Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137722/46BDDC00288D11EFB1904721C4F9AE02/B4684D8A288D11EF96BC5135C4F9AE02.roa
File: B4684D8A288D11EF96BC5135C4F9AE02.roa (raw, json)
Hash identifier: LuOXDNonR3GEQAX6Ae//YPTmZrxLa+xdQ9eXFVMZLeI=
Subject key identifier: 24:A1:BF:B3:19:BF:3D:C6:04:F7:E2:ED:01:4F:A4:0A:79:36:C9:66
Certificate issuer: /CN=A9137722/serialNumber=D5289E8B7DF5D92016EC798EEEFF05BC73E85580
Certificate serial: 4E
Authority key identifier: D5:28:9E:8B:7D:F5:D9:20:16:EC:79:8E:EE:FF:05:BC:73:E8:55:80
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Siei3312SAW7HmO7v8FvHPoVYA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137722/46BDDC00288D11EFB1904721C4F9AE02/B4684D8A288D11EF96BC5135C4F9AE02.roa
Signing time: Sun 03 Nov 2024 05:28:16 +0000
ROA not before: Sun 03 Nov 2024 05:28:16 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 138152
IP address blocks: 103.143.72.0/24 maxlen: 24
103.143.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9137722/46BDDC00288D11EFB1904721C4F9AE02/1Siei3312SAW7HmO7v8FvHPoVYA.crl
rsync://rpki.apnic.net/member_repository/A9137722/46BDDC00288D11EFB1904721C4F9AE02/1Siei3312SAW7HmO7v8FvHPoVYA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Siei3312SAW7HmO7v8FvHPoVYA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 05:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78 (0x4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137722, serialNumber=D5289E8B7DF5D92016EC798EEEFF05BC73E85580
Validity
Not Before: Nov 3 05:28:16 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=672709f0-1dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d8:99:d5:ab:06:67:6d:af:ab:78:76:6f:7c:
42:33:aa:30:f5:46:7f:2c:02:f0:50:eb:32:ca:dc:
d6:1e:3a:e0:c9:d1:86:bd:5b:1b:29:52:84:e7:d7:
76:2b:3c:72:36:5c:ea:6b:76:d8:34:72:8f:74:1f:
10:b4:48:bc:32:b9:9a:9a:10:d4:37:d6:95:c2:76:
4e:c4:d7:ef:ae:32:e8:ee:50:b8:66:17:f0:9b:f7:
d6:87:83:6e:db:ed:db:61:66:b9:d4:93:82:dd:ba:
53:20:c7:fd:57:44:73:b4:28:63:ca:5b:bb:a0:a5:
4c:29:58:9d:cd:4d:b4:e4:2d:a3:20:c6:13:d3:4a:
b9:ac:6f:7b:0b:8c:50:8b:85:38:42:42:31:5c:d7:
71:c8:bc:6c:ad:0e:90:6d:ac:10:42:33:90:0f:1c:
1d:87:a4:21:0f:a5:af:68:c4:6f:ca:ae:04:f1:c2:
17:fd:76:4d:83:66:49:65:58:96:48:05:c0:26:5b:
d6:0e:d2:0a:1c:2b:1b:a2:fd:04:b7:d3:46:86:fe:
87:2a:24:71:de:9e:ee:f0:6a:c1:aa:31:3a:8a:60:
f0:1b:46:f7:2c:30:44:b0:1c:fe:08:33:41:8b:28:
9c:f6:ab:b8:48:c1:b7:37:a3:84:23:75:63:42:1d:
35:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A1:BF:B3:19:BF:3D:C6:04:F7:E2:ED:01:4F:A4:0A:79:36:C9:66
X509v3 Authority Key Identifier:
keyid:D5:28:9E:8B:7D:F5:D9:20:16:EC:79:8E:EE:FF:05:BC:73:E8:55:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137722/46BDDC00288D11EFB1904721C4F9AE02/1Siei3312SAW7HmO7v8FvHPoVYA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Siei3312SAW7HmO7v8FvHPoVYA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137722/46BDDC00288D11EFB1904721C4F9AE02/B4684D8A288D11EF96BC5135C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.143.72.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:72:12:b7:6b:32:40:2c:c8:f1:f1:a2:ad:99:42:ba:36:aa:
a9:8c:01:fd:48:be:1d:6d:ae:c4:dd:d4:be:6c:32:ff:4b:6d:
27:17:d3:88:df:57:24:ff:58:de:25:d3:b8:b3:e6:ac:08:cf:
4a:8c:c9:d9:ff:01:a2:34:1a:99:77:f7:a2:e4:29:ed:99:30:
61:3d:0e:2b:6a:0b:6a:b5:89:a6:d7:f0:60:06:86:e5:0e:bf:
56:91:c2:4d:2f:00:c4:c9:7a:10:26:42:c2:34:1b:00:66:e0:
82:50:d4:4f:dd:eb:8d:83:05:19:9e:95:b9:2c:20:cb:bc:69:
e8:9e:17:71:5d:0d:3f:cf:c7:f0:7d:fe:a7:f0:17:51:85:5e:
9a:5b:27:db:02:1b:ad:44:84:5d:a0:9b:19:65:25:eb:b6:2c:
06:b1:89:c2:48:d2:5a:1a:fe:ba:49:fb:0a:bf:63:7e:3d:0d:
1f:e1:ad:11:80:ce:71:33:cd:cc:c5:97:bb:db:a0:22:22:14:
fd:8f:d2:1c:e3:a4:ea:3b:92:1c:81:61:c5:8c:fa:86:6c:02:
af:5b:6d:b2:b9:7b:4f:8f:11:66:31:58:00:a3:44:21:a6:46:
db:ef:b6:40:e7:aa:2d:e1:2f:75:ec:b0:a6:4e:45:86:0c:33:
36:d9:7b:18
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBTjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
NzcyMjExMC8GA1UEBRMoRDUyODlFOEI3REY1RDkyMDE2RUM3OThFRUVGRjA1QkM3
M0U4NTU4MDAeFw0yNDExMDMwNTI4MTZaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MjcwOWYwLTFkZDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDH2JnVqwZnba+reHZvfEIzqjD1Rn8sAvBQ6zLK3NYeOuDJ0Ya9WxspUoTn13Yr
PHI2XOprdtg0co90HxC0SLwyuZqaENQ31pXCdk7E1++uMujuULhmF/Cb99aHg27b
7dthZrnUk4LdulMgx/1XRHO0KGPKW7ugpUwpWJ3NTbTkLaMgxhPTSrmsb3sLjFCL
hThCQjFc13HIvGytDpBtrBBCM5APHB2HpCEPpa9oxG/KrgTxwhf9dk2DZkllWJZI
BcAmW9YO0gocKxui/QS300aG/ocqJHHenu7wasGqMTqKYPAbRvcsMESwHP4IM0GL
KJz2q7hIwbc3o4QjdWNCHTUXAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUJKG/sxm/
PcYE9+LtAU+kCnk2yWYwHwYDVR0jBBgwFoAU1Siei3312SAW7HmO7v8FvHPoVYAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM3NzIyLzQ2QkREQzAwMjg4
RDExRUZCMTkwNDcyMUM0RjlBRTAyLzFTaWVpMzMxMlNBVzdIbU83djhGdkhQb1ZZ
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMVNpZWkzMzEyU0FXN0htTzd2OEZ2SFBvVllBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
NzcyMi80NkJEREMwMDI4OEQxMUVGQjE5MDQ3MjFDNEY5QUUwMi9CNDY4NEQ4QTI4
OEQxMUVGOTZCQzUxMzVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWePSDANBgkqhkiG9w0BAQsFAAOCAQEAW3ISt2syQCzI8fGi
rZlCujaqqYwB/Ui+HW2uxN3Uvmwy/0ttJxfTiN9XJP9Y3iXTuLPmrAjPSozJ2f8B
ojQamXf3ouQp7ZkwYT0OK2oLarWJptfwYAaG5Q6/VpHCTS8AxMl6ECZCwjQbAGbg
glDUT93rjYMFGZ6VuSwgy7xp6J4XcV0NP8/H8H3+p/AXUYVemlsn2wIbrUSEXaCb
GWUl67YsBrGJwkjSWhr+ukn7Cr9jfj0NH+GtEYDOcTPNzMWXu9ugIiIU/Y/SHOOk
6juSHIFhxYz6hmwCr1ttsrl7T48RZjFYAKNEIaZG2++2QOeqLeEvdeywpk5Fhgwz
Ntl7GA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 10:55:05 2025 by rpki-client