Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B1F39E9C334111EF9770A542C4F9AE02.roa
File: B1F39E9C334111EF9770A542C4F9AE02.roa (raw, json)
Hash identifier: gH07d0tdWpzxCvfeG7l6D2uFfEY6tpwzzgDCtY/pYyE=
Subject key identifier: 89:D9:1D:02:5D:7F:88:E1:03:94:28:11:71:30:FA:D4:E2:1E:0C:4A
Certificate issuer: /CN=A91C2CC7/serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Certificate serial: 0F9D
Authority key identifier: 77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B1F39E9C334111EF9770A542C4F9AE02.roa
Signing time: Thu 10 Apr 2025 17:56:39 +0000
ROA not before: Thu 10 Apr 2025 17:56:39 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 202
IP address blocks: 103.30.186.0/23 maxlen: 23
202.53.197.0/24 maxlen: 24
202.53.204.0/23 maxlen: 23
202.53.206.0/23 maxlen: 23
2401:df00:1::/48 maxlen: 48
2401:df00:2::/48 maxlen: 48
2401:df00:11::/48 maxlen: 48
2401:df00:12::/48 maxlen: 48
2401:df00:21::/48 maxlen: 48
2401:df00:22::/48 maxlen: 48
2401:df00:31::/48 maxlen: 48
2401:df00:32::/48 maxlen: 48
2401:df00:41::/48 maxlen: 48
2401:df00:42::/48 maxlen: 48
2401:df00:51::/48 maxlen: 48
2401:df00:52::/48 maxlen: 48
2401:df00:61::/48 maxlen: 48
2401:df00:62::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 17:38:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3997 (0xf9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C2CC7, serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49
Validity
Not Before: Apr 10 17:56:39 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67f80657-e7ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:93:20:27:0c:f2:ae:d7:68:4a:d6:c2:12:4d:
90:5d:58:52:53:3b:25:e7:4e:89:15:47:af:c1:0f:
db:f3:a0:b9:db:56:c9:af:a4:49:26:2f:1c:e2:49:
8a:c3:bb:e0:d7:3e:9a:ff:dc:ec:11:15:42:50:a9:
16:cc:f8:c8:75:43:11:24:f9:ad:70:20:86:fc:87:
5c:1c:9b:52:8c:b0:2b:e0:26:65:0c:78:2e:29:db:
de:47:e4:91:fe:61:e1:31:02:3f:1c:f7:03:31:d1:
6c:fa:4e:b8:cd:91:e9:cc:4a:c0:a7:42:70:2d:8a:
0b:c2:ce:7a:8e:4a:8a:9d:c2:c1:14:29:33:e5:15:
aa:cc:3d:65:55:fe:f3:09:e4:5f:f5:85:81:f8:f7:
de:ce:a7:3d:71:c6:2a:4b:4a:16:0e:35:4e:4b:89:
63:5b:2e:18:b1:3f:bd:20:11:d1:12:03:a4:7e:b0:
c2:b9:f8:dc:32:c1:61:b5:e7:ee:58:3a:c2:b1:e1:
b6:b2:f7:cf:7f:d5:f8:e0:81:9c:4c:bf:4a:f5:e6:
1b:53:de:2b:33:06:66:44:79:2b:45:fe:d0:1e:01:
89:24:8f:d1:d1:fc:17:22:29:4a:7a:09:a8:ce:9b:
d0:95:0e:f4:42:dc:4f:81:db:f5:af:ff:a3:01:3a:
f6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D9:1D:02:5D:7F:88:E1:03:94:28:11:71:30:FA:D4:E2:1E:0C:4A
X509v3 Authority Key Identifier:
keyid:77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/B1F39E9C334111EF9770A542C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.30.186.0/23
202.53.197.0/24
202.53.204.0/22
IPv6:
2401:df00:1::-2401:df00:2:ffff:ffff:ffff:ffff:ffff
2401:df00:11::-2401:df00:12:ffff:ffff:ffff:ffff:ffff
2401:df00:21::-2401:df00:22:ffff:ffff:ffff:ffff:ffff
2401:df00:31::-2401:df00:32:ffff:ffff:ffff:ffff:ffff
2401:df00:41::-2401:df00:42:ffff:ffff:ffff:ffff:ffff
2401:df00:51::-2401:df00:52:ffff:ffff:ffff:ffff:ffff
2401:df00:61::-2401:df00:62:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
af:15:12:99:ac:ab:85:1c:1e:8e:8d:2c:b3:1f:4f:b5:c0:61:
d6:a6:95:c9:3e:87:aa:8c:46:a9:8a:ae:96:ca:d9:4e:89:32:
cb:a5:0d:8f:04:96:d0:ca:a3:95:7f:15:b1:23:d1:9c:7a:24:
b7:bc:bc:27:3c:55:a4:22:c5:d4:32:df:93:dd:34:a6:a5:44:
b8:83:e1:c2:04:c9:d0:f1:7a:8e:59:d4:e6:9e:08:da:31:7d:
c0:9d:77:a1:d1:5c:54:a3:87:79:1a:02:af:58:22:47:62:0a:
de:29:23:14:0f:46:6b:cd:1d:b7:27:24:b2:69:3c:2a:eb:87:
41:12:9a:e7:d9:1c:bb:51:62:80:93:67:ec:3d:f9:07:36:e2:
75:a8:b1:cc:60:1e:a7:4a:7a:72:71:28:15:66:15:8b:df:90:
ae:18:94:21:55:07:12:a0:79:4d:e7:7b:a5:fc:9d:0e:63:04:
c3:b0:59:31:4f:36:42:15:37:3b:20:e8:61:22:21:02:a1:af:
e5:cf:03:3a:d4:4a:d0:f6:c1:8e:f2:52:ed:39:df:02:1d:73:
92:b5:49:b3:b8:c6:b3:f7:3f:08:2f:d6:e9:00:95:85:97:40:
f8:61:c7:05:05:e5:4c:dd:12:9f:50:c3:11:5a:6c:38:7c:05:
2c:9f:d9:a8
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgICD50wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzJDQzcxMTAvBgNVBAUTKDc3NDg2QjYxMEQzMzNBRUJEQThGMjU1QzUwMTQxMUIw
MUYxOEZGNDkwHhcNMjUwNDEwMTc1NjM5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y4MDY1Ny1lN2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvpMgJwzyrtdoStbCEk2QXVhSUzsl506JFUevwQ/b86C521bJr6RJJi8c4kmK
w7vg1z6a/9zsERVCUKkWzPjIdUMRJPmtcCCG/IdcHJtSjLAr4CZlDHguKdveR+SR
/mHhMQI/HPcDMdFs+k64zZHpzErAp0JwLYoLws56jkqKncLBFCkz5RWqzD1lVf7z
CeRf9YWB+Pfezqc9ccYqS0oWDjVOS4ljWy4YsT+9IBHREgOkfrDCufjcMsFhtefu
WDrCseG2svfPf9X44IGcTL9K9eYbU94rMwZmRHkrRf7QHgGJJI/R0fwXIilKegmo
zpvQlQ70QtxPgdv1r/+jATr2LwIDAQABo4IDOjCCAzYwHQYDVR0OBBYEFInZHQJd
f4jhA5QoEXEw+tTiHgxKMB8GA1UdIwQYMBaAFHdIa2ENMzrr2o8lXFAUEbAfGP9J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkNDNy83OTFDNkEzNDdC
MzgxMUU5QkMwRDNCMzJDNEY5QUUwMi9kMGhyWVEwek91dmFqeVZjVUJRUnNCOFlf
MGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QwaHJZUTB6T3V2YWp5VmNVQlFSc0I4WV8way5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzJDQzcvNzkxQzZBMzQ3QjM4MTFFOUJDMEQzQjMyQzRGOUFFMDIvQjFGMzlFOUMz
MzQxMTFFRjk3NzBBNTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcMGCCsGAQUFBwEHAQH/
BIGzMIGwMBgEAgABMBIDBAFnHroDBADKNcUDBALKNcwwgZMEAgACMIGMMBIDBwAk
Ad8AAAEDBwAkAd8AAAIwEgMHACQB3wAAEQMHACQB3wAAEjASAwcAJAHfAAAhAwcA
JAHfAAAiMBIDBwAkAd8AADEDBwAkAd8AADIwEgMHACQB3wAAQQMHACQB3wAAQjAS
AwcAJAHfAABRAwcAJAHfAABSMBIDBwAkAd8AAGEDBwAkAd8AAGIwDQYJKoZIhvcN
AQELBQADggEBAK8VEpmsq4UcHo6NLLMfT7XAYdamlck+h6qMRqmKrpbK2U6JMsul
DY8EltDKo5V/FbEj0Zx6JLe8vCc8VaQixdQy35PdNKalRLiD4cIEydDxeo5Z1Oae
CNoxfcCdd6HRXFSjh3kaAq9YIkdiCt4pIxQPRmvNHbcnJLJpPCrrh0ESmufZHLtR
YoCTZ+w9+Qc24nWoscxgHqdKenJxKBVmFYvfkK4YlCFVBxKgeU3ne6X8nQ5jBMOw
WTFPNkIVNzsg6GEiIQKhr+XPAzrUStD2wY7yUu053wIdc5K1SbO4xrP3Pwgv1ukA
lYWXQPhhxwUF5UzdEp9QwxFabDh8BSyf2ag=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:26:42 2025 by rpki-client