Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/E9472C0C144111EFB247B936C4F9AE02.roa
File: E9472C0C144111EFB247B936C4F9AE02.roa (raw, json)
Hash identifier: wHjXPfNun9RuHv5l5OYEYCPot6D2oIZI1EWmOF7YI7Y=
Subject key identifier: B5:49:8F:87:1A:C1:AB:0C:BE:40:35:9F:FC:79:9C:D3:AE:2D:2F:A6
Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Certificate serial: 02EC
Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/E9472C0C144111EFB247B936C4F9AE02.roa
Signing time: Wed 23 Apr 2025 09:47:21 +0000
ROA not before: Wed 23 Apr 2025 09:47:21 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 203020
IP address blocks: 45.125.245.0/24 maxlen: 24
103.3.224.0/22 maxlen: 22
103.66.178.0/23 maxlen: 23
103.77.102.0/24 maxlen: 24
103.77.103.0/24 maxlen: 24
103.77.255.0/24 maxlen: 24
103.84.254.0/23 maxlen: 23
103.85.228.0/22 maxlen: 22
103.102.246.0/23 maxlen: 23
103.104.92.0/22 maxlen: 22
103.104.128.0/23 maxlen: 24
103.110.104.0/22 maxlen: 22
103.117.214.0/23 maxlen: 23
103.139.178.0/24 maxlen: 24
103.142.70.0/23 maxlen: 23
103.148.214.0/23 maxlen: 23
103.221.232.0/24 maxlen: 24
103.221.234.0/24 maxlen: 24
103.221.235.0/24 maxlen: 24
103.228.132.0/24 maxlen: 24
103.241.52.0/22 maxlen: 22
103.252.108.0/24 maxlen: 24
103.252.111.0/24 maxlen: 24
150.107.224.0/23 maxlen: 23
150.107.227.0/24 maxlen: 24
202.94.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 02:23:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 748 (0x2ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6587, serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Validity
Not Before: Apr 23 09:47:21 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6808b729-69a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2a:46:c1:12:47:85:cf:63:8d:26:dd:e8:02:
1c:ff:61:51:4e:23:ab:94:64:26:1e:0f:c3:4e:36:
b6:35:0c:eb:0a:e3:a7:7a:69:d7:47:13:0c:93:0f:
ff:e5:04:8a:19:27:34:f2:ba:4b:2a:99:b6:f2:d3:
58:d8:cc:4b:08:07:24:a4:25:a3:e9:b2:72:ef:92:
3b:40:1c:00:ad:6d:72:45:d6:6f:2c:5a:e0:fb:11:
6e:cd:96:bb:c8:37:f4:04:ac:ce:76:f2:04:de:8a:
e2:96:95:0c:b3:1f:b1:cb:f7:e2:1a:39:d6:cb:22:
ca:98:99:6c:31:97:c4:40:ba:49:e3:8e:ec:75:39:
ea:ea:b4:16:be:d2:a4:54:5d:cf:9e:5f:c7:c2:5a:
4f:08:94:30:26:0f:f2:e4:bd:7a:db:a0:e0:66:cf:
3f:8a:f4:46:54:02:a7:4d:2c:c6:ec:c2:c3:f6:13:
6d:54:06:0f:a5:df:6b:b9:f1:6c:95:4f:8d:4d:10:
5e:50:8f:5e:0e:f6:11:36:70:3b:5c:69:13:d4:00:
37:a8:d8:cb:61:1b:9b:1c:63:b3:65:d4:d0:b2:54:
dc:96:20:9c:06:ee:e8:b1:d8:be:c6:29:ef:80:c0:
05:7a:76:b6:13:33:78:6b:0a:d7:12:3d:87:2d:af:
7b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:49:8F:87:1A:C1:AB:0C:BE:40:35:9F:FC:79:9C:D3:AE:2D:2F:A6
X509v3 Authority Key Identifier:
keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/E9472C0C144111EFB247B936C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.125.245.0/24
103.3.224.0/22
103.66.178.0/23
103.77.102.0/23
103.77.255.0/24
103.84.254.0/23
103.85.228.0/22
103.102.246.0/23
103.104.92.0/22
103.104.128.0/23
103.110.104.0/22
103.117.214.0/23
103.139.178.0/24
103.142.70.0/23
103.148.214.0/23
103.221.232.0/24
103.221.234.0/23
103.228.132.0/24
103.241.52.0/22
103.252.108.0/24
103.252.111.0/24
150.107.224.0/23
150.107.227.0/24
202.94.174.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:7d:11:c2:17:8f:a4:77:ee:b8:65:c8:db:c5:42:bc:f5:c2:
30:5d:c3:70:9c:10:d5:15:71:de:d7:24:2c:2d:87:02:0a:56:
5a:f2:9f:d7:b6:7a:e1:f8:8b:0e:7e:68:6f:fb:be:af:78:45:
ab:34:28:75:ca:ff:8a:43:03:2e:52:a6:5f:f4:16:07:dd:2a:
94:38:1b:4d:ca:c4:4b:8a:d8:79:43:41:7e:3a:d1:8b:b2:26:
06:e0:19:be:56:25:51:87:7a:ba:8a:e8:2f:62:9b:71:db:ab:
9e:bd:00:dd:a2:03:fc:4b:f7:25:08:f1:74:fd:0c:7d:6e:58:
63:a7:f5:60:15:67:13:a3:49:c1:06:9a:33:31:93:99:85:5d:
01:96:f7:3f:68:d8:61:e0:ee:85:56:3c:5a:80:d6:6a:af:3d:
a7:8b:1f:5a:f9:ef:39:03:0f:5e:9d:1a:60:7f:81:39:26:31:
71:a6:c8:82:e6:39:b8:86:ff:c4:90:e7:87:3b:fb:bb:19:c6:
95:29:2f:ed:af:54:17:34:e1:88:51:b3:2f:2b:57:2f:d7:9b:
2d:8c:ca:2b:ac:cc:c3:9c:72:e3:28:98:5c:78:07:0f:49:e2:
e1:27:33:44:9a:cb:d9:57:ff:fa:e1:5e:0f:ea:70:ca:74:04:
7d:85:0f:c2
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgICAuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY1ODcxMTAvBgNVBAUTKDJENjM0MDc3Q0M4NDdCNTlENDA0OEQ0M0UwNEIzMzA5
Njk4RkU2MzgwHhcNMjUwNDIzMDk0NzIxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA4YjcyOS02OWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApypGwRJHhc9jjSbd6AIc/2FRTiOrlGQmHg/DTja2NQzrCuOnemnXRxMMkw//
5QSKGSc08rpLKpm28tNY2MxLCAckpCWj6bJy75I7QBwArW1yRdZvLFrg+xFuzZa7
yDf0BKzOdvIE3orilpUMsx+xy/fiGjnWyyLKmJlsMZfEQLpJ447sdTnq6rQWvtKk
VF3Pnl/HwlpPCJQwJg/y5L1626DgZs8/ivRGVAKnTSzG7MLD9hNtVAYPpd9rufFs
lU+NTRBeUI9eDvYRNnA7XGkT1AA3qNjLYRubHGOzZdTQslTcliCcBu7osdi+xinv
gMAFena2EzN4awrXEj2HLa97qwIDAQABo4IDJDCCAyAwHQYDVR0OBBYEFLVJj4ca
wasMvkA1n/x5nNOuLS+mMB8GA1UdIwQYMBaAFC1jQHfMhHtZ1ASNQ+BLMwlpj+Y4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjU4Ny80MTdENzFCNDkx
ODYxMUVEQTg0QTEyNERDNEY5QUUwMi9MV05BZDh5RWUxblVCSTFENEVzekNXbVA1
amcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVqZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjY1ODcvNDE3RDcxQjQ5MTg2MTFFREE4NEExMjREQzRGOUFFMDIvRTk0NzJDMEMx
NDQxMTFFRkIyNDdCOTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga0GCCsGAQUFBwEHAQH/
BIGdMIGaMIGXBAIAATCBkAMEAC199QMEAmcD4AMEAWdCsgMEAWdNZgMEAGdN/wME
AWdU/gMEAmdV5AMEAWdm9gMEAmdoXAMEAWdogAMEAmduaAMEAWd11gMEAGeLsgME
AWeORgMEAWeU1gMEAGfd6AMEAWfd6gMEAGfkhAMEAmfxNAMEAGf8bAMEAGf8bwME
AZZr4AMEAJZr4wMEAMperjANBgkqhkiG9w0BAQsFAAOCAQEAfn0RwhePpHfuuGXI
28VCvPXCMF3DcJwQ1RVx3tckLC2HAgpWWvKf17Z64fiLDn5ob/u+r3hFqzQodcr/
ikMDLlKmX/QWB90qlDgbTcrES4rYeUNBfjrRi7ImBuAZvlYlUYd6uoroL2Kbcdur
nr0A3aID/Ev3JQjxdP0MfW5YY6f1YBVnE6NJwQaaMzGTmYVdAZb3P2jYYeDuhVY8
WoDWaq89p4sfWvnvOQMPXp0aYH+BOSYxcabIguY5uIb/xJDnhzv7uxnGlSkv7a9U
FzThiFGzLytXL9ebLYzKK6zMw5xy4yiYXHgHD0ni4SczRJrL2Vf/+uFeD+pwynQE
fYUPwg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:44:37 2025 by rpki-client