Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/9BAC2C9C32D911F09D7CBD0AC4F9AE02.roa
File: 9BAC2C9C32D911F09D7CBD0AC4F9AE02.roa (raw, json)
Hash identifier: PkE5RdT75kAnZd5vLhCvPB884AHSOGEg5ePhAuT2Rtk=
Subject key identifier: 2E:F2:13:94:6C:7A:73:47:C1:81:2C:B8:98:BB:0D:FC:38:1D:59:A3
Certificate issuer: /CN=A91CD4DB/serialNumber=3FB7855EF330BA77D9F3B72DFFDEC20712AC1407
Certificate serial: 17B2
Authority key identifier: 3F:B7:85:5E:F3:30:BA:77:D9:F3:B7:2D:FF:DE:C2:07:12:AC:14:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7eFXvMwunfZ87ct_97CBxKsFAc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/9BAC2C9C32D911F09D7CBD0AC4F9AE02.roa
Signing time: Sat 17 May 2025 04:44:25 +0000
ROA not before: Sat 17 May 2025 04:44:25 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 38614
IP address blocks: 103.158.39.0/24 maxlen: 24
117.103.80.0/24 maxlen: 24
117.103.81.0/24 maxlen: 24
117.103.82.0/24 maxlen: 24
117.103.83.0/24 maxlen: 24
117.103.84.0/24 maxlen: 24
117.103.85.0/24 maxlen: 24
117.103.86.0/24 maxlen: 24
117.103.87.0/24 maxlen: 24
2404:f380::/32 maxlen: 32
2404:f380::/36 maxlen: 36
2404:f380::/48 maxlen: 48
2404:f380:1::/48 maxlen: 48
2404:f380:2::/48 maxlen: 48
2404:f380:3::/48 maxlen: 48
2404:f380:4::/48 maxlen: 48
2404:f380:5::/48 maxlen: 48
2404:f380:6::/48 maxlen: 48
2404:f380:7::/48 maxlen: 48
2404:f380:8::/48 maxlen: 48
2404:f380:9::/48 maxlen: 48
2404:f380:a::/48 maxlen: 48
2404:f380:b::/48 maxlen: 48
2404:f380:c::/48 maxlen: 48
2404:f380:d::/48 maxlen: 48
2404:f380:e::/48 maxlen: 48
2404:f380:f::/48 maxlen: 48
2404:f380:1000::/36 maxlen: 36
2404:f380:2000::/36 maxlen: 36
2404:f380:3000::/36 maxlen: 36
2404:f380:4000::/36 maxlen: 36
2404:f380:5000::/36 maxlen: 36
2404:f380:6000::/36 maxlen: 36
2404:f380:7000::/36 maxlen: 36
2404:f380:8000::/36 maxlen: 36
2404:f380:9000::/36 maxlen: 36
2404:f380:a000::/36 maxlen: 36
2404:f380:b000::/36 maxlen: 36
2404:f380:c000::/36 maxlen: 36
2404:f380:d000::/36 maxlen: 36
2404:f380:e000::/36 maxlen: 36
2404:f380:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/P7eFXvMwunfZ87ct_97CBxKsFAc.crl
rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/P7eFXvMwunfZ87ct_97CBxKsFAc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7eFXvMwunfZ87ct_97CBxKsFAc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Jun 2025 16:45:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6066 (0x17b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD4DB, serialNumber=3FB7855EF330BA77D9F3B72DFFDEC20712AC1407
Validity
Not Before: May 17 04:44:25 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=68281429-0631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7c:df:ea:91:06:a4:8f:b5:9d:36:d4:36:3c:
49:bf:9d:a2:7d:74:c8:af:77:85:7d:72:fd:49:7c:
05:fb:b2:b2:e2:87:63:b9:35:47:92:f4:db:6d:b3:
c4:f3:f6:f1:0c:46:e5:b2:91:e6:32:7f:2c:a0:9c:
33:b0:41:64:b0:67:2b:ab:2e:a9:3a:3e:89:62:70:
11:4f:74:b5:58:d7:fd:1d:a6:7b:0e:31:98:e2:e2:
55:1a:bf:56:a8:d4:cb:d4:c9:45:c2:82:fe:7b:6a:
7c:0e:6b:23:8f:2e:14:00:11:6f:bb:09:64:ad:03:
97:d8:5a:d0:65:f8:2c:5f:4f:90:b9:46:70:97:07:
9a:45:b9:c5:27:58:4f:59:1a:e5:5a:f9:e3:5b:27:
a7:75:b9:e2:c7:8d:fd:3b:34:46:41:a9:76:b7:28:
26:cd:8d:50:25:20:24:68:69:54:d7:fd:f5:1b:2f:
d7:8b:2c:dd:3b:03:f9:ed:9b:96:18:0a:56:c5:35:
ae:58:49:7b:a9:fa:28:47:62:bb:69:a4:8b:77:c9:
6b:b6:9c:10:38:4e:a2:e3:f3:fc:db:b2:5e:0c:9a:
01:74:c8:41:b6:17:2e:a8:a1:d7:af:ea:90:4c:ca:
e6:69:ee:d5:c1:99:cc:54:52:1e:11:19:b1:68:d6:
f4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:F2:13:94:6C:7A:73:47:C1:81:2C:B8:98:BB:0D:FC:38:1D:59:A3
X509v3 Authority Key Identifier:
keyid:3F:B7:85:5E:F3:30:BA:77:D9:F3:B7:2D:FF:DE:C2:07:12:AC:14:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/P7eFXvMwunfZ87ct_97CBxKsFAc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/P7eFXvMwunfZ87ct_97CBxKsFAc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD4DB/3A315DCECD0211E7B0442D28C4F9AE02/9BAC2C9C32D911F09D7CBD0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.39.0/24
117.103.80.0/21
IPv6:
2404:f380::/32
Signature Algorithm: sha256WithRSAEncryption
c7:2a:11:e4:e7:bf:75:dc:f3:f0:91:41:d7:12:24:58:f4:49:
fc:b9:8f:b9:04:d2:70:21:91:a5:ac:fa:4e:fe:4f:7a:bb:b0:
ff:9b:b0:a9:94:7f:bf:25:ba:e8:f0:d4:b6:d0:27:76:d4:0b:
7f:fe:99:31:1c:5d:c0:79:27:83:a0:a9:0a:b3:cf:1f:de:2a:
d2:e2:de:31:3e:18:85:e2:dd:7d:0d:2e:75:21:0e:58:c3:29:
88:b3:ec:7e:64:b5:b8:ee:0a:b4:8a:e4:38:dc:92:6f:21:1b:
e6:01:ed:40:33:ad:31:da:71:c9:9d:d4:87:aa:2a:ff:7d:c2:
3b:c0:b3:fa:44:4a:27:9c:ef:67:69:c1:b3:ba:a3:00:35:ee:
ea:59:b3:66:e2:5b:5d:67:0d:08:fa:34:bc:70:7a:97:2a:80:
97:13:c8:fe:b7:db:50:0c:06:14:99:f5:23:2b:b4:c5:fd:ff:
45:91:86:9c:6a:dc:37:d8:ab:ad:c9:1e:0b:41:92:69:32:2e:
30:d1:ae:8b:d3:64:b5:d3:aa:03:ab:66:b7:e0:13:fb:82:6b:
5c:f1:31:80:1b:ab:bb:12:07:23:54:63:1b:71:52:68:dd:b8:
f9:eb:e5:16:fb:7f:50:3c:b8:58:ee:58:df:b4:31:cd:e7:6c:
40:dc:db:5a
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICF7IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0Q0REIxMTAvBgNVBAUTKDNGQjc4NTVFRjMzMEJBNzdEOUYzQjcyREZGREVDMjA3
MTJBQzE0MDcwHhcNMjUwNTE3MDQ0NDI1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI4MTQyOS0wNjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsHzf6pEGpI+1nTbUNjxJv52ifXTIr3eFfXL9SXwF+7Ky4odjuTVHkvTbbbPE
8/bxDEblspHmMn8soJwzsEFksGcrqy6pOj6JYnART3S1WNf9HaZ7DjGY4uJVGr9W
qNTL1MlFwoL+e2p8Dmsjjy4UABFvuwlkrQOX2FrQZfgsX0+QuUZwlweaRbnFJ1hP
WRrlWvnjWyendbnix439OzRGQal2tygmzY1QJSAkaGlU1/31Gy/XiyzdOwP57ZuW
GApWxTWuWEl7qfooR2K7aaSLd8lrtpwQOE6i4/P827JeDJoBdMhBthcuqKHXr+qQ
TMrmae7VwZnMVFIeERmxaNb0ZwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFC7yE5Rs
enNHwYEsuJi7Dfw4HVmjMB8GA1UdIwQYMBaAFD+3hV7zMLp32fO3Lf/ewgcSrBQH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDREQi8zQTMxNURDRUNE
MDIxMUU3QjA0NDJEMjhDNEY5QUUwMi9QN2VGWHZNd3VuZlo4N2N0Xzk3Q0J4S3NG
QWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1A3ZUZYdk13dW5mWjg3Y3RfOTdDQnhLc0ZBYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0Q0REIvM0EzMTVEQ0VDRDAyMTFFN0IwNDQyRDI4QzRGOUFFMDIvOUJBQzJDOUMz
MkQ5MTFGMDlEN0NCRDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABnnicDBAN1Z1AwDQQCAAIwBwMFACQE84AwDQYJKoZIhvcN
AQELBQADggEBAMcqEeTnv3Xc8/CRQdcSJFj0Sfy5j7kE0nAhkaWs+k7+T3q7sP+b
sKmUf78luujw1LbQJ3bUC3/+mTEcXcB5J4OgqQqzzx/eKtLi3jE+GIXi3X0NLnUh
DljDKYiz7H5ktbjuCrSK5Djckm8hG+YB7UAzrTHaccmd1IeqKv99wjvAs/pESiec
72dpwbO6owA17upZs2biW11nDQj6NLxwepcqgJcTyP6321AMBhSZ9SMrtMX9/0WR
hpxq3DfYq63JHgtBkmkyLjDRrovTZLXTqgOrZrfgE/uCa1zxMYAbq7sSByNUYxtx
UmjduPnr5Rb7f1A8uFjuWN+0Mc3nbEDc21o=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:58:35 2025 by rpki-client