Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/427CB2F0FAFE11ED8553B675C4F9AE02.roa
File: 427CB2F0FAFE11ED8553B675C4F9AE02.roa (raw, json)
Hash identifier: 1AfZmTN8y2dEAxymesK7ZqhybAJpm7kmJ8uQOh7MeNw=
Subject key identifier: C5:FD:46:FF:99:36:E1:EE:14:71:DF:20:D4:8D:FD:6D:C6:12:D1:65
Certificate issuer: /CN=A9150384/serialNumber=B1BA33053C39BA5865537743112389E300C48807
Certificate serial: 0B7A
Authority key identifier: B1:BA:33:05:3C:39:BA:58:65:53:77:43:11:23:89:E3:00:C4:88:07
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/427CB2F0FAFE11ED8553B675C4F9AE02.roa
Signing time: Fri 26 Jan 2024 19:07:31 +0000
ROA not before: Fri 26 Jan 2024 19:07:31 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 134968
IP address blocks: 103.23.204.0/22 maxlen: 22
103.23.204.0/23 maxlen: 23
103.23.204.0/24 maxlen: 24
103.23.205.0/24 maxlen: 24
103.23.206.0/23 maxlen: 23
103.23.206.0/24 maxlen: 24
103.23.207.0/24 maxlen: 24
223.25.252.0/22 maxlen: 22
223.25.252.0/23 maxlen: 23
223.25.252.0/24 maxlen: 24
223.25.253.0/24 maxlen: 24
223.25.254.0/23 maxlen: 23
223.25.254.0/24 maxlen: 24
223.25.255.0/24 maxlen: 24
2401:52c0::/32 maxlen: 32
2401:52c0::/40 maxlen: 40
2401:52c0::/48 maxlen: 48
2401:52c0:1::/48 maxlen: 48
2401:52c0:2::/48 maxlen: 48
2401:52c0:3::/48 maxlen: 48
2401:52c0:4::/48 maxlen: 48
2401:52c0:5::/48 maxlen: 48
2401:52c0:6::/48 maxlen: 48
2401:52c0:7::/48 maxlen: 48
2401:52c0:8::/48 maxlen: 48
2401:52c0:9::/48 maxlen: 48
2401:52c0:a::/48 maxlen: 48
2401:52c0:b::/48 maxlen: 48
2401:52c0:c::/48 maxlen: 48
2401:52c0:d::/48 maxlen: 48
2401:52c0:e::/48 maxlen: 48
2401:52c0:f::/48 maxlen: 48
2401:52c0:100::/40 maxlen: 40
2401:52c0:100::/44 maxlen: 44
2401:52c0:100::/48 maxlen: 48
2401:52c0:101::/48 maxlen: 48
2401:52c0:102::/48 maxlen: 48
2401:52c0:103::/48 maxlen: 48
2401:52c0:104::/48 maxlen: 48
2401:52c0:105::/48 maxlen: 48
2401:52c0:106::/48 maxlen: 48
2401:52c0:107::/48 maxlen: 48
2401:52c0:108::/48 maxlen: 48
2401:52c0:109::/48 maxlen: 48
2401:52c0:10a::/48 maxlen: 48
2401:52c0:110::/44 maxlen: 44
2401:52c0:120::/44 maxlen: 44
2401:52c0:130::/44 maxlen: 44
2401:52c0:140::/44 maxlen: 44
2401:52c0:150::/44 maxlen: 44
2401:52c0:160::/44 maxlen: 44
2401:52c0:170::/44 maxlen: 44
2401:52c0:180::/44 maxlen: 44
2401:52c0:190::/44 maxlen: 44
2401:52c0:1a0::/44 maxlen: 44
2401:52c0:1b0::/44 maxlen: 44
2401:52c0:1c0::/44 maxlen: 44
2401:52c0:1d0::/44 maxlen: 44
2401:52c0:1e0::/44 maxlen: 44
2401:52c0:1f0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/sbozBTw5ulhlU3dDESOJ4wDEiAc.crl
rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/sbozBTw5ulhlU3dDESOJ4wDEiAc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 18:19:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2938 (0xb7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150384/serialNumber=B1BA33053C39BA5865537743112389E300C48807
Validity
Not Before: Jan 26 19:07:31 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65b402f3-b036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:4d:2c:50:45:e7:b6:9c:da:c8:0b:bb:ea:a5:
e3:3c:3f:69:79:ff:1d:9e:f6:c8:bd:24:96:55:6c:
cd:8d:03:00:9b:29:16:15:ca:66:a7:e3:96:aa:37:
c8:32:2d:7f:cd:3e:ae:e7:2c:a8:1e:e4:d7:3f:01:
b2:ad:1d:c7:72:80:ab:8c:d9:2d:91:d9:bf:b7:8d:
38:57:93:de:5f:7e:bc:f0:a5:d5:56:de:f6:0e:7b:
98:86:fb:7f:2f:6c:a5:6b:79:8d:db:05:1d:67:e1:
7e:a9:a4:02:d6:d2:7e:d9:15:5d:d0:8d:5a:67:ec:
85:4b:9a:6a:5d:d2:4d:67:62:79:88:08:d2:14:9f:
d5:6b:aa:51:fb:22:1d:b3:70:03:7e:48:4f:75:12:
99:57:c2:8b:b4:60:ef:95:b1:4b:49:1e:d9:7d:d4:
ef:41:38:47:85:3c:18:d1:1e:a6:25:23:3d:27:23:
74:70:22:14:20:16:3f:bd:5d:4e:84:ff:c4:28:b9:
76:f3:18:06:62:ec:33:00:d4:0e:7c:ed:a4:52:70:
41:2c:c2:60:37:33:66:3e:b7:32:ec:57:5e:c5:36:
86:ee:b9:b0:9a:0e:c3:86:f2:76:10:15:58:39:61:
8e:00:ed:db:56:bc:88:1e:df:46:cd:f9:e0:64:15:
62:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FD:46:FF:99:36:E1:EE:14:71:DF:20:D4:8D:FD:6D:C6:12:D1:65
X509v3 Authority Key Identifier:
keyid:B1:BA:33:05:3C:39:BA:58:65:53:77:43:11:23:89:E3:00:C4:88:07
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/sbozBTw5ulhlU3dDESOJ4wDEiAc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sbozBTw5ulhlU3dDESOJ4wDEiAc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150384/937F372E005A11EAA094BD31C4F9AE02/427CB2F0FAFE11ED8553B675C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.204.0/22
223.25.252.0/22
IPv6:
2401:52c0::/32
Signature Algorithm: sha256WithRSAEncryption
35:74:22:0a:aa:77:97:57:58:2d:0e:8f:24:6a:b9:17:75:b6:
22:12:95:28:4c:1f:8b:c1:86:3a:dc:8a:6b:a4:dd:85:f9:56:
d4:8f:cd:04:79:8b:a4:2b:df:4b:73:42:cc:34:68:bc:1e:02:
05:ef:a1:48:df:46:b8:fe:b3:a4:8e:b1:ce:d7:b1:25:c1:25:
bd:81:87:45:6b:6b:b7:85:68:34:f6:8b:a8:2d:2e:f9:22:3f:
8c:eb:6e:77:4b:ce:03:0a:bf:a5:d4:e4:de:60:2c:a1:0e:45:
27:e8:ba:e0:8f:e3:2b:fb:95:f5:a3:91:4a:24:86:a2:00:48:
e8:5b:14:c3:ad:7b:13:ca:9e:87:7a:8d:1a:4c:74:28:80:f5:
02:2e:17:cc:a6:a7:6c:3a:47:72:2e:97:1c:22:e2:86:b9:9a:
8f:5a:ee:49:4b:fa:8d:0c:37:eb:3f:ad:da:49:0e:e6:66:b5:
72:fe:5a:a4:d2:78:a0:33:b4:19:54:86:0c:c3:f4:cc:b8:e8:
45:b6:a5:43:cb:47:2b:66:2b:95:e7:59:c9:00:f5:9e:65:b6:
56:42:01:98:4c:6d:43:03:dc:18:c2:ce:3d:5a:1d:00:56:5a:
14:08:2b:f5:58:8d:45:e5:c9:dc:28:3c:0b:48:87:db:fb:f4:
9c:2f:d7:72
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICC3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTAzODQxMTAvBgNVBAUTKEIxQkEzMzA1M0MzOUJBNTg2NTUzNzc0MzExMjM4OUUz
MDBDNDg4MDcwHhcNMjQwMTI2MTkwNzMxWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI0MDJmMy1iMDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8E0sUEXntpzayAu76qXjPD9pef8dnvbIvSSWVWzNjQMAmykWFcpmp+OWqjfI
Mi1/zT6u5yyoHuTXPwGyrR3HcoCrjNktkdm/t404V5PeX3688KXVVt72DnuYhvt/
L2yla3mN2wUdZ+F+qaQC1tJ+2RVd0I1aZ+yFS5pqXdJNZ2J5iAjSFJ/Va6pR+yId
s3ADfkhPdRKZV8KLtGDvlbFLSR7ZfdTvQThHhTwY0R6mJSM9JyN0cCIUIBY/vV1O
hP/EKLl28xgGYuwzANQOfO2kUnBBLMJgNzNmPrcy7FdexTaG7rmwmg7DhvJ2EBVY
OWGOAO3bVryIHt9GzfngZBVi1QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMX9Rv+Z
NuHuFHHfINSN/W3GEtFlMB8GA1UdIwQYMBaAFLG6MwU8ObpYZVN3QxEjieMAxIgH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDM4NC85MzdGMzcyRTAw
NUExMUVBQTA5NEJEMzFDNEY5QUUwMi9zYm96QlR3NXVsaGxVM2RERVNPSjR3REVp
QWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Nib3pCVHc1dWxobFUzZERFU09KNHdERWlBYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTAzODQvOTM3RjM3MkUwMDVBMTFFQUEwOTRCRDMxQzRGOUFFMDIvNDI3Q0IyRjBG
QUZFMTFFRDg1NTNCNjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnF8wDBALfGfwwDQQCAAIwBwMFACQBUsAwDQYJKoZIhvcN
AQELBQADggEBADV0Igqqd5dXWC0OjyRquRd1tiISlShMH4vBhjrcimuk3YX5VtSP
zQR5i6Qr30tzQsw0aLweAgXvoUjfRrj+s6SOsc7XsSXBJb2Bh0Vra7eFaDT2i6gt
LvkiP4zrbndLzgMKv6XU5N5gLKEORSfouuCP4yv7lfWjkUokhqIASOhbFMOtexPK
nod6jRpMdCiA9QIuF8ymp2w6R3Iulxwi4oa5mo9a7klL+o0MN+s/rdpJDuZmtXL+
WqTSeKAztBlUhgzD9My46EW2pUPLRytmK5XnWckA9Z5ltlZCAZhMbUMD3BjCzj1a
HQBWWhQIK/VYjUXlydwoPAtIh9v79Jwv13I=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:44:58 2024 by rpki-client on console-fra.rpki-client.org