Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF55D/E7A77BEED11F11EB9E5B1A82C4F9AE02/8504C794D12411EBAD06CD48C4F9AE02.roa
File: 8504C794D12411EBAD06CD48C4F9AE02.roa (raw, json)
Hash identifier: zqhHb4EuNxIhj0MsDdGRZBLgZ5b4JdLttiLWNXtELcI=
Subject key identifier: 69:91:E3:A8:72:2D:60:EE:A4:10:BF:01:5A:92:9B:5B:0F:EB:9E:F2
Certificate issuer: /CN=A91DF55D/serialNumber=60DC375DAACC9781BB702E03882A325FEBBFE9B4
Certificate serial: 0566
Authority key identifier: 60:DC:37:5D:AA:CC:97:81:BB:70:2E:03:88:2A:32:5F:EB:BF:E9:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YNw3XarMl4G7cC4DiCoyX-u_6bQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DF55D/E7A77BEED11F11EB9E5B1A82C4F9AE02/8504C794D12411EBAD06CD48C4F9AE02.roa
Signing time: Thu 30 Jan 2025 23:42:51 +0000
ROA not before: Thu 30 Jan 2025 23:42:51 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 138505
IP address blocks: 103.160.252.0/23 maxlen: 23
103.160.252.0/24 maxlen: 24
103.160.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DF55D/E7A77BEED11F11EB9E5B1A82C4F9AE02/YNw3XarMl4G7cC4DiCoyX-u_6bQ.crl
rsync://rpki.apnic.net/member_repository/A91DF55D/E7A77BEED11F11EB9E5B1A82C4F9AE02/YNw3XarMl4G7cC4DiCoyX-u_6bQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YNw3XarMl4G7cC4DiCoyX-u_6bQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 23:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1382 (0x566)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DF55D
Validity
Not Before: Jan 30 23:42:51 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679c0e7a-ae29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4e:86:66:41:c6:4e:45:11:20:ae:72:a4:f8:
09:6f:ce:aa:e1:c3:52:fa:c2:e8:94:f8:85:87:0a:
ce:8b:b8:c0:3f:51:89:cb:6b:61:ed:90:0e:92:07:
3b:82:14:b6:3a:62:0d:32:9f:69:ea:f1:91:38:b6:
1f:98:01:bf:89:c0:44:77:44:b7:69:81:f9:8c:97:
4d:75:50:cd:62:f5:a2:9d:fb:7d:4f:a7:1f:a8:7c:
8c:d4:5b:eb:10:17:d2:85:0f:1d:5e:14:61:83:61:
f4:0f:21:fb:b5:15:d1:21:ef:ac:2c:54:f8:2c:42:
4b:38:15:8f:61:a2:e3:7b:19:3e:66:5e:c9:1f:10:
85:9b:e2:5b:8b:b0:22:5f:3b:6a:34:ed:8a:08:84:
17:13:c5:34:10:4a:ce:58:ee:95:97:49:fc:59:44:
c3:b0:71:57:cf:4e:82:ec:1b:40:4e:a1:6b:7a:24:
40:e6:25:a4:9b:e3:9a:09:e7:66:2b:7b:0b:f1:78:
d0:aa:5f:28:d5:90:71:57:de:26:c4:c1:9f:7a:8d:
be:1a:82:2f:ca:1a:e9:57:95:49:3f:01:a8:2e:26:
11:0d:fa:25:28:76:57:2d:92:31:b9:33:ad:f7:0a:
00:3d:66:30:13:f6:69:58:bd:bb:cd:81:72:b3:1e:
a3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:91:E3:A8:72:2D:60:EE:A4:10:BF:01:5A:92:9B:5B:0F:EB:9E:F2
X509v3 Authority Key Identifier:
keyid:60:DC:37:5D:AA:CC:97:81:BB:70:2E:03:88:2A:32:5F:EB:BF:E9:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DF55D/E7A77BEED11F11EB9E5B1A82C4F9AE02/YNw3XarMl4G7cC4DiCoyX-u_6bQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YNw3XarMl4G7cC4DiCoyX-u_6bQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF55D/E7A77BEED11F11EB9E5B1A82C4F9AE02/8504C794D12411EBAD06CD48C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.252.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:d0:e5:e9:73:2a:4b:a2:84:de:6d:ef:7c:32:02:82:8d:59:
05:2d:b1:74:ac:56:ab:0d:b6:af:8a:d9:3b:37:f8:14:1a:92:
95:06:ca:58:50:e0:02:26:a2:ac:f7:2f:c9:eb:f3:5b:45:8d:
af:5a:2f:e9:71:9e:f8:ff:07:17:58:42:2d:ba:c7:71:5b:f6:
2e:05:6a:28:45:50:cd:5b:c5:99:10:04:2d:94:69:a1:52:2a:
35:b9:b7:a5:a4:fc:d5:fc:57:67:31:83:26:bd:e6:14:7a:8a:
f1:e0:43:0f:da:6e:f6:aa:fa:cc:4a:b2:e5:f1:5d:1d:a8:cd:
c6:ef:6b:7d:78:f6:40:35:a5:5e:b1:fd:fc:62:cc:3c:78:66:
d1:37:ed:7e:02:32:80:a9:6f:6b:4d:17:18:2d:89:74:14:e9:
ac:b5:5d:da:ac:84:27:e6:77:24:5d:0b:ba:47:e9:48:6e:48:
89:b4:d2:ce:55:c7:d8:14:e4:c6:c9:e6:94:a5:41:e9:fc:18:
08:58:7d:de:61:b2:55:c5:1b:f3:2c:1e:3d:1f:38:18:b1:0d:
9d:a0:86:42:55:69:a7:1c:14:2d:f4:a0:3d:e3:bd:27:99:da:
82:dc:80:66:d1:1a:af:40:9a:44:42:03:59:2e:47:8a:e6:17:
3c:43:fd:8d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBWYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REY1NUQxMTAvBgNVBAUTKDYwREMzNzVEQUFDQzk3ODFCQjcwMkUwMzg4MkEzMjVG
RUJCRkU5QjQwHhcNMjUwMTMwMjM0MjUxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzljMGU3YS1hZTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1U6GZkHGTkURIK5ypPgJb86q4cNS+sLolPiFhwrOi7jAP1GJy2th7ZAOkgc7
ghS2OmINMp9p6vGROLYfmAG/icBEd0S3aYH5jJdNdVDNYvWinft9T6cfqHyM1Fvr
EBfShQ8dXhRhg2H0DyH7tRXRIe+sLFT4LEJLOBWPYaLjexk+Zl7JHxCFm+Jbi7Ai
XztqNO2KCIQXE8U0EErOWO6Vl0n8WUTDsHFXz06C7BtATqFreiRA5iWkm+OaCedm
K3sL8XjQql8o1ZBxV94mxMGfeo2+GoIvyhrpV5VJPwGoLiYRDfolKHZXLZIxuTOt
9woAPWYwE/ZpWL27zYFysx6jnQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGmR46hy
LWDupBC/AVqSm1sP657yMB8GA1UdIwQYMBaAFGDcN12qzJeBu3AuA4gqMl/rv+m0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjU1RC9FN0E3N0JFRUQx
MUYxMUVCOUU1QjFBODJDNEY5QUUwMi9ZTnczWGFyTWw0RzdjQzREaUNveVgtdV82
YlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lOdzNYYXJNbDRHN2NDNERpQ295WC11XzZiUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REY1NUQvRTdBNzdCRUVEMTFGMTFFQjlFNUIxQTgyQzRGOUFFMDIvODUwNEM3OTRE
MTI0MTFFQkFEMDZDRDQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnoPwwDQYJKoZIhvcNAQELBQADggEBAG3Q5elzKkuihN5t
73wyAoKNWQUtsXSsVqsNtq+K2Ts3+BQakpUGylhQ4AImoqz3L8nr81tFja9aL+lx
nvj/BxdYQi26x3Fb9i4FaihFUM1bxZkQBC2UaaFSKjW5t6Wk/NX8V2cxgya95hR6
ivHgQw/abvaq+sxKsuXxXR2ozcbva3149kA1pV6x/fxizDx4ZtE37X4CMoCpb2tN
FxgtiXQU6ay1XdqshCfmdyRdC7pH6UhuSIm00s5Vx9gU5MbJ5pSlQen8GAhYfd5h
slXFG/MsHj0fOBixDZ2ghkJVaaccFC30oD3jvSeZ2oLcgGbRGq9AmkRCA1kuR4rm
FzxD/Y0=
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:45:14 2025 by rpki-client