Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF5A9/00B7151CFD0811E7A428FF0FC4F9AE02/07D665E0862711EBAC147872C4F9AE02.roa
File: 07D665E0862711EBAC147872C4F9AE02.roa (raw, json)
Hash identifier: h1jWRhCaXCGscugt7m7NPkJTh1NUHltfWypGJXiPwZw=
Subject key identifier: 64:8F:01:25:F0:32:11:CD:C9:64:62:F3:6D:AE:CD:C0:16:A3:CC:CA
Certificate issuer: /CN=A91FF5A9/serialNumber=2B95D8D8228A89147D80193D9770EB50AEDDBB6B
Certificate serial: 168B
Authority key identifier: 2B:95:D8:D8:22:8A:89:14:7D:80:19:3D:97:70:EB:50:AE:DD:BB:6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K5XY2CKKiRR9gBk9l3DrUK7du2s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FF5A9/00B7151CFD0811E7A428FF0FC4F9AE02/07D665E0862711EBAC147872C4F9AE02.roa
Signing time: Tue 18 Feb 2025 17:34:27 +0000
ROA not before: Tue 18 Feb 2025 17:34:27 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 136933
IP address blocks: 103.107.236.0/22 maxlen: 22
103.107.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FF5A9/00B7151CFD0811E7A428FF0FC4F9AE02/K5XY2CKKiRR9gBk9l3DrUK7du2s.crl
rsync://rpki.apnic.net/member_repository/A91FF5A9/00B7151CFD0811E7A428FF0FC4F9AE02/K5XY2CKKiRR9gBk9l3DrUK7du2s.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K5XY2CKKiRR9gBk9l3DrUK7du2s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 16:40:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5771 (0x168b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FF5A9
Validity
Not Before: Feb 18 17:34:27 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b4c4a3-d510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:93:4d:0a:26:9e:72:b4:d2:ed:04:37:98:dc:
8d:7d:67:ae:ac:14:0b:bd:f3:fd:56:82:b1:d7:c9:
5a:ff:09:c2:99:42:29:26:07:c4:a3:5e:8d:2b:71:
5a:ef:b0:51:94:83:ba:1c:54:ae:9e:26:32:6f:99:
6b:d1:86:50:29:44:76:3e:4d:1c:82:f9:3f:76:eb:
6a:61:89:be:82:12:91:e0:0c:33:f8:f7:1e:de:55:
57:ca:dc:74:13:00:c4:e5:a8:e0:ad:40:0c:29:c6:
c9:b8:42:75:ba:67:e8:f2:34:0b:d4:e8:1e:32:01:
64:ae:6f:32:b7:83:b5:c5:da:57:d8:99:f5:a5:88:
70:82:bb:03:c0:69:9b:51:ba:58:9c:e9:3c:85:5e:
79:d0:fe:15:2e:9a:c1:1d:6f:5c:4b:fc:0f:95:a2:
52:af:7f:7c:3b:33:f2:4a:d0:b7:6b:6e:7a:87:92:
45:59:bf:5f:35:0c:28:27:f9:ee:ce:a3:77:0c:48:
93:b0:18:ac:f7:04:9a:cf:9c:61:c7:e9:53:04:49:
ea:90:60:bf:13:84:3c:5b:e3:8e:ee:1f:4d:1d:b0:
d7:2d:6b:22:73:2c:14:2f:fa:d9:89:3f:79:2f:b3:
88:04:18:d9:66:8a:d6:9c:65:39:e2:ca:5a:e8:9a:
ae:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:8F:01:25:F0:32:11:CD:C9:64:62:F3:6D:AE:CD:C0:16:A3:CC:CA
X509v3 Authority Key Identifier:
keyid:2B:95:D8:D8:22:8A:89:14:7D:80:19:3D:97:70:EB:50:AE:DD:BB:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FF5A9/00B7151CFD0811E7A428FF0FC4F9AE02/K5XY2CKKiRR9gBk9l3DrUK7du2s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K5XY2CKKiRR9gBk9l3DrUK7du2s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF5A9/00B7151CFD0811E7A428FF0FC4F9AE02/07D665E0862711EBAC147872C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.107.236.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:1c:8e:78:7e:e7:30:8f:bd:43:57:91:1e:5d:f4:59:55:29:
12:26:b6:48:f4:23:e5:33:eb:e8:d3:10:48:93:fe:50:75:65:
10:f8:e4:f6:bf:0a:e1:00:44:fe:4f:13:34:45:e0:ce:7d:b5:
f3:8f:c0:90:b4:53:1d:1c:1d:91:eb:7f:8f:e9:d4:25:17:7f:
48:a0:83:b0:b7:54:06:92:03:70:1c:00:8e:27:9e:3f:49:b5:
25:69:20:09:60:c3:ac:af:9b:e0:f9:d2:b1:a3:51:a7:55:55:
25:bf:62:25:5f:fd:f4:94:39:c9:a9:00:5f:72:ad:98:a0:9c:
1f:4a:53:72:63:2b:bf:80:05:80:eb:59:93:d4:32:4c:28:d2:
13:88:d4:bb:28:31:f8:e9:bd:ef:55:18:24:b5:d6:4f:f9:53:
e7:d9:3f:5a:47:29:a4:55:d2:f6:86:1e:d1:cc:80:df:8a:8c:
64:c1:9a:46:77:7b:61:0f:9c:a7:ca:06:eb:f5:30:49:5e:b6:
bb:56:6f:6b:70:44:10:91:d2:31:48:9f:4d:ef:80:f2:89:5b:
88:34:49:2f:d9:7d:9d:cc:b3:4b:cd:e5:55:7e:62:a2:e6:8a:
21:52:34:c0:a2:07:18:2a:ed:d5:0c:d2:a5:21:83:ba:80:6f:
7f:44:a9:29
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFoswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkY1QTkxMTAvBgNVBAUTKDJCOTVEOEQ4MjI4QTg5MTQ3RDgwMTkzRDk3NzBFQjUw
QUVEREJCNkIwHhcNMjUwMjE4MTczNDI3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0YzRhMy1kNTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArpNNCiaecrTS7QQ3mNyNfWeurBQLvfP9VoKx18la/wnCmUIpJgfEo16NK3Fa
77BRlIO6HFSuniYyb5lr0YZQKUR2Pk0cgvk/dutqYYm+ghKR4Awz+Pce3lVXytx0
EwDE5ajgrUAMKcbJuEJ1umfo8jQL1OgeMgFkrm8yt4O1xdpX2Jn1pYhwgrsDwGmb
UbpYnOk8hV550P4VLprBHW9cS/wPlaJSr398OzPyStC3a256h5JFWb9fNQwoJ/nu
zqN3DEiTsBis9wSaz5xhx+lTBEnqkGC/E4Q8W+OO7h9NHbDXLWsicywUL/rZiT95
L7OIBBjZZorWnGU54spa6JquLwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGSPASXw
MhHNyWRi822uzcAWo8zKMB8GA1UdIwQYMBaAFCuV2NgiiokUfYAZPZdw61Cu3btr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjVBOS8wMEI3MTUxQ0ZE
MDgxMUU3QTQyOEZGMEZDNEY5QUUwMi9LNVhZMkNLS2lSUjlnQms5bDNEclVLN2R1
MnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0s1WFkyQ0tLaVJSOWdCazlsM0RyVUs3ZHUycy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkY1QTkvMDBCNzE1MUNGRDA4MTFFN0E0MjhGRjBGQzRGOUFFMDIvMDdENjY1RTA4
NjI3MTFFQkFDMTQ3ODcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJna+wwDQYJKoZIhvcNAQELBQADggEBAJocjnh+5zCPvUNX
kR5d9FlVKRImtkj0I+Uz6+jTEEiT/lB1ZRD45Pa/CuEARP5PEzRF4M59tfOPwJC0
Ux0cHZHrf4/p1CUXf0igg7C3VAaSA3AcAI4nnj9JtSVpIAlgw6yvm+D50rGjUadV
VSW/YiVf/fSUOcmpAF9yrZignB9KU3JjK7+ABYDrWZPUMkwo0hOI1LsoMfjpve9V
GCS11k/5U+fZP1pHKaRV0vaGHtHMgN+KjGTBmkZ3e2EPnKfKBuv1MEletrtWb2tw
RBCR0jFIn03vgPKJW4g0SS/ZfZ3Ms0vN5VV+YqLmiiFSNMCiBxgq7dUM0qUhg7qA
b39EqSk=
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:45:02 2025 by rpki-client