Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/859B9868927E11EEB878AA50C4F9AE02.roa
File: 859B9868927E11EEB878AA50C4F9AE02.roa (raw, json)
Hash identifier: ZCpdqccvGNQRvKgyIaRry+OF/s1VpSriPxxNhei30Yk=
Subject key identifier: 42:CE:4A:C4:16:E3:15:47:E8:A0:B0:5A:D9:90:A4:81:44:65:9B:18
Certificate issuer: /CN=A91EF35B/serialNumber=E40720BA293BAF25BC0A1778C65CF0D2E0F35160
Certificate serial: 0407
Authority key identifier: E4:07:20:BA:29:3B:AF:25:BC:0A:17:78:C6:5C:F0:D2:E0:F3:51:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Acguik7ryW8Chd4xlzw0uDzUWA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/859B9868927E11EEB878AA50C4F9AE02.roa
Signing time: Tue 29 Oct 2024 00:55:58 +0000
ROA not before: Tue 29 Oct 2024 00:55:58 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 137967
IP address blocks: 103.172.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/5Acguik7ryW8Chd4xlzw0uDzUWA.crl
rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/5Acguik7ryW8Chd4xlzw0uDzUWA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Acguik7ryW8Chd4xlzw0uDzUWA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 23:55:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1031 (0x407)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF35B, serialNumber=E40720BA293BAF25BC0A1778C65CF0D2E0F35160
Validity
Not Before: Oct 29 00:55:58 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6720329e-505c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:28:ee:21:76:d9:8c:3b:83:98:fb:54:b4:aa:
3d:91:3e:d5:f9:3b:93:a0:a8:0f:20:00:f0:21:10:
f9:24:74:aa:5e:93:c6:71:69:88:83:69:3f:83:89:
30:57:02:10:85:b9:ad:b7:57:4e:51:80:d3:f3:52:
51:63:42:62:1e:9c:18:20:29:e6:37:2b:3e:b1:16:
dc:e9:90:4e:2b:58:f5:b3:41:6f:f1:05:59:38:81:
2b:52:71:3b:c7:b1:e4:82:49:b3:48:bd:ee:68:bd:
07:a2:31:d2:f9:c9:84:52:bf:74:08:82:eb:5d:2d:
d1:0c:39:a6:36:0c:9b:17:d9:81:85:5b:4e:bc:db:
0e:d6:c5:3b:85:8f:ad:46:ff:29:45:7b:41:14:95:
a5:27:1b:cd:fc:f0:2b:cd:44:a2:a8:d6:c2:82:0d:
10:6c:fd:55:e6:4f:9d:07:91:81:c6:c9:5f:a2:d6:
88:7d:fa:ca:bf:57:8b:10:0e:5f:f3:20:5a:a5:43:
b6:f7:52:62:41:57:58:b2:fb:c8:a9:4a:99:9b:e8:
79:9e:17:62:e8:93:7e:08:2f:44:40:4d:2c:28:3a:
39:e4:72:8f:76:54:07:10:59:47:e8:e5:33:56:80:
ee:9c:89:83:6e:12:3f:52:7a:64:5c:12:94:ad:98:
b8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:CE:4A:C4:16:E3:15:47:E8:A0:B0:5A:D9:90:A4:81:44:65:9B:18
X509v3 Authority Key Identifier:
keyid:E4:07:20:BA:29:3B:AF:25:BC:0A:17:78:C6:5C:F0:D2:E0:F3:51:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/5Acguik7ryW8Chd4xlzw0uDzUWA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Acguik7ryW8Chd4xlzw0uDzUWA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF35B/E010158A564E11EC85885914C4F9AE02/859B9868927E11EEB878AA50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.139.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:07:d0:ee:62:eb:f0:7a:42:dd:6a:29:f5:03:a1:ae:33:a0:
33:66:a0:a6:be:3e:0b:f8:e3:85:7d:29:4f:58:fe:87:41:46:
fc:df:1a:2e:cb:89:84:62:b6:a9:00:0b:6d:76:de:6c:e5:3d:
0b:e4:18:18:a0:cb:0e:f1:29:90:a4:bf:7c:88:b3:3d:9d:1b:
07:07:85:7b:47:6b:6f:a3:25:58:b7:17:74:ec:48:44:50:78:
14:64:eb:92:aa:e3:ed:de:fb:d1:77:34:e1:c7:c6:20:47:21:
a7:cf:d9:85:3d:cf:d5:10:c3:cb:63:43:4e:48:92:54:51:e8:
fc:03:5f:71:fb:ef:ad:e3:22:e3:6e:f9:35:78:ea:35:b1:2b:
5b:bc:cb:13:af:6a:df:c0:dd:98:b3:97:c9:52:fe:17:86:32:
9e:c7:a3:10:99:04:84:6d:32:0f:56:8b:ca:d6:a4:71:a7:a0:
92:2d:25:b8:05:d0:de:ed:c4:59:81:eb:1d:a0:0f:ac:14:54:
53:12:67:dd:93:ca:e6:f7:ff:3a:2b:b8:dd:70:08:98:c6:f9:
1d:01:66:35:fd:f9:5a:2a:42:98:76:31:4b:4d:69:d6:8f:f5:
e5:b7:4b:e3:cf:51:8a:96:b1:27:a4:7d:81:e1:d1:43:b7:53:
18:a4:a9:e8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBAcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUYzNUIxMTAvBgNVBAUTKEU0MDcyMEJBMjkzQkFGMjVCQzBBMTc3OEM2NUNGMEQy
RTBGMzUxNjAwHhcNMjQxMDI5MDA1NTU4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIwMzI5ZS01MDVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsSjuIXbZjDuDmPtUtKo9kT7V+TuToKgPIADwIRD5JHSqXpPGcWmIg2k/g4kw
VwIQhbmtt1dOUYDT81JRY0JiHpwYICnmNys+sRbc6ZBOK1j1s0Fv8QVZOIErUnE7
x7HkgkmzSL3uaL0HojHS+cmEUr90CILrXS3RDDmmNgybF9mBhVtOvNsO1sU7hY+t
Rv8pRXtBFJWlJxvN/PArzUSiqNbCgg0QbP1V5k+dB5GBxslfotaIffrKv1eLEA5f
8yBapUO291JiQVdYsvvIqUqZm+h5nhdi6JN+CC9EQE0sKDo55HKPdlQHEFlH6OUz
VoDunImDbhI/UnpkXBKUrZi4QQIDAQABo4IClTCCApEwHQYDVR0OBBYEFELOSsQW
4xVH6KCwWtmQpIFEZZsYMB8GA1UdIwQYMBaAFOQHILopO68lvAoXeMZc8NLg81Fg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjM1Qi9FMDEwMTU4QTU2
NEUxMUVDODU4ODU5MTRDNEY5QUUwMi81QWNndWlrN3J5VzhDaGQ0eGx6dzB1RHpV
V0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVBY2d1aWs3cnlXOENoZDR4bHp3MHVEelVXQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUYzNUIvRTAxMDE1OEE1NjRFMTFFQzg1ODg1OTE0QzRGOUFFMDIvODU5Qjk4Njg5
MjdFMTFFRUI4NzhBQTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnrIswDQYJKoZIhvcNAQELBQADggEBAEsH0O5i6/B6Qt1q
KfUDoa4zoDNmoKa+Pgv444V9KU9Y/odBRvzfGi7LiYRitqkAC2123mzlPQvkGBig
yw7xKZCkv3yIsz2dGwcHhXtHa2+jJVi3F3TsSERQeBRk65Kq4+3e+9F3NOHHxiBH
IafP2YU9z9UQw8tjQ05IklRR6PwDX3H7763jIuNu+TV46jWxK1u8yxOvat/A3Ziz
l8lS/heGMp7HoxCZBIRtMg9Wi8rWpHGnoJItJbgF0N7txFmB6x2gD6wUVFMSZ92T
yub3/zoruN1wCJjG+R0BZjX9+VoqQph2MUtNadaP9eW3S+PPUYqWsSekfYHh0UO3
Uxikqeg=
-----END CERTIFICATE-----
Generated at Mon Apr 14 11:09:02 2025 by rpki-client