Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/7D22B44E249D11EFAC24EF6CC4F9AE02.roa
File: 7D22B44E249D11EFAC24EF6CC4F9AE02.roa (raw, json)
Hash identifier: 5+9jJwjzRyNYN2O27C0xkTXdTv27eYHF2xhj3n4/zw8=
Subject key identifier: CF:24:0C:D6:EA:55:FA:37:56:11:03:96:31:D7:C4:F5:D4:BD:D6:F4
Certificate issuer: /CN=A91E28E2/serialNumber=B481987331E1ED408B51CB9FD8EF4A650AC8669A
Certificate serial: 0174
Authority key identifier: B4:81:98:73:31:E1:ED:40:8B:51:CB:9F:D8:EF:4A:65:0A:C8:66:9A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/7D22B44E249D11EFAC24EF6CC4F9AE02.roa
Signing time: Fri 07 Feb 2025 09:55:39 +0000
ROA not before: Fri 07 Feb 2025 09:55:39 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 45352
IP address blocks: 45.117.120.0/24 maxlen: 24
45.117.121.0/24 maxlen: 24
45.117.122.0/24 maxlen: 24
103.57.188.0/24 maxlen: 24
103.57.189.0/24 maxlen: 24
103.57.190.0/23 maxlen: 24
2403:1cc0::/48 maxlen: 48
2403:1cc0:1000::/48 maxlen: 48
2403:1cc0:1001::/48 maxlen: 48
2403:1cc0:1002::/48 maxlen: 48
2403:1cc0:1003::/48 maxlen: 48
2403:1cc0:1007::/48 maxlen: 48
2403:1cc0:1101::/48 maxlen: 48
2403:1cc0:1102::/48 maxlen: 48
2403:1cc0:1128::/48 maxlen: 48
2403:1cc0:1201::/48 maxlen: 48
2403:1cc0:1301::/48 maxlen: 48
2403:1cc0:1303::/48 maxlen: 48
2403:1cc0:2000::/48 maxlen: 48
2403:1cc0:2201::/48 maxlen: 48
2403:1cc0:2300::/48 maxlen: 48
2403:1cc0:3201::/48 maxlen: 48
2403:1cc0:3202::/48 maxlen: 48
2403:1cc0:5201::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.crl
rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 02:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 372 (0x174)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E28E2, serialNumber=B481987331E1ED408B51CB9FD8EF4A650AC8669A
Validity
Not Before: Feb 7 09:55:39 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67a5d89b-4db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f2:6d:42:19:b3:d1:f6:e0:1e:6c:eb:be:c9:
f3:3f:d0:0c:b0:13:f6:04:ae:5b:7c:d9:f4:43:d4:
c0:4d:17:c7:6f:73:3c:0e:52:be:f1:70:0c:bc:21:
31:55:78:df:73:36:89:8a:79:37:df:70:b6:f3:f8:
06:4e:ce:6b:d3:49:76:5a:59:ed:84:9d:09:c4:09:
10:39:89:c3:5c:81:1b:34:ee:86:63:b8:f9:e1:8b:
01:c9:bf:dd:18:a5:77:4f:49:1a:7d:ac:22:78:33:
56:78:84:57:df:8d:bb:c0:6d:f6:bb:7a:bd:97:ee:
9e:f5:47:0b:fb:7d:fa:50:31:d0:c9:bf:b7:e9:06:
c4:ff:78:37:3a:74:83:5d:1a:95:9e:18:5e:12:19:
02:e6:68:a2:11:66:70:b8:4a:64:6b:a4:d1:27:12:
d1:81:1f:26:77:9c:ba:1f:01:c1:63:7b:1b:82:11:
d2:8d:23:97:9f:57:4d:bd:c7:e1:25:d0:0f:ec:4d:
62:ee:aa:df:80:5d:bd:10:37:ef:0b:ed:34:cb:91:
7b:67:ab:34:b8:73:6d:72:e2:ae:76:48:42:67:7a:
de:c5:ef:6c:dc:3a:d0:2c:d0:e9:42:2f:00:ba:42:
56:37:90:b0:90:b0:7e:a4:29:15:ee:52:35:81:77:
9b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:24:0C:D6:EA:55:FA:37:56:11:03:96:31:D7:C4:F5:D4:BD:D6:F4
X509v3 Authority Key Identifier:
keyid:B4:81:98:73:31:E1:ED:40:8B:51:CB:9F:D8:EF:4A:65:0A:C8:66:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/7D22B44E249D11EFAC24EF6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.120.0-45.117.122.255
103.57.188.0/22
IPv6:
2403:1cc0::/48
2403:1cc0:1000::/46
2403:1cc0:1007::/48
2403:1cc0:1101::-2403:1cc0:1102:ffff:ffff:ffff:ffff:ffff
2403:1cc0:1128::/48
2403:1cc0:1201::/48
2403:1cc0:1301::/48
2403:1cc0:1303::/48
2403:1cc0:2000::/48
2403:1cc0:2201::/48
2403:1cc0:2300::/48
2403:1cc0:3201::-2403:1cc0:3202:ffff:ffff:ffff:ffff:ffff
2403:1cc0:5201::/48
Signature Algorithm: sha256WithRSAEncryption
79:ce:59:9a:83:60:52:7d:e5:07:e6:ca:48:94:35:39:1d:09:
fa:f0:b2:8c:1c:b3:05:00:a3:30:da:05:83:4e:57:4b:2c:38:
93:05:d6:15:aa:b3:e7:d7:0d:3c:5b:6d:78:c0:7c:a3:76:d4:
26:7b:89:e7:f0:b6:b6:1a:a3:19:a1:d9:e5:14:ff:9e:f7:ae:
2c:de:0c:0d:4b:a2:37:2e:45:38:c4:2b:24:05:48:28:ac:05:
f8:af:06:52:b5:27:ab:83:7a:b3:cf:20:5b:4f:a5:65:2a:5a:
7f:0d:88:79:17:8e:04:ac:04:6f:2c:7a:9d:d0:10:da:1f:bd:
82:c6:c4:08:d8:3e:81:2e:0c:4e:ec:0d:ab:11:b7:90:31:7f:
24:46:b1:5a:f1:da:25:80:4c:41:f0:22:a9:92:fc:c5:29:c7:
4b:28:4d:4a:d0:2c:98:5a:ed:58:67:4f:ce:b2:e1:47:74:ad:
9f:3b:41:bf:7d:4e:21:ff:14:f7:ba:2b:60:ef:e0:b1:10:dc:
8e:4f:b5:47:ac:5c:bd:8a:eb:0d:ac:03:b5:9d:27:cd:58:06:
27:be:81:f2:d3:80:4d:96:3c:cd:aa:3f:52:d3:ef:d2:7d:ab:
81:aa:11:81:97:e3:5f:86:f2:fe:83:8c:3b:f5:3d:ab:80:bf:
68:9a:d0:68
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgICAXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTI4RTIxMTAvBgNVBAUTKEI0ODE5ODczMzFFMUVENDA4QjUxQ0I5RkQ4RUY0QTY1
MEFDODY2OUEwHhcNMjUwMjA3MDk1NTM5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E1ZDg5Yi00ZGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzPJtQhmz0fbgHmzrvsnzP9AMsBP2BK5bfNn0Q9TATRfHb3M8DlK+8XAMvCEx
VXjfczaJink333C28/gGTs5r00l2WlnthJ0JxAkQOYnDXIEbNO6GY7j54YsByb/d
GKV3T0kafawieDNWeIRX3427wG32u3q9l+6e9UcL+336UDHQyb+36QbE/3g3OnSD
XRqVnhheEhkC5miiEWZwuEpka6TRJxLRgR8md5y6HwHBY3sbghHSjSOXn1dNvcfh
JdAP7E1i7qrfgF29EDfvC+00y5F7Z6s0uHNtcuKudkhCZ3rexe9s3DrQLNDpQi8A
ukJWN5CwkLB+pCkV7lI1gXebnQIDAQABo4IDOzCCAzcwHQYDVR0OBBYEFM8kDNbq
Vfo3VhEDljHXxPXUvdb0MB8GA1UdIwQYMBaAFLSBmHMx4e1Ai1HLn9jvSmUKyGaa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjhFMi85NTJGQTYzMkQy
RTYxMUVEOUE1MkQ1NUFDNEY5QUUwMi90SUdZY3pIaDdVQ0xVY3VmMk85S1pRckla
cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RJR1ljekhoN1VDTFVjdWYyTzlLWlFySVpwby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTI4RTIvOTUyRkE2MzJEMkU2MTFFRDlBNTJENTVBQzRGOUFFMDIvN0QyMkI0NEUy
NDlEMTFFRkFDMjRFRjZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcQGCCsGAQUFBwEHAQH/
BIG0MIGxMBoEAgABMBQwDAMEAy11eAMEAC11egMEAmc5vDCBkgQCAAIwgYsDBwAk
AxzAAAADBwIkAxzAEAADBwAkAxzAEAcwEgMHACQDHMARAQMHACQDHMARAgMHACQD
HMARKAMHACQDHMASAQMHACQDHMATAQMHACQDHMATAwMHACQDHMAgAAMHACQDHMAi
AQMHACQDHMAjADASAwcAJAMcwDIBAwcAJAMcwDICAwcAJAMcwFIBMA0GCSqGSIb3
DQEBCwUAA4IBAQB5zlmag2BSfeUH5spIlDU5HQn68LKMHLMFAKMw2gWDTldLLDiT
BdYVqrPn1w08W214wHyjdtQme4nn8La2GqMZodnlFP+e964s3gwNS6I3LkU4xCsk
BUgorAX4rwZStSerg3qzzyBbT6VlKlp/DYh5F44ErARvLHqd0BDaH72CxsQI2D6B
LgxO7A2rEbeQMX8kRrFa8dolgExB8CKpkvzFKcdLKE1K0CyYWu1YZ0/OsuFHdK2f
O0G/fU4h/xT3uitg7+CxENyOT7VHrFy9iusNrAO1nSfNWAYnvoHy04BNljzNqj9S
0+/SfauBqhGBl+NfhvL+g4w79T2rgL9omtBo
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:59:35 2025 by rpki-client