Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2B47/F1FE32BA33AF11EDB6107434C4F9AE02/909F94F070F911EDBA42F056C4F9AE02.roa
File: 909F94F070F911EDBA42F056C4F9AE02.roa (raw, json)
Hash identifier: J59LrtIyPPPdrZKXDpKJBMgQFNUlF3OmhLoyAq20BcU=
Subject key identifier: 65:59:E7:8C:EE:DE:E0:2F:BC:E5:CD:A0:41:A5:5D:6C:05:0B:16:A6
Certificate issuer: /CN=A91F2B47/serialNumber=E11896B00C9486E43EE74802D21969F888EE4E2D
Certificate serial: 0200
Authority key identifier: E1:18:96:B0:0C:94:86:E4:3E:E7:48:02:D2:19:69:F8:88:EE:4E:2D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RiWsAyUhuQ-50gC0hlp-IjuTi0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2B47/F1FE32BA33AF11EDB6107434C4F9AE02/909F94F070F911EDBA42F056C4F9AE02.roa
Signing time: Wed 05 Mar 2025 03:48:11 +0000
ROA not before: Wed 05 Mar 2025 03:48:11 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 9426
IP address blocks: 110.5.80.0/21 maxlen: 24
110.5.88.0/21 maxlen: 24
203.10.111.0/24 maxlen: 24
203.16.39.0/24 maxlen: 24
203.23.44.0/24 maxlen: 24
203.24.0.0/22 maxlen: 24
203.24.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F2B47/F1FE32BA33AF11EDB6107434C4F9AE02/4RiWsAyUhuQ-50gC0hlp-IjuTi0.crl
rsync://rpki.apnic.net/member_repository/A91F2B47/F1FE32BA33AF11EDB6107434C4F9AE02/4RiWsAyUhuQ-50gC0hlp-IjuTi0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RiWsAyUhuQ-50gC0hlp-IjuTi0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 01:40:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 512 (0x200)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2B47, serialNumber=E11896B00C9486E43EE74802D21969F888EE4E2D
Validity
Not Before: Mar 5 03:48:11 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c7c97b-a865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6a:da:24:58:ce:47:3d:79:74:8b:76:b1:6a:
e4:44:6c:16:5f:b9:c8:10:e9:2b:fe:70:57:2d:1c:
29:77:53:8c:34:f2:e8:a1:ac:f3:00:46:f8:5f:4a:
c2:f0:ea:5a:e4:e7:f1:4e:13:22:2a:9c:e1:41:c5:
27:1e:ae:81:7f:72:43:ab:39:82:ab:85:92:67:81:
70:95:c9:da:0d:0c:d6:cf:d8:19:b3:d3:6f:1d:a8:
b2:fe:32:ac:c0:35:45:3d:9c:7a:1e:24:69:4b:24:
43:57:bb:d8:b8:6a:96:c8:0f:cc:f0:2e:dd:91:10:
84:07:68:36:e1:71:c9:38:d8:29:06:4e:d6:73:01:
d4:75:a2:12:3a:59:3b:ca:58:88:f9:b4:3c:ea:dc:
ce:93:60:0f:65:96:fe:6d:5c:5e:58:fd:26:13:79:
4d:1c:32:2a:17:8d:6e:be:71:e0:11:86:27:7a:d0:
4b:f6:e5:55:8d:b7:13:22:68:db:b3:94:b9:83:93:
f4:8d:0c:e9:f8:f5:72:ff:97:4f:e4:1c:84:ea:33:
bd:b6:b5:81:8e:17:22:79:fb:28:a4:26:48:09:9c:
2a:f4:6e:f4:36:51:54:11:7a:d5:65:b2:a4:9b:a8:
88:69:0a:59:05:a2:9a:0f:17:ac:2c:d6:d4:9b:b7:
c9:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:59:E7:8C:EE:DE:E0:2F:BC:E5:CD:A0:41:A5:5D:6C:05:0B:16:A6
X509v3 Authority Key Identifier:
keyid:E1:18:96:B0:0C:94:86:E4:3E:E7:48:02:D2:19:69:F8:88:EE:4E:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2B47/F1FE32BA33AF11EDB6107434C4F9AE02/4RiWsAyUhuQ-50gC0hlp-IjuTi0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4RiWsAyUhuQ-50gC0hlp-IjuTi0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2B47/F1FE32BA33AF11EDB6107434C4F9AE02/909F94F070F911EDBA42F056C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.5.80.0/20
203.10.111.0/24
203.16.39.0/24
203.23.44.0/24
203.24.0.0/21
Signature Algorithm: sha256WithRSAEncryption
10:47:50:78:39:39:67:9e:85:fb:f2:4b:33:8d:87:88:9e:0c:
b4:15:37:7e:17:95:30:72:81:43:64:44:d3:4a:44:ba:d1:9f:
b9:50:a7:41:72:9b:be:10:b2:e4:56:ec:bb:d0:ac:6b:8b:f0:
15:91:56:86:8d:1c:b2:7a:d4:e8:0f:ca:60:1e:88:a3:24:d4:
63:0c:51:8b:65:7c:b7:e6:f4:4f:03:ef:02:21:01:d0:89:d1:
42:e9:48:0f:df:2c:38:49:3e:6a:d5:34:71:d9:89:7f:73:b6:
cd:5d:03:ff:c8:22:cd:0f:b2:4c:4b:b8:6b:18:58:67:21:8f:
16:f5:95:df:61:e6:df:db:53:fc:4e:ba:26:2b:e0:c3:75:58:
ba:01:db:67:8d:89:8e:2b:03:bf:c6:94:7a:ec:ea:15:1b:31:
21:fc:07:2a:d1:02:22:74:6e:6a:01:42:55:dd:4a:16:c4:c9:
23:de:76:e0:6b:c9:91:8c:83:11:d2:65:3e:6c:99:aa:18:9f:
aa:b0:70:1f:a7:ee:79:bc:a8:08:d8:d1:41:ab:3b:03:1f:a7:
bf:ed:c0:b7:84:4b:d1:97:5a:09:14:eb:3e:e4:8a:37:b5:04:
d4:91:95:c6:dd:17:a6:35:5f:f8:ed:93:67:1d:46:5e:66:a4:
9d:9f:7c:3d
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICAgAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjJCNDcxMTAvBgNVBAUTKEUxMTg5NkIwMEM5NDg2RTQzRUU3NDgwMkQyMTk2OUY4
ODhFRTRFMkQwHhcNMjUwMzA1MDM0ODExWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3Yzk3Yi1hODY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA32raJFjORz15dIt2sWrkRGwWX7nIEOkr/nBXLRwpd1OMNPLooazzAEb4X0rC
8Opa5OfxThMiKpzhQcUnHq6Bf3JDqzmCq4WSZ4FwlcnaDQzWz9gZs9NvHaiy/jKs
wDVFPZx6HiRpSyRDV7vYuGqWyA/M8C7dkRCEB2g24XHJONgpBk7WcwHUdaISOlk7
yliI+bQ86tzOk2APZZb+bVxeWP0mE3lNHDIqF41uvnHgEYYnetBL9uVVjbcTImjb
s5S5g5P0jQzp+PVy/5dP5ByE6jO9trWBjhciefsopCZICZwq9G70NlFUEXrVZbKk
m6iIaQpZBaKaDxesLNbUm7fJvwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGVZ54zu
3uAvvOXNoEGlXWwFCxamMB8GA1UdIwQYMBaAFOEYlrAMlIbkPudIAtIZafiI7k4t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkI0Ny9GMUZFMzJCQTMz
QUYxMUVEQjYxMDc0MzRDNEY5QUUwMi80UmlXc0F5VWh1US01MGdDMGhscC1JanVU
aTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRSaVdzQXlVaHVRLTUwZ0MwaGxwLUlqdVRpMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjJCNDcvRjFGRTMyQkEzM0FGMTFFREI2MTA3NDM0QzRGOUFFMDIvOTA5Rjk0RjA3
MEY5MTFFREJBNDJGMDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBARuBVADBADLCm8DBADLECcDBADLFywDBAPLGAAwDQYJKoZI
hvcNAQELBQADggEBABBHUHg5OWeehfvySzONh4ieDLQVN34XlTBygUNkRNNKRLrR
n7lQp0Fym74QsuRW7LvQrGuL8BWRVoaNHLJ61OgPymAeiKMk1GMMUYtlfLfm9E8D
7wIhAdCJ0ULpSA/fLDhJPmrVNHHZiX9zts1dA//IIs0PskxLuGsYWGchjxb1ld9h
5t/bU/xOuiYr4MN1WLoB22eNiY4rA7/GlHrs6hUbMSH8ByrRAiJ0bmoBQlXdShbE
ySPeduBryZGMgxHSZT5smaoYn6qwcB+n7nm8qAjY0UGrOwMfp7/twLeES9GXWgkU
6z7kije1BNSRlcbdF6Y1X/jtk2cdRl5mpJ2ffD0=
-----END CERTIFICATE-----
Generated at Sun Apr 13 16:43:40 2025 by rpki-client