Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/08CD1510027011EB98FEC44BC4F9AE02.roa
File: 08CD1510027011EB98FEC44BC4F9AE02.roa (raw, json)
Hash identifier: KmlW5cxQJtlnajXFs7j5PHn6wJjQG7ZZKRzUGo5l5KM=
Subject key identifier: 89:53:03:00:78:36:C4:38:B6:BB:7B:BB:39:FE:02:F2:8A:C2:5D:1B
Certificate issuer: /CN=A9131690/serialNumber=3474C94C36E8F9A0D3A0D22E1DDA108CD340AB28
Certificate serial: 0F74
Authority key identifier: 34:74:C9:4C:36:E8:F9:A0:D3:A0:D2:2E:1D:DA:10:8C:D3:40:AB:28
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/08CD1510027011EB98FEC44BC4F9AE02.roa
Signing time: Thu 06 Mar 2025 18:06:22 +0000
ROA not before: Thu 06 Mar 2025 18:06:22 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 137443
IP address blocks: 103.133.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.crl
rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 17:34:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3956 (0xf74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9131690
Validity
Not Before: Mar 6 18:06:22 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67c9e41e-1212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:58:32:29:64:00:59:e8:d6:42:e1:78:06:cd:
67:ae:23:35:56:58:5e:a6:99:f9:14:ce:4b:e7:54:
36:a4:93:83:8a:39:89:c6:07:b1:a0:0f:83:d9:ba:
dd:e8:d3:31:e7:f0:a4:bd:92:10:e9:94:8a:d1:cd:
8e:d8:99:0a:6e:0b:e6:81:b8:49:69:cb:de:f3:88:
b6:e4:9e:da:03:06:90:6d:f5:16:82:27:53:ae:bc:
6b:d7:43:0a:71:cd:c8:ba:64:97:83:cf:ab:d3:e0:
fd:75:c3:24:4e:e2:fe:a9:a0:a8:c2:39:1f:ca:8c:
43:0c:d8:23:24:da:c0:71:07:32:d2:0f:ba:3c:86:
e5:0a:17:38:36:aa:28:71:1a:86:9c:be:5a:64:fb:
11:99:6a:0e:18:36:ca:36:de:6a:a8:e5:2a:80:f0:
ad:9b:b8:1a:ce:96:52:b5:bd:3a:36:7b:64:41:0d:
10:39:63:55:b0:be:60:ae:d7:cf:ff:5d:cc:d3:b2:
f1:b3:11:13:13:b0:94:78:c5:74:fa:ca:e2:4c:20:
96:12:ab:7d:29:fa:81:95:88:d9:aa:e1:78:ec:eb:
31:84:f1:e0:e5:3e:27:24:a2:ba:3e:4c:7b:2e:af:
4a:a0:4a:6a:2c:48:95:bc:f4:fa:a1:99:da:c8:56:
01:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:53:03:00:78:36:C4:38:B6:BB:7B:BB:39:FE:02:F2:8A:C2:5D:1B
X509v3 Authority Key Identifier:
keyid:34:74:C9:4C:36:E8:F9:A0:D3:A0:D2:2E:1D:DA:10:8C:D3:40:AB:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/NHTJTDbo-aDToNIuHdoQjNNAqyg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHTJTDbo-aDToNIuHdoQjNNAqyg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131690/15B41B8863F311E9A0854C47C4F9AE02/08CD1510027011EB98FEC44BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.176.0/22
Signature Algorithm: sha256WithRSAEncryption
40:bc:52:17:5a:c9:f1:e6:c7:84:8c:04:ef:f8:07:e5:02:c1:
f9:fb:2e:f2:21:b2:18:6a:fd:c9:fa:4d:bf:07:5b:08:a6:22:
fa:21:d1:76:fb:40:6c:f7:4c:ae:39:15:d5:2a:2a:81:73:fc:
0b:2b:49:6e:34:db:d5:13:ba:f9:d4:48:a5:bd:77:0e:aa:a1:
40:fc:23:c1:c4:41:93:ab:fe:0a:e9:d9:77:f3:4b:97:e7:25:
cf:c9:69:74:fd:8f:0f:80:f7:2d:db:22:16:83:ea:16:21:53:
66:f0:06:f8:00:64:e3:d5:1d:ea:fb:2c:24:c8:2d:12:2d:b7:
f5:40:fc:43:50:67:ec:ed:1f:d0:9e:24:fe:5f:58:fb:90:65:
dc:f2:94:99:56:ea:6d:20:25:f7:2e:e1:85:7c:5e:b5:93:d1:
ef:9c:e3:4f:a0:44:4f:ab:66:fd:63:bf:71:75:f5:bc:e4:46:
3b:78:63:eb:dd:68:c2:f1:1f:ac:96:cd:30:68:ca:69:4e:e3:
2b:e9:f2:ed:99:e8:fd:30:83:62:b9:38:d6:9c:ea:87:33:71:
43:48:f8:2b:7d:2c:2e:03:59:f7:45:8a:37:12:b5:83:50:3d:
d0:26:3b:ed:d0:62:cb:2b:d9:5a:ae:7c:ed:8f:48:93:a4:07:
db:cd:94:6e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICD3QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzE2OTAxMTAvBgNVBAUTKDM0NzRDOTRDMzZFOEY5QTBEM0EwRDIyRTFEREExMDhD
RDM0MEFCMjgwHhcNMjUwMzA2MTgwNjIyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M5ZTQxZS0xMjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAslgyKWQAWejWQuF4Bs1nriM1Vlheppn5FM5L51Q2pJODijmJxgexoA+D2brd
6NMx5/CkvZIQ6ZSK0c2O2JkKbgvmgbhJacve84i25J7aAwaQbfUWgidTrrxr10MK
cc3IumSXg8+r0+D9dcMkTuL+qaCowjkfyoxDDNgjJNrAcQcy0g+6PIblChc4Nqoo
cRqGnL5aZPsRmWoOGDbKNt5qqOUqgPCtm7gazpZStb06NntkQQ0QOWNVsL5grtfP
/13M07LxsxETE7CUeMV0+sriTCCWEqt9KfqBlYjZquF47OsxhPHg5T4nJKK6Pkx7
Lq9KoEpqLEiVvPT6oZnayFYBDQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIlTAwB4
NsQ4trt7uzn+AvKKwl0bMB8GA1UdIwQYMBaAFDR0yUw26Pmg06DSLh3aEIzTQKso
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTY5MC8xNUI0MUI4ODYz
RjMxMUU5QTA4NTRDNDdDNEY5QUUwMi9OSFRKVERiby1hRFRvTkl1SGRvUWpOTkFx
eWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05IVEpURGJvLWFEVG9OSXVIZG9Rak5OQXF5Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzE2OTAvMTVCNDFCODg2M0YzMTFFOUEwODU0QzQ3QzRGOUFFMDIvMDhDRDE1MTAw
MjcwMTFFQjk4RkVDNDRCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnhbAwDQYJKoZIhvcNAQELBQADggEBAEC8UhdayfHmx4SM
BO/4B+UCwfn7LvIhshhq/cn6Tb8HWwimIvoh0Xb7QGz3TK45FdUqKoFz/AsrSW40
29UTuvnUSKW9dw6qoUD8I8HEQZOr/grp2XfzS5fnJc/JaXT9jw+A9y3bIhaD6hYh
U2bwBvgAZOPVHer7LCTILRItt/VA/ENQZ+ztH9CeJP5fWPuQZdzylJlW6m0gJfcu
4YV8XrWT0e+c40+gRE+rZv1jv3F19bzkRjt4Y+vdaMLxH6yWzTBoymlO4yvp8u2Z
6P0wg2K5ONac6oczcUNI+Ct9LC4DWfdFijcStYNQPdAmO+3QYssr2VqufO2PSJOk
B9vNlG4=
-----END CERTIFICATE-----
Generated at Fri Apr 11 04:29:31 2025 by rpki-client