Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/11A28878915611EE83F61C41C4F9AE02.roa
File: 11A28878915611EE83F61C41C4F9AE02.roa (raw, json)
Hash identifier: RfTnQKCPkCkXu+cLDzDjeZUnPvrVkAuWPJkazJXC7kc=
Subject key identifier: 55:33:65:58:8B:E5:99:C1:0E:E0:D8:13:10:57:C5:BF:A2:74:3E:F4
Certificate issuer: /CN=A911D9B2/serialNumber=91295BBB75BFAAEB9531B39B36EC7521DDE30D63
Certificate serial: 37
Authority key identifier: 91:29:5B:BB:75:BF:AA:EB:95:31:B3:9B:36:EC:75:21:DD:E3:0D:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/11A28878915611EE83F61C41C4F9AE02.roa
Signing time: Tue 20 Feb 2024 17:59:05 +0000
ROA not before: Tue 20 Feb 2024 17:59:05 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 931
IP address blocks: 103.96.80.0/24 maxlen: 24
103.96.81.0/24 maxlen: 24
103.96.82.0/24 maxlen: 24
103.96.83.0/24 maxlen: 24
103.131.130.0/24 maxlen: 24
103.131.131.0/24 maxlen: 24
2401:3a60:1000::/36 maxlen: 36
2401:3a60:1100::/40 maxlen: 40
2401:3a60:1200::/40 maxlen: 40
2401:3a60:1300::/40 maxlen: 40
2401:3a60:1400::/40 maxlen: 40
2401:3a60:1500::/40 maxlen: 40
2401:3a60:1600::/40 maxlen: 40
2401:3a60:3100::/40 maxlen: 40
2401:3a60:3200::/40 maxlen: 40
2401:3a60:5000::/40 maxlen: 40
2401:3a60:5100::/40 maxlen: 40
2401:3a60:5200::/40 maxlen: 40
2401:3a60:5300::/40 maxlen: 40
2401:3a60:7100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.crl
rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 14 Jun 2024 07:17:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55 (0x37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D9B2/serialNumber=91295BBB75BFAAEB9531B39B36EC7521DDE30D63
Validity
Not Before: Feb 20 17:59:05 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65d4e869-019c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:04:e1:7d:b5:7b:7f:17:e5:62:ec:be:ad:e4:
c8:f6:d9:d4:74:c8:5c:d4:bf:98:64:a6:22:9c:9d:
5b:c0:b9:3d:69:70:13:a3:ce:64:d3:e2:b8:c2:ee:
17:d8:1a:f5:5c:e5:bc:a2:39:a1:0a:97:32:e8:e2:
59:6f:e1:d2:12:0c:c4:61:e3:1f:0f:bc:47:74:d3:
73:ad:e6:25:77:23:18:0f:17:62:cd:b9:1d:af:1b:
27:71:eb:f1:d0:83:92:b1:ee:fd:8c:dd:e2:42:b2:
2b:ca:e1:53:94:a5:f0:c1:be:e8:bc:a7:7f:c7:a8:
b9:b1:1e:ec:9e:74:92:87:1e:65:ef:7a:1e:ee:cf:
44:e3:1e:b8:1d:f9:9d:45:e4:b5:6f:b8:11:32:cb:
3f:4e:e8:33:e6:52:ed:1b:9c:76:60:e0:67:ce:e5:
e8:34:a1:f5:32:1c:2c:b2:f2:5b:55:9d:32:61:c7:
d4:ac:67:17:c9:65:a6:98:2b:ef:6a:8d:07:48:ba:
c9:cf:1a:b6:d2:4b:09:14:33:c2:40:a2:8f:20:b0:
ff:5e:5f:08:14:59:d8:54:db:cd:03:92:bb:12:5b:
0c:d5:79:9b:ce:c2:c9:19:dc:7b:e3:cf:1f:bb:9f:
41:55:d7:84:5e:9f:37:86:b2:11:fe:71:cc:11:10:
a7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:33:65:58:8B:E5:99:C1:0E:E0:D8:13:10:57:C5:BF:A2:74:3E:F4
X509v3 Authority Key Identifier:
keyid:91:29:5B:BB:75:BF:AA:EB:95:31:B3:9B:36:EC:75:21:DD:E3:0D:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/kSlbu3W_quuVMbObNux1Id3jDWM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSlbu3W_quuVMbObNux1Id3jDWM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D9B2/0A6F3B42915511EEA4C0F668C4F9AE02/11A28878915611EE83F61C41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.96.80.0/22
103.131.130.0/23
IPv6:
2401:3a60:1000::/36
2401:3a60:3100::-2401:3a60:32ff:ffff:ffff:ffff:ffff:ffff
2401:3a60:5000::/38
2401:3a60:7100::/40
Signature Algorithm: sha256WithRSAEncryption
26:77:da:b4:de:a8:d5:00:6c:d5:c5:ae:2b:3b:1f:29:f3:38:
27:62:ab:ae:67:9d:2c:5a:5b:63:bf:23:1e:f9:6a:d6:70:2f:
e6:e6:74:35:35:d2:28:57:7e:f3:7f:fd:d1:dc:2b:b5:a3:21:
ed:45:66:47:9b:89:5c:07:27:d2:99:88:fc:9e:94:63:ca:bc:
9d:fd:90:d4:c9:04:d2:bc:8f:68:ba:79:d2:e3:31:4e:c8:81:
45:52:4b:5f:d2:bf:be:20:7b:42:07:f0:8d:12:63:a6:3b:05:
19:2b:ca:63:db:09:42:48:30:47:94:8a:b3:ff:99:15:5d:52:
d6:cf:8a:ee:ec:db:e2:fb:b3:eb:b9:dc:45:b2:0a:aa:c2:d5:
a3:06:8f:5f:8a:7c:22:79:87:f5:ff:d9:47:43:68:3b:88:64:
a6:55:eb:d6:20:4e:1c:4a:6a:cb:fd:66:d9:85:0e:81:fd:a5:
ff:f4:a1:d4:2f:2f:8d:c3:88:86:d1:7f:2d:a7:7d:75:7f:e9:
84:4c:e5:f7:53:0f:dd:6c:d8:bb:2d:43:83:4e:bc:56:f3:21:
b2:b6:5f:37:68:0a:ff:64:0e:29:71:4b:2d:a3:cf:ee:09:70:
8a:3c:14:79:c5:b0:43:43:08:98:ae:05:b8:0c:9d:f1:af:67:
8c:16:60:9b
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
RDlCMjExMC8GA1UEBRMoOTEyOTVCQkI3NUJGQUFFQjk1MzFCMzlCMzZFQzc1MjFE
REUzMEQ2MzAeFw0yNDAyMjAxNzU5MDVaFw0yNDEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZDRlODY5LTAxOWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDXBOF9tXt/F+Vi7L6t5Mj22dR0yFzUv5hkpiKcnVvAuT1pcBOjzmTT4rjC7hfY
GvVc5byiOaEKlzLo4llv4dISDMRh4x8PvEd003Ot5iV3IxgPF2LNuR2vGydx6/HQ
g5Kx7v2M3eJCsivK4VOUpfDBvui8p3/HqLmxHuyedJKHHmXveh7uz0TjHrgd+Z1F
5LVvuBEyyz9O6DPmUu0bnHZg4GfO5eg0ofUyHCyy8ltVnTJhx9SsZxfJZaaYK+9q
jQdIusnPGrbSSwkUM8JAoo8gsP9eXwgUWdhU280DkrsSWwzVeZvOwskZ3Hvjzx+7
n0FV14RenzeGshH+ccwREKc3AgMBAAGjggLNMIICyTAdBgNVHQ4EFgQUVTNlWIvl
mcEO4NgTEFfFv6J0PvQwHwYDVR0jBBgwFoAUkSlbu3W/quuVMbObNux1Id3jDWMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFEOUIyLzBBNkYzQjQyOTE1
NTExRUVBNEMwRjY2OEM0RjlBRTAyL2tTbGJ1M1dfcXV1Vk1iT2JOdXgxSWQzakRX
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIva1NsYnUzV19xdXVWTWJPYk51eDFJZDNqRFdNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RDlCMi8wQTZGM0I0MjkxNTUxMUVFQTRDMEY2NjhDNEY5QUUwMi8xMUEyODg3ODkx
NTYxMUVFODNGNjFDNDFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBXBggrBgEFBQcBBwEB/wRI
MEYwEgQCAAEwDAMEAmdgUAMEAWeDgjAwBAIAAjAqAwYEJAE6YBAwEAMGACQBOmAx
AwYAJAE6YDIDBgIkATpgUAMGACQBOmBxMA0GCSqGSIb3DQEBCwUAA4IBAQAmd9q0
3qjVAGzVxa4rOx8p8zgnYquuZ50sWltjvyMe+WrWcC/m5nQ1NdIoV37zf/3R3Cu1
oyHtRWZHm4lcByfSmYj8npRjyryd/ZDUyQTSvI9ounnS4zFOyIFFUktf0r++IHtC
B/CNEmOmOwUZK8pj2wlCSDBHlIqz/5kVXVLWz4ru7Nvi+7PrudxFsgqqwtWjBo9f
inwieYf1/9lHQ2g7iGSmVevWIE4cSmrL/WbZhQ6B/aX/9KHULy+Nw4iG0X8tp311
f+mETOX3Uw/dbNi7LUODTrxW8yGytl83aAr/ZA4pcUsto8/uCXCKPBR5xbBDQwiY
rgW4DJ3xr2eMFmCb
-----END CERTIFICATE-----
Generated at Fri Jun 7 11:02:20 2024 by rpki-client on console-fra.rpki-client.org