Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/51152BBEC31611EDB9713281C4F9AE02.roa
File: 51152BBEC31611EDB9713281C4F9AE02.roa (raw, json)
Hash identifier: a38R/kJjWCmAAQODsxLv22bFWHt+FOdsqY9kypBmIYs=
Subject key identifier: 76:A5:99:5C:6A:B1:23:44:15:70:D1:1D:5A:9B:D0:B3:A2:47:70:A1
Certificate issuer: /CN=A91E4463/serialNumber=771230A82EDBC27716AB3DC6A82FC5AEC45EEF67
Certificate serial: 0B40
Authority key identifier: 77:12:30:A8:2E:DB:C2:77:16:AB:3D:C6:A8:2F:C5:AE:C4:5E:EF:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/51152BBEC31611EDB9713281C4F9AE02.roa
Signing time: Wed 20 Mar 2024 18:14:27 +0000
ROA not before: Wed 20 Mar 2024 18:14:27 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 136224
IP address blocks: 103.84.36.0/22 maxlen: 22
103.84.36.0/23 maxlen: 23
103.84.36.0/24 maxlen: 24
103.84.37.0/24 maxlen: 24
103.84.38.0/23 maxlen: 23
103.84.38.0/24 maxlen: 24
103.84.39.0/24 maxlen: 24
113.212.108.0/22 maxlen: 22
113.212.108.0/23 maxlen: 23
113.212.108.0/24 maxlen: 24
113.212.109.0/24 maxlen: 24
113.212.111.0/24 maxlen: 24
2400:9940::/32 maxlen: 32
2400:9940::/36 maxlen: 36
2400:9940::/40 maxlen: 40
2400:9940:5::/48 maxlen: 48
2400:9940:1000::/36 maxlen: 36
2400:9940:1000::/48 maxlen: 48
2400:9940:1001::/48 maxlen: 48
2400:9940:1002::/48 maxlen: 48
2400:9940:1003::/48 maxlen: 48
2400:9940:1100::/48 maxlen: 48
2400:9940:1200::/48 maxlen: 48
2400:9940:1201::/48 maxlen: 48
2400:9940:1202::/48 maxlen: 48
2400:9940:1300::/48 maxlen: 48
2400:9940:2000::/36 maxlen: 36
2400:9940:2000::/40 maxlen: 40
2400:9940:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.crl
rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 20:23:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2880 (0xb40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4463/serialNumber=771230A82EDBC27716AB3DC6A82FC5AEC45EEF67
Validity
Not Before: Mar 20 18:14:27 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65fb2782-a3d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ca:c7:2b:a0:c9:5c:3f:bd:7d:b7:35:fb:cc:
3c:56:85:a2:f6:3e:08:f2:1d:13:f6:16:fe:7f:44:
ee:af:c6:c2:49:ec:40:ac:9e:69:b4:07:20:5b:f5:
f5:c1:38:ee:34:a1:55:26:2c:2d:b6:6a:67:89:05:
d4:06:38:69:76:e7:40:ed:b9:e6:92:fa:da:b7:18:
69:c0:e4:f9:7a:37:6e:b5:80:ae:50:fd:b4:f3:d5:
a1:6a:ff:f8:33:5f:90:36:8c:b2:a7:a9:c2:88:b0:
9c:56:8b:da:0e:79:da:d4:6c:fd:e7:83:f8:42:c1:
d7:b1:14:06:c0:b0:ff:3f:be:ea:ae:41:4f:35:7a:
8f:7e:e4:7a:f1:be:b8:83:fe:45:1a:c8:a7:ac:2b:
93:76:ee:16:dc:a6:1c:86:52:69:f7:30:42:7c:4b:
01:ed:a2:7b:5f:5f:68:a1:ee:1f:39:08:63:02:d7:
1e:72:ac:09:4b:b5:2e:ca:9c:dd:a3:31:38:6d:d0:
57:51:44:f1:63:a6:7b:ec:c3:6c:a3:17:c6:ce:cb:
e8:3d:3d:3e:f7:14:a4:53:bc:7d:32:35:4a:2f:bb:
77:2c:5d:c8:22:11:00:41:b5:05:3f:c7:9e:1f:10:
64:58:ad:6f:ce:fd:9a:3e:77:75:54:69:13:ce:6a:
0c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:A5:99:5C:6A:B1:23:44:15:70:D1:1D:5A:9B:D0:B3:A2:47:70:A1
X509v3 Authority Key Identifier:
keyid:77:12:30:A8:2E:DB:C2:77:16:AB:3D:C6:A8:2F:C5:AE:C4:5E:EF:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/51152BBEC31611EDB9713281C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.36.0/22
113.212.108.0/22
IPv6:
2400:9940::/32
Signature Algorithm: sha256WithRSAEncryption
4e:29:c0:ea:ed:2c:6f:0e:e3:a0:cf:7c:e9:d7:82:d4:96:11:
23:b4:38:22:2e:58:2c:94:af:ce:a6:69:79:ee:ce:1e:57:3f:
13:ad:64:6d:d6:1a:51:ad:cd:2d:7a:b6:92:dd:78:0e:d9:84:
22:35:47:26:51:e9:f5:09:75:76:e7:50:1e:bc:c3:34:6c:e0:
b5:2c:09:4a:d5:7f:e4:aa:62:fc:e5:c1:dc:17:05:d5:04:bc:
d2:f6:ef:e1:21:95:b8:0f:77:42:e2:e5:f8:8c:e3:06:7f:c8:
a1:73:f7:d2:32:56:bc:a8:4e:a1:05:4c:22:11:e7:bd:e4:b3:
e1:dc:89:c2:dd:20:39:8b:23:0d:cb:7a:6c:c7:69:c2:24:ad:
48:a8:79:b5:82:b6:61:a1:1c:49:7f:eb:fc:54:d4:c1:b3:eb:
e5:93:19:e4:42:0f:f8:b4:86:1c:7d:cc:65:07:67:21:92:ab:
1e:74:34:fe:b2:b4:06:18:f9:5b:40:d7:5f:90:d5:b0:99:aa:
60:1c:42:ae:84:45:df:80:ac:41:ec:eb:05:50:b8:0d:66:a8:
f9:ee:4f:18:26:f1:a0:f5:64:68:0e:a9:30:97:68:78:59:31:
15:55:c1:99:b6:4a:c2:67:a8:0a:3d:ca:1b:cd:65:18:e9:1a:
03:c7:f6:c8
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICC0AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ0NjMxMTAvBgNVBAUTKDc3MTIzMEE4MkVEQkMyNzcxNkFCM0RDNkE4MkZDNUFF
QzQ1RUVGNjcwHhcNMjQwMzIwMTgxNDI3WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWZiMjc4Mi1hM2Q4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvsrHK6DJXD+9fbc1+8w8VoWi9j4I8h0T9hb+f0Tur8bCSexArJ5ptAcgW/X1
wTjuNKFVJiwttmpniQXUBjhpdudA7bnmkvratxhpwOT5ejdutYCuUP2089Whav/4
M1+QNoyyp6nCiLCcVovaDnna1Gz954P4QsHXsRQGwLD/P77qrkFPNXqPfuR68b64
g/5FGsinrCuTdu4W3KYchlJp9zBCfEsB7aJ7X19ooe4fOQhjAtcecqwJS7Uuypzd
ozE4bdBXUUTxY6Z77MNsoxfGzsvoPT0+9xSkU7x9MjVKL7t3LF3IIhEAQbUFP8ee
HxBkWK1vzv2aPnd1VGkTzmoMrQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFHalmVxq
sSNEFXDRHVqb0LOiR3ChMB8GA1UdIwQYMBaAFHcSMKgu28J3Fqs9xqgvxa7EXu9n
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDQ2My9BNEQ0NDAwQzEz
OUYxMUVBQTY1ODI4NjBDNEY5QUUwMi9keEl3cUM3YnduY1dxejNHcUNfRnJzUmU3
MmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2R4SXdxQzdid25jV3F6M0dxQ19GcnNSZTcyYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ0NjMvQTRENDQwMEMxMzlGMTFFQUE2NTgyODYwQzRGOUFFMDIvNTExNTJCQkVD
MzE2MTFFREI5NzEzMjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnVCQDBAJx1GwwDQQCAAIwBwMFACQAmUAwDQYJKoZIhvcN
AQELBQADggEBAE4pwOrtLG8O46DPfOnXgtSWESO0OCIuWCyUr86maXnuzh5XPxOt
ZG3WGlGtzS16tpLdeA7ZhCI1RyZR6fUJdXbnUB68wzRs4LUsCUrVf+SqYvzlwdwX
BdUEvNL27+EhlbgPd0Li5fiM4wZ/yKFz99IyVryoTqEFTCIR573ks+HcicLdIDmL
Iw3LemzHacIkrUioebWCtmGhHEl/6/xU1MGz6+WTGeRCD/i0hhx9zGUHZyGSqx50
NP6ytAYY+VtA11+Q1bCZqmAcQq6ERd+ArEHs6wVQuA1mqPnuTxgm8aD1ZGgOqTCX
aHhZMRVVwZm2SsJnqAo9yhvNZRjpGgPH9sg=
-----END CERTIFICATE-----
Generated at Sat Jun 1 00:13:31 2024 by rpki-client on console-ams.rpki-client.org