Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
File: 844EFBDA766C11EF8CE33A86C4F9AE02.roa (raw, json)
Hash identifier: NExRy59G2Bw5GmZl7o9I0g3/X3wcdqeJ/PPzQYsGHhY=
Subject key identifier: 40:16:2A:23:91:50:86:FF:D2:14:74:94:76:CA:E5:B4:C7:E9:E6:58
Certificate issuer: /CN=A9162EE1/serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Certificate serial: 03FB
Authority key identifier: 60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
Signing time: Fri 09 May 2025 05:25:16 +0000
ROA not before: Fri 09 May 2025 05:25:16 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 147049
IP address blocks: 103.173.150.0/23 maxlen: 23
103.173.150.0/24 maxlen: 24
103.173.151.0/24 maxlen: 24
116.204.193.0/24 maxlen: 24
116.204.194.0/24 maxlen: 24
116.204.195.0/24 maxlen: 24
2407:e8c0::/48 maxlen: 48
2407:e8c0:1::/48 maxlen: 48
2407:e8c0:2::/48 maxlen: 48
2407:e8c0:3::/48 maxlen: 48
2407:e8c0:4::/48 maxlen: 48
2407:e8c0:5::/48 maxlen: 48
2407:e8c0:6::/48 maxlen: 48
2407:e8c0:7::/48 maxlen: 48
2407:e8c0:8::/48 maxlen: 48
2407:e8c0:9::/48 maxlen: 48
2407:e8c0:a::/48 maxlen: 48
2407:e8c0:b::/48 maxlen: 48
2407:e8c0:c::/48 maxlen: 48
2407:e8c0:d::/48 maxlen: 48
2407:e8c0:e::/48 maxlen: 48
2407:e8c0:f::/48 maxlen: 48
2407:e8c0:11::/48 maxlen: 48
2407:e8c0:12::/48 maxlen: 48
2407:e8c0:13::/48 maxlen: 48
2407:e8c0:1f::/48 maxlen: 48
2407:e8c0:4a00::/40 maxlen: 40
2407:e8c0:4b00::/40 maxlen: 40
2407:e8c0:4c00::/40 maxlen: 40
2407:e8c0:4d00::/40 maxlen: 40
2407:e8c0:4e00::/40 maxlen: 40
2407:e8c0:4f00::/40 maxlen: 40
2407:e8c0:5000::/40 maxlen: 40
2407:e8c0:5100::/40 maxlen: 40
2407:e8c0:5200::/40 maxlen: 40
2407:e8c0:5300::/40 maxlen: 40
2407:e8c0:5400::/40 maxlen: 40
2407:e8c0:5500::/40 maxlen: 40
2407:e8c0:5600::/40 maxlen: 40
2407:e8c0:5700::/40 maxlen: 40
2407:e8c0:5800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 20 May 2025 00:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1019 (0x3fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162EE1, serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Validity
Not Before: May 9 05:25:16 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=681d91bb-5f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:cc:6e:7e:a9:a3:ce:db:f5:36:82:8c:4b:97:
0a:cd:23:41:34:40:15:9d:9c:a9:2b:3f:9e:e5:86:
26:c2:5e:38:4a:53:d3:8e:97:11:08:52:34:41:dd:
1d:3e:65:81:de:8f:bd:20:83:b3:12:ae:3f:de:a8:
c6:27:9c:c9:d2:30:8d:41:38:4e:8d:a7:81:2b:ed:
ec:9e:27:3b:83:10:97:60:71:5a:1b:c4:5b:53:ad:
28:f7:b9:1c:fa:d5:07:9e:34:da:09:4d:7d:60:aa:
b2:b6:2d:f0:0a:b0:52:b0:f5:56:27:26:b1:c1:d1:
68:9f:15:f3:04:6d:80:c9:2f:15:7d:55:28:9f:b2:
b4:23:ce:d9:2c:ac:d6:7d:0a:82:5e:9d:b4:a7:6e:
8c:98:6d:45:58:1c:79:35:05:0a:76:25:be:e4:01:
8c:a6:07:08:38:c0:3e:10:8d:fb:71:75:06:58:5b:
c5:4d:63:4d:6c:2a:54:64:30:bd:dd:43:be:32:92:
a5:0a:40:e9:bb:49:a6:b4:46:d1:1d:35:e1:1c:61:
92:94:23:d3:56:6f:a6:65:2e:58:e6:fa:31:8f:46:
d8:6e:97:4a:89:4a:8b:ca:0c:4d:f1:33:81:01:3f:
b9:23:35:45:c3:be:c0:14:fd:47:01:6d:09:06:9f:
67:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:16:2A:23:91:50:86:FF:D2:14:74:94:76:CA:E5:B4:C7:E9:E6:58
X509v3 Authority Key Identifier:
keyid:60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.173.150.0/23
116.204.193.0-116.204.195.255
IPv6:
2407:e8c0::/44
2407:e8c0:11::-2407:e8c0:13:ffff:ffff:ffff:ffff:ffff
2407:e8c0:1f::/48
2407:e8c0:4a00::-2407:e8c0:58ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
d9:bc:3e:b3:c6:e5:e5:03:c8:d6:8d:30:00:0f:62:23:5c:6a:
a9:96:5e:2d:2c:63:77:81:da:8e:37:db:e1:50:80:8c:98:04:
db:f7:76:a4:41:23:c5:e3:c3:5c:25:fe:94:1a:9c:a5:90:eb:
6a:5e:9b:e4:71:32:7a:df:e9:ae:bf:ae:d2:1c:eb:25:2b:6f:
9f:70:8a:a1:27:38:80:11:44:04:ce:6f:8a:8a:55:01:ad:62:
3f:09:76:63:23:a0:f6:7e:04:db:e4:ff:22:31:c8:39:ea:d7:
e1:29:5a:19:29:c1:c9:2f:e7:37:e6:d8:44:e2:9e:74:c8:6c:
3e:3f:95:0b:4c:ec:1b:b6:d1:55:c6:ba:a4:ce:a8:8e:9b:43:
5b:99:6d:de:d1:56:24:30:60:eb:03:1f:6e:ba:b6:63:d9:24:
ac:82:15:32:b4:00:38:fb:97:d5:9e:f0:5f:25:90:83:f9:ea:
e0:24:91:37:13:08:c6:09:af:c8:36:54:e8:4e:52:ae:fe:53:
3b:b4:be:27:94:9a:f6:58:3d:66:8e:a7:04:74:88:65:64:35:
7d:6d:ed:6b:5a:bb:47:0d:c9:6b:3a:aa:11:94:6c:e1:42:a9:
b0:e3:a6:4d:ce:de:47:be:98:1b:d4:3c:98:0f:ed:72:b6:6d:
d2:d8:f4:2c
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgICA/swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjJFRTExMTAvBgNVBAUTKDYwNzZCRDBCQTREQjc5N0E3MkE2OEZFRkY5QkZCNTU4
QzQ0Mzk4QjIwHhcNMjUwNTA5MDUyNTE2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODFkOTFiYi01ZjU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx8xufqmjztv1NoKMS5cKzSNBNEAVnZypKz+e5YYmwl44SlPTjpcRCFI0Qd0d
PmWB3o+9IIOzEq4/3qjGJ5zJ0jCNQThOjaeBK+3snic7gxCXYHFaG8RbU60o97kc
+tUHnjTaCU19YKqyti3wCrBSsPVWJyaxwdFonxXzBG2AyS8VfVUon7K0I87ZLKzW
fQqCXp20p26MmG1FWBx5NQUKdiW+5AGMpgcIOMA+EI37cXUGWFvFTWNNbCpUZDC9
3UO+MpKlCkDpu0mmtEbRHTXhHGGSlCPTVm+mZS5Y5voxj0bYbpdKiUqLygxN8TOB
AT+5IzVFw77AFP1HAW0JBp9n0QIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFEAWKiOR
UIb/0hR0lHbK5bTH6eZYMB8GA1UdIwQYMBaAFGB2vQuk23l6cqaP7/m/tVjEQ5iy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkVFMS83NTJENDJFODhG
RDIxMUVDOTQ4QTkzN0VDNEY5QUUwMi9ZSGE5QzZUYmVYcHlwb192LWItMVdNUkRt
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lIYTlDNlRiZVhweXBvX3YtYi0xV01SRG1MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjJFRTEvNzUyRDQyRTg4RkQyMTFFQzk0OEE5MzdFQzRGOUFFMDIvODQ0RUZCREE3
NjZDMTFFRjhDRTMzQTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbQYIKwYBBQUHAQcBAf8E
XjBcMBoEAgABMBQDBAFnrZYwDAMEAHTMwQMEAnTMwDA+BAIAAjA4AwcEJAfowAAA
MBIDBwAkB+jAABEDBwIkB+jAABADBwAkB+jAAB8wEAMGASQH6MBKAwYAJAfowFgw
DQYJKoZIhvcNAQELBQADggEBANm8PrPG5eUDyNaNMAAPYiNcaqmWXi0sY3eB2o43
2+FQgIyYBNv3dqRBI8Xjw1wl/pQanKWQ62pem+RxMnrf6a6/rtIc6yUrb59wiqEn
OIARRATOb4qKVQGtYj8JdmMjoPZ+BNvk/yIxyDnq1+EpWhkpwckv5zfm2ETinnTI
bD4/lQtM7Bu20VXGuqTOqI6bQ1uZbd7RViQwYOsDH266tmPZJKyCFTK0ADj7l9We
8F8lkIP56uAkkTcTCMYJr8g2VOhOUq7+Uzu0vieUmvZYPWaOpwR0iGVkNX1t7Wta
u0cNyWs6qhGUbOFCqbDjpk3O3ke+mBvUPJgP7XK2bdLY9Cw=
-----END CERTIFICATE-----
Generated at Tue May 13 19:19:56 2025 by rpki-client