Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9117E49/CBEEAE48D5D511E797CBC37DC4F9AE02/1DA0BF7C7C5911EDB5D8DA67C4F9AE02.roa
File: 1DA0BF7C7C5911EDB5D8DA67C4F9AE02.roa (raw, json)
Hash identifier: HaGuDMDdtzMMm3o6+XeqS8/R5NYbXvco+c9bwnRUeLE=
Subject key identifier: 5C:80:87:54:B2:54:AB:7C:6F:B6:96:11:F5:F7:BE:B6:C6:E7:7D:A6
Certificate issuer: /CN=A9117E49/serialNumber=FC9CC38035DF0FD8B2455E36767E130227F4E87B
Certificate serial: 16B4
Authority key identifier: FC:9C:C3:80:35:DF:0F:D8:B2:45:5E:36:76:7E:13:02:27:F4:E8:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JzDgDXfD9iyRV42dn4TAif06Hs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9117E49/CBEEAE48D5D511E797CBC37DC4F9AE02/1DA0BF7C7C5911EDB5D8DA67C4F9AE02.roa
Signing time: Fri 10 May 2024 17:25:20 +0000
ROA not before: Fri 10 May 2024 17:25:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58826
IP address blocks: 103.17.180.0/23 maxlen: 24
103.56.208.0/23 maxlen: 24
192.144.80.0/22 maxlen: 22
192.144.80.0/24 maxlen: 24
192.144.81.0/24 maxlen: 24
192.144.82.0/24 maxlen: 24
192.144.83.0/24 maxlen: 24
2402:1d40::/48 maxlen: 48
2402:1d40:1::/48 maxlen: 48
2402:1d40:2::/48 maxlen: 48
2402:1d40:1000::/48 maxlen: 48
2402:1d40:1001::/48 maxlen: 48
2402:1d40:2000::/48 maxlen: 48
2402:1d40:2001::/48 maxlen: 48
2402:1d40:3000::/48 maxlen: 48
2402:1d40:3001::/48 maxlen: 48
2402:1d40:3002::/48 maxlen: 48
2402:1d40:3003::/48 maxlen: 48
2402:1d40:4000::/48 maxlen: 48
2402:1d40:4001::/48 maxlen: 48
2402:1d40:4002::/48 maxlen: 48
2402:1d40:4003::/48 maxlen: 48
2402:1d40:5000::/48 maxlen: 48
2402:1d40:5001::/48 maxlen: 48
2402:1d40:5002::/48 maxlen: 48
2402:1d40:5003::/48 maxlen: 48
2402:1d40:5004::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9117E49/CBEEAE48D5D511E797CBC37DC4F9AE02/_JzDgDXfD9iyRV42dn4TAif06Hs.crl
rsync://rpki.apnic.net/member_repository/A9117E49/CBEEAE48D5D511E797CBC37DC4F9AE02/_JzDgDXfD9iyRV42dn4TAif06Hs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JzDgDXfD9iyRV42dn4TAif06Hs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 17:15:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5812 (0x16b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9117E49/serialNumber=FC9CC38035DF0FD8B2455E36767E130227F4E87B
Validity
Not Before: May 10 17:25:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=663e587f-37f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f0:9d:a5:14:9c:4a:da:9b:bf:a6:ea:00:95:
31:d5:01:d7:49:55:f2:94:74:d6:26:c1:b5:a0:0d:
6a:b7:11:2a:28:c4:8c:f1:0e:fe:0f:ad:85:95:d0:
ab:7d:1a:a3:86:9d:bf:89:f1:af:f1:d2:1c:46:7d:
b6:fc:ee:41:af:24:6e:3e:00:bb:e6:29:54:9a:20:
a2:e9:3f:87:e6:6c:0e:2f:b3:4a:34:ad:6f:a6:51:
af:d0:ad:6a:ef:39:0b:9a:75:39:7c:fb:43:2f:66:
f8:6d:be:b4:2a:6c:bd:3a:3f:2b:b3:07:f2:a8:f5:
ee:41:35:f9:c1:2f:82:42:82:e0:40:64:6f:b1:2f:
82:4e:dc:85:3b:72:68:9d:f8:e4:18:85:97:b7:6d:
29:62:0b:13:a3:e0:a5:d2:8a:e6:37:31:5e:61:7f:
5a:65:d0:c4:72:22:a4:9d:ae:64:52:ac:41:ab:b1:
c4:32:fc:cd:e2:81:10:07:a4:7f:9a:7c:b7:27:ee:
26:3d:80:88:cb:f3:d0:16:3c:b0:7e:87:1c:1f:4f:
29:23:91:c8:df:a7:b5:31:35:34:f4:5f:e2:4f:0b:
da:23:e3:20:89:b3:0d:f1:5d:34:cc:ac:85:57:11:
4e:99:9c:4d:61:ba:9a:f1:c3:aa:c7:b4:97:90:ad:
83:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:80:87:54:B2:54:AB:7C:6F:B6:96:11:F5:F7:BE:B6:C6:E7:7D:A6
X509v3 Authority Key Identifier:
keyid:FC:9C:C3:80:35:DF:0F:D8:B2:45:5E:36:76:7E:13:02:27:F4:E8:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9117E49/CBEEAE48D5D511E797CBC37DC4F9AE02/_JzDgDXfD9iyRV42dn4TAif06Hs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JzDgDXfD9iyRV42dn4TAif06Hs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9117E49/CBEEAE48D5D511E797CBC37DC4F9AE02/1DA0BF7C7C5911EDB5D8DA67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.180.0/23
103.56.208.0/23
192.144.80.0/22
IPv6:
2402:1d40::-2402:1d40:2:ffff:ffff:ffff:ffff:ffff
2402:1d40:1000::/47
2402:1d40:2000::/47
2402:1d40:3000::/46
2402:1d40:4000::/46
2402:1d40:5000::-2402:1d40:5004:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
25:22:4e:87:81:72:66:f7:b9:e5:6b:18:0e:4e:f6:fa:3b:6f:
79:9b:02:9e:ae:5f:8c:93:71:83:69:20:c9:74:f8:e0:37:1d:
8f:90:5e:b2:bf:ac:6f:78:81:e3:1d:d7:c4:11:6d:28:4f:81:
7b:d7:d0:39:bf:e0:44:13:b8:2e:f7:78:ed:96:a3:85:5a:ce:
32:7c:0c:87:f2:fe:4f:4a:bd:6a:a2:b3:a6:41:e7:27:90:9c:
dc:08:66:1b:34:27:66:e5:93:1c:bf:a4:94:1a:12:07:b7:8c:
7e:4e:32:86:f3:b1:dd:83:63:bc:7e:6f:03:86:19:d5:0c:2b:
59:68:7b:f1:d6:ae:ed:c3:cb:f8:d4:0b:3c:5e:31:3e:08:3f:
ea:7e:2d:9d:b7:79:e4:2d:41:5c:31:06:c9:de:75:98:d9:6d:
64:28:13:90:3c:fc:65:56:47:8b:52:ff:aa:94:dd:07:d6:35:
01:ae:f5:25:9e:43:67:f6:90:7b:2c:90:a7:12:e5:09:a0:03:
9a:a1:a5:4c:ba:f1:07:47:d1:00:c3:96:98:08:73:1a:50:dc:
fb:4d:f9:9f:75:fe:0d:3c:66:bb:a9:6c:5f:58:d2:91:96:6d:
3e:d4:44:71:15:d6:8e:0c:74:d1:f0:29:09:86:83:d7:40:27:
a2:0e:e4:39
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgICFrQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTdFNDkxMTAvBgNVBAUTKEZDOUNDMzgwMzVERjBGRDhCMjQ1NUUzNjc2N0UxMzAy
MjdGNEU4N0IwHhcNMjQwNTEwMTcyNTE5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNlNTg3Zi0zN2Y5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArfCdpRScStqbv6bqAJUx1QHXSVXylHTWJsG1oA1qtxEqKMSM8Q7+D62FldCr
fRqjhp2/ifGv8dIcRn22/O5BryRuPgC75ilUmiCi6T+H5mwOL7NKNK1vplGv0K1q
7zkLmnU5fPtDL2b4bb60Kmy9Oj8rswfyqPXuQTX5wS+CQoLgQGRvsS+CTtyFO3Jo
nfjkGIWXt20pYgsTo+Cl0ormNzFeYX9aZdDEciKkna5kUqxBq7HEMvzN4oEQB6R/
mny3J+4mPYCIy/PQFjywfoccH08pI5HI36e1MTU09F/iTwvaI+MgibMN8V00zKyF
VxFOmZxNYbqa8cOqx7SXkK2DrQIDAQABo4IC8jCCAu4wHQYDVR0OBBYEFFyAh1Sy
VKt8b7aWEfX3vrbG532mMB8GA1UdIwQYMBaAFPycw4A13w/YskVeNnZ+EwIn9Oh7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExN0U0OS9DQkVFQUU0OEQ1
RDUxMUU3OTdDQkMzN0RDNEY5QUUwMi9fSnpEZ0RYZkQ5aXlSVjQyZG40VEFpZjA2
SHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19KekRnRFhmRDlpeVJWNDJkbjRUQWlmMDZIcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTdFNDkvQ0JFRUFFNDhENUQ1MTFFNzk3Q0JDMzdEQzRGOUFFMDIvMURBMEJGN0M3
QzU5MTFFREI1RDhEQTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfAYIKwYBBQUHAQcBAf8E
bTBrMBgEAgABMBIDBAFnEbQDBAFnONADBALAkFAwTwQCAAIwSTAQAwUGJAIdQAMH
ACQCHUAAAgMHASQCHUAQAAMHASQCHUAgAAMHAiQCHUAwAAMHAiQCHUBAADARAwYE
JAIdQFADBwAkAh1AUAQwDQYJKoZIhvcNAQELBQADggEBACUiToeBcmb3ueVrGA5O
9vo7b3mbAp6uX4yTcYNpIMl0+OA3HY+QXrK/rG94geMd18QRbShPgXvX0Dm/4EQT
uC73eO2Wo4VazjJ8DIfy/k9KvWqis6ZB5yeQnNwIZhs0J2blkxy/pJQaEge3jH5O
Mobzsd2DY7x+bwOGGdUMK1loe/HWru3Dy/jUCzxeMT4IP+p+LZ23eeQtQVwxBsne
dZjZbWQoE5A8/GVWR4tS/6qU3QfWNQGu9SWeQ2f2kHsskKcS5QmgA5qhpUy68QdH
0QDDlpgIcxpQ3PtN+Z91/g08ZrupbF9Y0pGWbT7URHEV1o4MdNHwKQmGg9dAJ6IO
5Dk=
-----END CERTIFICATE-----
Generated at Thu May 16 18:26:01 2024 by rpki-client on console-fra.rpki-client.org