Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/9F12E3A025A511EE87132E45C4F9AE02.roa
File: 9F12E3A025A511EE87132E45C4F9AE02.roa (raw, json)
Hash identifier: 7dmfcHoWv+inuKPdIjsHAWvAtL0OBcHABQxsrOzrAJM=
Subject key identifier: 67:E2:CE:C4:C7:BB:E3:FE:B1:A2:6F:1B:C0:97:07:AA:BE:28:C9:76
Certificate issuer: /CN=A91A495C/serialNumber=78BEDBEDC0459B900C282892F13B1782A9560429
Certificate serial: 0C64
Authority key identifier: 78:BE:DB:ED:C0:45:9B:90:0C:28:28:92:F1:3B:17:82:A9:56:04:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eL7b7cBFm5AMKCiS8TsXgqlWBCk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/9F12E3A025A511EE87132E45C4F9AE02.roa
Signing time: Wed 24 Apr 2024 11:20:08 +0000
ROA not before: Wed 24 Apr 2024 11:20:08 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 137967
IP address blocks: 103.117.192.0/22 maxlen: 22
103.117.192.0/23 maxlen: 23
103.117.192.0/24 maxlen: 24
103.117.193.0/24 maxlen: 24
103.117.194.0/23 maxlen: 23
103.117.194.0/24 maxlen: 24
103.117.195.0/24 maxlen: 24
2403:1e40::/32 maxlen: 36
2403:1e40::/48 maxlen: 48
2403:1e40:100::/48 maxlen: 48
2403:1e40:150::/48 maxlen: 48
2403:1e40:151::/48 maxlen: 48
2403:1e40:152::/48 maxlen: 48
2403:1e40:168::/48 maxlen: 48
2403:1e40:169::/48 maxlen: 48
2403:1e40:1000::/37 maxlen: 40
2403:1e40:1000::/41 maxlen: 48
2403:1e40:1080::/41 maxlen: 48
2403:1e40:1100::/41 maxlen: 48
2403:1e40:1180::/41 maxlen: 48
2403:1e40:1200::/41 maxlen: 48
2403:1e40:1280::/41 maxlen: 48
2403:1e40:1300::/41 maxlen: 48
2403:1e40:1380::/41 maxlen: 48
2403:1e40:1400::/41 maxlen: 48
2403:1e40:1800::/37 maxlen: 40
2403:1e40:1800::/41 maxlen: 48
2403:1e40:1880::/41 maxlen: 45
2403:1e40:1880::/42 maxlen: 48
2403:1e40:18c0::/43 maxlen: 48
2403:1e40:18e0::/44 maxlen: 48
2403:1e40:18f0::/45 maxlen: 48
2403:1e40:18f8::/46 maxlen: 46
2403:1e40:18f8::/47 maxlen: 48
2403:1e40:1a00::/41 maxlen: 48
2403:1e40:1a80::/41 maxlen: 48
2403:1e40:70ff::/48 maxlen: 48
2403:1e40:80ff::/48 maxlen: 48
2403:1e40:90ff::/48 maxlen: 48
2403:1e40:97ff::/48 maxlen: 48
2403:1e40:fffd::/48 maxlen: 48
2403:1e40:fffe::/48 maxlen: 48
2403:1e40:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/eL7b7cBFm5AMKCiS8TsXgqlWBCk.crl
rsync://rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/eL7b7cBFm5AMKCiS8TsXgqlWBCk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eL7b7cBFm5AMKCiS8TsXgqlWBCk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 13 Jun 2024 19:17:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3172 (0xc64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A495C/serialNumber=78BEDBEDC0459B900C282892F13B1782A9560429
Validity
Not Before: Apr 24 11:20:08 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6628eae8-3c2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:71:18:bd:e4:b7:cf:5e:20:2e:49:8e:a9:26:
d8:05:6a:ef:34:5b:e2:63:9d:e9:c3:13:8a:99:57:
dc:4f:a9:9e:0b:7a:28:fe:31:7f:3b:2f:3b:55:27:
8e:a2:06:3a:20:3d:42:d7:90:2b:91:39:ac:6c:a5:
53:6d:11:3d:b5:32:73:e1:00:2b:d9:98:71:97:be:
85:d7:36:22:5d:d6:ac:27:f5:86:e1:55:5c:95:0b:
3c:e0:c5:aa:60:39:0b:9a:76:41:ae:5d:45:03:73:
3b:4f:c8:4a:48:64:8c:d1:20:39:64:9e:3e:95:54:
f2:07:88:7d:ca:d3:7f:fc:b8:e4:ff:4e:0f:1e:fb:
fa:33:38:35:f1:d5:a9:b5:20:16:c4:45:29:da:9f:
a3:7c:cb:d3:1f:8f:12:0e:85:2b:b2:98:39:ea:91:
d2:fa:4d:3e:fd:4d:5b:a5:ef:0e:33:0a:1d:e5:3f:
1d:12:67:d9:b0:2d:fa:b0:17:a4:d3:d9:bf:49:f7:
d9:d6:c2:de:e7:13:db:cc:4c:8d:05:4a:60:79:e5:
49:a7:a0:8b:37:7e:32:06:93:a4:84:62:39:f1:f9:
a1:5a:1b:c0:22:a3:1f:34:d9:cf:6f:0c:0c:7c:df:
c9:10:fd:a7:ed:83:69:84:75:f7:8c:80:88:1e:72:
d7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E2:CE:C4:C7:BB:E3:FE:B1:A2:6F:1B:C0:97:07:AA:BE:28:C9:76
X509v3 Authority Key Identifier:
keyid:78:BE:DB:ED:C0:45:9B:90:0C:28:28:92:F1:3B:17:82:A9:56:04:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/eL7b7cBFm5AMKCiS8TsXgqlWBCk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eL7b7cBFm5AMKCiS8TsXgqlWBCk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/9F12E3A025A511EE87132E45C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.192.0/22
IPv6:
2403:1e40::/32
Signature Algorithm: sha256WithRSAEncryption
81:21:ea:fc:f0:af:6b:20:6d:60:49:ab:99:c2:e3:8e:84:bc:
ce:13:c8:b0:16:81:c1:21:85:79:aa:21:9d:80:37:47:f6:9e:
54:02:62:4e:5a:bc:c8:6b:cb:41:cc:a6:7f:4e:34:b1:c0:22:
96:75:c0:76:7f:0a:c6:d1:9f:74:90:ba:95:4f:44:10:23:df:
14:12:b8:3b:98:a5:49:33:47:3d:53:e1:b1:36:4e:c4:ce:38:
fa:ad:e1:b8:3e:d5:50:c9:cb:f9:72:e9:ed:2e:6a:14:c0:98:
4e:3b:41:d3:60:d2:3f:fb:ae:8d:38:4d:54:8c:3b:94:48:ae:
77:f9:05:20:0c:11:f7:ff:54:83:81:48:b6:80:f1:45:c4:1d:
49:8a:e7:09:78:03:7d:67:ac:63:15:d6:90:b5:c9:38:7e:b9:
d9:6c:e4:fb:22:f7:23:08:bb:55:c9:42:52:64:21:21:13:dc:
99:72:49:cd:7c:02:dc:ee:9e:80:fa:d1:1c:35:72:47:46:c7:
09:3c:f7:eb:ce:a2:82:f0:0c:56:26:29:a5:5a:f1:1f:85:a3:
50:d4:7d:f1:b2:c4:6e:96:dc:0c:20:4f:0a:32:3d:14:80:5e:
26:e4:4e:c5:ab:fc:c2:0d:28:34:7f:b1:17:f0:ae:5e:28:3a:
bc:b3:65:5c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDGQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ5NUMxMTAvBgNVBAUTKDc4QkVEQkVEQzA0NTlCOTAwQzI4Mjg5MkYxM0IxNzgy
QTk1NjA0MjkwHhcNMjQwNDI0MTEyMDA4WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjI4ZWFlOC0zYzJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2XEYveS3z14gLkmOqSbYBWrvNFviY53pwxOKmVfcT6meC3oo/jF/Oy87VSeO
ogY6ID1C15ArkTmsbKVTbRE9tTJz4QAr2Zhxl76F1zYiXdasJ/WG4VVclQs84MWq
YDkLmnZBrl1FA3M7T8hKSGSM0SA5ZJ4+lVTyB4h9ytN//Ljk/04PHvv6Mzg18dWp
tSAWxEUp2p+jfMvTH48SDoUrspg56pHS+k0+/U1bpe8OMwod5T8dEmfZsC36sBek
09m/SffZ1sLe5xPbzEyNBUpgeeVJp6CLN34yBpOkhGI58fmhWhvAIqMfNNnPbwwM
fN/JEP2n7YNphHX3jICIHnLX5QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGfizsTH
u+P+saJvG8CXB6q+KMl2MB8GA1UdIwQYMBaAFHi+2+3ARZuQDCgokvE7F4KpVgQp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDk1Qy81NTkxODAwNEUy
QUQxMUU5QjRBMjc1NDZDNEY5QUUwMi9lTDdiN2NCRm01QU1LQ2lTOFRzWGdxbFdC
Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VMN2I3Y0JGbTVBTUtDaVM4VHNYZ3FsV0JDay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ5NUMvNTU5MTgwMDRFMkFEMTFFOUI0QTI3NTQ2QzRGOUFFMDIvOUYxMkUzQTAy
NUE1MTFFRTg3MTMyRTQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJndcAwDQQCAAIwBwMFACQDHkAwDQYJKoZIhvcNAQELBQAD
ggEBAIEh6vzwr2sgbWBJq5nC446EvM4TyLAWgcEhhXmqIZ2AN0f2nlQCYk5avMhr
y0HMpn9ONLHAIpZ1wHZ/CsbRn3SQupVPRBAj3xQSuDuYpUkzRz1T4bE2TsTOOPqt
4bg+1VDJy/ly6e0uahTAmE47QdNg0j/7ro04TVSMO5RIrnf5BSAMEff/VIOBSLaA
8UXEHUmK5wl4A31nrGMV1pC1yTh+udls5Psi9yMIu1XJQlJkISET3JlySc18Atzu
noD60Rw1ckdGxwk89+vOooLwDFYmKaVa8R+Fo1DUffGyxG6W3AwgTwoyPRSAXibk
TsWr/MINKDR/sRfwrl4oOryzZVw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 21:11:27 2024 by rpki-client on console-ams.rpki-client.org