Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
File: 373C0EEEAFB011EC9688644FC4F9AE02.roa (raw, json)
Hash identifier: HVGi2lUwCQZWcIQSfZT0TZMTdiphqEIo5eAKaq0V4N8=
Subject key identifier: 77:D6:73:D5:37:E1:5D:0E:C0:0F:C9:97:0C:3D:A2:53:18:FE:57:2D
Certificate issuer: /CN=A91C9B08/serialNumber=614CCD24F785E9299215916408294042F1463294
Certificate serial: 03E4
Authority key identifier: 61:4C:CD:24:F7:85:E9:29:92:15:91:64:08:29:40:42:F1:46:32:94
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
Signing time: Tue 06 May 2025 21:17:17 +0000
ROA not before: Tue 06 May 2025 21:17:17 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 200325
IP address blocks: 103.180.114.0/23 maxlen: 24
2400:52e0::/32 maxlen: 32
2400:52e0:1::/48 maxlen: 48
2400:52e0:2::/48 maxlen: 48
2400:52e0:1500::/48 maxlen: 48
2400:52e0:1501::/48 maxlen: 48
2400:52e0:1502::/48 maxlen: 48
2400:52e0:1690::/48 maxlen: 48
2400:52e0:1a00::/48 maxlen: 48
2400:52e0:1a01::/48 maxlen: 48
2400:52e0:1a02::/48 maxlen: 48
2400:52e0:1a03::/48 maxlen: 48
2400:52e0:1a04::/48 maxlen: 48
2400:52e0:1a05::/48 maxlen: 48
2400:52e0:1a06::/48 maxlen: 48
2400:52e0:1a07::/48 maxlen: 48
2400:52e0:1a08::/48 maxlen: 48
2400:52e0:1a09::/48 maxlen: 48
2400:52e0:1e00::/48 maxlen: 48
2400:52e0:1e01::/48 maxlen: 48
2400:52e0:1e02::/48 maxlen: 48
2400:52e0:1e03::/48 maxlen: 48
2400:52e0:1e04::/48 maxlen: 48
2400:52e0:1e05::/48 maxlen: 48
2400:52e0:1e06::/48 maxlen: 48
2400:52e0:1e07::/48 maxlen: 48
2400:52e0:1e08::/48 maxlen: 48
2400:52e0:1e09::/48 maxlen: 48
2400:52e0:1e10::/48 maxlen: 48
2400:52e0:2500::/48 maxlen: 48
2400:52e0:2a00::/48 maxlen: 48
2400:52e0:4000::/48 maxlen: 48
2400:52e0:fff0::/48 maxlen: 48
2400:52e0:fff1::/48 maxlen: 48
2400:52e0:fff2::/48 maxlen: 48
2400:52e0:fff3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.crl
rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 20 May 2025 00:27:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 996 (0x3e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9B08, serialNumber=614CCD24F785E9299215916408294042F1463294
Validity
Not Before: May 6 21:17:17 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=681a7c5d-9166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:96:98:ed:88:35:4f:6a:bc:62:34:c9:5f:70:
3d:d0:d9:a1:19:25:61:29:95:35:66:d5:8d:b2:bc:
ac:c7:79:e1:c4:44:e5:d0:68:81:56:a3:9c:d8:8a:
b4:e5:3d:d5:cf:9e:74:bb:3b:85:cd:76:92:b7:82:
91:87:ca:3a:80:3d:2d:7f:43:df:81:50:ac:63:28:
ec:88:b9:a1:30:11:f2:c8:09:45:f1:b1:27:da:dc:
1c:03:c5:f8:dc:36:8a:82:c1:02:15:c4:b2:c9:29:
ca:ec:bc:c4:c0:33:58:e8:c7:04:c9:d4:d3:fe:81:
aa:45:a5:a6:7d:dd:30:fc:c7:70:76:a8:2f:e6:4d:
60:be:26:7d:4b:7c:b9:de:8a:5f:c0:b8:c1:39:c9:
c5:0e:56:36:2c:41:f5:61:81:62:e9:46:19:f5:9a:
e6:c1:4a:14:bd:6f:cf:2a:3b:6c:41:fd:b4:5c:c5:
4f:1b:49:66:01:48:ef:5c:11:57:cd:96:aa:76:ac:
fa:c4:9b:c1:19:39:76:08:c3:6a:52:f9:1f:7e:b6:
bf:ec:39:69:9e:78:c7:5f:d0:f2:e9:b9:78:49:51:
67:ff:80:7e:3b:60:a0:23:3d:4a:06:7f:af:ac:de:
77:ed:d6:0a:13:92:ee:1c:e6:62:ed:45:d5:93:ce:
94:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:D6:73:D5:37:E1:5D:0E:C0:0F:C9:97:0C:3D:A2:53:18:FE:57:2D
X509v3 Authority Key Identifier:
keyid:61:4C:CD:24:F7:85:E9:29:92:15:91:64:08:29:40:42:F1:46:32:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.114.0/23
IPv6:
2400:52e0::/32
Signature Algorithm: sha256WithRSAEncryption
5e:9a:58:1b:df:98:9c:6b:48:0d:62:7a:38:ab:6b:be:2e:0f:
cf:69:3b:d7:ad:71:94:35:5a:20:e3:58:60:40:a0:53:b1:a4:
eb:5d:11:73:c0:67:98:bc:33:21:38:0b:02:ba:1a:93:5d:76:
91:02:b6:3e:7d:55:d3:f9:40:d4:c8:4c:de:bf:61:d5:b5:69:
10:81:30:ce:11:15:68:2e:94:ce:67:79:d2:0c:b0:4c:41:cf:
2d:63:63:62:da:03:17:57:3c:d6:de:8e:40:02:71:b7:c6:0d:
ae:8b:02:d6:36:e9:a8:2a:5a:1b:0d:c1:a7:23:c9:e4:ab:10:
70:c0:15:22:49:32:c0:5f:df:eb:b1:7b:d3:f0:50:fb:2d:66:
6b:e5:32:cf:de:54:f5:14:6d:57:b7:24:71:da:b0:d4:0e:72:
4d:45:4b:37:ac:4e:85:10:08:7d:bc:bd:92:22:b1:cc:32:c2:
a1:6c:2d:c4:d9:65:02:32:5c:ad:52:85:73:46:48:a9:79:8f:
de:93:0e:4c:c1:c0:ac:ee:29:a6:66:5b:48:a5:da:e6:56:3e:
9c:af:17:a2:22:24:97:7e:da:75:d8:be:8a:03:35:2b:64:f7:
8c:72:ab:6d:6c:ad:ce:15:54:9f:bd:20:91:b7:13:a9:83:0b:
58:19:b7:fe
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA+QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlCMDgxMTAvBgNVBAUTKDYxNENDRDI0Rjc4NUU5Mjk5MjE1OTE2NDA4Mjk0MDQy
RjE0NjMyOTQwHhcNMjUwNTA2MjExNzE3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODFhN2M1ZC05MTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0ZaY7Yg1T2q8YjTJX3A90NmhGSVhKZU1ZtWNsrysx3nhxETl0GiBVqOc2Iq0
5T3Vz550uzuFzXaSt4KRh8o6gD0tf0PfgVCsYyjsiLmhMBHyyAlF8bEn2twcA8X4
3DaKgsECFcSyySnK7LzEwDNY6McEydTT/oGqRaWmfd0w/Mdwdqgv5k1gviZ9S3y5
3opfwLjBOcnFDlY2LEH1YYFi6UYZ9ZrmwUoUvW/PKjtsQf20XMVPG0lmAUjvXBFX
zZaqdqz6xJvBGTl2CMNqUvkffra/7DlpnnjHX9Dy6bl4SVFn/4B+O2CgIz1KBn+v
rN537dYKE5LuHOZi7UXVk86UdQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHfWc9U3
4V0OwA/Jlww9olMY/lctMB8GA1UdIwQYMBaAFGFMzST3hekpkhWRZAgpQELxRjKU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUIwOC8zNzU1M0E1Njg5
OUQxMUVDOEI0MjRFMEJDNEY5QUUwMi9ZVXpOSlBlRjZTbVNGWkZrQ0NsQVF2RkdN
cFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lVek5KUGVGNlNtU0ZaRmtDQ2xBUXZGR01wUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlCMDgvMzc1NTNBNTY4OTlEMTFFQzhCNDI0RTBCQzRGOUFFMDIvMzczQzBFRUVB
RkIwMTFFQzk2ODg2NDRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFntHIwDQQCAAIwBwMFACQAUuAwDQYJKoZIhvcNAQELBQAD
ggEBAF6aWBvfmJxrSA1iejira74uD89pO9etcZQ1WiDjWGBAoFOxpOtdEXPAZ5i8
MyE4CwK6GpNddpECtj59VdP5QNTITN6/YdW1aRCBMM4RFWgulM5nedIMsExBzy1j
Y2LaAxdXPNbejkACcbfGDa6LAtY26agqWhsNwacjyeSrEHDAFSJJMsBf3+uxe9Pw
UPstZmvlMs/eVPUUbVe3JHHasNQOck1FSzesToUQCH28vZIiscwywqFsLcTZZQIy
XK1ShXNGSKl5j96TDkzBwKzuKaZmW0il2uZWPpyvF6IiJJd+2nXYvooDNStk94xy
q21src4VVJ+9IJG3E6mDC1gZt/4=
-----END CERTIFICATE-----
Generated at Tue May 13 16:15:39 2025 by rpki-client