Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/2D9B5B380F1D11E991F4271EC4F9AE02.roa
File: 2D9B5B380F1D11E991F4271EC4F9AE02.roa (raw, json)
Hash identifier: lVFhX+AzAAaq4+3r9pTtYs5veVCzyIhE2Z58rfUjlok=
Subject key identifier: A0:78:6C:65:B8:01:D0:D2:F1:F7:E2:54:8D:89:63:C2:C5:00:66:E3
Certificate issuer: /CN=A9196172/serialNumber=6C3A7E02ACBB73A6635BDAFE022D785D00C447DB
Certificate serial: 104C
Authority key identifier: 6C:3A:7E:02:AC:BB:73:A6:63:5B:DA:FE:02:2D:78:5D:00:C4:47:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/2D9B5B380F1D11E991F4271EC4F9AE02.roa
Signing time: Fri 08 Mar 2024 17:56:10 +0000
ROA not before: Fri 08 Mar 2024 17:56:10 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 56300
IP address blocks: 101.100.160.0/24 maxlen: 24
101.100.161.0/24 maxlen: 24
101.100.162.0/24 maxlen: 24
101.100.163.0/24 maxlen: 24
101.100.164.0/24 maxlen: 24
101.100.165.0/24 maxlen: 24
101.100.166.0/24 maxlen: 24
101.100.167.0/24 maxlen: 24
101.100.168.0/24 maxlen: 24
101.100.169.0/24 maxlen: 24
101.100.170.0/24 maxlen: 24
101.100.171.0/24 maxlen: 24
101.100.172.0/24 maxlen: 24
101.100.173.0/24 maxlen: 24
101.100.174.0/24 maxlen: 24
101.100.175.0/24 maxlen: 24
101.100.176.0/24 maxlen: 24
101.100.177.0/24 maxlen: 24
101.100.178.0/24 maxlen: 24
101.100.179.0/24 maxlen: 24
101.100.180.0/24 maxlen: 24
101.100.181.0/24 maxlen: 24
101.100.182.0/24 maxlen: 24
101.100.183.0/24 maxlen: 24
101.100.184.0/24 maxlen: 24
101.100.185.0/24 maxlen: 24
101.100.186.0/24 maxlen: 24
101.100.188.0/24 maxlen: 24
101.100.189.0/24 maxlen: 24
101.100.190.0/24 maxlen: 24
103.247.133.0/24 maxlen: 24
103.247.134.0/24 maxlen: 24
103.247.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.crl
rsync://rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 01 Jul 2024 17:46:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4172 (0x104c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9196172/serialNumber=6C3A7E02ACBB73A6635BDAFE022D785D00C447DB
Validity
Not Before: Mar 8 17:56:10 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65eb5139-f9ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ae:d9:30:63:a9:bd:0c:b8:4e:16:51:6c:75:
56:55:5c:49:81:71:59:28:64:b8:bb:dc:a3:91:35:
63:59:1b:41:f2:56:ab:f2:9b:41:31:09:20:fa:35:
4a:0b:b0:af:eb:b6:41:f5:08:a2:75:28:88:78:d0:
1b:35:a3:f8:37:ed:a0:07:32:ac:f7:85:78:15:b8:
ed:ea:09:06:7e:23:d9:b9:45:eb:83:89:58:19:fa:
f6:de:ff:ab:71:71:6c:a3:51:40:45:76:2d:b1:14:
cc:fc:b1:13:c8:10:a4:89:d1:52:16:87:13:66:33:
f6:7f:20:67:a6:5c:5c:95:9a:b4:20:eb:b8:73:07:
5d:77:6b:81:48:f6:36:b5:ec:76:dd:17:06:3b:ee:
db:11:74:88:7d:c0:cb:93:a6:1d:3e:e8:9d:8b:42:
87:59:75:08:4b:13:9d:c2:d9:52:48:33:44:8b:e0:
65:06:c6:9a:e4:23:b6:ea:39:c8:bc:1a:7d:81:0e:
d2:97:e6:fe:3a:4b:c3:52:4d:4c:f8:29:57:e0:ab:
b1:62:ea:f5:a2:ab:9f:fe:4f:9e:14:c6:97:7b:95:
6f:28:12:72:35:50:3d:96:a0:2c:69:23:c7:48:ba:
8d:1f:87:2b:37:9f:9d:31:0a:c7:2f:2a:0e:56:db:
ac:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:78:6C:65:B8:01:D0:D2:F1:F7:E2:54:8D:89:63:C2:C5:00:66:E3
X509v3 Authority Key Identifier:
keyid:6C:3A:7E:02:AC:BB:73:A6:63:5B:DA:FE:02:2D:78:5D:00:C4:47:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bDp-Aqy7c6ZjW9r-Ai14XQDER9s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9196172/E867CB100F1B11E9A5DBDB1BC4F9AE02/2D9B5B380F1D11E991F4271EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.100.160.0-101.100.186.255
101.100.188.0-101.100.190.255
103.247.133.0-103.247.135.255
Signature Algorithm: sha256WithRSAEncryption
a8:f6:ee:c7:75:75:43:99:fe:3b:6d:86:f8:f0:e8:43:c2:67:
6b:13:66:4d:df:75:c6:4d:4e:73:40:79:d8:d5:03:93:2b:95:
b0:df:ed:7a:9c:6c:7d:12:9b:dc:4a:d3:91:bb:ca:71:35:0c:
9c:06:c1:c1:22:aa:bf:57:5e:a7:22:df:3e:34:b4:6f:41:3a:
5d:95:3c:cf:a3:6e:60:81:81:96:4b:6d:6e:33:2c:bd:6b:42:
27:48:2f:29:6a:df:aa:a9:d4:2b:6d:8b:34:1c:be:59:74:1f:
8f:87:16:22:56:79:6e:14:76:32:8e:c7:1c:f9:77:2c:08:4f:
1f:e7:1f:f6:5d:5d:59:cb:6a:c1:02:b6:08:c9:e2:6a:fa:f4:
00:bf:d3:58:4e:46:67:71:98:f2:22:24:d4:7c:69:77:9c:c2:
79:c3:3e:b8:b2:03:96:fb:6c:05:7c:e4:1b:0f:e9:08:7b:45:
d9:3c:42:41:b2:ba:a0:73:ce:0e:b7:96:49:4c:8d:dd:0b:0d:
6c:42:ef:a8:76:85:04:66:21:cb:07:d3:b5:85:f9:1f:53:51:
db:90:a9:6f:21:c3:f3:c1:26:08:ac:70:2b:c8:e9:2a:32:58:
ee:c4:f4:cf:b1:f4:f1:bb:89:dc:3d:9a:cd:57:66:47:80:35:
45:c6:14:c5
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICEEwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTYxNzIxMTAvBgNVBAUTKDZDM0E3RTAyQUNCQjczQTY2MzVCREFGRTAyMkQ3ODVE
MDBDNDQ3REIwHhcNMjQwMzA4MTc1NjEwWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWViNTEzOS1mOWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzK7ZMGOpvQy4ThZRbHVWVVxJgXFZKGS4u9yjkTVjWRtB8lar8ptBMQkg+jVK
C7Cv67ZB9QiidSiIeNAbNaP4N+2gBzKs94V4Fbjt6gkGfiPZuUXrg4lYGfr23v+r
cXFso1FARXYtsRTM/LETyBCkidFSFocTZjP2fyBnplxclZq0IOu4cwddd2uBSPY2
tex23RcGO+7bEXSIfcDLk6YdPuidi0KHWXUISxOdwtlSSDNEi+BlBsaa5CO26jnI
vBp9gQ7Sl+b+OkvDUk1M+ClX4KuxYur1oquf/k+eFMaXe5VvKBJyNVA9lqAsaSPH
SLqNH4crN5+dMQrHLyoOVtusYQIDAQABo4ICuTCCArUwHQYDVR0OBBYEFKB4bGW4
AdDS8ffiVI2JY8LFAGbjMB8GA1UdIwQYMBaAFGw6fgKsu3OmY1va/gIteF0AxEfb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NjE3Mi9FODY3Q0IxMDBG
MUIxMUU5QTVEQkRCMUJDNEY5QUUwMi9iRHAtQXF5N2M2WmpXOXItQWkxNFhRREVS
OXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JEcC1BcXk3YzZaalc5ci1BaTE0WFFERVI5cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTYxNzIvRTg2N0NCMTAwRjFCMTFFOUE1REJEQjFCQzRGOUFFMDIvMkQ5QjVCMzgw
RjFEMTFFOTkxRjQyNzFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMDAEAgABMCowDAMEBWVkoAMEAGVkujAMAwQCZWS8AwQAZWS+MAwDBABn94UD
BANn94AwDQYJKoZIhvcNAQELBQADggEBAKj27sd1dUOZ/jtthvjw6EPCZ2sTZk3f
dcZNTnNAedjVA5MrlbDf7XqcbH0Sm9xK05G7ynE1DJwGwcEiqr9XXqci3z40tG9B
Ol2VPM+jbmCBgZZLbW4zLL1rQidILylq36qp1CttizQcvll0H4+HFiJWeW4UdjKO
xxz5dywITx/nH/ZdXVnLasECtgjJ4mr69AC/01hORmdxmPIiJNR8aXecwnnDPriy
A5b7bAV85BsP6Qh7Rdk8QkGyuqBzzg63lklMjd0LDWxC76h2hQRmIcsH07WF+R9T
UduQqW8hw/PBJgiscCvI6SoyWO7E9M+x9PG7idw9ms1XZkeANUXGFMU=
-----END CERTIFICATE-----
Generated at Mon Jun 24 18:32:45 2024 by rpki-client on console-fra.rpki-client.org