Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/E26D2E4803CE11ED949DFE3EC4F9AE02.roa
File: E26D2E4803CE11ED949DFE3EC4F9AE02.roa (raw, json)
Hash identifier: SbvBWH8vs9aCeyaZ2kJqY+38i0o3kBLHR299+vT9S3o=
Subject key identifier: 26:86:B7:52:EA:8A:42:B6:ED:51:11:0A:28:C3:AC:1C:AE:1F:8C:76
Certificate issuer: /CN=A919C47E/serialNumber=894FE11398B679AEB1B118B1BDE673E18CF6E934
Certificate serial: 121B
Authority key identifier: 89:4F:E1:13:98:B6:79:AE:B1:B1:18:B1:BD:E6:73:E1:8C:F6:E9:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/E26D2E4803CE11ED949DFE3EC4F9AE02.roa
Signing time: Mon 02 Oct 2023 17:34:54 +0000
ROA not before: Mon 02 Oct 2023 17:34:54 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 138398
IP address blocks: 103.121.34.0/23 maxlen: 23
103.121.34.0/24 maxlen: 24
103.121.35.0/24 maxlen: 24
103.130.68.0/24 maxlen: 24
103.130.69.0/24 maxlen: 24
2403:b4c0::/36 maxlen: 36
2403:b4c0:1000::/36 maxlen: 36
2403:b4c0:2000::/36 maxlen: 36
2403:b4c0:3000::/36 maxlen: 36
2403:b4c0:5000::/36 maxlen: 36
2403:b4c0:6000::/36 maxlen: 36
2403:b4c0:8000::/48 maxlen: 48
2403:b4c0:8001::/48 maxlen: 48
2403:b4c0:8002::/48 maxlen: 48
2403:b4c0:8003::/48 maxlen: 48
2403:b4c0:8004::/48 maxlen: 48
2403:b4c0:8005::/48 maxlen: 48
2403:b4c0:9000::/36 maxlen: 36
2403:b4c0:aa00::/40 maxlen: 40
2403:b4c0:af00::/40 maxlen: 40
2403:b4c0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/iU_hE5i2ea6xsRixveZz4Yz26TQ.crl
rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/iU_hE5i2ea6xsRixveZz4Yz26TQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 18:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4635 (0x121b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919C47E/serialNumber=894FE11398B679AEB1B118B1BDE673E18CF6E934
Validity
Not Before: Oct 2 17:34:54 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=651aff3e-8953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:27:ad:c2:63:77:b9:1f:4a:db:8a:3d:e3:70:
c1:43:e7:f9:13:12:48:b7:8b:71:e1:8b:bf:0c:c3:
59:fc:38:4b:6d:b1:f7:d2:a9:80:23:06:d9:67:a3:
d6:91:58:cf:a5:fd:ef:a6:a4:79:96:c3:85:2e:8a:
90:ad:5f:24:2d:ca:ea:50:82:6b:90:4e:e8:74:c3:
4f:84:b3:16:9a:5a:c0:38:e6:10:41:20:50:40:63:
8a:60:67:0d:50:a5:5e:e8:a1:d8:65:72:a3:75:f6:
7b:e0:0a:91:b4:bc:c2:fe:5d:8c:75:0e:a4:52:1b:
63:5b:17:74:20:6f:4b:3f:bd:42:e6:07:6b:07:eb:
78:ed:51:bc:f3:89:11:22:3e:82:82:a9:6f:77:da:
b0:ba:6a:e9:22:1a:b0:ed:8e:d3:24:49:3d:41:95:
02:0d:11:af:2f:ad:94:c8:ad:60:a5:7b:7f:d3:d6:
1c:0c:60:30:d1:cf:54:2c:8b:db:c7:99:6e:07:5d:
93:d8:20:f6:e7:d9:a3:30:49:c7:fa:2c:62:31:bc:
9e:e8:3b:41:03:f8:2a:ff:90:71:86:c6:d2:b1:3e:
be:14:e3:8c:ea:ba:96:94:7f:e7:cf:ed:25:dc:b6:
c1:1d:5d:ff:ab:bf:ee:9c:af:fb:6e:3b:2f:2e:97:
bd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:86:B7:52:EA:8A:42:B6:ED:51:11:0A:28:C3:AC:1C:AE:1F:8C:76
X509v3 Authority Key Identifier:
keyid:89:4F:E1:13:98:B6:79:AE:B1:B1:18:B1:BD:E6:73:E1:8C:F6:E9:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/iU_hE5i2ea6xsRixveZz4Yz26TQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/E26D2E4803CE11ED949DFE3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.34.0/23
103.130.68.0/23
IPv6:
2403:b4c0::/34
2403:b4c0:5000::-2403:b4c0:6fff:ffff:ffff:ffff:ffff:ffff
2403:b4c0:8000::-2403:b4c0:8005:ffff:ffff:ffff:ffff:ffff
2403:b4c0:9000::/36
2403:b4c0:aa00::/40
2403:b4c0:af00::/40
2403:b4c0:f000::/36
Signature Algorithm: sha256WithRSAEncryption
8a:3a:61:9c:ee:69:ed:4b:23:4b:61:9a:f3:f2:25:36:ea:0e:
07:1c:ac:69:d5:0e:22:53:b5:e3:b2:96:24:38:a8:da:81:05:
f3:36:47:e6:cb:b0:5e:ac:77:7d:95:c8:a1:36:3c:96:f4:06:
7d:ac:53:05:87:77:2c:42:6a:89:68:ac:0f:0f:44:92:1f:ed:
1f:05:12:75:35:a2:ec:06:c4:5f:e3:0d:f4:40:7a:01:77:87:
7a:6e:ac:eb:b5:09:30:2a:dc:66:1c:a3:88:36:07:1f:a8:f6:
9b:91:72:a9:05:55:f2:7c:f4:20:1e:fc:7a:16:81:d8:da:6d:
bc:8d:14:62:cd:d3:3f:73:ac:f9:5e:19:c5:cb:ee:7e:e0:02:
90:9b:22:c1:5c:ec:54:e1:4f:67:b8:0e:fe:2a:06:30:4d:fc:
ab:2b:97:2c:97:58:0d:c3:63:ec:33:ad:97:67:cf:1d:af:24:
df:bd:9f:5c:b1:da:a0:6e:84:ee:f8:69:1f:89:0d:71:e3:07:
b0:b0:1d:91:d0:1e:a9:24:bd:13:b6:5b:88:9f:27:2c:09:13:
ee:bd:ff:24:75:84:45:64:63:4b:14:fb:77:2a:2c:50:b5:72:
cb:94:e7:75:ed:d0:9b:d0:8d:1c:d7:e6:0c:9a:00:c8:f3:7e:
3e:74:6a:31
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgICEhswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUM0N0UxMTAvBgNVBAUTKDg5NEZFMTEzOThCNjc5QUVCMUIxMThCMUJERTY3M0Ux
OENGNkU5MzQwHhcNMjMxMDAyMTczNDU0WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFhZmYzZS04OTUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqyetwmN3uR9K24o943DBQ+f5ExJIt4tx4Yu/DMNZ/DhLbbH30qmAIwbZZ6PW
kVjPpf3vpqR5lsOFLoqQrV8kLcrqUIJrkE7odMNPhLMWmlrAOOYQQSBQQGOKYGcN
UKVe6KHYZXKjdfZ74AqRtLzC/l2MdQ6kUhtjWxd0IG9LP71C5gdrB+t47VG884kR
Ij6Cgqlvd9qwumrpIhqw7Y7TJEk9QZUCDRGvL62UyK1gpXt/09YcDGAw0c9ULIvb
x5luB12T2CD259mjMEnH+ixiMbye6DtBA/gq/5BxhsbSsT6+FOOM6rqWlH/nz+0l
3LbBHV3/q7/unK/7bjsvLpe9JQIDAQABo4IC8DCCAuwwHQYDVR0OBBYEFCaGt1Lq
ikK27VERCijDrByuH4x2MB8GA1UdIwQYMBaAFIlP4ROYtnmusbEYsb3mc+GM9uk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzQ3RS9CQ0VERjQ0MkIw
QkYxMUU4ODYzOTIyMzdDNEY5QUUwMi9pVV9oRTVpMmVhNnhzUml4dmVaejRZejI2
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lVX2hFNWkyZWE2eHNSaXh2ZVp6NFl6MjZUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUM0N0UvQkNFREY0NDJCMEJGMTFFODg2MzkyMjM3QzRGOUFFMDIvRTI2RDJFNDgw
M0NFMTFFRDk0OURGRTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwegYIKwYBBQUHAQcBAf8E
azBpMBIEAgABMAwDBAFneSIDBAFngkQwUwQCAAIwTQMGBiQDtMAAMBADBgQkA7TA
UAMGBCQDtMBgMBEDBgckA7TAgAMHASQDtMCABAMGBCQDtMCQAwYAJAO0wKoDBgAk
A7TArwMGBCQDtMDwMA0GCSqGSIb3DQEBCwUAA4IBAQCKOmGc7mntSyNLYZrz8iU2
6g4HHKxp1Q4iU7XjspYkOKjagQXzNkfmy7BerHd9lcihNjyW9AZ9rFMFh3csQmqJ
aKwPD0SSH+0fBRJ1NaLsBsRf4w30QHoBd4d6bqzrtQkwKtxmHKOINgcfqPabkXKp
BVXyfPQgHvx6FoHY2m28jRRizdM/c6z5XhnFy+5+4AKQmyLBXOxU4U9nuA7+KgYw
TfyrK5csl1gNw2PsM62XZ88dryTfvZ9csdqgboTu+GkfiQ1x4wewsB2R0B6pJL0T
tluInycsCRPuvf8kdYRFZGNLFPt3KixQtXLLlOd17dCb0I0c1+YMmgDI834+dGox
-----END CERTIFICATE-----
Generated at Fri May 31 19:47:52 2024 by rpki-client on console-fra.rpki-client.org