Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/41CBB5B87F7611ECAD50FA4EC4F9AE02.roa
File: 41CBB5B87F7611ECAD50FA4EC4F9AE02.roa (raw, json)
Hash identifier: GtVkTj6lkgw7RXe+n4R0d/g9GkOJM8psiPRDO4atRDw=
Subject key identifier: 42:8D:44:B8:18:39:21:38:B3:7B:D4:D6:CC:F1:8D:43:51:30:32:21
Certificate issuer: /CN=A9130F9C/serialNumber=138CD10A4778DE0E35911E9C9C944F4B21C4DB09
Certificate serial: 0BDC
Authority key identifier: 13:8C:D1:0A:47:78:DE:0E:35:91:1E:9C:9C:94:4F:4B:21:C4:DB:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E4zRCkd43g41kR6cnJRPSyHE2wk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/41CBB5B87F7611ECAD50FA4EC4F9AE02.roa
Signing time: Mon 20 May 2024 19:27:50 +0000
ROA not before: Mon 20 May 2024 19:27:50 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 134146
IP address blocks: 103.55.144.0/22 maxlen: 24
202.83.124.0/24 maxlen: 24
202.83.126.0/23 maxlen: 23
202.83.126.0/24 maxlen: 24
202.83.127.0/24 maxlen: 24
2400:4fc0::/32 maxlen: 32
2400:4fc0:1::/48 maxlen: 48
2400:4fc0:2::/48 maxlen: 48
2400:4fc0:3::/48 maxlen: 48
2400:4fc0:4::/48 maxlen: 48
2400:4fc0:5::/48 maxlen: 48
2400:4fc0:6::/48 maxlen: 48
2400:4fc0:7::/48 maxlen: 48
2400:4fc0:8::/48 maxlen: 48
2400:4fc0:9::/48 maxlen: 48
2400:4fc0:a::/48 maxlen: 48
2400:4fc0:b::/48 maxlen: 48
2400:4fc0:c::/48 maxlen: 48
2400:4fc0:d::/48 maxlen: 48
2400:4fc0:e::/48 maxlen: 48
2400:4fc0:f::/48 maxlen: 48
2400:4fc0:10::/48 maxlen: 48
2400:4fc0:11::/48 maxlen: 48
2400:4fc0:12::/48 maxlen: 48
2400:4fc0:13::/48 maxlen: 48
2400:4fc0:14::/48 maxlen: 48
2400:4fc0:15::/48 maxlen: 48
2400:4fc0:16::/48 maxlen: 48
2400:4fc0:17::/48 maxlen: 48
2400:4fc0:18::/48 maxlen: 48
2400:4fc0:19::/48 maxlen: 48
2400:4fc0:1a::/48 maxlen: 48
2400:4fc0:1b::/48 maxlen: 48
2400:4fc0:1c::/48 maxlen: 48
2400:4fc0:1d::/48 maxlen: 48
2400:4fc0:1e::/48 maxlen: 48
2400:4fc0:1f::/48 maxlen: 48
2400:4fc0:20::/48 maxlen: 48
2400:4fc0:21::/48 maxlen: 48
2400:4fc0:22::/48 maxlen: 48
2400:4fc0:23::/48 maxlen: 48
2400:4fc0:24::/48 maxlen: 48
2400:4fc0:25::/48 maxlen: 48
2400:4fc0:26::/48 maxlen: 48
2400:4fc0:27::/48 maxlen: 48
2400:4fc0:28::/48 maxlen: 48
2400:4fc0:29::/48 maxlen: 48
2400:4fc0:2a::/48 maxlen: 48
2400:4fc0:2b::/48 maxlen: 48
2400:4fc0:2c::/48 maxlen: 48
2400:4fc0:2d::/48 maxlen: 48
2400:4fc0:2e::/48 maxlen: 48
2400:4fc0:2f::/48 maxlen: 48
2400:4fc0:30::/48 maxlen: 48
2400:4fc0:31::/48 maxlen: 48
2400:4fc0:32::/48 maxlen: 48
2400:4fc0:33::/48 maxlen: 48
2400:4fc0:34::/48 maxlen: 48
2400:4fc0:35::/48 maxlen: 48
2400:4fc0:36::/48 maxlen: 48
2400:4fc0:37::/48 maxlen: 48
2400:4fc0:38::/48 maxlen: 48
2400:4fc0:39::/48 maxlen: 48
2400:4fc0:40::/48 maxlen: 48
2400:4fc0:41::/48 maxlen: 48
2400:4fc0:42::/48 maxlen: 48
2400:4fc0:43::/48 maxlen: 48
2400:4fc0:44::/48 maxlen: 48
2400:4fc0:45::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/E4zRCkd43g41kR6cnJRPSyHE2wk.crl
rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/E4zRCkd43g41kR6cnJRPSyHE2wk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E4zRCkd43g41kR6cnJRPSyHE2wk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 19:41:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3036 (0xbdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9130F9C/serialNumber=138CD10A4778DE0E35911E9C9C944F4B21C4DB09
Validity
Not Before: May 20 19:27:50 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=664ba435-e657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8a:f0:bc:35:9c:e1:26:17:e4:35:58:05:d8:
17:1c:b7:75:32:e5:25:f1:27:71:72:25:33:be:31:
e8:dd:8b:9b:9e:d2:47:8b:c4:1b:98:e2:d0:58:b7:
f7:94:e6:4b:a2:ad:04:5d:2c:c5:54:09:69:61:e5:
80:2f:5c:68:16:1b:e6:00:dd:24:f6:17:8a:fe:2e:
62:e2:82:f3:a4:f2:52:cd:64:2c:b4:97:48:75:f8:
46:24:68:b6:05:65:b0:f8:c8:e7:8a:50:b2:c2:af:
ba:6c:3f:f4:0b:d4:fb:79:92:2d:bb:20:be:0f:14:
12:8f:fd:48:3f:a9:5c:25:dc:a2:40:36:59:da:97:
79:1c:44:9e:b0:25:0a:38:7c:dc:c1:f6:71:0e:10:
0d:ef:2e:93:0b:13:db:05:21:a2:b5:58:e7:80:d6:
d8:8f:04:67:3d:72:87:ef:06:c7:e1:79:cc:3c:0e:
59:1b:91:f5:19:b3:23:b4:a2:ea:0b:1b:5c:ea:8a:
5e:70:06:9a:13:dc:00:36:41:7e:3c:0e:61:51:af:
11:88:b3:07:2f:89:1c:db:d2:e0:4d:84:d0:ac:79:
26:b5:8a:a6:66:cd:f6:ba:c8:a1:bd:1c:20:e5:7e:
f1:2b:13:4c:85:ed:bd:2e:3f:54:2b:e6:e7:b8:71:
69:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8D:44:B8:18:39:21:38:B3:7B:D4:D6:CC:F1:8D:43:51:30:32:21
X509v3 Authority Key Identifier:
keyid:13:8C:D1:0A:47:78:DE:0E:35:91:1E:9C:9C:94:4F:4B:21:C4:DB:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/E4zRCkd43g41kR6cnJRPSyHE2wk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E4zRCkd43g41kR6cnJRPSyHE2wk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130F9C/29CB020EFA0B11E9978B0A32C4F9AE02/41CBB5B87F7611ECAD50FA4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.55.144.0/22
202.83.124.0/24
202.83.126.0/23
IPv6:
2400:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
a2:56:dc:c1:3a:99:93:63:81:07:19:46:3b:19:f9:6a:67:b7:
1f:7c:06:bd:f6:87:b6:cc:03:fe:9b:00:32:ab:f8:26:65:db:
b5:d8:ac:71:f7:d9:83:be:57:38:49:1c:77:91:bd:a4:7e:ad:
f6:6a:40:7e:c7:66:a0:91:68:6d:b9:3a:47:e5:cd:9c:50:8e:
d2:48:96:85:10:95:e5:0a:34:fd:89:91:39:6e:1e:f7:8d:82:
7e:eb:08:87:c4:d3:42:b9:fa:94:96:71:d3:29:4f:b0:cb:fd:
b7:4f:7c:b2:9f:d8:97:0e:ec:84:77:90:a4:4c:3e:0a:39:a2:
ac:0b:95:bf:32:d3:57:eb:0c:37:e1:ed:22:ee:a0:d0:9a:7b:
48:c8:ea:d6:86:32:21:07:0c:87:58:e7:5e:d5:e5:86:03:2c:
da:d5:1f:de:be:7b:4b:75:af:69:c4:e1:3d:c9:f8:1f:15:bc:
96:70:9b:f4:b8:04:2c:b7:ff:34:76:fd:75:9f:a9:7b:24:29:
7f:51:4a:4b:c1:64:88:5e:7b:a2:6e:f3:ca:ad:44:f2:92:54:
9a:7a:9f:7b:e5:f7:b4:45:03:36:22:d9:c4:b1:18:09:38:cb:
ba:85:85:07:db:6e:8c:24:ee:65:33:8b:3b:6a:30:17:0c:4d:
fd:56:67:c9
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICC9wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzBGOUMxMTAvBgNVBAUTKDEzOENEMTBBNDc3OERFMEUzNTkxMUU5QzlDOTQ0RjRC
MjFDNERCMDkwHhcNMjQwNTIwMTkyNzUwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRiYTQzNS1lNjU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzorwvDWc4SYX5DVYBdgXHLd1MuUl8SdxciUzvjHo3YubntJHi8QbmOLQWLf3
lOZLoq0EXSzFVAlpYeWAL1xoFhvmAN0k9heK/i5i4oLzpPJSzWQstJdIdfhGJGi2
BWWw+MjnilCywq+6bD/0C9T7eZItuyC+DxQSj/1IP6lcJdyiQDZZ2pd5HESesCUK
OHzcwfZxDhAN7y6TCxPbBSGitVjngNbYjwRnPXKH7wbH4XnMPA5ZG5H1GbMjtKLq
Cxtc6opecAaaE9wANkF+PA5hUa8RiLMHL4kc29LgTYTQrHkmtYqmZs32usihvRwg
5X7xKxNMhe29Lj9UK+bnuHFpnwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFEKNRLgY
OSE4s3vU1szxjUNRMDIhMB8GA1UdIwQYMBaAFBOM0QpHeN4ONZEenJyUT0shxNsJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMEY5Qy8yOUNCMDIwRUZB
MEIxMUU5OTc4QjBBMzJDNEY5QUUwMi9FNHpSQ2tkNDNnNDFrUjZjbkpSUFN5SEUy
d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U0elJDa2Q0M2c0MWtSNmNuSlJQU3lIRTJ3ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzBGOUMvMjlDQjAyMEVGQTBCMTFFOTk3OEIwQTMyQzRGOUFFMDIvNDFDQkI1Qjg3
Rjc2MTFFQ0FENTBGQTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAJnN5ADBADKU3wDBAHKU34wDQQCAAIwBwMFACQAT8AwDQYJ
KoZIhvcNAQELBQADggEBAKJW3ME6mZNjgQcZRjsZ+Wpntx98Br32h7bMA/6bADKr
+CZl27XYrHH32YO+VzhJHHeRvaR+rfZqQH7HZqCRaG25OkflzZxQjtJIloUQleUK
NP2JkTluHveNgn7rCIfE00K5+pSWcdMpT7DL/bdPfLKf2JcO7IR3kKRMPgo5oqwL
lb8y01frDDfh7SLuoNCae0jI6taGMiEHDIdY517V5YYDLNrVH96+e0t1r2nE4T3J
+B8VvJZwm/S4BCy3/zR2/XWfqXskKX9RSkvBZIhee6Ju88qtRPKSVJp6n3vl97RF
AzYi2cSxGAk4y7qFhQfbbowk7mUziztqMBcMTf1WZ8k=
-----END CERTIFICATE-----
Generated at Fri May 31 20:34:00 2024 by rpki-client on console-ams.rpki-client.org