Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/1856F8E8CCC411EFBDE7CF74C4F9AE02.roa
File: 1856F8E8CCC411EFBDE7CF74C4F9AE02.roa (raw, json)
Hash identifier: 3ZvdvOYIsr/GLwsfHu77Tcpi6csxMwAyCAlksdMfA5A=
Subject key identifier: 23:67:21:FF:42:07:6A:C4:E1:47:9F:D7:3A:42:A4:3A:E0:AA:EE:E0
Certificate issuer: /CN=A91E57DC/serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742
Certificate serial: 10FA
Authority key identifier: 22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/1856F8E8CCC411EFBDE7CF74C4F9AE02.roa
Signing time: Sat 12 Apr 2025 17:26:30 +0000
ROA not before: Sat 12 Apr 2025 17:26:30 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 136406
IP address blocks: 103.86.193.0/24 maxlen: 24
103.86.194.0/24 maxlen: 24
103.86.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.crl
rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 17:26:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4346 (0x10fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E57DC, serialNumber=22B1A7175E75FFD847391F2C2E9665E4EEE1B742
Validity
Not Before: Apr 12 17:26:30 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67faa245-1fe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:83:de:81:1a:b7:c0:e0:1a:87:08:a1:67:26:
4d:e0:75:83:a4:66:cd:4a:05:1a:ac:6e:82:04:20:
86:29:a5:b2:c4:1e:39:90:dc:2c:68:2f:21:ce:c0:
4e:b8:3b:cc:74:17:35:ae:cc:81:b3:ff:32:cb:97:
c8:3a:14:82:f3:6f:cc:87:1c:2a:fb:0b:57:1b:30:
81:a8:88:ca:ba:9c:c9:01:45:25:79:6b:ee:7b:31:
47:ae:21:20:f7:09:4c:6a:6a:fc:99:87:72:20:32:
2a:41:d1:7e:8f:4d:53:f1:66:c1:32:d5:41:4b:ca:
62:81:f7:d3:55:ef:64:bb:df:f5:3a:0f:08:2e:41:
b2:e8:c9:d4:b1:09:34:6a:d8:15:3f:96:a2:75:56:
4d:dd:54:0c:96:d6:4f:94:d7:8a:5f:e5:9d:82:a9:
f2:94:f3:74:81:66:1a:3c:24:96:76:f6:6d:7a:18:
26:69:3a:e2:9c:a6:e6:87:f2:f3:62:e9:66:da:2a:
83:36:3b:eb:fb:6d:f4:f7:9e:fe:e7:7a:16:81:c8:
8c:fe:0c:8d:26:e5:3d:a8:1f:79:f2:9e:66:77:1f:
93:dc:f6:f1:f7:fb:e3:b3:f8:06:fe:d6:53:1d:47:
94:ee:b4:95:91:80:36:18:a5:11:34:b1:32:ec:1e:
0e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:67:21:FF:42:07:6A:C4:E1:47:9F:D7:3A:42:A4:3A:E0:AA:EE:E0
X509v3 Authority Key Identifier:
keyid:22:B1:A7:17:5E:75:FF:D8:47:39:1F:2C:2E:96:65:E4:EE:E1:B7:42
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/IrGnF151_9hHOR8sLpZl5O7ht0I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IrGnF151_9hHOR8sLpZl5O7ht0I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E57DC/35F798661F0111E9B1AA9436C4F9AE02/1856F8E8CCC411EFBDE7CF74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.86.193.0-103.86.195.255
Signature Algorithm: sha256WithRSAEncryption
54:86:4c:4d:3d:22:73:5f:6a:83:fe:7d:f2:04:e8:fd:d5:95:
99:8f:43:91:d2:cb:47:37:71:1b:01:9f:28:27:49:02:d4:80:
3f:74:04:30:fc:6e:60:8e:27:0b:ad:ac:93:88:e2:3c:ba:08:
54:a3:56:a2:c2:62:26:e6:d5:69:7d:0a:3b:03:09:51:76:9f:
89:27:97:f7:f3:38:2c:75:c4:a0:48:2a:95:d0:8f:b5:59:da:
fe:f7:7e:fb:e8:aa:cd:2f:6c:aa:bf:7c:90:7e:17:97:76:53:
27:02:43:76:ce:d5:84:c4:c7:cf:ac:1a:18:69:50:a6:63:31:
02:c7:0e:96:4a:94:db:f4:1f:e5:24:1a:0e:64:3f:db:a3:60:
61:7d:36:44:ba:6b:8c:ad:5a:52:36:64:fd:b8:fe:da:ea:e5:
48:89:7d:78:7c:6a:5e:c3:28:cb:7f:8f:6a:3d:aa:43:2b:c9:
a3:96:ca:78:ad:c5:b6:2d:1a:56:1d:30:e6:c4:25:13:06:fc:
78:3b:85:3e:f1:08:d9:4a:a7:93:88:b8:e2:8b:e5:8b:c4:7a:
b9:79:14:eb:10:7a:33:d8:a9:7e:ec:c7:7a:15:6b:87:40:e6:
70:59:b8:9b:3a:a4:85:42:f1:42:c3:96:fc:03:35:8f:5d:0e:
94:97:46:28
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICEPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTU3REMxMTAvBgNVBAUTKDIyQjFBNzE3NUU3NUZGRDg0NzM5MUYyQzJFOTY2NUU0
RUVFMUI3NDIwHhcNMjUwNDEyMTcyNjMwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ZhYTI0NS0xZmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvoPegRq3wOAahwihZyZN4HWDpGbNSgUarG6CBCCGKaWyxB45kNwsaC8hzsBO
uDvMdBc1rsyBs/8yy5fIOhSC82/Mhxwq+wtXGzCBqIjKupzJAUUleWvuezFHriEg
9wlMamr8mYdyIDIqQdF+j01T8WbBMtVBS8pigffTVe9ku9/1Og8ILkGy6MnUsQk0
atgVP5aidVZN3VQMltZPlNeKX+WdgqnylPN0gWYaPCSWdvZtehgmaTrinKbmh/Lz
Yulm2iqDNjvr+230957+53oWgciM/gyNJuU9qB958p5mdx+T3Pbx9/vjs/gG/tZT
HUeU7rSVkYA2GKURNLEy7B4O0QIDAQABo4ICnTCCApkwHQYDVR0OBBYEFCNnIf9C
B2rE4Uef1zpCpDrgqu7gMB8GA1UdIwQYMBaAFCKxpxdedf/YRzkfLC6WZeTu4bdC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTdEQy8zNUY3OTg2NjFG
MDExMUU5QjFBQTk0MzZDNEY5QUUwMi9JckduRjE1MV85aEhPUjhzTHBabDVPN2h0
MEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lyR25GMTUxXzloSE9SOHNMcFpsNU83aHQwSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTU3REMvMzVGNzk4NjYxRjAxMTFFOUIxQUE5NDM2QzRGOUFFMDIvMTg1NkY4RThD
Q0M0MTFFRkJERTdDRjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAGdWwQMEAmdWwDANBgkqhkiG9w0BAQsFAAOCAQEAVIZM
TT0ic19qg/598gTo/dWVmY9DkdLLRzdxGwGfKCdJAtSAP3QEMPxuYI4nC62sk4ji
PLoIVKNWosJiJubVaX0KOwMJUXafiSeX9/M4LHXEoEgqldCPtVna/vd+++iqzS9s
qr98kH4Xl3ZTJwJDds7VhMTHz6waGGlQpmMxAscOlkqU2/Qf5SQaDmQ/26NgYX02
RLprjK1aUjZk/bj+2urlSIl9eHxqXsMoy3+Paj2qQyvJo5bKeK3Fti0aVh0w5sQl
Ewb8eDuFPvEI2Uqnk4i44ovli8R6uXkU6xB6M9ipfuzHehVrh0DmcFm4mzqkhULx
QsOW/AM1j10OlJdGKA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 11:09:05 2025 by rpki-client