Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0C5F/8B547A72666411E982D05974C4F9AE02/039F32B465C411EBA408403CC4F9AE02.roa
File: 039F32B465C411EBA408403CC4F9AE02.roa (raw, json)
Hash identifier: 1r2d/Ak19T6Kjigl8OFNB0MlpnTTA5brSJxtx4WES4U=
Subject key identifier: 1B:19:79:D3:A5:5E:D6:DC:E2:7F:6A:CF:66:AE:57:71:D9:6A:9C:C2
Certificate issuer: /CN=A91E0C5F/serialNumber=C9905DE52486B9EC4EF879A026445C70B0FD9505
Certificate serial: 05E6
Authority key identifier: C9:90:5D:E5:24:86:B9:EC:4E:F8:79:A0:26:44:5C:70:B0:FD:95:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZBd5SSGuexO-HmgJkRccLD9lQU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E0C5F/8B547A72666411E982D05974C4F9AE02/039F32B465C411EBA408403CC4F9AE02.roa
Signing time: Thu 04 Apr 2024 18:56:56 +0000
ROA not before: Thu 04 Apr 2024 18:56:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24323
IP address blocks: 103.137.52.0/23 maxlen: 23
103.137.52.0/24 maxlen: 24
103.137.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E0C5F/8B547A72666411E982D05974C4F9AE02/yZBd5SSGuexO-HmgJkRccLD9lQU.crl
rsync://rpki.apnic.net/member_repository/A91E0C5F/8B547A72666411E982D05974C4F9AE02/yZBd5SSGuexO-HmgJkRccLD9lQU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZBd5SSGuexO-HmgJkRccLD9lQU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 17:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1510 (0x5e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E0C5F, serialNumber=C9905DE52486B9EC4EF879A026445C70B0FD9505
Validity
Not Before: Apr 4 18:56:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660ef7f8-ef9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:84:6d:35:13:05:32:a8:8d:a5:33:73:3a:03:
62:fe:61:a0:5c:82:2f:c3:40:b3:21:66:00:c4:52:
00:0b:13:d7:4a:14:0b:5a:6c:31:f0:91:91:0b:e8:
80:b9:bc:32:a7:a6:05:c8:1a:24:33:c3:71:7d:de:
6c:98:69:28:21:79:61:92:fd:91:5e:9c:03:f9:ed:
15:05:2a:ac:fb:62:89:16:75:bd:2b:c8:be:ff:ba:
7b:72:78:1f:8e:cf:41:70:34:6b:b2:c0:ee:6a:55:
3b:b3:c7:91:08:e5:19:d1:41:26:17:4e:a0:d5:a3:
fe:86:98:90:9e:2d:e4:4d:0a:b2:a7:6c:08:28:b7:
d9:ea:c4:f8:8c:26:67:83:f7:0d:cc:85:11:fb:68:
ab:de:05:93:75:63:55:79:3e:c7:7e:2b:36:e7:d7:
b9:d5:06:db:35:40:69:71:be:75:4a:2d:7f:49:68:
85:19:f4:21:61:60:b5:2f:fa:2c:5f:fd:78:ff:2d:
5a:c8:94:c1:e1:5a:62:a9:81:da:5a:f3:fb:2e:c9:
bf:ee:88:d7:ce:c3:0d:03:71:c5:dd:66:b8:74:30:
d9:fd:1a:62:d3:b8:55:9d:53:88:c0:43:52:03:39:
6a:34:48:dd:56:73:6c:c1:0a:53:28:e5:94:4a:77:
47:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:19:79:D3:A5:5E:D6:DC:E2:7F:6A:CF:66:AE:57:71:D9:6A:9C:C2
X509v3 Authority Key Identifier:
keyid:C9:90:5D:E5:24:86:B9:EC:4E:F8:79:A0:26:44:5C:70:B0:FD:95:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E0C5F/8B547A72666411E982D05974C4F9AE02/yZBd5SSGuexO-HmgJkRccLD9lQU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yZBd5SSGuexO-HmgJkRccLD9lQU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0C5F/8B547A72666411E982D05974C4F9AE02/039F32B465C411EBA408403CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.52.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:78:31:6a:43:34:cc:68:2a:14:53:92:5f:96:e3:81:5e:6e:
04:09:58:d0:bd:f1:d3:30:48:4a:ae:fa:e1:f1:ea:fd:dd:f7:
f7:c5:38:c4:79:fa:ac:35:d5:84:b3:08:af:87:08:ee:2a:76:
45:1e:f2:c0:f4:c7:9e:b4:56:e1:8c:3c:98:a7:42:60:51:df:
3e:4b:30:58:46:8e:5e:09:f8:3f:98:3d:2f:32:bc:2e:ec:9a:
5c:93:1a:59:08:ad:fe:5c:36:34:f1:b8:2a:ad:3e:bd:98:da:
66:0a:5d:3e:12:88:7f:e6:9d:61:12:12:90:bf:d5:01:8e:9b:
d3:b3:c5:c5:95:c0:6f:ae:5c:37:ec:26:7d:df:16:66:c6:20:
e8:7a:aa:c1:cd:e4:ab:0f:ca:38:90:57:44:e1:79:fe:e4:ef:
01:c5:d9:af:b9:ff:70:38:b1:6d:cb:02:89:d3:31:ff:9a:44:
71:a1:45:b2:46:cc:9b:a0:c1:d8:c9:37:11:96:b2:be:62:29:
55:2c:7c:56:0f:4e:e7:3e:e1:ae:d7:23:76:5f:8c:59:51:40:
23:30:2d:e4:f7:ba:26:ae:b3:bd:ed:fd:fa:a5:3a:9c:eb:18:
25:3a:67:bf:19:4f:1c:28:fe:9c:0b:34:58:65:46:d0:fd:f0:
a7:52:42:1d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBeYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTBDNUYxMTAvBgNVBAUTKEM5OTA1REU1MjQ4NkI5RUM0RUY4NzlBMDI2NDQ1Qzcw
QjBGRDk1MDUwHhcNMjQwNDA0MTg1NjU2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBlZjdmOC1lZjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsIRtNRMFMqiNpTNzOgNi/mGgXIIvw0CzIWYAxFIACxPXShQLWmwx8JGRC+iA
ubwyp6YFyBokM8Nxfd5smGkoIXlhkv2RXpwD+e0VBSqs+2KJFnW9K8i+/7p7cngf
js9BcDRrssDualU7s8eRCOUZ0UEmF06g1aP+hpiQni3kTQqyp2wIKLfZ6sT4jCZn
g/cNzIUR+2ir3gWTdWNVeT7Hfis259e51QbbNUBpcb51Si1/SWiFGfQhYWC1L/os
X/14/y1ayJTB4VpiqYHaWvP7Lsm/7ojXzsMNA3HF3Wa4dDDZ/Rpi07hVnVOIwENS
AzlqNEjdVnNswQpTKOWUSndHYQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBsZedOl
Xtbc4n9qz2auV3HZapzCMB8GA1UdIwQYMBaAFMmQXeUkhrnsTvh5oCZEXHCw/ZUF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEM1Ri84QjU0N0E3MjY2
NjQxMUU5ODJEMDU5NzRDNEY5QUUwMi95WkJkNVNTR3VleE8tSG1nSmtSY2NMRDls
UVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3laQmQ1U1NHdWV4Ty1IbWdKa1JjY0xEOWxRVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTBDNUYvOEI1NDdBNzI2NjY0MTFFOTgyRDA1OTc0QzRGOUFFMDIvMDM5RjMyQjQ2
NUM0MTFFQkE0MDg0MDNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFniTQwDQYJKoZIhvcNAQELBQADggEBAKZ4MWpDNMxoKhRT
kl+W44FebgQJWNC98dMwSEqu+uHx6v3d9/fFOMR5+qw11YSzCK+HCO4qdkUe8sD0
x560VuGMPJinQmBR3z5LMFhGjl4J+D+YPS8yvC7smlyTGlkIrf5cNjTxuCqtPr2Y
2mYKXT4SiH/mnWESEpC/1QGOm9OzxcWVwG+uXDfsJn3fFmbGIOh6qsHN5KsPyjiQ
V0Thef7k7wHF2a+5/3A4sW3LAonTMf+aRHGhRbJGzJugwdjJNxGWsr5iKVUsfFYP
Tuc+4a7XI3ZfjFlRQCMwLeT3uiaus73t/fqlOpzrGCU6Z78ZTxwo/pwLNFhlRtD9
8KdSQh0=
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:46:05 2025 by rpki-client