Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5D815D4096F811EDA42F4660C4F9AE02.roa
File: 5D815D4096F811EDA42F4660C4F9AE02.roa (raw, json)
Hash identifier: QFeqPbQihl0tqRBE4pu9E9MLn/3++AnCDSed8wv/3rE=
Subject key identifier: EA:79:2F:88:26:23:B1:6B:0E:1E:34:53:D7:41:FF:6D:3F:DD:53:9A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 96BD
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5D815D4096F811EDA42F4660C4F9AE02.roa
Signing time: Tue 13 Aug 2024 10:59:44 +0000
ROA not before: Tue 13 Aug 2024 10:59:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137097
IP address blocks: 103.105.176.0/24 maxlen: 24
103.105.177.0/24 maxlen: 24
103.105.178.0/24 maxlen: 24
103.105.179.0/24 maxlen: 24
103.174.162.0/24 maxlen: 24
103.174.163.0/24 maxlen: 24
2001:df1:3c40::/48 maxlen: 48
2400:7b60::/32 maxlen: 32
2400:7b60::/48 maxlen: 48
2400:7b60:1::/48 maxlen: 48
2400:7b60:2::/48 maxlen: 48
2400:7b60:3::/48 maxlen: 48
2400:7b60:4::/48 maxlen: 48
2400:7b60:5::/48 maxlen: 48
2400:7b60:6::/48 maxlen: 48
2400:7b60:7::/48 maxlen: 48
2400:7b60:8::/48 maxlen: 48
2400:7b60:9::/48 maxlen: 48
2400:7b60:a::/48 maxlen: 48
2400:7b60:b::/48 maxlen: 48
2400:7b60:c::/48 maxlen: 48
2400:7b60:d::/48 maxlen: 48
2400:7b60:e::/48 maxlen: 48
2400:7b60:f::/48 maxlen: 48
2400:7b60:10::/48 maxlen: 48
2400:7b60:11::/48 maxlen: 48
2400:7b60:12::/48 maxlen: 48
2400:7b60:13::/48 maxlen: 48
2400:7b60:14::/48 maxlen: 48
2400:7b60:15::/48 maxlen: 48
2400:7b60:16::/48 maxlen: 48
2400:7b60:17::/48 maxlen: 48
2400:7b60:18::/48 maxlen: 48
2400:7b60:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 06:14:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38589 (0x96bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 13 10:59:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66bb3ca0-bde4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ed:b8:05:19:37:2d:88:56:8d:fe:e6:a7:80:
24:ee:32:04:79:9e:bb:cf:a7:9e:5b:f8:d5:0c:2b:
af:f7:19:1a:8c:7a:28:e2:9b:fd:ff:07:f8:13:c6:
c4:40:a5:de:82:3c:03:90:6d:70:ba:0c:0e:b7:75:
15:f8:a3:d5:55:b7:68:8d:cc:df:6e:36:65:09:b5:
75:eb:e8:67:11:56:ad:66:f1:28:5d:4f:98:5d:90:
6f:ec:b2:9d:c1:83:37:f7:52:b0:cf:41:3e:32:b9:
63:0e:ae:9e:0a:a3:01:a2:c9:fd:17:66:26:1c:cd:
bb:4c:1f:9f:f2:df:29:67:78:80:e6:29:92:d0:38:
96:ed:32:88:ed:5e:d3:ef:0f:8c:77:0e:4b:7e:88:
3b:95:05:70:f0:8e:c1:aa:f2:a9:11:27:cd:d9:06:
ec:84:a1:74:02:9a:74:00:b9:af:75:84:54:76:bc:
d1:3e:8e:c9:3d:ab:fa:14:b9:b9:aa:f1:26:c6:32:
bb:e6:d8:82:20:e7:80:bb:b2:69:8c:7f:55:04:a8:
29:b3:97:2a:86:03:85:75:63:78:be:ad:39:dc:03:
2d:b5:a6:b2:d8:69:03:f1:a0:70:6d:87:cb:f2:3c:
79:50:29:44:e4:24:b2:20:76:95:0a:75:bb:5e:f3:
7c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:79:2F:88:26:23:B1:6B:0E:1E:34:53:D7:41:FF:6D:3F:DD:53:9A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5D815D4096F811EDA42F4660C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.105.176.0/22
103.174.162.0/23
IPv6:
2001:df1:3c40::/48
2400:7b60::/32
Signature Algorithm: sha256WithRSAEncryption
6e:64:07:9e:42:f9:0c:8d:67:37:a5:fb:b9:32:b2:79:fd:2e:
e4:fb:cc:98:ce:8a:76:d4:cc:d9:cd:c3:14:f5:3e:c8:e7:b3:
c4:ab:b1:98:49:4f:0d:10:1c:e1:c5:68:d2:e1:05:78:9f:5f:
c0:12:dc:45:5d:d7:52:fb:4d:4b:a0:06:67:e0:fc:a5:5c:dc:
4b:0a:b7:71:ab:73:3f:96:84:9f:31:bf:3d:b6:d8:11:fc:27:
98:6b:4b:e5:34:b6:de:e0:91:90:9b:21:44:0b:6e:16:63:f5:
02:a8:c0:b6:8c:ec:fe:db:f3:90:be:23:6f:3a:d3:a9:fe:ff:
06:52:4f:e7:2e:85:87:57:17:a2:1b:0a:01:92:7e:a7:15:3b:
46:b8:3c:46:38:d9:9d:1a:d5:d2:fc:89:a6:f2:4d:ff:13:97:
73:91:6b:a0:a9:5b:d0:22:d3:98:43:24:99:ea:03:44:ae:c2:
af:67:5e:76:40:b0:6c:04:cd:7f:ca:e7:2e:4f:b1:3c:40:bf:
3e:a8:3f:30:ee:86:f0:4b:f9:18:ab:67:f8:4d:e5:cc:46:63:
f6:38:df:d9:31:37:1b:f3:1c:d8:c6:f7:7d:2a:f2:aa:19:6b:
36:91:fd:30:b6:bd:8a:37:ef:3a:63:4a:68:bc:dc:cc:68:e8:
90:b5:e8:3a
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIDAJa9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDgxMzEwNTk0NFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZiYjNjYTAtYmRlNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXtuAUZNy2IVo3+5qeAJO4yBHmeu8+nnlv41Qwrr/cZGox6KOKb/f8H+BPG
xECl3oI8A5BtcLoMDrd1Ffij1VW3aI3M3242ZQm1devoZxFWrWbxKF1PmF2Qb+yy
ncGDN/dSsM9BPjK5Yw6ungqjAaLJ/RdmJhzNu0wfn/LfKWd4gOYpktA4lu0yiO1e
0+8PjHcOS36IO5UFcPCOwaryqREnzdkG7IShdAKadAC5r3WEVHa80T6OyT2r+hS5
uarxJsYyu+bYgiDngLuyaYx/VQSoKbOXKoYDhXVjeL6tOdwDLbWmsthpA/GgcG2H
y/I8eVApROQksiB2lQp1u17zfM8CAwEAAaOCArMwggKvMB0GA1UdDgQWBBTqeS+I
JiOxaw4eNFPXQf9tP91TmjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzVEODE1RDQw
OTZGODExRURBNDJGNDY2MEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMD0GCCsGAQUFBwEHAQH/
BC4wLDASBAIAATAMAwQCZ2mwAwQBZ66iMBYEAgACMBADBwAgAQ3xPEADBQAkAHtg
MA0GCSqGSIb3DQEBCwUAA4IBAQBuZAeeQvkMjWc3pfu5MrJ5/S7k+8yYzop21MzZ
zcMU9T7I57PEq7GYSU8NEBzhxWjS4QV4n1/AEtxFXddS+01LoAZn4PylXNxLCrdx
q3M/loSfMb89ttgR/CeYa0vlNLbe4JGQmyFEC24WY/UCqMC2jOz+2/OQviNvOtOp
/v8GUk/nLoWHVxeiGwoBkn6nFTtGuDxGONmdGtXS/Imm8k3/E5dzkWugqVvQItOY
QySZ6gNErsKvZ152QLBsBM1/yucuT7E8QL8+qD8w7obwS/kYq2f4TeXMRmP2ON/Z
MTcb8xzYxvd9KvKqGWs2kf0wtr2KN+86Y0povNzMaOiQteg6
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:17:39 2024 by rpki-client on console-fra.rpki-client.org