Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8AC4/C8FE174C577511ED81F13B6FC4F9AE02/0AFFF078577811ED959AC36FC4F9AE02.roa
File: 0AFFF078577811ED959AC36FC4F9AE02.roa (raw, json)
Hash identifier: 2bOIvfXxT14VfBuLjn2fK1kMoqNHisqc/b7wGNY7+9c=
Subject key identifier: FC:38:01:0B:17:4C:84:FC:96:35:36:BC:92:90:B6:89:30:18:60:96
Certificate issuer: /CN=A91F8AC4/serialNumber=A337633E35919940BD729D912F3663158C267C36
Certificate serial: 010F
Authority key identifier: A3:37:63:3E:35:91:99:40:BD:72:9D:91:2F:36:63:15:8C:26:7C:36
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozdjPjWRmUC9cp2RLzZjFYwmfDY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8AC4/C8FE174C577511ED81F13B6FC4F9AE02/0AFFF078577811ED959AC36FC4F9AE02.roa
Signing time: Thu 28 Mar 2024 06:21:41 +0000
ROA not before: Thu 28 Mar 2024 06:21:41 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 138633
IP address blocks: 103.135.98.0/24 maxlen: 24
103.135.99.0/24 maxlen: 24
2404:79c0::/48 maxlen: 48
2404:79c0:1::/48 maxlen: 48
2404:79c0:2::/48 maxlen: 48
2404:79c0:3::/48 maxlen: 48
2404:79c0:4::/48 maxlen: 48
2404:79c0:5::/48 maxlen: 48
2404:79c0:6::/48 maxlen: 48
2404:79c0:7::/48 maxlen: 48
2404:79c0:8::/48 maxlen: 48
2404:79c0:9::/48 maxlen: 48
2404:79c0:a::/48 maxlen: 48
2404:79c0:b::/48 maxlen: 48
2404:79c0:c::/48 maxlen: 48
2404:79c0:d::/48 maxlen: 48
2404:79c0:e::/48 maxlen: 48
2404:79c0:f::/48 maxlen: 48
2404:79c0:1001::/48 maxlen: 48
2404:79c0:1002::/48 maxlen: 48
2404:79c0:1003::/48 maxlen: 48
2404:79c0:2000::/48 maxlen: 48
2404:79c0:2001::/48 maxlen: 48
2404:79c0:3000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F8AC4/C8FE174C577511ED81F13B6FC4F9AE02/ozdjPjWRmUC9cp2RLzZjFYwmfDY.crl
rsync://rpki.apnic.net/member_repository/A91F8AC4/C8FE174C577511ED81F13B6FC4F9AE02/ozdjPjWRmUC9cp2RLzZjFYwmfDY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozdjPjWRmUC9cp2RLzZjFYwmfDY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 08 Jun 2024 05:53:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 271 (0x10f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8AC4/serialNumber=A337633E35919940BD729D912F3663158C267C36
Validity
Not Before: Mar 28 06:21:41 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=66050c75-505d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:46:94:35:11:7d:2d:e3:ad:dd:29:e3:74:b2:
25:ed:b4:41:35:49:b7:16:ee:5b:4c:c1:5d:ac:5c:
65:fe:55:92:4f:a1:26:77:e9:6b:95:b1:33:55:22:
de:66:0e:18:7f:21:ac:df:e4:df:d9:fb:28:37:d8:
aa:35:d2:a4:17:40:d9:e8:11:ad:43:f2:43:d1:a6:
10:b8:4f:d3:38:a7:69:01:b2:12:d7:37:65:63:0e:
68:af:49:65:16:76:39:04:0e:11:41:6d:ad:ef:59:
2d:4c:ba:2d:07:c9:62:d7:43:b1:d1:48:24:24:3b:
1b:c0:d4:74:a5:02:92:c2:a2:9a:2f:b3:2f:a7:54:
eb:75:54:b8:62:c1:ae:7a:de:86:8d:b2:9a:19:61:
3c:d1:53:8c:0d:42:c5:60:e4:e8:71:50:5f:f2:33:
03:cf:93:1e:0d:1a:db:56:f4:be:7a:c3:09:46:18:
5a:a5:fd:b5:52:c3:83:bb:b6:ca:a3:af:39:34:c6:
99:ec:da:02:1e:d1:c4:1c:7a:ea:46:35:b2:d2:3b:
b7:8b:e2:c5:5f:af:10:47:2b:e7:cb:c0:a3:aa:f9:
91:ca:7f:13:f1:9c:70:2a:60:a6:e5:fb:29:12:5f:
21:c9:75:29:0b:f7:8d:d6:72:26:b5:70:77:b6:be:
9f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:38:01:0B:17:4C:84:FC:96:35:36:BC:92:90:B6:89:30:18:60:96
X509v3 Authority Key Identifier:
keyid:A3:37:63:3E:35:91:99:40:BD:72:9D:91:2F:36:63:15:8C:26:7C:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8AC4/C8FE174C577511ED81F13B6FC4F9AE02/ozdjPjWRmUC9cp2RLzZjFYwmfDY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ozdjPjWRmUC9cp2RLzZjFYwmfDY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8AC4/C8FE174C577511ED81F13B6FC4F9AE02/0AFFF078577811ED959AC36FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.98.0/23
IPv6:
2404:79c0::/44
2404:79c0:1001::-2404:79c0:1003:ffff:ffff:ffff:ffff:ffff
2404:79c0:2000::/47
2404:79c0:3000::/48
Signature Algorithm: sha256WithRSAEncryption
06:0b:f5:ec:9e:a8:c9:f0:f2:fe:5f:86:7b:53:e7:ff:e0:05:
90:79:03:0f:6d:f9:8b:33:2a:0f:c3:51:cd:b9:f3:54:68:07:
95:ab:16:56:77:77:d5:4f:32:0c:82:a4:7a:cc:65:86:7e:3c:
3e:ea:d7:b2:f6:34:d7:96:09:2f:be:ff:e5:a9:a6:20:96:46:
74:89:c8:c4:7c:79:df:18:29:45:00:1f:73:fa:e0:b4:33:0d:
ce:78:75:25:4a:e1:fa:a0:44:3e:02:95:5f:b0:56:25:aa:d9:
30:4f:6a:cf:54:70:f7:9c:c6:82:cd:99:37:a8:8b:72:6d:68:
5e:72:7b:89:a0:ef:33:b2:5e:d4:33:1c:f4:37:9a:bf:47:95:
fa:55:69:30:41:46:55:70:37:2c:4e:41:e7:54:e4:76:0d:ba:
1f:1a:cd:39:ef:ca:62:59:43:41:7a:fb:34:e3:a7:db:9f:08:
e2:de:f2:17:31:eb:20:ff:69:6d:91:62:bb:23:50:f7:04:65:
0f:d0:ce:c6:06:ad:1e:04:fc:66:ad:41:ab:ea:f5:fd:12:59:
ba:f0:23:56:c2:a4:a3:5c:62:17:e3:1a:ea:64:9f:ef:9e:9b:
f9:f6:95:52:58:cc:44:62:ac:22:7c:90:ec:c9:8a:2e:61:9d:
5a:c4:04:e3
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgICAQ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjhBQzQxMTAvBgNVBAUTKEEzMzc2MzNFMzU5MTk5NDBCRDcyOUQ5MTJGMzY2MzE1
OEMyNjdDMzYwHhcNMjQwMzI4MDYyMTQxWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA1MGM3NS01MDVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvkaUNRF9LeOt3SnjdLIl7bRBNUm3Fu5bTMFdrFxl/lWST6Emd+lrlbEzVSLe
Zg4YfyGs3+Tf2fsoN9iqNdKkF0DZ6BGtQ/JD0aYQuE/TOKdpAbIS1zdlYw5or0ll
FnY5BA4RQW2t71ktTLotB8li10Ox0UgkJDsbwNR0pQKSwqKaL7Mvp1TrdVS4YsGu
et6GjbKaGWE80VOMDULFYOTocVBf8jMDz5MeDRrbVvS+esMJRhhapf21UsODu7bK
o685NMaZ7NoCHtHEHHrqRjWy0ju3i+LFX68QRyvny8CjqvmRyn8T8ZxwKmCm5fsp
El8hyXUpC/eN1nImtXB3tr6fMQIDAQABo4ICzDCCAsgwHQYDVR0OBBYEFPw4AQsX
TIT8ljU2vJKQtokwGGCWMB8GA1UdIwQYMBaAFKM3Yz41kZlAvXKdkS82YxWMJnw2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEFDNC9DOEZFMTc0QzU3
NzUxMUVEODFGMTNCNkZDNEY5QUUwMi9vemRqUGpXUm1VQzljcDJSTHpaakZZd21m
RFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL296ZGpQaldSbVVDOWNwMlJMelpqRll3bWZEWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjhBQzQvQzhGRTE3NEM1Nzc1MTFFRDgxRjEzQjZGQzRGOUFFMDIvMEFGRkYwNzg1
Nzc4MTFFRDk1OUFDMzZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVgYIKwYBBQUHAQcBAf8E
RzBFMAwEAgABMAYDBAFnh2IwNQQCAAIwLwMHBCQEecAAADASAwcAJAR5wBABAwcC
JAR5wBAAAwcBJAR5wCAAAwcAJAR5wDAAMA0GCSqGSIb3DQEBCwUAA4IBAQAGC/Xs
nqjJ8PL+X4Z7U+f/4AWQeQMPbfmLMyoPw1HNufNUaAeVqxZWd3fVTzIMgqR6zGWG
fjw+6tey9jTXlgkvvv/lqaYglkZ0icjEfHnfGClFAB9z+uC0Mw3OeHUlSuH6oEQ+
ApVfsFYlqtkwT2rPVHD3nMaCzZk3qItybWhecnuJoO8zsl7UMxz0N5q/R5X6VWkw
QUZVcDcsTkHnVOR2DbofGs0578piWUNBevs046fbnwji3vIXMesg/2ltkWK7I1D3
BGUP0M7GBq0eBPxmrUGr6vX9Elm68CNWwqSjXGIX4xrqZJ/vnpv59pVSWMxEYqwi
fJDsyYouYZ1axATj
-----END CERTIFICATE-----
Generated at Sat Jun 1 07:09:21 2024 by rpki-client on console-fra.rpki-client.org