Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F7506/95542662B68311ED8A185C1DC4F9AE02/6903848C20A911EEBEC77485C4F9AE02.roa
File: 6903848C20A911EEBEC77485C4F9AE02.roa (raw, json)
Hash identifier: oeA5QwLSLGhzBCJJCLR/tH3NWML3OhbjDPXjELI4Bqo=
Subject key identifier: DB:BB:B6:8F:F7:F4:86:3E:0D:7A:5C:95:6E:78:7D:EB:60:7D:11:52
Certificate issuer: /CN=A91F7506/serialNumber=FF6A7C2CB3DD2D77BDE68B36BA836C7958A9D4DA
Certificate serial: 0160
Authority key identifier: FF:6A:7C:2C:B3:DD:2D:77:BD:E6:8B:36:BA:83:6C:79:58:A9:D4:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_2p8LLPdLXe95os2uoNseVip1No.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F7506/95542662B68311ED8A185C1DC4F9AE02/6903848C20A911EEBEC77485C4F9AE02.roa
Signing time: Wed 01 Jan 2025 02:36:25 +0000
ROA not before: Wed 01 Jan 2025 02:36:25 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 134068
IP address blocks: 103.56.0.0/23 maxlen: 24
2001:df1:b540::/48 maxlen: 52
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F7506/95542662B68311ED8A185C1DC4F9AE02/_2p8LLPdLXe95os2uoNseVip1No.crl
rsync://rpki.apnic.net/member_repository/A91F7506/95542662B68311ED8A185C1DC4F9AE02/_2p8LLPdLXe95os2uoNseVip1No.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_2p8LLPdLXe95os2uoNseVip1No.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 02:27:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 352 (0x160)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F7506, serialNumber=FF6A7C2CB3DD2D77BDE68B36BA836C7958A9D4DA
Validity
Not Before: Jan 1 02:36:25 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6774aa29-db05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:80:99:20:39:f4:8a:64:82:75:64:2a:87:8b:
be:68:e3:a2:2b:9a:61:f7:f0:a7:36:b1:82:14:ce:
9d:d2:4e:7a:e2:a5:93:3d:11:5f:2b:7d:96:65:2b:
81:84:06:88:55:d5:1d:9d:f8:52:46:20:ef:8b:5f:
d3:bc:6f:a5:ce:e5:0e:c0:37:63:46:a5:de:0a:2f:
7d:1c:c1:5f:4f:a6:30:1b:b2:10:01:9d:f1:68:df:
39:97:5c:19:5d:19:c2:ce:fd:53:a9:f5:e3:b0:a1:
2e:36:20:a9:f8:81:c6:eb:7a:b3:18:aa:49:28:1f:
05:95:9c:00:88:82:ae:66:15:a2:78:01:d4:66:2f:
87:18:28:10:d2:3b:b5:07:0b:e1:2f:9a:8e:a6:38:
08:3b:d2:f0:bd:a1:6b:ea:27:a5:d3:ce:50:35:de:
91:65:a5:4a:4b:bc:84:ac:b4:77:d5:29:ca:c0:d1:
d9:69:b3:65:41:af:3f:94:3d:9c:df:02:1d:d9:55:
ba:bf:ef:04:33:31:3c:c8:83:fa:3b:87:19:13:fe:
fe:c2:20:98:1d:4b:52:dc:59:7c:e5:47:48:6a:ab:
2c:31:27:5e:43:d8:91:b8:75:8b:92:8d:05:ab:a4:
2c:af:99:1f:98:48:2e:18:80:e4:f1:e9:dd:8b:ac:
37:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:BB:B6:8F:F7:F4:86:3E:0D:7A:5C:95:6E:78:7D:EB:60:7D:11:52
X509v3 Authority Key Identifier:
keyid:FF:6A:7C:2C:B3:DD:2D:77:BD:E6:8B:36:BA:83:6C:79:58:A9:D4:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F7506/95542662B68311ED8A185C1DC4F9AE02/_2p8LLPdLXe95os2uoNseVip1No.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_2p8LLPdLXe95os2uoNseVip1No.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F7506/95542662B68311ED8A185C1DC4F9AE02/6903848C20A911EEBEC77485C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.56.0.0/23
IPv6:
2001:df1:b540::/48
Signature Algorithm: sha256WithRSAEncryption
89:23:97:01:91:a4:bf:82:ea:6e:b7:5a:48:18:3f:72:7b:49:
2d:d3:6d:17:4b:8d:c1:dc:bd:16:f3:21:b6:c0:0d:c3:f8:fe:
79:84:4c:95:a9:95:ac:2a:c5:dc:36:82:8b:2f:95:cd:3e:e0:
79:d3:4f:30:8b:bc:54:70:e9:b4:2f:df:7d:06:a4:2c:5d:bc:
d2:b5:87:6f:07:ee:bb:23:f1:60:b7:84:1d:62:c8:e2:b7:15:
40:5c:ee:b0:0c:e1:43:7d:82:aa:8a:aa:c4:98:3b:91:84:cd:
26:d4:53:8d:4d:f1:de:66:41:28:4a:11:98:9f:49:a7:54:4d:
b3:5f:7d:2c:1a:b8:e2:93:89:fe:b3:d0:a9:b8:a4:49:49:34:
90:5a:39:e0:d5:03:c7:09:2c:83:cf:f6:9c:12:23:62:83:0b:
70:41:73:0b:8f:ef:b5:ac:dc:9b:79:b0:0d:76:26:25:4f:2a:
d2:3a:65:a4:16:c0:60:97:8e:cd:c8:8b:e3:a1:66:eb:26:b2:
25:f2:f5:b5:0c:49:41:93:28:a5:82:29:f0:2d:af:37:e0:df:
f0:5c:65:24:6d:7f:18:da:13:c3:89:5c:41:8c:be:fb:7d:c6:
ce:94:5f:3b:f6:b4:19:c6:9e:eb:a7:8f:34:5c:56:cc:6d:b5:
ab:63:f8:ab
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjc1MDYxMTAvBgNVBAUTKEZGNkE3QzJDQjNERDJENzdCREU2OEIzNkJBODM2Qzc5
NThBOUQ0REEwHhcNMjUwMTAxMDIzNjI1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0YWEyOS1kYjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ICZIDn0imSCdWQqh4u+aOOiK5ph9/CnNrGCFM6d0k564qWTPRFfK32WZSuB
hAaIVdUdnfhSRiDvi1/TvG+lzuUOwDdjRqXeCi99HMFfT6YwG7IQAZ3xaN85l1wZ
XRnCzv1TqfXjsKEuNiCp+IHG63qzGKpJKB8FlZwAiIKuZhWieAHUZi+HGCgQ0ju1
BwvhL5qOpjgIO9LwvaFr6iel085QNd6RZaVKS7yErLR31SnKwNHZabNlQa8/lD2c
3wId2VW6v+8EMzE8yIP6O4cZE/7+wiCYHUtS3Fl85UdIaqssMSdeQ9iRuHWLko0F
q6Qsr5kfmEguGIDk8endi6w3MQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNu7to/3
9IY+DXpclW54fetgfRFSMB8GA1UdIwQYMBaAFP9qfCyz3S13veaLNrqDbHlYqdTa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzUwNi85NTU0MjY2MkI2
ODMxMUVEOEExODVDMURDNEY5QUUwMi9fMnA4TExQZExYZTk1b3MydW9Oc2VWaXAx
Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL18ycDhMTFBkTFhlOTVvczJ1b05zZVZpcDFOby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjc1MDYvOTU1NDI2NjJCNjgzMTFFRDhBMTg1QzFEQzRGOUFFMDIvNjkwMzg0OEMy
MEE5MTFFRUJFQzc3NDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnOAAwDwQCAAIwCQMHACABDfG1QDANBgkqhkiG9w0BAQsF
AAOCAQEAiSOXAZGkv4LqbrdaSBg/cntJLdNtF0uNwdy9FvMhtsANw/j+eYRMlamV
rCrF3DaCiy+VzT7gedNPMIu8VHDptC/ffQakLF280rWHbwfuuyPxYLeEHWLI4rcV
QFzusAzhQ32CqoqqxJg7kYTNJtRTjU3x3mZBKEoRmJ9Jp1RNs199LBq44pOJ/rPQ
qbikSUk0kFo54NUDxwksg8/2nBIjYoMLcEFzC4/vtazcm3mwDXYmJU8q0jplpBbA
YJeOzciL46Fm6yayJfL1tQxJQZMopYIp8C2vN+Df8FxlJG1/GNoTw4lcQYy++33G
zpRfO/a0Gcae66ePNFxWzG21q2P4qw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:06:40 2025 by rpki-client