Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa
File: 6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa (raw, json)
Hash identifier: DROTwTMk5DUvv23krOsjnKxfQT0TAHld0vTq/cxjBfM=
Subject key identifier: 6A:AF:F4:21:CF:3C:D3:12:E0:F8:BE:3C:08:E4:A7:BE:E9:AB:AD:1B
Certificate issuer: /CN=A91E4463/serialNumber=771230A82EDBC27716AB3DC6A82FC5AEC45EEF67
Certificate serial: 0C14
Authority key identifier: 77:12:30:A8:2E:DB:C2:77:16:AB:3D:C6:A8:2F:C5:AE:C4:5E:EF:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa
Signing time: Thu 20 Feb 2025 19:27:43 +0000
ROA not before: Thu 20 Feb 2025 19:27:43 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 136224
IP address blocks: 103.84.36.0/22 maxlen: 22
103.84.36.0/23 maxlen: 23
103.84.36.0/24 maxlen: 24
103.84.37.0/24 maxlen: 24
103.84.38.0/23 maxlen: 23
103.84.38.0/24 maxlen: 24
103.84.39.0/24 maxlen: 24
113.212.108.0/22 maxlen: 22
113.212.108.0/23 maxlen: 23
113.212.108.0/24 maxlen: 24
113.212.109.0/24 maxlen: 24
113.212.111.0/24 maxlen: 24
2400:9940:5::/48 maxlen: 48
2400:9940:1000::/48 maxlen: 48
2400:9940:1001::/48 maxlen: 48
2400:9940:1002::/48 maxlen: 48
2400:9940:1003::/48 maxlen: 48
2400:9940:1100::/48 maxlen: 48
2400:9940:1101::/48 maxlen: 48
2400:9940:1102::/48 maxlen: 48
2400:9940:1103::/48 maxlen: 48
2400:9940:1104::/48 maxlen: 48
2400:9940:1200::/48 maxlen: 48
2400:9940:1201::/48 maxlen: 48
2400:9940:1202::/48 maxlen: 48
2400:9940:1203::/48 maxlen: 48
2400:9940:1204::/48 maxlen: 48
2400:9940:1300::/48 maxlen: 48
2400:9940:1301::/48 maxlen: 48
2400:9940:1302::/48 maxlen: 48
2400:9940:1303::/48 maxlen: 48
2400:9940:1304::/48 maxlen: 48
2400:9940:1400::/48 maxlen: 48
2400:9940:1401::/48 maxlen: 48
2400:9940:1402::/48 maxlen: 48
2400:9940:1403::/48 maxlen: 48
2400:9940:1404::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.crl
rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 13 Apr 2025 18:35:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3092 (0xc14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4463
Validity
Not Before: Feb 20 19:27:43 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67b7822f-f9f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:66:13:55:2f:38:91:4e:41:11:d2:5d:98:b8:
28:8f:5c:78:7a:7b:04:1d:41:e0:86:e7:30:22:d6:
e8:c3:9c:a0:5b:c8:8a:ff:9b:4a:4f:5c:e8:e5:35:
9b:4d:ee:d2:7f:ae:09:76:18:1b:11:b0:b0:a7:fa:
1f:21:03:f8:50:51:ae:80:03:e5:db:b9:38:c7:62:
a7:22:7a:5a:36:86:a3:ca:17:35:d0:0a:e2:8a:ea:
59:62:6d:45:3e:c2:8a:43:0f:e1:a9:dd:74:36:77:
79:72:06:dc:7d:ff:10:4d:e1:39:1d:49:a3:d3:da:
82:1d:83:1e:2d:e6:04:81:b3:1e:04:bd:02:96:98:
2f:03:f8:32:b0:fb:e2:a6:e4:39:69:93:72:4c:9a:
18:d1:a5:a3:82:05:ff:d6:a9:98:cd:5f:61:e0:d8:
2e:74:a0:27:5c:63:54:ba:b6:f3:1e:c2:56:54:e3:
98:ec:1a:3a:ef:9f:5d:b7:8a:fb:3c:0f:ce:b1:eb:
3f:1d:9d:ac:61:60:c0:51:7d:d8:83:47:63:4b:c5:
99:8b:86:04:d0:07:9a:f6:8a:4b:7a:59:63:5f:03:
e2:fd:7b:42:c6:b8:26:cc:3f:22:78:7f:1d:16:d1:
0e:7d:48:27:13:72:af:2c:f3:e4:8e:7b:6e:29:a2:
ba:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:AF:F4:21:CF:3C:D3:12:E0:F8:BE:3C:08:E4:A7:BE:E9:AB:AD:1B
X509v3 Authority Key Identifier:
keyid:77:12:30:A8:2E:DB:C2:77:16:AB:3D:C6:A8:2F:C5:AE:C4:5E:EF:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.36.0/22
113.212.108.0/22
IPv6:
2400:9940:5::/48
2400:9940:1000::/46
2400:9940:1100::-2400:9940:1104:ffff:ffff:ffff:ffff:ffff
2400:9940:1200::-2400:9940:1204:ffff:ffff:ffff:ffff:ffff
2400:9940:1300::-2400:9940:1304:ffff:ffff:ffff:ffff:ffff
2400:9940:1400::-2400:9940:1404:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2a:42:82:9d:04:dc:02:58:fd:a0:85:c3:a7:48:a1:36:4a:d9:
83:7e:40:bc:41:ae:71:4a:26:f7:29:1d:d5:a7:b2:b7:5a:96:
8a:43:4d:4e:a2:6b:a4:5b:0c:07:d2:90:5b:d5:91:b3:52:17:
4e:6f:20:bf:3d:b0:52:e0:f1:04:65:63:eb:c9:1f:d9:3d:fc:
05:fc:94:21:5c:14:a9:d8:e1:bc:2f:fe:53:0e:92:c7:79:b0:
e4:66:cf:ea:a3:80:8a:f3:19:e3:e6:d5:0d:56:e6:45:b4:ba:
b2:19:e9:8b:6f:29:c4:13:01:c9:9d:3e:b4:6e:86:93:a5:32:
d1:3e:28:3d:92:ef:fa:e2:7d:f6:5d:14:27:95:2b:80:db:76:
cb:6b:10:b5:5d:76:e4:00:05:c3:52:ad:34:c7:e6:ff:af:ab:
bd:00:2c:bf:63:ca:09:5e:d5:19:0c:96:a2:fd:57:4d:b9:68:
13:0a:be:70:08:f8:23:17:db:84:07:e6:eb:41:2b:bb:b1:10:
34:5e:a0:d5:63:18:26:c4:cd:2e:26:ff:8c:d2:7e:e5:56:26:
b9:8a:4a:7d:35:a8:a5:48:26:2b:e9:79:0b:ab:8c:15:f4:e4:
4a:34:5c:58:bd:4e:4e:59:1c:9f:95:a4:a7:0a:a9:13:cc:91:
d7:21:18:41
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgICDBQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ0NjMxMTAvBgNVBAUTKDc3MTIzMEE4MkVEQkMyNzcxNkFCM0RDNkE4MkZDNUFF
QzQ1RUVGNjcwHhcNMjUwMjIwMTkyNzQzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3ODIyZi1mOWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu2YTVS84kU5BEdJdmLgoj1x4ensEHUHghucwItbow5ygW8iK/5tKT1zo5TWb
Te7Sf64JdhgbEbCwp/ofIQP4UFGugAPl27k4x2KnInpaNoajyhc10AriiupZYm1F
PsKKQw/hqd10Nnd5cgbcff8QTeE5HUmj09qCHYMeLeYEgbMeBL0ClpgvA/gysPvi
puQ5aZNyTJoY0aWjggX/1qmYzV9h4NgudKAnXGNUurbzHsJWVOOY7Bo6759dt4r7
PA/Oses/HZ2sYWDAUX3Yg0djS8WZi4YE0Aea9opLelljXwPi/XtCxrgmzD8ieH8d
FtEOfUgnE3KvLPPkjntuKaK63QIDAQABo4IDAjCCAv4wHQYDVR0OBBYEFGqv9CHP
PNMS4Pi+PAjkp77pq60bMB8GA1UdIwQYMBaAFHcSMKgu28J3Fqs9xqgvxa7EXu9n
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDQ2My9BNEQ0NDAwQzEz
OUYxMUVBQTY1ODI4NjBDNEY5QUUwMi9keEl3cUM3YnduY1dxejNHcUNfRnJzUmU3
MmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2R4SXdxQzdid25jV3F6M0dxQ19GcnNSZTcyYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ0NjMvQTRENDQwMEMxMzlGMTFFQUE2NTgyODYwQzRGOUFFMDIvNkVCRDBFNzg4
RUFBMTFFRkE2QzFEMzNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYsGCCsGAQUFBwEHAQH/
BHwwejASBAIAATAMAwQCZ1QkAwQCcdRsMGQEAgACMF4DBwAkAJlAAAUDBwIkAJlA
EAAwEQMGACQAmUARAwcAJACZQBEEMBEDBgEkAJlAEgMHACQAmUASBDARAwYAJACZ
QBMDBwAkAJlAEwQwEQMGAiQAmUAUAwcAJACZQBQEMA0GCSqGSIb3DQEBCwUAA4IB
AQAqQoKdBNwCWP2ghcOnSKE2StmDfkC8Qa5xSib3KR3Vp7K3WpaKQ01OomukWwwH
0pBb1ZGzUhdObyC/PbBS4PEEZWPryR/ZPfwF/JQhXBSp2OG8L/5TDpLHebDkZs/q
o4CK8xnj5tUNVuZFtLqyGemLbynEEwHJnT60boaTpTLRPig9ku/64n32XRQnlSuA
23bLaxC1XXbkAAXDUq00x+b/r6u9ACy/Y8oJXtUZDJai/VdNuWgTCr5wCPgjF9uE
B+brQSu7sRA0XqDVYxgmxM0uJv+M0n7lVia5ikp9NailSCYr6XkLq4wV9ORKNFxY
vU5OWRyflaSnCqkTzJHXIRhB
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:50:28 2025 by rpki-client