Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91192A0/4F1EAE84135611EA992B115AC4F9AE02/38FA1FDE135711EAACF3565BC4F9AE02.roa
File: 38FA1FDE135711EAACF3565BC4F9AE02.roa (raw, json)
Hash identifier: Dg1teGxb/7J+RLEhdLIJJbvbaUjJVyctMJV2awJCf2k=
Subject key identifier: 9D:0F:34:2F:7F:0C:69:88:0A:4E:59:A4:CE:7F:2F:16:85:89:CA:A9
Certificate issuer: /CN=A91192A0/serialNumber=0DF6330115EC45F531FF56131EB8455AAFB776CC
Certificate serial: 0B34
Authority key identifier: 0D:F6:33:01:15:EC:45:F5:31:FF:56:13:1E:B8:45:5A:AF:B7:76:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfYzARXsRfUx_1YTHrhFWq-3dsw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91192A0/4F1EAE84135611EA992B115AC4F9AE02/38FA1FDE135711EAACF3565BC4F9AE02.roa
Signing time: Tue 02 Apr 2024 19:58:25 +0000
ROA not before: Tue 02 Apr 2024 19:58:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137554
IP address blocks: 103.113.12.0/22 maxlen: 22
103.113.12.0/23 maxlen: 23
103.113.12.0/24 maxlen: 24
103.113.13.0/24 maxlen: 24
103.113.14.0/23 maxlen: 23
103.113.14.0/24 maxlen: 24
103.113.15.0/24 maxlen: 24
2402:b540::/32 maxlen: 32
2402:b540:1::/48 maxlen: 48
2402:b540:2::/48 maxlen: 48
2402:b540:3::/48 maxlen: 48
2402:b540:4::/48 maxlen: 48
2402:b540:5::/48 maxlen: 48
2402:b540:6::/48 maxlen: 48
2402:b540:7::/48 maxlen: 48
2402:b540:8::/48 maxlen: 48
2402:b540:9::/48 maxlen: 48
2402:b540:a::/48 maxlen: 48
2402:b540:b::/48 maxlen: 48
2402:b540:c::/48 maxlen: 48
2402:b540:d::/48 maxlen: 48
2402:b540:e::/48 maxlen: 48
2402:b540:f::/48 maxlen: 48
2402:b540:2a::/48 maxlen: 48
2402:b540:2b::/48 maxlen: 48
2402:b540:2c::/48 maxlen: 48
2402:b540:2d::/48 maxlen: 48
2402:b540:2e::/48 maxlen: 48
2402:b540:2f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91192A0/4F1EAE84135611EA992B115AC4F9AE02/DfYzARXsRfUx_1YTHrhFWq-3dsw.crl
rsync://rpki.apnic.net/member_repository/A91192A0/4F1EAE84135611EA992B115AC4F9AE02/DfYzARXsRfUx_1YTHrhFWq-3dsw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfYzARXsRfUx_1YTHrhFWq-3dsw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 18:35:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2868 (0xb34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91192A0/serialNumber=0DF6330115EC45F531FF56131EB8455AAFB776CC
Validity
Not Before: Apr 2 19:58:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660c6361-85fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:9a:e0:32:cb:97:af:95:00:0f:ad:4c:e7:8e:
2e:d5:d3:51:db:53:66:02:ea:f8:ef:05:74:af:9b:
98:27:c3:b4:0f:f3:ee:d1:c6:1a:e4:f5:0d:fb:25:
4a:0a:3a:a4:9d:14:c6:e8:b7:40:c2:d3:cb:b5:9b:
cf:a6:ab:98:cb:42:d6:f6:b5:91:f8:c6:b1:65:89:
f9:9d:9c:68:ac:47:28:71:46:60:47:94:80:97:f7:
3f:a4:2a:2a:95:b3:df:9c:63:6b:70:9d:a5:93:b1:
e1:75:4a:b1:2a:ba:ef:c2:2f:77:3c:94:dc:33:a3:
a7:c0:3f:4f:cd:22:10:0e:be:39:27:86:23:b4:01:
11:da:35:b4:86:4b:19:4a:bc:ef:ed:6c:bf:16:99:
c8:93:44:d5:3d:bf:d4:53:00:c6:87:18:e8:2a:b9:
cd:35:b6:42:a9:ba:ce:90:44:e1:b7:67:4b:63:f1:
df:2f:e9:3f:a7:cb:9b:bb:ad:1b:4b:fe:8c:30:60:
c8:f6:af:6c:1e:4d:6b:77:8a:33:ad:2d:b6:20:06:
ff:20:4e:af:5a:55:b3:98:69:88:3a:95:75:bf:38:
b8:eb:fb:5c:e0:8e:04:07:e7:27:1e:a2:ec:01:80:
8e:fe:2a:16:b1:ac:cb:2b:55:9d:2e:88:6e:2f:77:
a8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:0F:34:2F:7F:0C:69:88:0A:4E:59:A4:CE:7F:2F:16:85:89:CA:A9
X509v3 Authority Key Identifier:
keyid:0D:F6:33:01:15:EC:45:F5:31:FF:56:13:1E:B8:45:5A:AF:B7:76:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91192A0/4F1EAE84135611EA992B115AC4F9AE02/DfYzARXsRfUx_1YTHrhFWq-3dsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfYzARXsRfUx_1YTHrhFWq-3dsw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91192A0/4F1EAE84135611EA992B115AC4F9AE02/38FA1FDE135711EAACF3565BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.113.12.0/22
IPv6:
2402:b540::/32
Signature Algorithm: sha256WithRSAEncryption
1e:b9:66:ba:29:87:62:81:15:aa:1c:83:41:c1:74:81:ec:5f:
35:68:8a:a9:c0:8d:4c:6c:85:c9:61:0c:a3:f0:ff:0d:31:76:
d3:aa:56:a6:55:2c:01:13:d3:95:75:69:e3:0a:af:7f:3b:7a:
71:5f:95:d8:c0:27:ac:b1:12:a2:30:68:3a:a8:f6:18:a4:b0:
f1:8d:c2:f2:f8:6d:73:4e:6d:b0:46:6c:f0:50:77:7e:bc:f1:
b1:8a:bf:d9:26:9f:71:77:a3:d3:b5:44:3c:56:b0:bf:35:7d:
e7:f6:a3:6a:d4:b4:c5:c6:1a:a3:04:35:da:16:d5:3e:e6:7a:
93:41:7a:41:8d:84:72:29:6c:80:ad:27:f7:1c:fd:24:be:71:
4d:7c:ce:67:89:e0:13:5f:25:28:4d:bc:b6:21:60:53:61:c0:
c8:29:29:9d:c5:6b:2a:d9:f9:cb:d0:46:5f:35:ff:05:b8:08:
ac:47:e1:7c:73:e0:6c:14:d8:97:30:1a:e8:eb:b6:99:f7:90:
6c:6a:13:76:93:e4:a8:db:cf:4b:8a:81:7b:44:11:fc:b4:d2:
ed:43:be:c1:3a:86:3e:13:94:0f:10:88:91:d6:71:34:b4:c2:
74:73:a1:5e:76:b3:b4:c9:a6:64:88:d0:f0:1c:65:77:18:f3:
02:23:4c:c0
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCzQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTkyQTAxMTAvBgNVBAUTKDBERjYzMzAxMTVFQzQ1RjUzMUZGNTYxMzFFQjg0NTVB
QUZCNzc2Q0MwHhcNMjQwNDAyMTk1ODI1WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBjNjM2MS04NWZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1prgMsuXr5UAD61M544u1dNR21NmAur47wV0r5uYJ8O0D/Pu0cYa5PUN+yVK
CjqknRTG6LdAwtPLtZvPpquYy0LW9rWR+MaxZYn5nZxorEcocUZgR5SAl/c/pCoq
lbPfnGNrcJ2lk7HhdUqxKrrvwi93PJTcM6OnwD9PzSIQDr45J4YjtAER2jW0hksZ
Srzv7Wy/FpnIk0TVPb/UUwDGhxjoKrnNNbZCqbrOkETht2dLY/HfL+k/p8ubu60b
S/6MMGDI9q9sHk1rd4ozrS22IAb/IE6vWlWzmGmIOpV1vzi46/tc4I4EB+cnHqLs
AYCO/ioWsazLK1WdLohuL3eoVQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJ0PNC9/
DGmICk5ZpM5/LxaFicqpMB8GA1UdIwQYMBaAFA32MwEV7EX1Mf9WEx64RVqvt3bM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTJBMC80RjFFQUU4NDEz
NTYxMUVBOTkyQjExNUFDNEY5QUUwMi9EZll6QVJYc1JmVXhfMVlUSHJoRldxLTNk
c3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RmWXpBUlhzUmZVeF8xWVRIcmhGV3EtM2Rzdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTkyQTAvNEYxRUFFODQxMzU2MTFFQTk5MkIxMTVBQzRGOUFFMDIvMzhGQTFGREUx
MzU3MTFFQUFDRjM1NjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJncQwwDQQCAAIwBwMFACQCtUAwDQYJKoZIhvcNAQELBQAD
ggEBAB65Zroph2KBFaocg0HBdIHsXzVoiqnAjUxshclhDKPw/w0xdtOqVqZVLAET
05V1aeMKr387enFfldjAJ6yxEqIwaDqo9hiksPGNwvL4bXNObbBGbPBQd3688bGK
v9kmn3F3o9O1RDxWsL81fef2o2rUtMXGGqMENdoW1T7mepNBekGNhHIpbICtJ/cc
/SS+cU18zmeJ4BNfJShNvLYhYFNhwMgpKZ3FayrZ+cvQRl81/wW4CKxH4Xxz4GwU
2JcwGujrtpn3kGxqE3aT5Kjbz0uKgXtEEfy00u1DvsE6hj4TlA8QiJHWcTS0wnRz
oV52s7TJpmSI0PAcZXcY8wIjTMA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:49:56 2024 by rpki-client on console-ams.rpki-client.org