Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/AA5F20585B9A11EFBB8CB141C4F9AE02.roa
File: AA5F20585B9A11EFBB8CB141C4F9AE02.roa (raw, json)
Hash identifier: xwJyyBO1pg9qb2VE0/6cn7we8wuOMnw/nqF3R5gu+VU=
Subject key identifier: E6:20:3F:7B:75:52:DD:4D:9A:5C:19:A1:DA:64:00:C6:31:54:F7:AC
Certificate issuer: /CN=A91D824A/serialNumber=5C722A26141C88F7CD40F39B374ADA7FBC1F9B1F
Certificate serial: 46
Authority key identifier: 5C:72:2A:26:14:1C:88:F7:CD:40:F3:9B:37:4A:DA:7F:BC:1F:9B:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XHIqJhQciPfNQPObN0raf7wfmx8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/AA5F20585B9A11EFBB8CB141C4F9AE02.roa
Signing time: Tue 17 Dec 2024 05:39:26 +0000
ROA not before: Tue 17 Dec 2024 05:39:26 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 26658
IP address blocks: 103.202.48.0/22 maxlen: 24
202.88.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.crl
rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XHIqJhQciPfNQPObN0raf7wfmx8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 05:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70 (0x46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D824A
Validity
Not Before: Dec 17 05:39:26 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67610e8e-6d9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:64:35:6e:bb:94:b1:59:93:00:50:89:b3:5f:
4a:fd:90:76:b1:bd:6f:45:74:b0:6a:a7:95:f7:5b:
f0:d9:fd:ef:5e:f3:89:57:fe:b8:2b:25:99:97:38:
d1:e8:d9:3d:c0:3e:46:84:f6:e9:35:3c:18:a4:cf:
7f:e0:b5:ea:86:68:1a:9e:f6:aa:9e:9c:55:22:30:
d2:c7:b7:0c:78:a5:52:f7:c0:4e:77:3c:04:06:b4:
5b:ba:9a:32:b0:9a:05:d3:9a:eb:73:cb:66:7c:94:
23:f5:2a:89:4a:db:57:10:df:95:c1:b2:50:dc:70:
db:22:30:5a:aa:9c:94:8f:71:bc:2a:8e:b3:8e:d8:
92:26:20:31:c6:87:79:1c:cb:06:06:55:ea:7b:31:
f3:e5:14:ba:bd:b0:6f:bc:e2:90:16:69:38:c9:16:
52:9c:94:b0:40:6e:df:2b:69:21:96:f1:fb:ab:5b:
80:46:a1:74:f9:05:ca:8c:47:71:1a:f8:06:8b:40:
7e:54:05:df:4a:a0:ae:d9:c7:0a:73:ca:85:29:13:
d0:e3:d5:73:2d:d8:1f:2d:58:d2:c6:2e:56:d4:87:
94:5e:ef:04:4a:e3:0a:60:42:7c:a8:88:2d:41:1d:
ca:71:39:b9:1e:81:5a:f4:e0:21:c9:32:91:1e:df:
73:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:20:3F:7B:75:52:DD:4D:9A:5C:19:A1:DA:64:00:C6:31:54:F7:AC
X509v3 Authority Key Identifier:
keyid:5C:72:2A:26:14:1C:88:F7:CD:40:F3:9B:37:4A:DA:7F:BC:1F:9B:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XHIqJhQciPfNQPObN0raf7wfmx8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/AA5F20585B9A11EFBB8CB141C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.202.48.0/22
202.88.36.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:75:23:8e:8e:96:21:b6:80:f9:a4:70:c4:36:79:d3:f6:62:
7d:0f:4f:1e:10:c1:77:be:84:12:03:c5:73:6b:54:16:2b:8e:
6c:26:59:e2:77:43:e1:64:68:6b:55:19:21:40:34:3c:30:4c:
38:32:51:64:dc:98:b8:99:24:88:66:0f:89:dd:57:12:11:33:
3b:92:82:b1:5a:3a:4e:f2:a7:0d:b3:21:b8:01:54:d5:70:00:
c5:52:f8:8b:54:09:4b:64:e0:5d:ca:24:6d:06:c9:b0:52:1d:
4d:62:9c:a1:fe:32:77:1c:9f:dc:7a:ab:6d:16:e7:20:14:83:
e3:57:ea:ef:55:32:fc:6f:38:75:d3:5b:3c:95:13:cf:92:61:
50:b3:dd:6b:37:ff:5b:1d:46:76:9d:2a:93:97:25:63:1b:e4:
c2:91:78:0c:51:cc:1c:76:b7:51:63:15:68:6b:0b:ea:56:15:
f6:e4:53:b5:a5:70:de:16:83:bf:6b:8c:79:ec:21:9c:72:22:
e1:3c:3a:2c:a8:13:c1:63:49:5f:c3:2b:86:93:a5:41:b9:81:
ae:d6:40:00:11:8c:aa:57:35:d3:b6:18:4d:60:74:f2:4a:ce:
f8:8b:89:ec:16:10:d3:bf:a5:f2:ae:3e:78:ed:fd:b0:a2:cb:
a9:b9:19:b7
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBRjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
ODI0QTExMC8GA1UEBRMoNUM3MjJBMjYxNDFDODhGN0NENDBGMzlCMzc0QURBN0ZC
QzFGOUIxRjAeFw0yNDEyMTcwNTM5MjZaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NjEwZThlLTZkOWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCdZDVuu5SxWZMAUImzX0r9kHaxvW9FdLBqp5X3W/DZ/e9e84lX/rgrJZmXONHo
2T3APkaE9uk1PBikz3/gteqGaBqe9qqenFUiMNLHtwx4pVL3wE53PAQGtFu6mjKw
mgXTmutzy2Z8lCP1KolK21cQ35XBslDccNsiMFqqnJSPcbwqjrOO2JImIDHGh3kc
ywYGVep7MfPlFLq9sG+84pAWaTjJFlKclLBAbt8raSGW8furW4BGoXT5BcqMR3Ea
+AaLQH5UBd9KoK7ZxwpzyoUpE9Dj1XMt2B8tWNLGLlbUh5Re7wRK4wpgQnyoiC1B
HcpxObkegVr04CHJMpEe33OxAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQU5iA/e3VS
3U2aXBmh2mQAxjFU96wwHwYDVR0jBBgwFoAUXHIqJhQciPfNQPObN0raf7wfmx8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4MjRBLzRBREYzM0ZDNUI5
QTExRUY4MzA3RjU0MEM0RjlBRTAyL1hISXFKaFFjaVBmTlFQT2JOMHJhZjd3Zm14
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWEhJcUpoUWNpUGZOUVBPYk4wcmFmN3dmbXg4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
ODI0QS80QURGMzNGQzVCOUExMUVGODMwN0Y1NDBDNEY5QUUwMi9BQTVGMjA1ODVC
OUExMUVGQkI4Q0IxNDFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAmfKMAMEAspYJDANBgkqhkiG9w0BAQsFAAOCAQEAo3Ujjo6W
IbaA+aRwxDZ50/ZifQ9PHhDBd76EEgPFc2tUFiuObCZZ4ndD4WRoa1UZIUA0PDBM
ODJRZNyYuJkkiGYPid1XEhEzO5KCsVo6TvKnDbMhuAFU1XAAxVL4i1QJS2TgXcok
bQbJsFIdTWKcof4ydxyf3HqrbRbnIBSD41fq71Uy/G84ddNbPJUTz5JhULPdazf/
Wx1Gdp0qk5clYxvkwpF4DFHMHHa3UWMVaGsL6lYV9uRTtaVw3haDv2uMeewhnHIi
4Tw6LKgTwWNJX8MrhpOlQbmBrtZAABGMqlc107YYTWB08krO+IuJ7BYQ07+l8q4+
eO39sKLLqbkZtw==
-----END CERTIFICATE-----
Generated at Fri Apr 11 08:24:23 2025 by rpki-client