7MUh
V9G4v6y0vj7kDDiV7bGN1kscBBpcWSf4HoOdgXfap7hjsYiis93etko2BB+to9da
qG48db8=
-----END CERTIFICATE-----
Generated at Thu Apr 10 07:23:34 2025 by rpki-client