Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/DE5B4B680B8411EFBE929A1DC4F9AE02.roa
File: DE5B4B680B8411EFBE929A1DC4F9AE02.roa (raw, json)
Hash identifier: x367SwKGKieQcQKaa2Z+LyGNJsEEcL+cCHEKK/0Cy04=
Subject key identifier: 6D:F8:B4:86:81:A8:48:E0:82:B8:96:C7:D2:53:FC:C7:C1:E1:1F:4E
Certificate issuer: /CN=A91EECAF/serialNumber=6EBD3A269785123ADC3F496639AEDFB10F30D618
Certificate serial: 0A1E
Authority key identifier: 6E:BD:3A:26:97:85:12:3A:DC:3F:49:66:39:AE:DF:B1:0F:30:D6:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/br06JpeFEjrcP0lmOa7fsQ8w1hg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/DE5B4B680B8411EFBE929A1DC4F9AE02.roa
Signing time: Mon 06 May 2024 08:44:37 +0000
ROA not before: Mon 06 May 2024 08:44:37 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 58453
IP address blocks: 103.11.108.0/22 maxlen: 22
103.11.108.0/24 maxlen: 24
103.11.109.0/24 maxlen: 24
223.118.0.0/15 maxlen: 15
223.118.0.0/16 maxlen: 24
223.118.0.0/27 maxlen: 27
223.119.0.0/16 maxlen: 20
223.119.0.0/21 maxlen: 24
223.119.8.0/22 maxlen: 24
223.119.12.0/22 maxlen: 24
223.119.16.0/20 maxlen: 24
223.119.32.0/19 maxlen: 23
223.119.33.0/24 maxlen: 24
223.119.38.0/23 maxlen: 24
223.119.40.0/21 maxlen: 24
223.119.48.0/22 maxlen: 24
223.119.53.0/24 maxlen: 24
223.119.54.0/23 maxlen: 24
223.119.56.0/21 maxlen: 24
223.119.64.0/18 maxlen: 23
223.119.64.0/19 maxlen: 24
223.119.96.0/22 maxlen: 24
223.119.101.0/24 maxlen: 24
223.119.102.0/23 maxlen: 24
223.119.104.0/21 maxlen: 24
223.119.112.0/20 maxlen: 24
223.119.128.0/17 maxlen: 23
223.119.128.0/18 maxlen: 24
223.119.192.0/19 maxlen: 24
223.119.224.0/20 maxlen: 24
223.119.240.0/21 maxlen: 24
223.119.248.0/22 maxlen: 24
223.119.252.0/23 maxlen: 24
223.120.0.0/17 maxlen: 24
223.121.0.0/17 maxlen: 24
2402:4f00::/32 maxlen: 32
2402:4f00:1000::/36 maxlen: 36
2402:4f00:2000::/36 maxlen: 36
2402:4f00:4000:4::/64 maxlen: 64
2402:4f00:4001:100::/56 maxlen: 56
2402:4f00:4002:100::/56 maxlen: 56
2402:4f00:4003::/48 maxlen: 48
2402:4f00:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/br06JpeFEjrcP0lmOa7fsQ8w1hg.crl
rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/br06JpeFEjrcP0lmOa7fsQ8w1hg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/br06JpeFEjrcP0lmOa7fsQ8w1hg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 21:27:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2590 (0xa1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EECAF/serialNumber=6EBD3A269785123ADC3F496639AEDFB10F30D618
Validity
Not Before: May 6 08:44:37 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66389874-00da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a6:9e:36:c2:ed:fa:46:e5:57:cc:10:25:a7:
93:8e:a9:a8:2a:b6:fe:b1:4e:ac:0f:51:fc:57:8b:
13:65:db:19:ea:45:ff:f3:7d:60:c5:96:e9:87:d8:
e8:9c:bf:5d:ae:43:d0:de:25:23:ee:ba:3a:73:33:
2f:15:95:0a:e3:0b:98:0e:ea:a5:4a:37:d7:1f:ae:
77:44:a4:6e:84:dd:f6:61:39:80:97:a6:7d:61:15:
33:b1:79:04:aa:df:95:07:11:c6:23:e4:c7:1d:75:
08:c8:5a:83:94:e3:ab:61:56:d0:da:6e:b2:d3:86:
5c:95:d9:ca:86:f1:95:3b:bc:3b:f4:3f:b3:6b:23:
ad:14:77:33:19:b4:9d:de:86:33:91:23:45:70:72:
90:fb:27:ee:4c:ce:79:c1:96:a2:01:db:f2:bd:27:
f3:64:93:bf:13:f1:c1:e6:8c:c7:be:3f:12:cc:b1:
47:2f:20:79:a7:ad:f1:11:de:5d:be:76:26:71:74:
6c:1b:e8:a5:52:0f:f3:56:f2:40:be:8d:08:c8:fc:
37:9f:82:36:0a:e7:ee:6e:86:83:11:56:22:d2:89:
df:fb:2c:77:aa:b4:78:99:bb:1d:3c:15:a1:5e:1e:
cd:0e:4e:3a:5e:0d:2d:68:48:e9:77:80:69:ab:52:
38:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F8:B4:86:81:A8:48:E0:82:B8:96:C7:D2:53:FC:C7:C1:E1:1F:4E
X509v3 Authority Key Identifier:
keyid:6E:BD:3A:26:97:85:12:3A:DC:3F:49:66:39:AE:DF:B1:0F:30:D6:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/br06JpeFEjrcP0lmOa7fsQ8w1hg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/br06JpeFEjrcP0lmOa7fsQ8w1hg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EECAF/EEFDFEA45EA711EAA5E83184C4F9AE02/DE5B4B680B8411EFBE929A1DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.108.0/22
223.118.0.0-223.120.127.255
223.121.0.0/17
IPv6:
2402:4f00::/32
Signature Algorithm: sha256WithRSAEncryption
14:f0:ff:8f:67:c9:ff:40:0a:74:b5:83:35:77:21:d4:34:09:
25:0c:7d:e3:28:0a:49:83:b5:b8:e9:31:d4:32:de:17:27:bf:
f0:73:fe:3e:56:de:0e:38:4f:c7:f4:36:bd:cd:ae:5d:9e:1e:
32:2c:b0:8d:0f:90:16:05:55:6a:c3:d8:df:0d:65:d5:72:fc:
c4:aa:ae:0b:01:5a:c1:4d:86:59:f4:a3:5e:14:16:63:c4:22:
a7:ce:64:a1:2f:58:e5:a3:e9:15:08:b6:98:7f:21:cf:d8:07:
40:de:9e:5d:8a:aa:05:cd:14:82:bb:dd:97:c1:08:8b:44:63:
3f:3c:86:71:3e:53:31:1d:79:31:69:3b:5b:48:2a:0a:72:2d:
32:26:a6:b2:de:1d:c6:8e:bf:43:0e:c3:1c:40:8b:1f:06:5a:
a7:d5:b5:70:69:0d:6f:24:ae:d1:a2:bb:51:f2:e7:d5:f0:05:
24:a2:35:e7:c4:ae:15:aa:e7:89:91:2b:76:59:d7:73:13:9b:
d8:aa:9f:a0:06:79:61:f5:af:ab:07:e4:cb:85:c4:a9:bf:43:
0e:c8:42:47:73:be:5f:e8:87:62:a1:59:19:25:2e:3b:d5:bb:
49:35:c8:aa:13:73:28:d0:7b:e5:2e:2d:fe:4a:f4:7c:c3:c1:
90:cf:58:31
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICCh4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVDQUYxMTAvBgNVBAUTKDZFQkQzQTI2OTc4NTEyM0FEQzNGNDk2NjM5QUVERkIx
MEYzMEQ2MTgwHhcNMjQwNTA2MDg0NDM3WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4OTg3NC0wMGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzKaeNsLt+kblV8wQJaeTjqmoKrb+sU6sD1H8V4sTZdsZ6kX/831gxZbph9jo
nL9drkPQ3iUj7ro6czMvFZUK4wuYDuqlSjfXH653RKRuhN32YTmAl6Z9YRUzsXkE
qt+VBxHGI+THHXUIyFqDlOOrYVbQ2m6y04ZcldnKhvGVO7w79D+zayOtFHczGbSd
3oYzkSNFcHKQ+yfuTM55wZaiAdvyvSfzZJO/E/HB5ozHvj8SzLFHLyB5p63xEd5d
vnYmcXRsG+ilUg/zVvJAvo0IyPw3n4I2CufuboaDEVYi0onf+yx3qrR4mbsdPBWh
Xh7NDk46Xg0taEjpd4Bpq1I4TwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFG34tIaB
qEjggriWx9JT/MfB4R9OMB8GA1UdIwQYMBaAFG69OiaXhRI63D9JZjmu37EPMNYY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUNBRi9FRUZERkVBNDVF
QTcxMUVBQTVFODMxODRDNEY5QUUwMi9icjA2SnBlRkVqcmNQMGxtT2E3ZnNROHcx
aGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JyMDZKcGVGRWpyY1AwbG1PYTdmc1E4dzFoZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVDQUYvRUVGREZFQTQ1RUE3MTFFQUE1RTgzMTg0QzRGOUFFMDIvREU1QjRCNjgw
Qjg0MTFFRkJFOTI5QTFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMB8EAgABMBkDBAJnC2wwCwMDAd92AwQH33gAAwQH33kAMA0EAgACMAcDBQAk
Ak8AMA0GCSqGSIb3DQEBCwUAA4IBAQAU8P+PZ8n/QAp0tYM1dyHUNAklDH3jKApJ
g7W46THUMt4XJ7/wc/4+Vt4OOE/H9Da9za5dnh4yLLCND5AWBVVqw9jfDWXVcvzE
qq4LAVrBTYZZ9KNeFBZjxCKnzmShL1jlo+kVCLaYfyHP2AdA3p5diqoFzRSCu92X
wQiLRGM/PIZxPlMxHXkxaTtbSCoKci0yJqay3h3Gjr9DDsMcQIsfBlqn1bVwaQ1v
JK7RortR8ufV8AUkojXnxK4VqueJkSt2WddzE5vYqp+gBnlh9a+rB+TLhcSpv0MO
yEJHc75f6IdioVkZJS471btJNciqE3Mo0HvlLi3+SvR8w8GQz1gx
-----END CERTIFICATE-----
Generated at Fri May 31 22:13:12 2024 by rpki-client on console-fra.rpki-client.org