Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FCA1E/F0062F28F63411EE8AEAC747C4F9AE02/C9104DDAF63511EE9461F649C4F9AE02.roa
File: C9104DDAF63511EE9461F649C4F9AE02.roa (raw, json)
Hash identifier: m2sARVY1bYsl1KWknE2ii32pPqsgNqR/nyrCyyQr3Rs=
Subject key identifier: BB:2E:E8:AE:D9:7E:74:3A:97:96:F1:24:03:12:21:71:A1:30:92:52
Certificate issuer: /CN=A91FCA1E/serialNumber=8E650A712DC84F22B89B8F18B864C29F9DD713C5
Certificate serial: 94
Authority key identifier: 8E:65:0A:71:2D:C8:4F:22:B8:9B:8F:18:B8:64:C2:9F:9D:D7:13:C5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jmUKcS3ITyK4m48YuGTCn53XE8U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FCA1E/F0062F28F63411EE8AEAC747C4F9AE02/C9104DDAF63511EE9461F649C4F9AE02.roa
Signing time: Wed 15 Jan 2025 05:08:53 +0000
ROA not before: Wed 15 Jan 2025 05:08:53 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 4797
IP address blocks: 202.81.147.0/24 maxlen: 24
202.81.148.0/24 maxlen: 24
202.81.149.0/24 maxlen: 24
202.81.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FCA1E/F0062F28F63411EE8AEAC747C4F9AE02/jmUKcS3ITyK4m48YuGTCn53XE8U.crl
rsync://rpki.apnic.net/member_repository/A91FCA1E/F0062F28F63411EE8AEAC747C4F9AE02/jmUKcS3ITyK4m48YuGTCn53XE8U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jmUKcS3ITyK4m48YuGTCn53XE8U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148 (0x94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FCA1E, serialNumber=8E650A712DC84F22B89B8F18B864C29F9DD713C5
Validity
Not Before: Jan 15 05:08:53 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=678742e5-d327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:02:9e:6c:d7:b1:79:f2:f4:74:21:c4:98:8e:
b4:f1:20:2f:a4:30:9e:1e:ed:7d:8e:90:42:2e:9b:
70:4c:71:c9:8d:c7:13:ba:ee:bc:04:25:2b:11:d7:
40:97:16:17:0f:a8:8a:a6:d2:b7:1d:d2:7c:ae:6d:
96:ca:d6:7c:75:94:29:2d:5d:bc:bf:33:c6:4a:09:
3c:6a:56:d8:72:a3:71:01:6f:9e:44:14:90:2a:ab:
9c:a1:00:f7:a9:b2:57:17:16:76:64:e7:3c:45:8f:
fa:23:f8:33:2e:57:d7:5b:71:ca:62:22:96:f1:81:
f8:a2:5a:55:00:ae:16:24:f3:17:da:b5:1c:0b:22:
fa:21:2e:1e:af:86:f0:1a:46:3c:34:52:f6:a2:43:
a7:00:a0:ab:31:cc:82:b9:aa:de:37:93:b4:e1:6b:
3e:c4:f5:f0:ea:44:73:9f:ea:a3:21:b6:d4:a7:81:
01:e6:d3:e0:a7:12:6a:0b:2e:47:f8:96:ed:7c:75:
6b:ec:66:0b:ce:95:b5:57:6a:ca:02:d1:bf:0c:9f:
ea:54:19:95:05:d4:d7:6e:8c:a0:39:97:52:8d:f2:
68:6c:08:45:82:fe:65:16:88:33:77:0e:52:f8:69:
48:75:5d:34:df:ae:af:bf:37:1e:3e:39:e7:77:f6:
0c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:2E:E8:AE:D9:7E:74:3A:97:96:F1:24:03:12:21:71:A1:30:92:52
X509v3 Authority Key Identifier:
keyid:8E:65:0A:71:2D:C8:4F:22:B8:9B:8F:18:B8:64:C2:9F:9D:D7:13:C5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FCA1E/F0062F28F63411EE8AEAC747C4F9AE02/jmUKcS3ITyK4m48YuGTCn53XE8U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jmUKcS3ITyK4m48YuGTCn53XE8U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FCA1E/F0062F28F63411EE8AEAC747C4F9AE02/C9104DDAF63511EE9461F649C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.81.147.0-202.81.150.255
Signature Algorithm: sha256WithRSAEncryption
33:94:0f:80:51:b5:b4:f1:4c:f5:46:eb:d5:0c:1a:a3:8d:50:
2f:2e:c4:4a:ae:30:11:46:9f:c8:18:61:4b:45:19:43:ba:52:
5f:f8:cb:8e:9d:d8:d7:d9:2f:20:9e:31:31:20:f8:df:6e:50:
bb:12:73:de:1e:c6:63:9c:2a:9e:ef:57:79:10:2c:ea:40:46:
73:09:08:9f:d2:f4:0d:b0:e9:60:a7:53:0a:c5:e2:26:86:12:
32:67:a4:03:23:9a:36:57:d5:fa:00:af:37:e4:99:c4:98:9f:
a7:fd:aa:f5:e3:2a:4b:97:47:d2:41:96:f1:02:b5:c5:13:e0:
99:b2:43:69:d0:d2:8c:66:2b:84:7c:03:7f:05:d2:5d:4f:75:
cf:21:4b:1c:f7:09:25:e1:1c:63:9a:4a:91:73:b0:cb:87:c5:
74:f7:69:b0:f7:0e:f4:f1:fa:45:fe:f5:5f:32:94:03:68:a0:
36:2b:37:fb:f9:3b:3f:79:82:ed:c9:f9:f5:e4:1d:ed:f9:15:
f7:39:c4:d9:50:e9:62:96:63:b3:e9:7d:41:0c:85:29:f8:d9:
73:3c:a1:30:40:b8:39:25:db:84:08:59:56:5c:6d:eb:de:32:
71:b0:52:1a:8c:ee:96:d0:58:c1:6c:e5:64:92:77:f3:49:61:
28:6d:e6:49
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICAJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkNBMUUxMTAvBgNVBAUTKDhFNjUwQTcxMkRDODRGMjJCODlCOEYxOEI4NjRDMjlG
OURENzEzQzUwHhcNMjUwMTE1MDUwODUzWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg3NDJlNS1kMzI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAygKebNexefL0dCHEmI608SAvpDCeHu19jpBCLptwTHHJjccTuu68BCUrEddA
lxYXD6iKptK3HdJ8rm2WytZ8dZQpLV28vzPGSgk8albYcqNxAW+eRBSQKqucoQD3
qbJXFxZ2ZOc8RY/6I/gzLlfXW3HKYiKW8YH4olpVAK4WJPMX2rUcCyL6IS4er4bw
GkY8NFL2okOnAKCrMcyCuareN5O04Ws+xPXw6kRzn+qjIbbUp4EB5tPgpxJqCy5H
+JbtfHVr7GYLzpW1V2rKAtG/DJ/qVBmVBdTXboygOZdSjfJobAhFgv5lFogzdw5S
+GlIdV00366vvzcePjnnd/YMSwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFLsu6K7Z
fnQ6l5bxJAMSIXGhMJJSMB8GA1UdIwQYMBaAFI5lCnEtyE8iuJuPGLhkwp+d1xPF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQ0ExRS9GMDA2MkYyOEY2
MzQxMUVFOEFFQUM3NDdDNEY5QUUwMi9qbVVLY1MzSVR5SzRtNDhZdUdUQ241M1hF
OFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ptVUtjUzNJVHlLNG00OFl1R1RDbjUzWEU4VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkNBMUUvRjAwNjJGMjhGNjM0MTFFRThBRUFDNzQ3QzRGOUFFMDIvQzkxMDREREFG
NjM1MTFFRTk0NjFGNjQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEAMpRkwMEAMpRljANBgkqhkiG9w0BAQsFAAOCAQEAM5QP
gFG1tPFM9Ubr1Qwao41QLy7ESq4wEUafyBhhS0UZQ7pSX/jLjp3Y19kvIJ4xMSD4
325QuxJz3h7GY5wqnu9XeRAs6kBGcwkIn9L0DbDpYKdTCsXiJoYSMmekAyOaNlfV
+gCvN+SZxJifp/2q9eMqS5dH0kGW8QK1xRPgmbJDadDSjGYrhHwDfwXSXU91zyFL
HPcJJeEcY5pKkXOwy4fFdPdpsPcO9PH6Rf71XzKUA2igNis3+/k7P3mC7cn59eQd
7fkV9znE2VDpYpZjs+l9QQyFKfjZczyhMEC4OSXbhAhZVlxt694ycbBSGozultBY
wWzlZJJ380lhKG3mSQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:20:28 2025 by rpki-client