Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9145456/8141425E306611EB85251355C4F9AE02/713028F48D4911EB9335E32FC4F9AE02.roa
File: 713028F48D4911EB9335E32FC4F9AE02.roa (raw, json)
Hash identifier: 7TiOJsMX/wgaeKFEpKrzPspRYI7TQpEjsx5oLZcM6fo=
Subject key identifier: B4:2B:28:C5:42:3E:D0:9D:FF:EF:B1:EC:DF:E2:B1:7D:00:FF:9B:F9
Certificate issuer: /CN=A9145456/serialNumber=A99B2DB6FAC36CB0203B98E20FD67E019FE1B8FB
Certificate serial: 0658
Authority key identifier: A9:9B:2D:B6:FA:C3:6C:B0:20:3B:98:E2:0F:D6:7E:01:9F:E1:B8:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qZsttvrDbLAgO5jiD9Z-AZ_huPs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9145456/8141425E306611EB85251355C4F9AE02/713028F48D4911EB9335E32FC4F9AE02.roa
Signing time: Fri 26 Jan 2024 23:21:23 +0000
ROA not before: Fri 26 Jan 2024 23:21:23 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 139831
IP address blocks: 103.145.206.0/23 maxlen: 24
2405:8d40::/32 maxlen: 32
2405:8d40:a07::/48 maxlen: 48
2405:8d40:aa0::/48 maxlen: 48
2405:8d40:b00::/40 maxlen: 40
2405:8d40:c00::/40 maxlen: 40
2405:8d40:f00::/40 maxlen: 40
2405:8d40:1000::/42 maxlen: 42
2405:8d40:1040::/42 maxlen: 42
2405:8d40:1080::/42 maxlen: 42
2405:8d40:10c0::/42 maxlen: 42
2405:8d40:1100::/42 maxlen: 42
2405:8d40:1200::/42 maxlen: 42
2405:8d40:1240::/42 maxlen: 42
2405:8d40:1280::/42 maxlen: 42
2405:8d40:12c0::/42 maxlen: 42
2405:8d40:1300::/42 maxlen: 42
2405:8d40:4000::/36 maxlen: 36
2405:8d40:4000::/42 maxlen: 42
2405:8d40:4040::/42 maxlen: 42
2405:8d40:4080::/42 maxlen: 42
2405:8d40:40c0::/42 maxlen: 42
2405:8d40:4100::/42 maxlen: 42
2405:8d40:4400::/42 maxlen: 42
2405:8d40:4440::/42 maxlen: 42
2405:8d40:4480::/42 maxlen: 42
2405:8d40:44c0::/42 maxlen: 42
2405:8d40:4500::/42 maxlen: 42
2405:8d40:4800::/42 maxlen: 42
2405:8d40:4840::/42 maxlen: 42
2405:8d40:4880::/42 maxlen: 42
2405:8d40:48c0::/42 maxlen: 42
2405:8d40:4900::/42 maxlen: 42
2405:8d40:4c00::/42 maxlen: 42
2405:8d40:4c40::/42 maxlen: 42
2405:8d40:4c80::/42 maxlen: 42
2405:8d40:4cc0::/42 maxlen: 42
2405:8d40:4d00::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9145456/8141425E306611EB85251355C4F9AE02/qZsttvrDbLAgO5jiD9Z-AZ_huPs.crl
rsync://rpki.apnic.net/member_repository/A9145456/8141425E306611EB85251355C4F9AE02/qZsttvrDbLAgO5jiD9Z-AZ_huPs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qZsttvrDbLAgO5jiD9Z-AZ_huPs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 08 Jun 2024 00:20:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1624 (0x658)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9145456/serialNumber=A99B2DB6FAC36CB0203B98E20FD67E019FE1B8FB
Validity
Not Before: Jan 26 23:21:23 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65b43e72-cb29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3b:6c:b0:41:57:71:2b:dd:98:63:6e:57:f0:
32:10:73:61:d5:8b:0d:5c:56:30:d2:63:76:fc:0d:
d4:90:86:73:fd:b4:d7:7d:1c:00:e9:fa:e2:19:8a:
e7:22:f2:e4:c8:8b:62:7a:6e:4d:d7:69:c3:6d:77:
bc:c4:20:bf:25:65:4a:bd:a5:6d:3c:47:54:d8:cb:
d5:df:cb:23:b3:cd:42:15:78:1f:78:9a:86:ee:28:
af:ad:68:9d:19:04:37:1d:1c:3a:97:6d:22:79:10:
1d:63:3d:fb:33:50:72:46:4d:42:25:64:15:84:f3:
fe:ab:b8:92:a5:ac:9b:39:6f:11:35:ed:47:99:08:
7e:73:b7:0a:55:b1:ef:44:6b:fe:7d:36:5b:ab:91:
2e:4b:75:d6:1f:78:45:d8:34:64:92:22:f9:6e:f3:
a9:21:c8:24:e5:fe:67:6d:97:e0:18:cc:54:f4:a6:
22:ab:d3:e6:bb:a6:24:15:85:32:ce:a1:24:ac:42:
81:5c:55:13:89:41:dc:6c:e2:5a:41:af:09:b4:66:
e2:f5:4e:0b:98:28:af:3a:41:f7:08:c8:2f:00:7a:
39:55:52:ca:c4:0b:d2:b0:16:76:bb:2d:2d:a4:89:
44:88:05:d6:de:08:a1:ea:f0:9a:28:2b:fc:a5:3f:
d5:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:2B:28:C5:42:3E:D0:9D:FF:EF:B1:EC:DF:E2:B1:7D:00:FF:9B:F9
X509v3 Authority Key Identifier:
keyid:A9:9B:2D:B6:FA:C3:6C:B0:20:3B:98:E2:0F:D6:7E:01:9F:E1:B8:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9145456/8141425E306611EB85251355C4F9AE02/qZsttvrDbLAgO5jiD9Z-AZ_huPs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qZsttvrDbLAgO5jiD9Z-AZ_huPs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145456/8141425E306611EB85251355C4F9AE02/713028F48D4911EB9335E32FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.145.206.0/23
IPv6:
2405:8d40::/32
Signature Algorithm: sha256WithRSAEncryption
b9:28:26:0e:48:ea:f5:54:bb:e0:93:e3:95:d7:3a:04:43:16:
4f:df:9c:d0:8e:4b:9b:c0:51:15:64:54:f8:af:db:0f:e2:15:
b1:71:d7:c7:36:d0:c9:94:67:15:f0:12:bc:48:eb:68:62:8a:
ed:b4:1a:0a:00:8c:02:fc:e1:f9:89:48:a3:09:f0:5a:03:33:
e4:f2:c5:9c:67:2a:f1:f3:db:29:e0:1e:53:0c:76:de:3e:b6:
0e:58:ab:93:2f:cc:61:f7:5b:c3:34:5a:ba:b5:9b:e3:d8:01:
8e:ac:ca:6d:28:1d:83:8c:be:4e:10:c1:73:59:ed:2a:66:49:
90:89:00:00:61:21:51:b9:cf:96:b4:80:be:10:28:c9:2c:cd:
fa:fd:f7:6d:76:12:c5:76:cb:a2:f3:88:0d:e3:b8:e1:c1:f1:
50:f1:c0:69:02:3a:92:31:ee:00:f6:a2:71:c0:e1:e0:a4:f4:
0e:46:6f:4b:d0:61:22:86:27:22:cd:47:80:c7:b5:ff:99:62:
75:4f:9d:00:91:a2:ab:d0:af:40:00:54:f6:23:c4:bc:ef:70:
11:4d:27:86:90:00:51:d9:9c:9b:7c:05:15:e0:a5:84:2f:fb:
7a:7f:fd:dc:df:04:ee:34:58:7d:90:5d:3c:26:31:0f:14:78:
ae:2b:e7:08
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBlgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU0NTYxMTAvBgNVBAUTKEE5OUIyREI2RkFDMzZDQjAyMDNCOThFMjBGRDY3RTAx
OUZFMUI4RkIwHhcNMjQwMTI2MjMyMTIzWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI0M2U3Mi1jYjI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvTtssEFXcSvdmGNuV/AyEHNh1YsNXFYw0mN2/A3UkIZz/bTXfRwA6friGYrn
IvLkyItiem5N12nDbXe8xCC/JWVKvaVtPEdU2MvV38sjs81CFXgfeJqG7iivrWid
GQQ3HRw6l20ieRAdYz37M1ByRk1CJWQVhPP+q7iSpaybOW8RNe1HmQh+c7cKVbHv
RGv+fTZbq5EuS3XWH3hF2DRkkiL5bvOpIcgk5f5nbZfgGMxU9KYiq9Pmu6YkFYUy
zqEkrEKBXFUTiUHcbOJaQa8JtGbi9U4LmCivOkH3CMgvAHo5VVLKxAvSsBZ2uy0t
pIlEiAXW3gih6vCaKCv8pT/V+wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLQrKMVC
PtCd/++x7N/isX0A/5v5MB8GA1UdIwQYMBaAFKmbLbb6w2ywIDuY4g/WfgGf4bj7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTQ1Ni84MTQxNDI1RTMw
NjYxMUVCODUyNTEzNTVDNEY5QUUwMi9xWnN0dHZyRGJMQWdPNWppRDlaLUFaX2h1
UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Fac3R0dnJEYkxBZ081amlEOVotQVpfaHVQcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDU0NTYvODE0MTQyNUUzMDY2MTFFQjg1MjUxMzU1QzRGOUFFMDIvNzEzMDI4RjQ4
RDQ5MTFFQjkzMzVFMzJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnkc4wDQQCAAIwBwMFACQFjUAwDQYJKoZIhvcNAQELBQAD
ggEBALkoJg5I6vVUu+CT45XXOgRDFk/fnNCOS5vAURVkVPiv2w/iFbFx18c20MmU
ZxXwErxI62hiiu20GgoAjAL84fmJSKMJ8FoDM+TyxZxnKvHz2yngHlMMdt4+tg5Y
q5MvzGH3W8M0Wrq1m+PYAY6sym0oHYOMvk4QwXNZ7SpmSZCJAABhIVG5z5a0gL4Q
KMkszfr99212EsV2y6LziA3juOHB8VDxwGkCOpIx7gD2onHA4eCk9A5Gb0vQYSKG
JyLNR4DHtf+ZYnVPnQCRoqvQr0AAVPYjxLzvcBFNJ4aQAFHZnJt8BRXgpYQv+3p/
/dzfBO40WH2QXTwmMQ8UeK4r5wg=
-----END CERTIFICATE-----
Generated at Sat Jun 1 02:01:12 2024 by rpki-client on console-ams.rpki-client.org