Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/702BA35A1D4311F09AE68E7FC4F9AE02.roa
File: 702BA35A1D4311F09AE68E7FC4F9AE02.roa (raw, json)
Hash identifier: 6Wms1LVBEeVGK9PkBmUevbXKIAzZzizcfxFDC5+BJ7U=
Subject key identifier: 03:98:58:89:20:DD:3C:3D:67:EB:7A:C0:EC:98:1A:25:75:1A:F0:49
Certificate issuer: /CN=A911D75C/serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Certificate serial: 0C56
Authority key identifier: 1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/702BA35A1D4311F09AE68E7FC4F9AE02.roa
Signing time: Sat 19 Apr 2025 17:26:33 +0000
ROA not before: Sat 19 Apr 2025 17:26:33 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 134371
IP address blocks: 103.62.140.0/22 maxlen: 24
202.136.88.0/22 maxlen: 24
2400:3dc0::/32 maxlen: 32
2400:3dc0::/36 maxlen: 36
2400:3dc0::/44 maxlen: 48
2400:3dc0:10::/44 maxlen: 48
2400:3dc0:2e::/48 maxlen: 48
2400:3dc0:2f::/48 maxlen: 48
2400:3dc0:3e::/48 maxlen: 48
2400:3dc0:3f::/48 maxlen: 48
2400:3dc0:40::/44 maxlen: 48
2400:3dc0:50::/44 maxlen: 47
2400:3dc0:50::/45 maxlen: 48
2400:3dc0:58::/48 maxlen: 48
2400:3dc0:5a::/47 maxlen: 48
2400:3dc0:5c::/46 maxlen: 48
2400:3dc0:60::/44 maxlen: 47
2400:3dc0:60::/45 maxlen: 48
2400:3dc0:68::/46 maxlen: 48
2400:3dc0:6c::/48 maxlen: 48
2400:3dc0:6e::/47 maxlen: 48
2400:3dc0:89::/48 maxlen: 48
2400:3dc0:100::/48 maxlen: 48
2400:3dc0:101::/48 maxlen: 48
2400:3dc0:140::/48 maxlen: 48
2400:3dc0:200::/48 maxlen: 48
2400:3dc0:201::/48 maxlen: 48
2400:3dc0:300::/48 maxlen: 48
2400:3dc0:400::/48 maxlen: 48
2400:3dc0:500::/48 maxlen: 48
2400:3dc0:600::/48 maxlen: 48
2400:3dc0:700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 18:26:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3158 (0xc56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D75C, serialNumber=1A1A40AD93A4A4307ED7264D47D252CAF62DEFFD
Validity
Not Before: Apr 19 17:26:33 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6803dcc9-661e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:f7:31:f4:81:b3:78:fe:21:68:47:ec:81:27:
df:65:09:8b:8e:61:31:cc:8f:4b:b2:95:99:e1:98:
68:d0:ba:d4:d6:38:44:76:c9:b3:1d:a6:13:51:f9:
39:97:05:40:cf:70:9b:ca:31:c0:ef:27:d5:07:b7:
f9:2c:2c:51:ec:0f:4c:bc:33:d2:08:e7:07:7a:71:
04:cf:58:d6:3c:a4:a2:a5:e9:b2:14:0b:69:f5:75:
25:62:2e:8d:4d:da:7b:21:4f:b9:cc:3c:51:a6:5f:
61:d7:db:8c:82:94:ed:60:a0:d7:64:1b:67:12:1d:
ea:22:44:8b:a5:9b:15:73:20:4e:f8:89:fc:6d:5e:
6d:73:e9:a4:b5:a3:87:71:27:13:e3:8f:66:a3:6f:
33:0b:ec:cd:d3:7a:b9:c4:e2:04:c2:4b:d9:b8:ae:
8e:4e:40:10:e3:3e:3f:d9:b7:b8:cd:35:b2:5a:99:
a4:82:21:da:3a:a8:cb:7f:84:b4:0e:8e:f7:6c:8e:
c0:ac:2b:aa:07:d1:28:a6:bf:4b:81:1d:49:87:58:
53:89:66:14:89:ac:bd:32:1c:87:80:ff:eb:cb:d9:
db:d8:9f:2c:05:58:90:c1:c7:07:c8:0c:bc:96:11:
bc:30:98:d8:87:b9:0f:38:ab:39:65:c3:22:2a:c1:
01:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:98:58:89:20:DD:3C:3D:67:EB:7A:C0:EC:98:1A:25:75:1A:F0:49
X509v3 Authority Key Identifier:
keyid:1A:1A:40:AD:93:A4:A4:30:7E:D7:26:4D:47:D2:52:CA:F6:2D:EF:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/GhpArZOkpDB-1yZNR9JSyvYt7_0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GhpArZOkpDB-1yZNR9JSyvYt7_0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D75C/2BC5FD4006C011EABC43B709C4F9AE02/702BA35A1D4311F09AE68E7FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.62.140.0/22
202.136.88.0/22
IPv6:
2400:3dc0::/32
Signature Algorithm: sha256WithRSAEncryption
7c:fd:f0:a1:80:23:05:88:46:28:9e:75:98:c7:03:3e:9a:02:
76:78:75:e6:7b:19:4b:f1:b2:4b:b0:70:36:b5:72:38:bd:48:
be:1e:db:bf:bb:15:e6:07:4a:28:96:b5:cb:1f:06:82:e4:b9:
b8:39:6e:35:97:a0:74:70:6e:67:fd:b3:f6:ab:84:33:0d:28:
71:22:54:3d:86:61:f5:ec:96:f4:18:5e:c2:db:46:aa:27:31:
34:5c:21:cb:87:3f:a0:a6:e7:cb:3b:5f:bb:0b:d5:4b:fd:85:
4b:f7:a5:31:87:51:45:61:b3:dd:5a:fa:71:f9:57:30:4d:7d:
88:f8:23:70:55:a5:54:f2:9b:f1:26:13:1f:18:ef:7f:c9:78:
90:a8:58:db:a3:e7:61:2a:b4:d6:c6:29:83:8a:bd:3d:27:c8:
5a:71:da:69:a1:24:83:07:d7:cc:f7:f3:7d:b3:f4:2d:04:29:
bf:e6:15:0c:ea:92:0c:e7:e2:5a:e1:b1:0a:85:97:08:42:2b:
76:c7:c8:10:8a:af:e6:80:bf:e7:8c:4b:27:1b:cf:77:18:4d:
bc:b6:a4:a1:51:3a:16:be:35:f3:f5:c2:56:15:1a:83:9c:74:
20:8d:83:f6:3d:b2:83:48:5c:5f:b6:9f:3e:9a:fc:58:12:52:
c9:e0:01:71
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDFYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQ3NUMxMTAvBgNVBAUTKDFBMUE0MEFEOTNBNEE0MzA3RUQ3MjY0RDQ3RDI1MkNB
RjYyREVGRkQwHhcNMjUwNDE5MTcyNjMzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODAzZGNjOS02NjFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9Pcx9IGzeP4haEfsgSffZQmLjmExzI9LspWZ4Zho0LrU1jhEdsmzHaYTUfk5
lwVAz3CbyjHA7yfVB7f5LCxR7A9MvDPSCOcHenEEz1jWPKSipemyFAtp9XUlYi6N
Tdp7IU+5zDxRpl9h19uMgpTtYKDXZBtnEh3qIkSLpZsVcyBO+In8bV5tc+mktaOH
cScT449mo28zC+zN03q5xOIEwkvZuK6OTkAQ4z4/2be4zTWyWpmkgiHaOqjLf4S0
Do73bI7ArCuqB9Eopr9LgR1Jh1hTiWYUiay9MhyHgP/ry9nb2J8sBViQwccHyAy8
lhG8MJjYh7kPOKs5ZcMiKsEBGwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAOYWIkg
3Tw9Z+t6wOyYGiV1GvBJMB8GA1UdIwQYMBaAFBoaQK2TpKQwftcmTUfSUsr2Le/9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDc1Qy8yQkM1RkQ0MDA2
QzAxMUVBQkM0M0I3MDlDNEY5QUUwMi9HaHBBclpPa3BEQi0xeVpOUjlKU3l2WXQ3
XzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0docEFyWk9rcERCLTF5Wk5SOUpTeXZZdDdfMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQ3NUMvMkJDNUZENDAwNkMwMTFFQUJDNDNCNzA5QzRGOUFFMDIvNzAyQkEzNUEx
RDQzMTFGMDlBRTY4RTdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnPowDBALKiFgwDQQCAAIwBwMFACQAPcAwDQYJKoZIhvcN
AQELBQADggEBAHz98KGAIwWIRiiedZjHAz6aAnZ4deZ7GUvxskuwcDa1cji9SL4e
27+7FeYHSiiWtcsfBoLkubg5bjWXoHRwbmf9s/arhDMNKHEiVD2GYfXslvQYXsLb
RqonMTRcIcuHP6Cm58s7X7sL1Uv9hUv3pTGHUUVhs91a+nH5VzBNfYj4I3BVpVTy
m/EmEx8Y73/JeJCoWNuj52EqtNbGKYOKvT0nyFpx2mmhJIMH18z3832z9C0EKb/m
FQzqkgzn4lrhsQqFlwhCK3bHyBCKr+aAv+eMSycbz3cYTby2pKFROha+NfP1wlYV
GoOcdCCNg/Y9soNIXF+2nz6a/FgSUsngAXE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:36:14 2025 by rpki-client