Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/F7D11060619811ED9437B344C4F9AE02.roa
File: F7D11060619811ED9437B344C4F9AE02.roa (raw, json)
Hash identifier: pTkU8wdRwupBYI9IDH//sp/jB9W7c5nU71wrSnDuFOA=
Subject key identifier: 58:B5:58:34:66:5B:58:02:13:BE:86:C2:37:2B:FC:8B:CF:FE:CF:42
Certificate issuer: /CN=A9124679/serialNumber=0A480517741076FE763E4E9E32F35BD459893292
Certificate serial: 014A
Authority key identifier: 0A:48:05:17:74:10:76:FE:76:3E:4E:9E:32:F3:5B:D4:59:89:32:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/F7D11060619811ED9437B344C4F9AE02.roa
Signing time: Wed 03 Jul 2024 07:32:21 +0000
ROA not before: Wed 03 Jul 2024 07:32:21 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 134840
IP address blocks: 103.57.204.0/24 maxlen: 24
103.57.205.0/24 maxlen: 24
103.57.206.0/24 maxlen: 24
103.57.207.0/24 maxlen: 24
103.203.132.0/24 maxlen: 24
103.203.133.0/24 maxlen: 24
103.203.134.0/24 maxlen: 24
103.203.135.0/24 maxlen: 24
116.206.192.0/24 maxlen: 24
116.206.193.0/24 maxlen: 24
116.206.194.0/24 maxlen: 24
116.206.195.0/24 maxlen: 24
121.46.71.0/24 maxlen: 24
180.235.116.0/24 maxlen: 24
180.235.117.0/24 maxlen: 24
180.235.118.0/24 maxlen: 24
180.235.119.0/24 maxlen: 24
2403:c280::/32 maxlen: 32
2403:c280::/48 maxlen: 48
2403:c280:1::/48 maxlen: 48
2403:c280:2::/48 maxlen: 48
2403:c280:3::/48 maxlen: 48
2403:c280:4::/48 maxlen: 48
2403:c280:5::/48 maxlen: 48
2403:c280:6::/48 maxlen: 48
2403:c280:7::/48 maxlen: 48
2403:c280:8::/48 maxlen: 48
2403:c280:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.crl
rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:02:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 330 (0x14a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9124679/serialNumber=0A480517741076FE763E4E9E32F35BD459893292
Validity
Not Before: Jul 3 07:32:21 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6684fe84-93e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a1:08:7f:c4:4c:f7:a4:52:d5:8b:18:e4:36:
12:05:33:23:bb:21:c0:ea:66:de:3d:fe:8f:01:b1:
69:be:00:3c:82:f4:bd:ee:b4:07:c4:bc:fe:70:ee:
df:6e:3b:bc:d7:69:2c:d9:2f:69:63:50:e6:61:e7:
75:41:c3:9d:db:1d:02:6b:e3:ea:e0:8a:5c:a4:db:
08:f9:60:f5:c1:3c:fa:d0:76:42:45:c2:66:cf:ab:
10:5c:2e:4b:5b:63:b1:2a:6e:45:c0:f5:00:8b:25:
41:15:3f:3d:5d:a1:62:1c:e6:c9:60:90:06:43:ce:
61:e5:3e:9c:4d:59:c4:ac:4a:1b:0f:ce:4a:9a:56:
2a:d2:b8:f8:e4:b3:f7:54:f0:0d:41:a7:e3:77:36:
13:20:2d:76:60:06:e1:b4:eb:f9:e5:a3:e4:21:12:
01:9b:24:cd:8f:95:6f:14:2a:29:1f:57:5f:b7:90:
00:79:0f:2a:fb:d2:4e:57:07:e6:a0:95:07:4f:e2:
ae:e1:63:b1:a4:fe:9b:f7:f8:50:fb:12:27:f9:9b:
f1:30:80:d8:fb:c1:fb:4a:f8:1d:ee:99:aa:fe:62:
bb:ee:d9:fc:54:78:65:c6:93:c6:d9:aa:cf:d6:5f:
30:d8:a9:d2:6c:31:e4:f6:18:81:3c:48:e4:19:0e:
48:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:B5:58:34:66:5B:58:02:13:BE:86:C2:37:2B:FC:8B:CF:FE:CF:42
X509v3 Authority Key Identifier:
keyid:0A:48:05:17:74:10:76:FE:76:3E:4E:9E:32:F3:5B:D4:59:89:32:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/CkgFF3QQdv52Pk6eMvNb1FmJMpI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkgFF3QQdv52Pk6eMvNb1FmJMpI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9124679/F5B78A88619411ED8CDBA23EC4F9AE02/F7D11060619811ED9437B344C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.57.204.0/22
103.203.132.0/22
116.206.192.0/22
121.46.71.0/24
180.235.116.0/22
IPv6:
2403:c280::/32
Signature Algorithm: sha256WithRSAEncryption
83:8d:6a:27:ab:de:4f:65:ec:85:9c:67:96:d4:74:60:8b:76:
2c:12:27:fe:56:6d:cf:32:43:a7:13:a9:e8:ec:df:95:80:de:
63:dc:d6:94:b2:ab:94:56:e3:11:6b:b7:42:e3:13:e6:55:db:
da:9d:91:76:0e:a0:9f:b0:8c:88:cb:35:c9:a5:cf:f8:df:95:
93:52:ba:cc:20:31:75:1d:dc:c4:ce:3e:5a:d9:fe:35:47:e0:
c8:5d:9f:31:46:ba:e7:5e:f1:a7:22:19:70:bb:ed:6d:34:fc:
22:fb:29:65:5b:64:55:96:53:74:9c:2a:dd:35:87:dc:3b:6e:
63:51:2f:42:29:0b:fa:b5:9c:c5:9e:67:7d:c9:bd:45:26:44:
36:8c:a7:3d:c3:8a:63:6a:07:bf:ef:a6:d7:29:b0:07:bc:4e:
75:51:8a:e1:90:74:22:53:e3:c8:7f:cf:79:58:e5:d6:61:c2:
70:38:ec:99:e8:bf:28:af:ea:fe:5e:6a:c6:1b:a3:fa:71:fe:
29:93:e9:87:3b:6d:79:53:b4:73:53:b5:cf:cb:4c:88:b6:63:
a1:01:23:dd:af:81:e2:0b:94:58:99:0f:49:de:4e:26:b1:b2:
a3:9e:fa:dd:86:e5:18:18:42:e0:bf:03:46:c3:f0:ad:35:c3:
77:3f:a0:8f
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICAUowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQ2NzkxMTAvBgNVBAUTKDBBNDgwNTE3NzQxMDc2RkU3NjNFNEU5RTMyRjM1QkQ0
NTk4OTMyOTIwHhcNMjQwNzAzMDczMjIxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg0ZmU4NC05M2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2qEIf8RM96RS1YsY5DYSBTMjuyHA6mbePf6PAbFpvgA8gvS97rQHxLz+cO7f
bju812ks2S9pY1DmYed1QcOd2x0Ca+Pq4IpcpNsI+WD1wTz60HZCRcJmz6sQXC5L
W2OxKm5FwPUAiyVBFT89XaFiHObJYJAGQ85h5T6cTVnErEobD85KmlYq0rj45LP3
VPANQafjdzYTIC12YAbhtOv55aPkIRIBmyTNj5VvFCopH1dft5AAeQ8q+9JOVwfm
oJUHT+Ku4WOxpP6b9/hQ+xIn+ZvxMIDY+8H7Svgd7pmq/mK77tn8VHhlxpPG2arP
1l8w2KnSbDHk9hiBPEjkGQ5ICwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFFi1WDRm
W1gCE76Gwjcr/IvP/s9CMB8GA1UdIwQYMBaAFApIBRd0EHb+dj5OnjLzW9RZiTKS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDY3OS9GNUI3OEE4ODYx
OTQxMUVEOENEQkEyM0VDNEY5QUUwMi9Da2dGRjNRUWR2NTJQazZlTXZOYjFGbUpN
cEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NrZ0ZGM1FRZHY1MlBrNmVNdk5iMUZtSk1wSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ2NzkvRjVCNzhBODg2MTk0MTFFRDhDREJBMjNFQzRGOUFFMDIvRjdEMTEwNjA2
MTk4MTFFRDk0MzdCMzQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAJnOcwDBAJny4QDBAJ0zsADBAB5LkcDBAK063QwDQQCAAIw
BwMFACQDwoAwDQYJKoZIhvcNAQELBQADggEBAIONaier3k9l7IWcZ5bUdGCLdiwS
J/5Wbc8yQ6cTqejs35WA3mPc1pSyq5RW4xFrt0LjE+ZV29qdkXYOoJ+wjIjLNcml
z/jflZNSuswgMXUd3MTOPlrZ/jVH4MhdnzFGuude8aciGXC77W00/CL7KWVbZFWW
U3ScKt01h9w7bmNRL0IpC/q1nMWeZ33JvUUmRDaMpz3DimNqB7/vptcpsAe8TnVR
iuGQdCJT48h/z3lY5dZhwnA47Jnovyiv6v5easYbo/px/imT6Yc7bXlTtHNTtc/L
TIi2Y6EBI92vgeILlFiZD0neTiaxsqOe+t2G5RgYQuC/A0bD8K01w3c/oI8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:02:45 2024 by rpki-client on console-fra.rpki-client.org