Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91293E9/83A174FC8C6811EB981B2542C4F9AE02/1AC1982A8C6A11EB91832D52C4F9AE02.roa
File: 1AC1982A8C6A11EB91832D52C4F9AE02.roa (raw, json)
Hash identifier: LiXw5QkDIdwB3vLGmFYHfIaKv0T0QYD0Rl/2R7/Sqas=
Subject key identifier: D1:1A:8D:95:C5:22:7A:B9:82:05:32:11:FD:A7:9A:97:A2:66:26:96
Certificate issuer: /CN=A91293E9/serialNumber=D9C615D10B41E6E569865CCAA7FE280D128E311C
Certificate serial: 0545
Authority key identifier: D9:C6:15:D1:0B:41:E6:E5:69:86:5C:CA:A7:FE:28:0D:12:8E:31:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2cYV0QtB5uVphlzKp_4oDRKOMRw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91293E9/83A174FC8C6811EB981B2542C4F9AE02/1AC1982A8C6A11EB91832D52C4F9AE02.roa
Signing time: Sun 03 Dec 2023 00:12:55 +0000
ROA not before: Sun 03 Dec 2023 00:12:55 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 45499
IP address blocks: 103.5.60.0/22 maxlen: 22
103.5.60.0/24 maxlen: 24
103.5.61.0/24 maxlen: 24
103.5.62.0/24 maxlen: 24
103.5.63.0/24 maxlen: 24
110.5.64.0/21 maxlen: 21
110.5.64.0/24 maxlen: 24
110.5.65.0/24 maxlen: 24
110.5.66.0/24 maxlen: 24
110.5.67.0/24 maxlen: 24
110.5.68.0/24 maxlen: 24
110.5.69.0/24 maxlen: 24
110.5.70.0/24 maxlen: 24
110.5.71.0/24 maxlen: 24
111.235.80.0/20 maxlen: 20
111.235.80.0/24 maxlen: 24
111.235.81.0/24 maxlen: 24
111.235.82.0/24 maxlen: 24
111.235.83.0/24 maxlen: 24
111.235.84.0/24 maxlen: 24
111.235.85.0/24 maxlen: 24
111.235.86.0/24 maxlen: 24
111.235.87.0/24 maxlen: 24
111.235.88.0/24 maxlen: 24
111.235.89.0/24 maxlen: 24
111.235.90.0/24 maxlen: 24
111.235.91.0/24 maxlen: 24
111.235.92.0/24 maxlen: 24
111.235.93.0/24 maxlen: 24
111.235.94.0/24 maxlen: 24
111.235.95.0/24 maxlen: 24
116.206.224.0/22 maxlen: 22
116.206.224.0/24 maxlen: 24
116.206.225.0/24 maxlen: 24
116.206.226.0/24 maxlen: 24
116.206.227.0/24 maxlen: 24
203.118.244.0/22 maxlen: 22
203.118.244.0/24 maxlen: 24
203.118.245.0/24 maxlen: 24
203.118.246.0/24 maxlen: 24
203.118.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91293E9/83A174FC8C6811EB981B2542C4F9AE02/2cYV0QtB5uVphlzKp_4oDRKOMRw.crl
rsync://rpki.apnic.net/member_repository/A91293E9/83A174FC8C6811EB981B2542C4F9AE02/2cYV0QtB5uVphlzKp_4oDRKOMRw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2cYV0QtB5uVphlzKp_4oDRKOMRw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1349 (0x545)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91293E9/serialNumber=D9C615D10B41E6E569865CCAA7FE280D128E311C
Validity
Not Before: Dec 3 00:12:55 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=656bc807-c024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:bb:a3:52:e7:54:a6:43:48:42:8d:9e:71:61:
a3:08:be:ba:11:75:0b:2e:2f:00:a1:3d:b5:64:d2:
a1:73:07:68:de:60:5b:4b:df:76:29:41:3f:3b:f1:
0d:2e:2b:5f:a9:f9:d7:69:6d:e4:09:a0:11:22:91:
06:70:90:44:fe:84:fb:1b:14:fd:37:7e:92:d8:9d:
25:a6:63:b8:5e:5f:f0:6a:83:9f:bb:c3:e5:ef:f2:
0b:99:94:04:89:10:84:55:7a:e3:83:8c:de:45:fc:
ea:a9:94:ee:79:27:34:50:9b:f8:b5:09:c7:f3:e4:
8d:fc:d6:92:5d:d4:f0:79:36:46:8f:8d:c0:62:94:
27:cb:fd:f9:30:f3:a3:75:60:62:3d:ef:f0:6d:1c:
bf:8b:fa:28:1e:87:e4:0a:3f:89:3b:66:f1:66:5b:
b8:c5:a4:c9:74:86:69:02:50:c2:ff:f5:08:49:68:
3e:73:96:5f:07:2e:d3:2a:24:7a:27:96:31:e5:5c:
73:46:41:40:a4:1e:2e:c4:ff:89:2f:fa:f9:76:b3:
70:5b:64:00:17:35:a9:d9:f0:96:93:9b:0a:01:a6:
70:ed:c1:2c:c3:45:b3:46:fc:4b:9d:a5:5e:47:e3:
06:3e:09:ad:19:ee:35:64:b5:09:d5:68:e5:9f:e7:
fe:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:1A:8D:95:C5:22:7A:B9:82:05:32:11:FD:A7:9A:97:A2:66:26:96
X509v3 Authority Key Identifier:
keyid:D9:C6:15:D1:0B:41:E6:E5:69:86:5C:CA:A7:FE:28:0D:12:8E:31:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91293E9/83A174FC8C6811EB981B2542C4F9AE02/2cYV0QtB5uVphlzKp_4oDRKOMRw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2cYV0QtB5uVphlzKp_4oDRKOMRw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91293E9/83A174FC8C6811EB981B2542C4F9AE02/1AC1982A8C6A11EB91832D52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.5.60.0/22
110.5.64.0/21
111.235.80.0/20
116.206.224.0/22
203.118.244.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:0f:5d:9c:fe:4e:77:98:d4:4f:b6:50:e1:cd:77:22:ed:84:
ba:ff:9d:dc:4d:fd:40:74:e9:49:be:de:fd:70:2c:2f:0c:71:
4f:3e:11:91:ab:f8:55:e1:7d:b0:71:35:9c:9b:2a:57:fb:8d:
a6:69:90:07:5b:a6:69:e7:df:55:77:24:5c:ff:c1:e8:bf:32:
65:b5:8c:74:c8:a6:a5:3d:5a:a0:7d:43:39:60:b8:19:b0:9f:
37:29:cc:63:d9:4e:aa:e5:14:49:07:e2:37:37:ce:70:49:ad:
9e:38:d1:65:3e:ca:c5:01:ee:c3:e4:44:6d:2c:20:2b:52:13:
0c:8d:42:7e:d2:4c:95:cc:a8:fd:74:01:42:f2:85:be:80:e5:
2f:36:73:20:c5:3d:4c:5f:95:10:cb:43:c1:4c:33:7c:d3:ac:
cb:1c:15:ec:f6:a5:d3:91:1f:6a:44:41:04:37:09:53:73:c0:
9f:d2:78:ea:66:bf:9a:45:50:59:ae:69:de:5f:af:d1:53:3f:
02:f2:fe:1c:20:e8:f1:52:47:12:ad:c7:23:29:7c:40:43:0f:
bf:eb:2d:40:5f:0c:7f:1e:51:5a:e2:e2:47:8a:5c:47:c8:8f:
e4:df:4e:cb:02:ba:10:d0:c5:6e:dd:b5:b8:22:cf:62:9d:9b:
fe:f8:f9:46
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjkzRTkxMTAvBgNVBAUTKEQ5QzYxNUQxMEI0MUU2RTU2OTg2NUNDQUE3RkUyODBE
MTI4RTMxMUMwHhcNMjMxMjAzMDAxMjU1WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZiYzgwNy1jMDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzLujUudUpkNIQo2ecWGjCL66EXULLi8AoT21ZNKhcwdo3mBbS992KUE/O/EN
LitfqfnXaW3kCaARIpEGcJBE/oT7GxT9N36S2J0lpmO4Xl/waoOfu8Pl7/ILmZQE
iRCEVXrjg4zeRfzqqZTueSc0UJv4tQnH8+SN/NaSXdTweTZGj43AYpQny/35MPOj
dWBiPe/wbRy/i/ooHofkCj+JO2bxZlu4xaTJdIZpAlDC//UISWg+c5ZfBy7TKiR6
J5Yx5VxzRkFApB4uxP+JL/r5drNwW2QAFzWp2fCWk5sKAaZw7cEsw0WzRvxLnaVe
R+MGPgmtGe41ZLUJ1Wjln+f+7QIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFNEajZXF
Inq5ggUyEf2nmpeiZiaWMB8GA1UdIwQYMBaAFNnGFdELQeblaYZcyqf+KA0SjjEc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOTNFOS84M0ExNzRGQzhD
NjgxMUVCOTgxQjI1NDJDNEY5QUUwMi8yY1lWMFF0QjV1VnBobHpLcF80b0RSS09N
UncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJjWVYwUXRCNXVWcGhsektwXzRvRFJLT01Sdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjkzRTkvODNBMTc0RkM4QzY4MTFFQjk4MUIyNTQyQzRGOUFFMDIvMUFDMTk4MkE4
QzZBMTFFQjkxODMyRDUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAJnBTwDBANuBUADBARv61ADBAJ0zuADBALLdvQwDQYJKoZI
hvcNAQELBQADggEBAG8PXZz+TneY1E+2UOHNdyLthLr/ndxN/UB06Um+3v1wLC8M
cU8+EZGr+FXhfbBxNZybKlf7jaZpkAdbpmnn31V3JFz/wei/MmW1jHTIpqU9WqB9
QzlguBmwnzcpzGPZTqrlFEkH4jc3znBJrZ440WU+ysUB7sPkRG0sICtSEwyNQn7S
TJXMqP10AULyhb6A5S82cyDFPUxflRDLQ8FMM3zTrMscFez2pdORH2pEQQQ3CVNz
wJ/SeOpmv5pFUFmuad5fr9FTPwLy/hwg6PFSRxKtxyMpfEBDD7/rLUBfDH8eUVri
4keKXEfIj+TfTssCuhDQxW7dtbgiz2Kdm/74+UY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:39:23 2024 by rpki-client on console-fra.rpki-client.org