Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
File: 844EFBDA766C11EF8CE33A86C4F9AE02.roa (raw, json)
Hash identifier: BsDD8bUIIPX7p5KbsJAH9VftSdApmxx21yYEW9Dwpy4=
Subject key identifier: 90:08:CC:58:B9:3A:6C:BF:0E:CD:E9:48:F9:2E:41:B0:E8:FF:42:90
Certificate issuer: /CN=A9162EE1/serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Certificate serial: 03D8
Authority key identifier: 60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
Signing time: Fri 07 Mar 2025 06:57:37 +0000
ROA not before: Fri 07 Mar 2025 06:57:37 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 147049
IP address blocks: 103.173.150.0/23 maxlen: 23
103.173.150.0/24 maxlen: 24
103.173.151.0/24 maxlen: 24
116.204.193.0/24 maxlen: 24
116.204.194.0/24 maxlen: 24
116.204.195.0/24 maxlen: 24
2407:e8c0::/48 maxlen: 48
2407:e8c0:1::/48 maxlen: 48
2407:e8c0:2::/48 maxlen: 48
2407:e8c0:3::/48 maxlen: 48
2407:e8c0:4::/48 maxlen: 48
2407:e8c0:5::/48 maxlen: 48
2407:e8c0:6::/48 maxlen: 48
2407:e8c0:7::/48 maxlen: 48
2407:e8c0:8::/48 maxlen: 48
2407:e8c0:9::/48 maxlen: 48
2407:e8c0:a::/48 maxlen: 48
2407:e8c0:b::/48 maxlen: 48
2407:e8c0:c::/48 maxlen: 48
2407:e8c0:d::/48 maxlen: 48
2407:e8c0:e::/48 maxlen: 48
2407:e8c0:f::/48 maxlen: 48
2407:e8c0:11::/48 maxlen: 48
2407:e8c0:12::/48 maxlen: 48
2407:e8c0:13::/48 maxlen: 48
2407:e8c0:4a00::/40 maxlen: 40
2407:e8c0:4b00::/40 maxlen: 40
2407:e8c0:4c00::/40 maxlen: 40
2407:e8c0:4d00::/40 maxlen: 40
2407:e8c0:4e00::/40 maxlen: 40
2407:e8c0:4f00::/40 maxlen: 40
2407:e8c0:5000::/40 maxlen: 40
2407:e8c0:5100::/40 maxlen: 40
2407:e8c0:5200::/40 maxlen: 40
2407:e8c0:5300::/40 maxlen: 40
2407:e8c0:5400::/40 maxlen: 40
2407:e8c0:5500::/40 maxlen: 40
2407:e8c0:5600::/40 maxlen: 40
2407:e8c0:5700::/40 maxlen: 40
2407:e8c0:5800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 16 Apr 2025 00:27:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 984 (0x3d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162EE1
Validity
Not Before: Mar 7 06:57:37 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67ca98e0-952e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:b0:95:1c:42:7b:c2:38:12:b5:63:24:18:f5:
f3:08:69:d6:af:a9:d4:93:35:43:5a:69:51:57:f2:
d4:b0:53:b5:0a:fe:0b:0c:cd:dd:26:75:b4:48:60:
2c:07:ac:29:a2:9c:22:34:fd:9c:6e:2a:86:f2:16:
c0:fc:44:c4:67:40:0a:33:74:d0:5a:bf:61:7c:98:
72:c5:1b:7e:04:4e:7b:8c:91:5f:dd:8f:e4:b6:be:
5e:ef:07:3c:90:04:a9:f9:b5:ab:9e:0a:40:8f:48:
50:cc:7c:bd:2a:bf:55:b7:ff:59:fc:b7:7d:ab:3b:
74:b0:8a:1d:34:c3:52:a5:cf:62:dd:b8:8a:57:6a:
92:70:3a:7b:b6:ea:9f:f8:47:52:c1:1c:c0:db:d8:
95:35:73:1f:28:7b:ef:61:c5:a3:58:0d:ca:c6:97:
07:55:6f:5c:a1:0e:84:4f:d9:ef:c5:58:48:12:81:
be:42:58:8b:97:42:93:6a:1c:f4:d8:b5:75:ba:46:
6c:6b:5b:b1:2a:01:c9:b9:23:68:87:99:24:39:85:
7d:6e:b1:4f:88:3d:00:28:76:29:4f:61:4c:57:7c:
35:72:a5:56:b8:e8:0e:e6:8c:3e:ce:70:32:55:86:
c8:3a:7f:68:e9:93:13:8d:06:82:e9:d4:c9:e9:4f:
4f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:08:CC:58:B9:3A:6C:BF:0E:CD:E9:48:F9:2E:41:B0:E8:FF:42:90
X509v3 Authority Key Identifier:
keyid:60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.173.150.0/23
116.204.193.0-116.204.195.255
IPv6:
2407:e8c0::/44
2407:e8c0:11::-2407:e8c0:13:ffff:ffff:ffff:ffff:ffff
2407:e8c0:4a00::-2407:e8c0:58ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ca:bd:b0:fd:5e:7d:b5:aa:e7:79:fd:b3:42:49:cd:d9:f2:43:
42:8a:68:f7:e8:22:b5:14:78:c8:f3:7c:c7:5d:ab:ce:32:5c:
6f:94:bc:3c:35:fc:89:5e:f8:89:68:d8:59:76:d5:43:48:5b:
94:8c:a1:2b:71:72:d0:4b:06:f3:e2:09:59:30:ee:a8:79:16:
2a:64:37:51:56:8b:66:47:27:3f:ef:6d:4b:28:07:88:bb:74:
d8:f6:1f:98:f6:2c:25:3d:e2:57:02:cc:b8:20:a1:12:1c:6b:
37:de:97:93:c8:24:fe:07:08:24:29:fa:f2:d2:f8:c1:6f:2a:
d3:37:c7:95:09:2b:14:b3:0e:ac:28:85:44:e2:52:13:65:a0:
dd:11:01:b0:c9:d5:59:fc:ea:84:6a:cd:6e:9d:3d:67:18:42:
94:c5:54:cc:2c:04:ef:d4:81:4a:aa:4b:8b:10:91:44:b7:02:
1f:fb:24:5d:74:24:cc:19:6b:fc:16:cf:fb:ce:6c:ba:cf:0b:
fb:2f:98:0c:b1:4a:2a:52:ad:cd:2d:0e:20:23:5f:ad:88:62:
df:04:4d:43:6a:52:d3:cf:7c:d2:12:8e:c0:5e:d6:98:d2:ca:
27:58:a9:dc:03:94:42:e0:54:e7:ce:ce:87:4b:d1:16:5c:f5:
c9:f3:fd:10
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICA9gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjJFRTExMTAvBgNVBAUTKDYwNzZCRDBCQTREQjc5N0E3MkE2OEZFRkY5QkZCNTU4
QzQ0Mzk4QjIwHhcNMjUwMzA3MDY1NzM3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NhOThlMC05NTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+LCVHEJ7wjgStWMkGPXzCGnWr6nUkzVDWmlRV/LUsFO1Cv4LDM3dJnW0SGAs
B6wpopwiNP2cbiqG8hbA/ETEZ0AKM3TQWr9hfJhyxRt+BE57jJFf3Y/ktr5e7wc8
kASp+bWrngpAj0hQzHy9Kr9Vt/9Z/Ld9qzt0sIodNMNSpc9i3biKV2qScDp7tuqf
+EdSwRzA29iVNXMfKHvvYcWjWA3KxpcHVW9coQ6ET9nvxVhIEoG+QliLl0KTahz0
2LV1ukZsa1uxKgHJuSNoh5kkOYV9brFPiD0AKHYpT2FMV3w1cqVWuOgO5ow+znAy
VYbIOn9o6ZMTjQaC6dTJ6U9PIwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFJAIzFi5
Omy/Ds3pSPkuQbDo/0KQMB8GA1UdIwQYMBaAFGB2vQuk23l6cqaP7/m/tVjEQ5iy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkVFMS83NTJENDJFODhG
RDIxMUVDOTQ4QTkzN0VDNEY5QUUwMi9ZSGE5QzZUYmVYcHlwb192LWItMVdNUkRt
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lIYTlDNlRiZVhweXBvX3YtYi0xV01SRG1MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjJFRTEvNzUyRDQyRTg4RkQyMTFFQzk0OEE5MzdFQzRGOUFFMDIvODQ0RUZCREE3
NjZDMTFFRjhDRTMzQTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMBoEAgABMBQDBAFnrZYwDAMEAHTMwQMEAnTMwDA1BAIAAjAvAwcEJAfowAAA
MBIDBwAkB+jAABEDBwIkB+jAABAwEAMGASQH6MBKAwYAJAfowFgwDQYJKoZIhvcN
AQELBQADggEBAMq9sP1efbWq53n9s0JJzdnyQ0KKaPfoIrUUeMjzfMddq84yXG+U
vDw1/Ile+Ilo2Fl21UNIW5SMoStxctBLBvPiCVkw7qh5FipkN1FWi2ZHJz/vbUso
B4i7dNj2H5j2LCU94lcCzLggoRIcazfel5PIJP4HCCQp+vLS+MFvKtM3x5UJKxSz
DqwohUTiUhNloN0RAbDJ1Vn86oRqzW6dPWcYQpTFVMwsBO/UgUqqS4sQkUS3Ah/7
JF10JMwZa/wWz/vObLrPC/svmAyxSipSrc0tDiAjX62IYt8ETUNqUtPPfNISjsBe
1pjSyidYqdwDlELgVOfOzodL0RZc9cnz/RA=
-----END CERTIFICATE-----
Generated at Fri Apr 11 08:25:03 2025 by rpki-client