Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/DD5934D2205011F0B603CD60C4F9AE02.roa
File: DD5934D2205011F0B603CD60C4F9AE02.roa (raw, json)
Hash identifier: 1qZF+tDRxyXOAew0XplBkC8SPjODbqi7PMFb2aAYySQ=
Subject key identifier: E9:A7:4A:97:30:A4:49:B5:1F:EF:3D:F2:AE:95:01:FC:6C:4B:02:19
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4A74
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/DD5934D2205011F0B603CD60C4F9AE02.roa
Signing time: Wed 23 Apr 2025 14:40:13 +0000
ROA not before: Wed 23 Apr 2025 14:40:13 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 149147
IP address blocks: 103.37.60.0/23 maxlen: 24
103.78.4.0/23 maxlen: 23
103.166.176.0/23 maxlen: 23
103.168.36.0/23 maxlen: 23
103.186.24.0/23 maxlen: 23
103.213.8.0/23 maxlen: 23
103.213.12.0/23 maxlen: 23
103.213.216.0/23 maxlen: 23
103.248.230.0/23 maxlen: 23
113.192.18.0/23 maxlen: 23
2001:df4:cfc0::/48 maxlen: 48
2401:2160::/48 maxlen: 48
2401:3820::/48 maxlen: 48
2401:3e20::/48 maxlen: 48
2401:3e60::/48 maxlen: 48
2401:3ee0::/48 maxlen: 48
2401:5820::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 02:40:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19060 (0x4a74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Apr 23 14:40:13 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6808fbcd-2523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:16:57:d0:75:5c:ae:28:ac:ef:68:1b:bb:ff:
d3:58:cc:26:28:6c:d9:f2:50:94:41:6d:e6:cb:b5:
82:6c:31:8e:d2:9a:20:25:3a:c1:fb:a6:96:d7:d7:
2a:c2:10:30:9e:cd:b5:a1:96:12:c7:38:52:26:56:
32:f0:b3:ac:45:47:58:69:09:4f:02:f3:8d:8e:c4:
15:3f:14:53:5b:9c:87:12:c9:55:eb:c4:79:43:f3:
f1:27:b6:c0:de:37:c5:d4:dd:d8:bf:2b:0e:c6:56:
42:fe:55:b6:eb:f6:a3:82:d4:90:2a:b1:e0:35:d7:
e8:6e:1e:3b:1d:4e:e4:57:82:03:f9:1e:ca:25:4e:
65:de:4c:b3:cd:3d:75:2c:95:da:7b:3c:3d:d9:db:
1b:ae:fe:32:12:9a:79:fc:bb:9b:93:c5:fc:ff:65:
c8:3e:a4:af:b8:b4:00:b4:a3:cb:bb:74:71:90:6d:
ff:44:cb:a2:d2:5f:cf:ac:cc:51:ca:eb:b1:3f:2c:
ac:0b:df:46:f7:ac:17:f3:53:4f:83:de:05:6a:d8:
0a:c3:bb:0b:29:9e:93:e3:85:94:12:95:2c:57:ac:
09:3c:54:2d:2d:d6:9a:a9:a6:8e:53:21:39:f8:d3:
93:f9:e8:93:11:bc:66:31:aa:59:ea:1b:d9:bc:df:
4e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A7:4A:97:30:A4:49:B5:1F:EF:3D:F2:AE:95:01:FC:6C:4B:02:19
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/DD5934D2205011F0B603CD60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.37.60.0/23
103.78.4.0/23
103.166.176.0/23
103.168.36.0/23
103.186.24.0/23
103.213.8.0/23
103.213.12.0/23
103.213.216.0/23
103.248.230.0/23
113.192.18.0/23
IPv6:
2001:df4:cfc0::/48
2401:2160::/48
2401:3820::/48
2401:3e20::/48
2401:3e60::/48
2401:3ee0::/48
2401:5820::/48
Signature Algorithm: sha256WithRSAEncryption
b9:b3:3a:e0:d4:0a:53:d9:e1:d6:a3:e8:e7:68:8a:43:57:b7:
97:58:3b:f5:bf:3b:2b:b3:67:29:7d:d3:43:04:cd:d8:f1:4d:
f0:a8:c0:a9:cb:ef:d9:6f:ce:78:66:04:45:61:cd:c1:d4:28:
9c:ef:1f:0e:58:eb:a4:6a:37:d7:cd:67:24:e4:c2:93:72:91:
95:78:01:ef:9d:ee:fc:d8:54:34:e3:6a:b4:45:35:b6:66:54:
e2:03:27:aa:ab:5b:28:3d:44:11:34:a8:28:f9:7a:87:2d:e5:
c8:7b:9d:78:1d:2e:82:bb:0d:67:dd:9e:66:ca:4e:70:18:01:
17:de:76:4c:ec:c0:84:2f:16:1d:99:bb:4e:2c:0e:de:9a:5d:
ec:3c:d7:22:b7:fd:30:ec:68:0e:5c:31:93:6f:b6:1f:3d:d6:
22:6f:23:de:d2:2f:cc:63:bc:c3:0d:ee:5b:a9:ba:43:f3:a2:
9b:0f:7f:d8:b1:26:14:59:e5:36:83:79:4e:ba:41:9c:6a:64:
a8:3a:ff:92:9f:60:53:9d:7f:d4:36:ab:61:5e:0e:d1:c9:f2:
64:9e:4f:d5:fd:15:ad:e9:d6:c2:38:cb:24:2d:24:3e:6b:f1:
7b:ee:9b:53:d4:fb:96:f8:73:83:b9:d9:d5:ba:db:fe:cf:3c:
ff:07:34:75
-----BEGIN CERTIFICATE-----
MIIF8TCCBNmgAwIBAgICSnQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwNDIzMTQ0MDEzWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA4ZmJjZC0yNTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3hZX0HVcriis72gbu//TWMwmKGzZ8lCUQW3my7WCbDGO0pogJTrB+6aW19cq
whAwns21oZYSxzhSJlYy8LOsRUdYaQlPAvONjsQVPxRTW5yHEslV68R5Q/PxJ7bA
3jfF1N3YvysOxlZC/lW26/ajgtSQKrHgNdfobh47HU7kV4ID+R7KJU5l3kyzzT11
LJXaezw92dsbrv4yEpp5/Lubk8X8/2XIPqSvuLQAtKPLu3RxkG3/RMui0l/PrMxR
yuuxPyysC99G96wX81NPg94FatgKw7sLKZ6T44WUEpUsV6wJPFQtLdaaqaaOUyE5
+NOT+eiTEbxmMapZ6hvZvN9OqQIDAQABo4IDFTCCAxEwHQYDVR0OBBYEFOmnSpcw
pEm1H+898q6VAfxsSwIZMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvREQ1OTM0RDIy
MDUwMTFGMEI2MDNDRDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZ4GCCsGAQUFBwEHAQH/
BIGOMIGLMEIEAgABMDwDBAFnJTwDBAFnTgQDBAFnprADBAFnqCQDBAFnuhgDBAFn
1QgDBAFn1QwDBAFn1dgDBAFn+OYDBAFxwBIwRQQCAAIwPwMHACABDfTPwAMHACQB
IWAAAAMHACQBOCAAAAMHACQBPiAAAAMHACQBPmAAAAMHACQBPuAAAAMHACQBWCAA
ADANBgkqhkiG9w0BAQsFAAOCAQEAubM64NQKU9nh1qPo52iKQ1e3l1g79b87K7Nn
KX3TQwTN2PFN8KjAqcvv2W/OeGYERWHNwdQonO8fDljrpGo3181nJOTCk3KRlXgB
753u/NhUNONqtEU1tmZU4gMnqqtbKD1EETSoKPl6hy3lyHudeB0ugrsNZ92eZspO
cBgBF952TOzAhC8WHZm7TiwO3ppd7DzXIrf9MOxoDlwxk2+2Hz3WIm8j3tIvzGO8
ww3uW6m6Q/Oimw9/2LEmFFnlNoN5TrpBnGpkqDr/kp9gU51/1DarYV4O0cnyZJ5P
1f0VrenWwjjLJC0kPmvxe+6bU9T7lvhzg7nZ1brb/s88/wc0dQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:17:46 2025 by rpki-client