Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F495C/5BC63EF4406511EF856C9E29C4F9AE02/084D41C6407111EFB0944C40C4F9AE02.roa
File: 084D41C6407111EFB0944C40C4F9AE02.roa (raw, json)
Hash identifier: Jb/5el+254tvWTwmxgE5e2fworHZ6IC6eYTkaaOmWbo=
Subject key identifier: 44:12:D8:3A:42:00:3F:50:B6:DC:A7:83:35:F7:E1:4C:05:F0:DE:57
Certificate issuer: /CN=A91F495C/serialNumber=D6C80C5D38AA3F10D1EB0E139B9E494EBF6C6421
Certificate serial: 4F
Authority key identifier: D6:C8:0C:5D:38:AA:3F:10:D1:EB:0E:13:9B:9E:49:4E:BF:6C:64:21
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1sgMXTiqPxDR6w4Tm55JTr9sZCE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F495C/5BC63EF4406511EF856C9E29C4F9AE02/084D41C6407111EFB0944C40C4F9AE02.roa
Signing time: Tue 03 Dec 2024 05:40:29 +0000
ROA not before: Tue 03 Dec 2024 05:40:29 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 136023
IP address blocks: 103.80.48.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F495C/5BC63EF4406511EF856C9E29C4F9AE02/1sgMXTiqPxDR6w4Tm55JTr9sZCE.crl
rsync://rpki.apnic.net/member_repository/A91F495C/5BC63EF4406511EF856C9E29C4F9AE02/1sgMXTiqPxDR6w4Tm55JTr9sZCE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1sgMXTiqPxDR6w4Tm55JTr9sZCE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 05:19:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79 (0x4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F495C
Validity
Not Before: Dec 3 05:40:29 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674e99cd-7369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ed:43:ed:bf:fa:94:f5:de:6e:70:99:77:c2:
ae:28:7f:04:d7:55:16:90:92:8f:f8:3c:73:95:cf:
45:ac:cc:71:09:6f:70:7e:7c:94:72:6b:fa:6a:29:
c3:72:3f:fa:a9:f2:96:da:5e:3d:07:0a:7a:c4:66:
33:6b:37:d1:49:64:f5:eb:f1:a9:e5:ce:2e:11:a9:
43:16:10:2e:52:6b:72:58:85:d1:72:90:6c:98:9b:
8d:b7:c1:d5:48:0f:5b:f6:bb:85:e9:28:a2:da:53:
6d:fa:dc:8c:f5:f0:1e:91:c4:56:ea:63:09:f0:bb:
16:6a:9e:0c:b8:51:3e:e8:0b:55:df:8f:45:6c:d7:
b8:e6:f7:03:2a:45:aa:59:a3:1b:99:26:c7:9d:a2:
b2:e9:24:e4:d9:db:fd:68:f9:0f:44:f1:59:9f:fe:
e5:e0:02:7f:e1:88:26:2f:74:da:ac:3b:dd:93:40:
cf:6b:8c:92:0a:db:6c:57:8d:e3:5f:bb:65:44:e2:
15:d9:c2:2b:1f:e9:c0:a7:0f:40:d9:bb:c5:4d:a0:
94:22:b2:8f:c8:ad:17:94:eb:a4:28:6f:f4:98:d0:
04:14:32:7f:39:08:c3:c9:67:95:32:ea:fb:02:82:
7a:d6:14:ba:f3:68:04:c9:7c:4d:b1:75:c9:66:a6:
08:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:12:D8:3A:42:00:3F:50:B6:DC:A7:83:35:F7:E1:4C:05:F0:DE:57
X509v3 Authority Key Identifier:
keyid:D6:C8:0C:5D:38:AA:3F:10:D1:EB:0E:13:9B:9E:49:4E:BF:6C:64:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F495C/5BC63EF4406511EF856C9E29C4F9AE02/1sgMXTiqPxDR6w4Tm55JTr9sZCE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1sgMXTiqPxDR6w4Tm55JTr9sZCE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F495C/5BC63EF4406511EF856C9E29C4F9AE02/084D41C6407111EFB0944C40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.80.48.0/22
Signature Algorithm: sha256WithRSAEncryption
26:e5:dc:3a:f7:a2:4e:16:1b:d5:28:1d:ed:26:60:5b:50:08:
78:52:3c:37:f1:b1:24:bb:fe:7b:45:b6:c9:57:28:a1:b4:a7:
85:30:95:b5:74:b0:0c:3d:5e:e8:99:14:71:ef:55:b7:3c:8f:
3c:f0:13:30:bf:80:32:78:36:c6:a7:3d:9c:c7:39:9e:d3:28:
76:be:1a:41:91:c2:8b:ab:97:74:8f:3e:b8:5f:08:3e:0c:e4:
94:dd:3a:cd:f0:20:2b:f7:39:17:0c:1c:31:19:9f:0c:84:6b:
06:9b:b5:52:d4:59:6d:70:42:ef:2f:e1:4e:31:bb:76:6f:9a:
90:10:40:eb:85:58:a9:47:83:f2:c2:ac:87:36:d5:fd:7f:4d:
f5:bd:71:2d:3c:61:37:33:e8:7c:78:80:97:c8:b9:dd:2b:2e:
b1:80:77:5d:f0:fe:d0:da:b3:f8:c1:cf:76:63:d1:3d:0e:52:
48:93:cf:ae:15:74:ca:96:96:ec:24:1f:29:ed:09:11:a9:e5:
97:b9:86:e8:e1:64:1b:a5:0a:41:c4:78:a3:37:a6:7c:82:09:
07:ea:61:37:ee:f8:ec:7d:b3:43:58:9e:e9:b2:16:b5:20:8b:
7f:ff:b2:50:e4:03:06:b5:ff:62:23:c0:06:de:29:25:bd:78:
b3:48:86:43
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBTzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
NDk1QzExMC8GA1UEBRMoRDZDODBDNUQzOEFBM0YxMEQxRUIwRTEzOUI5RTQ5NEVC
RjZDNjQyMTAeFw0yNDEyMDMwNTQwMjlaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NGU5OWNkLTczNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDX7UPtv/qU9d5ucJl3wq4ofwTXVRaQko/4PHOVz0WszHEJb3B+fJRya/pqKcNy
P/qp8pbaXj0HCnrEZjNrN9FJZPXr8anlzi4RqUMWEC5Sa3JYhdFykGyYm423wdVI
D1v2u4XpKKLaU2363Iz18B6RxFbqYwnwuxZqngy4UT7oC1Xfj0Vs17jm9wMqRapZ
oxuZJsedorLpJOTZ2/1o+Q9E8Vmf/uXgAn/hiCYvdNqsO92TQM9rjJIK22xXjeNf
u2VE4hXZwisf6cCnD0DZu8VNoJQiso/IrReU66Qob/SY0AQUMn85CMPJZ5Uy6vsC
gnrWFLrzaATJfE2xdclmpgidAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQURBLYOkIA
P1C23KeDNffhTAXw3lcwHwYDVR0jBBgwFoAU1sgMXTiqPxDR6w4Tm55JTr9sZCEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY0OTVDLzVCQzYzRUY0NDA2
NTExRUY4NTZDOUUyOUM0RjlBRTAyLzFzZ01YVGlxUHhEUjZ3NFRtNTVKVHI5c1pD
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMXNnTVhUaXFQeERSNnc0VG01NUpUcjlzWkNFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NDk1Qy81QkM2M0VGNDQwNjUxMUVGODU2QzlFMjlDNEY5QUUwMi8wODRENDFDNjQw
NzExMUVGQjA5NDRDNDBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmdQMDANBgkqhkiG9w0BAQsFAAOCAQEAJuXcOveiThYb1Sgd
7SZgW1AIeFI8N/GxJLv+e0W2yVcoobSnhTCVtXSwDD1e6JkUce9VtzyPPPATML+A
Mng2xqc9nMc5ntModr4aQZHCi6uXdI8+uF8IPgzklN06zfAgK/c5FwwcMRmfDIRr
Bpu1UtRZbXBC7y/hTjG7dm+akBBA64VYqUeD8sKshzbV/X9N9b1xLTxhNzPofHiA
l8i53SsusYB3XfD+0Nqz+MHPdmPRPQ5SSJPPrhV0ypaW7CQfKe0JEanll7mG6OFk
G6UKQcR4ozemfIIJB+phN+747H2zQ1ie6bIWtSCLf/+yUOQDBrX/YiPABt4pJb14
s0iGQw==
-----END CERTIFICATE-----
Generated at Fri Apr 11 12:17:15 2025 by rpki-client