Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/F79267D61E4011E6945BEB0DC4F9AE02.roa
File: F79267D61E4011E6945BEB0DC4F9AE02.roa (raw, json)
Hash identifier: WIW1H/NBvXho413cX7adVb3la0lM1cJsxulEulGGn4Y=
Subject key identifier: 75:9B:D5:D9:3D:B2:D9:68:5E:DF:E3:F6:84:64:4F:D1:FA:0B:C8:55
Certificate issuer: /CN=A9159967/serialNumber=5330EEEEB0D0A9535FAC8505E735843AF6CE60AF
Certificate serial: 1F83
Authority key identifier: 53:30:EE:EE:B0:D0:A9:53:5F:AC:85:05:E7:35:84:3A:F6:CE:60:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UzDu7rDQqVNfrIUF5zWEOvbOYK8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/F79267D61E4011E6945BEB0DC4F9AE02.roa
Signing time: Wed 28 Feb 2024 13:56:42 +0000
ROA not before: Wed 28 Feb 2024 13:56:42 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 135310
IP address blocks: 103.213.236.0/22 maxlen: 22
103.213.236.0/23 maxlen: 23
103.213.236.0/24 maxlen: 24
103.213.237.0/24 maxlen: 24
103.213.238.0/23 maxlen: 23
103.213.238.0/24 maxlen: 24
103.213.239.0/24 maxlen: 24
192.140.252.0/22 maxlen: 22
192.140.252.0/23 maxlen: 23
192.140.252.0/24 maxlen: 24
192.140.253.0/24 maxlen: 24
192.140.254.0/23 maxlen: 23
192.140.254.0/24 maxlen: 24
192.140.255.0/24 maxlen: 24
2404:b180::/32 maxlen: 32
2404:b180::/48 maxlen: 48
2404:b180:1::/48 maxlen: 48
2404:b180:2::/48 maxlen: 48
2404:b180:1000::/48 maxlen: 48
2404:b180:1001::/48 maxlen: 48
2404:b180:1002::/48 maxlen: 48
2404:b180:1003::/48 maxlen: 48
2404:b180:1004::/48 maxlen: 48
2404:b180:1005::/48 maxlen: 48
2404:b180:1006::/48 maxlen: 48
2404:b180:1007::/48 maxlen: 48
2404:b180:1008::/48 maxlen: 48
2404:b180:1009::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/UzDu7rDQqVNfrIUF5zWEOvbOYK8.crl
rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/UzDu7rDQqVNfrIUF5zWEOvbOYK8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UzDu7rDQqVNfrIUF5zWEOvbOYK8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 16:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8067 (0x1f83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9159967/serialNumber=5330EEEEB0D0A9535FAC8505E735843AF6CE60AF
Validity
Not Before: Feb 28 13:56:42 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65df3b99-2f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:09:63:b6:29:24:e2:18:92:6d:15:b5:f5:3a:
cd:e0:e4:5e:1e:08:84:dc:c8:b4:ef:d9:30:21:19:
82:e3:fe:a4:43:36:25:2f:50:9d:0f:0d:9a:d9:cd:
97:c5:10:26:1a:ef:8c:76:51:4e:54:6e:f7:73:01:
0e:3c:1f:f2:d1:e7:ce:cc:c0:eb:ff:31:33:e2:3b:
70:92:c3:86:6d:15:d0:bf:25:7f:e6:4c:b6:b8:77:
24:7e:8a:d9:10:ef:3d:71:d0:99:4e:6f:51:d0:19:
9e:82:ff:86:34:39:39:d7:b2:7d:36:8e:47:f5:bc:
f6:7a:2a:16:7d:11:a2:f5:ea:c4:62:52:db:9b:8f:
86:a7:ef:97:1d:fe:ed:ee:31:cb:55:56:74:0d:1b:
94:3c:ab:00:2f:64:55:da:fe:2e:4d:23:a3:bd:27:
e1:44:8e:3c:3e:52:78:2b:de:6d:e0:fa:0f:5f:c4:
eb:fd:9d:67:13:d0:d6:df:2f:79:11:22:7a:94:76:
e8:5d:eb:26:aa:17:98:6f:13:33:14:72:5a:ec:da:
dd:7a:b6:18:fc:16:6a:a2:81:4e:88:eb:5b:d6:7c:
e9:31:4c:a3:80:66:b1:03:28:54:70:b2:eb:d7:47:
d0:f5:87:50:31:42:55:da:e5:8a:8f:a5:db:22:fe:
2d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:9B:D5:D9:3D:B2:D9:68:5E:DF:E3:F6:84:64:4F:D1:FA:0B:C8:55
X509v3 Authority Key Identifier:
keyid:53:30:EE:EE:B0:D0:A9:53:5F:AC:85:05:E7:35:84:3A:F6:CE:60:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/UzDu7rDQqVNfrIUF5zWEOvbOYK8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UzDu7rDQqVNfrIUF5zWEOvbOYK8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/F79267D61E4011E6945BEB0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.213.236.0/22
192.140.252.0/22
IPv6:
2404:b180::/32
Signature Algorithm: sha256WithRSAEncryption
6d:73:2f:1f:4e:b6:7a:2a:e2:24:93:fc:ea:2d:a4:ec:3c:08:
f1:ef:d9:9d:50:63:0a:d9:a2:43:7a:0e:93:bc:f9:5d:5e:f1:
81:14:e4:3d:7b:b5:6f:a8:d8:c7:22:df:bb:28:18:db:59:69:
cd:70:fe:a6:bc:a4:e5:ad:8f:dd:7a:11:53:3d:b1:da:ac:a7:
14:64:37:f9:14:97:b5:c5:e7:11:9b:10:f8:36:7b:68:cc:9c:
b0:c8:8b:53:d3:ed:1f:b0:df:76:7d:d1:0c:b3:8c:39:97:40:
c2:81:0e:d9:6f:2a:ea:ab:10:f3:3a:d0:72:5d:4a:ee:c0:8e:
b3:3a:84:0f:e3:61:1c:79:10:90:4f:5f:a8:84:23:ce:f7:77:
1d:af:4a:98:6e:33:2f:93:ba:df:d8:37:be:53:ac:4c:93:f5:
b2:b7:f2:e0:2d:82:54:eb:f6:3c:d3:72:03:9d:22:69:6d:ec:
96:ca:df:0a:de:4c:8f:47:5d:6d:da:3d:39:74:39:fd:d4:63:
fa:3b:56:a2:50:7f:23:44:43:fa:e2:ee:87:be:53:90:fe:16:
3e:5e:58:95:2a:88:a6:6a:ac:31:b4:e3:f5:27:1f:9f:b5:f9:
ff:f4:18:24:09:3e:9d:40:18:26:10:07:45:bc:5a:f3:79:8c:
4a:75:56:fe
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICH4MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTk5NjcxMTAvBgNVBAUTKDUzMzBFRUVFQjBEMEE5NTM1RkFDODUwNUU3MzU4NDNB
RjZDRTYwQUYwHhcNMjQwMjI4MTM1NjQyWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRmM2I5OS0yZjU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvgljtikk4hiSbRW19TrN4OReHgiE3Mi079kwIRmC4/6kQzYlL1CdDw2a2c2X
xRAmGu+MdlFOVG73cwEOPB/y0efOzMDr/zEz4jtwksOGbRXQvyV/5ky2uHckforZ
EO89cdCZTm9R0Bmegv+GNDk517J9No5H9bz2eioWfRGi9erEYlLbm4+Gp++XHf7t
7jHLVVZ0DRuUPKsAL2RV2v4uTSOjvSfhRI48PlJ4K95t4PoPX8Tr/Z1nE9DW3y95
ESJ6lHboXesmqheYbxMzFHJa7NrderYY/BZqooFOiOtb1nzpMUyjgGaxAyhUcLLr
10fQ9YdQMUJV2uWKj6XbIv4tbwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFHWb1dk9
stloXt/j9oRkT9H6C8hVMB8GA1UdIwQYMBaAFFMw7u6w0KlTX6yFBec1hDr2zmCv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTk2Ny8wQkJGMjU3ODE1
QTkxMUU2OTEyRDQyM0JDNEY5QUUwMi9VekR1N3JEUXFWTmZySVVGNXpXRU92Yk9Z
SzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V6RHU3ckRRcVZOZnJJVUY1eldFT3ZiT1lLOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTk5NjcvMEJCRjI1NzgxNUE5MTFFNjkxMkQ0MjNCQzRGOUFFMDIvRjc5MjY3RDYx
RTQwMTFFNjk0NUJFQjBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJn1ewDBALAjPwwDQQCAAIwBwMFACQEsYAwDQYJKoZIhvcN
AQELBQADggEBAG1zLx9Otnoq4iST/OotpOw8CPHv2Z1QYwrZokN6DpO8+V1e8YEU
5D17tW+o2Mci37soGNtZac1w/qa8pOWtj916EVM9sdqspxRkN/kUl7XF5xGbEPg2
e2jMnLDIi1PT7R+w33Z90QyzjDmXQMKBDtlvKuqrEPM60HJdSu7AjrM6hA/jYRx5
EJBPX6iEI873dx2vSphuMy+Tut/YN75TrEyT9bK38uAtglTr9jzTcgOdImlt7JbK
3wreTI9HXW3aPTl0Of3UY/o7VqJQfyNEQ/ri7oe+U5D+Fj5eWJUqiKZqrDG04/Un
H5+1+f/0GCQJPp1AGCYQB0W8WvN5jEp1Vv4=
-----END CERTIFICATE-----
Generated at Fri May 31 17:44:24 2024 by rpki-client on console-fra.rpki-client.org