Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7F47/330A008CCE5911E9A0908287C4F9AE02/4E98421A162311EB90D1657AC4F9AE02.roa
File: 4E98421A162311EB90D1657AC4F9AE02.roa (raw, json)
Hash identifier: 1jUxwWAX6KnigOFs20Vg85yLzTjyxdO59rmGUv5qs2k=
Subject key identifier: 37:88:5D:5F:90:FA:6B:FB:DF:48:3D:70:98:A0:29:2F:7D:4A:CC:2D
Certificate issuer: /CN=A91B7F47/serialNumber=E30A4CDDF6C269ACBA39CA58AA9592D8986401F4
Certificate serial: 0CFA
Authority key identifier: E3:0A:4C:DD:F6:C2:69:AC:BA:39:CA:58:AA:95:92:D8:98:64:01:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4wpM3fbCaay6OcpYqpWS2JhkAfQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7F47/330A008CCE5911E9A0908287C4F9AE02/4E98421A162311EB90D1657AC4F9AE02.roa
Signing time: Fri 16 Aug 2024 18:46:32 +0000
ROA not before: Fri 16 Aug 2024 18:46:32 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 137935
IP address blocks: 103.117.108.0/24 maxlen: 24
103.117.109.0/24 maxlen: 24
103.117.110.0/24 maxlen: 24
103.117.111.0/24 maxlen: 24
2403:1940::/32 maxlen: 32
2403:1940::/35 maxlen: 35
2403:1940::/48 maxlen: 48
2403:1940:1::/48 maxlen: 48
2403:1940:2::/48 maxlen: 48
2403:1940:3::/48 maxlen: 48
2403:1940:4::/48 maxlen: 48
2403:1940:5::/48 maxlen: 48
2403:1940:6::/48 maxlen: 48
2403:1940:7::/48 maxlen: 48
2403:1940:8::/48 maxlen: 48
2403:1940:9::/48 maxlen: 48
2403:1940:d::/48 maxlen: 48
2403:1940:10::/48 maxlen: 48
2403:1940:11::/48 maxlen: 48
2403:1940:12::/48 maxlen: 48
2403:1940:13::/48 maxlen: 48
2403:1940:14::/48 maxlen: 48
2403:1940:15::/48 maxlen: 48
2403:1940:16::/48 maxlen: 48
2403:1940:17::/48 maxlen: 48
2403:1940:18::/48 maxlen: 48
2403:1940:19::/48 maxlen: 48
2403:1940:20::/48 maxlen: 48
2403:1940:21::/48 maxlen: 48
2403:1940:22::/48 maxlen: 48
2403:1940:23::/48 maxlen: 48
2403:1940:24::/48 maxlen: 48
2403:1940:25::/48 maxlen: 48
2403:1940:26::/48 maxlen: 48
2403:1940:27::/48 maxlen: 48
2403:1940:28::/48 maxlen: 48
2403:1940:29::/48 maxlen: 48
2403:1940:30::/48 maxlen: 48
2403:1940:31::/48 maxlen: 48
2403:1940:32::/48 maxlen: 48
2403:1940:33::/48 maxlen: 48
2403:1940:34::/48 maxlen: 48
2403:1940:35::/48 maxlen: 48
2403:1940:36::/48 maxlen: 48
2403:1940:37::/48 maxlen: 48
2403:1940:38::/48 maxlen: 48
2403:1940:39::/48 maxlen: 48
2403:1940:40::/48 maxlen: 48
2403:1940:41::/48 maxlen: 48
2403:1940:42::/48 maxlen: 48
2403:1940:43::/48 maxlen: 48
2403:1940:44::/48 maxlen: 48
2403:1940:45::/48 maxlen: 48
2403:1940:46::/48 maxlen: 48
2403:1940:47::/48 maxlen: 48
2403:1940:48::/48 maxlen: 48
2403:1940:49::/48 maxlen: 48
2403:1940:50::/48 maxlen: 48
2403:1940:60::/48 maxlen: 48
2403:1940:70::/48 maxlen: 48
2403:1940:80::/48 maxlen: 48
2403:1940:90::/48 maxlen: 48
2403:1940:100::/48 maxlen: 48
2403:1940:200::/48 maxlen: 48
2403:1940:1000::/36 maxlen: 36
2403:1940:2000::/36 maxlen: 36
2403:1940:acc1::/48 maxlen: 48
2403:1940:acc2::/48 maxlen: 48
2403:1940:acc3::/48 maxlen: 48
2403:1940:ccc1::/48 maxlen: 48
2403:1940:ccc2::/48 maxlen: 48
2403:1940:ccc3::/48 maxlen: 48
2403:1940:dac1::/48 maxlen: 48
2403:1940:dac1:dac1::/64 maxlen: 64
2403:1940:daca::/48 maxlen: 48
2403:1940:dacb::/48 maxlen: 48
2403:1940:dacc::/48 maxlen: 48
2403:1940:dacd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B7F47/330A008CCE5911E9A0908287C4F9AE02/4wpM3fbCaay6OcpYqpWS2JhkAfQ.crl
rsync://rpki.apnic.net/member_repository/A91B7F47/330A008CCE5911E9A0908287C4F9AE02/4wpM3fbCaay6OcpYqpWS2JhkAfQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4wpM3fbCaay6OcpYqpWS2JhkAfQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 17:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3322 (0xcfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7F47/serialNumber=E30A4CDDF6C269ACBA39CA58AA9592D8986401F4
Validity
Not Before: Aug 16 18:46:32 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66bf9e88-b97b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:50:41:22:db:ae:61:ba:d2:14:e9:95:22:2f:
34:ec:52:01:39:14:a4:5e:6d:e1:19:e0:77:f8:00:
37:39:b7:90:71:68:fc:c5:a1:9a:73:e7:2e:0d:75:
18:aa:cb:12:a2:b9:5f:31:fd:12:b5:b1:6f:0e:38:
46:4b:4c:a4:f9:f6:54:79:dc:79:16:a7:eb:81:57:
62:47:3f:0d:82:7f:63:e1:10:77:84:61:72:6d:5c:
3d:28:07:29:ad:74:b0:e6:57:65:35:5e:a3:94:1d:
70:f2:1d:72:c9:db:af:96:cd:c6:76:85:55:75:00:
ac:4c:42:a1:a0:d6:22:46:f1:55:ae:58:b3:3e:15:
33:19:43:81:10:0c:ab:e7:75:31:87:d3:dc:e0:ff:
86:5d:5c:c7:57:f9:f8:9d:2d:37:84:f9:30:1f:98:
58:a1:cb:0d:14:4a:ee:c9:0f:17:e9:7f:c6:71:8f:
b3:87:75:85:59:d0:fa:13:ac:cc:d7:7b:fd:4c:56:
e5:04:1a:36:68:47:8e:15:b6:bf:4d:97:10:3d:2a:
32:40:17:0b:24:04:f6:d4:16:13:68:85:b0:8b:9f:
af:be:55:26:6e:f0:9c:5d:44:4d:b4:c3:79:1d:d8:
ef:96:28:81:e8:ea:d6:e3:12:50:db:00:00:c0:1f:
42:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:88:5D:5F:90:FA:6B:FB:DF:48:3D:70:98:A0:29:2F:7D:4A:CC:2D
X509v3 Authority Key Identifier:
keyid:E3:0A:4C:DD:F6:C2:69:AC:BA:39:CA:58:AA:95:92:D8:98:64:01:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7F47/330A008CCE5911E9A0908287C4F9AE02/4wpM3fbCaay6OcpYqpWS2JhkAfQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4wpM3fbCaay6OcpYqpWS2JhkAfQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7F47/330A008CCE5911E9A0908287C4F9AE02/4E98421A162311EB90D1657AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.108.0/22
IPv6:
2403:1940::/32
Signature Algorithm: sha256WithRSAEncryption
49:ee:a0:70:81:a4:95:74:16:91:f5:e4:43:d3:f5:26:87:93:
88:19:6d:25:60:2b:4b:70:5b:56:6e:3a:0e:6c:45:d8:fa:ee:
e9:3e:55:fa:cb:62:b3:8c:22:41:e6:96:7c:43:71:c2:89:9e:
74:cf:23:4b:69:95:74:9d:71:6d:44:db:eb:f7:b8:55:68:9d:
c0:96:b8:73:20:ae:1a:26:19:19:d6:1b:af:5a:22:ba:87:3d:
27:2a:8d:7b:1a:13:6d:90:be:ff:ba:f1:a3:fc:6c:f4:7f:c4:
b3:c1:9c:10:0a:2f:25:76:b3:0e:4c:1a:9e:f4:b8:34:3d:67:
2b:2a:23:9b:1a:10:59:a8:6d:3f:62:1e:7e:03:b9:09:26:ab:
3d:6e:fe:c3:a8:b3:20:98:fd:2c:71:6b:50:bf:96:76:50:df:
62:cd:67:7c:fd:41:d2:7b:de:b8:e5:d9:d5:a3:bc:4a:df:2c:
9c:33:ef:87:8e:9d:50:a7:17:40:da:cb:59:85:6d:9b:c8:b4:
89:fd:53:77:e2:db:2b:e5:e3:16:72:81:2f:bd:8a:4d:a6:c8:
bb:18:69:88:80:70:33:9a:32:96:f6:68:c8:d1:73:db:32:a5:
32:5e:c5:bb:43:77:d1:df:6c:b0:45:bc:1e:19:48:6e:6e:9f:
9c:44:69:b7
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjdGNDcxMTAvBgNVBAUTKEUzMEE0Q0RERjZDMjY5QUNCQTM5Q0E1OEFBOTU5MkQ4
OTg2NDAxRjQwHhcNMjQwODE2MTg0NjMyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJmOWU4OC1iOTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmVBBItuuYbrSFOmVIi807FIBORSkXm3hGeB3+AA3ObeQcWj8xaGac+cuDXUY
qssSorlfMf0StbFvDjhGS0yk+fZUedx5FqfrgVdiRz8Ngn9j4RB3hGFybVw9KAcp
rXSw5ldlNV6jlB1w8h1yyduvls3GdoVVdQCsTEKhoNYiRvFVrlizPhUzGUOBEAyr
53Uxh9Pc4P+GXVzHV/n4nS03hPkwH5hYocsNFEruyQ8X6X/GcY+zh3WFWdD6E6zM
13v9TFblBBo2aEeOFba/TZcQPSoyQBcLJAT21BYTaIWwi5+vvlUmbvCcXURNtMN5
HdjvliiB6OrW4xJQ2wAAwB9CRwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDeIXV+Q
+mv730g9cJigKS99SswtMB8GA1UdIwQYMBaAFOMKTN32wmmsujnKWKqVktiYZAH0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCN0Y0Ny8zMzBBMDA4Q0NF
NTkxMUU5QTA5MDgyODdDNEY5QUUwMi80d3BNM2ZiQ2FheTZPY3BZcXBXUzJKaGtB
ZlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzR3cE0zZmJDYWF5Nk9jcFlxcFdTMkpoa0FmUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjdGNDcvMzMwQTAwOENDRTU5MTFFOUEwOTA4Mjg3QzRGOUFFMDIvNEU5ODQyMUEx
NjIzMTFFQjkwRDE2NTdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJndWwwDQQCAAIwBwMFACQDGUAwDQYJKoZIhvcNAQELBQAD
ggEBAEnuoHCBpJV0FpH15EPT9SaHk4gZbSVgK0twW1ZuOg5sRdj67uk+VfrLYrOM
IkHmlnxDccKJnnTPI0tplXSdcW1E2+v3uFVoncCWuHMgrhomGRnWG69aIrqHPScq
jXsaE22Qvv+68aP8bPR/xLPBnBAKLyV2sw5MGp70uDQ9ZysqI5saEFmobT9iHn4D
uQkmqz1u/sOosyCY/Sxxa1C/lnZQ32LNZ3z9QdJ73rjl2dWjvErfLJwz74eOnVCn
F0Day1mFbZvItIn9U3fi2yvl4xZygS+9ik2myLsYaYiAcDOaMpb2aMjRc9sypTJe
xbtDd9HfbLBFvB4ZSG5un5xEabc=
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:36:24 2024 by rpki-client on console-fra.rpki-client.org