Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5D7/25872BBE03B411E7B811AA14C4F9AE02/CCDEF336515711EEA61D5643C4F9AE02.roa
File: CCDEF336515711EEA61D5643C4F9AE02.roa (raw, json)
Hash identifier: vMjsWlt+qCptCBWjk8QsOnFHsuU6ZH7+Jgo589b2plE=
Subject key identifier: DB:DB:40:7D:8D:D0:23:A1:32:3D:53:80:5B:A7:91:5A:E3:F6:61:35
Certificate issuer: /CN=A911B5D7/serialNumber=41FE1D4135AB2D67623E76083398468AD4FAA1DC
Certificate serial: 1AF2
Authority key identifier: 41:FE:1D:41:35:AB:2D:67:62:3E:76:08:33:98:46:8A:D4:FA:A1:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qf4dQTWrLWdiPnYIM5hGitT6odw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B5D7/25872BBE03B411E7B811AA14C4F9AE02/CCDEF336515711EEA61D5643C4F9AE02.roa
Signing time: Thu 02 May 2024 17:04:32 +0000
ROA not before: Thu 02 May 2024 17:04:32 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 38713
IP address blocks: 103.25.136.0/24 maxlen: 24
103.25.137.0/24 maxlen: 24
103.25.138.0/24 maxlen: 24
103.25.139.0/24 maxlen: 24
103.205.176.0/24 maxlen: 24
103.205.177.0/24 maxlen: 24
103.205.178.0/24 maxlen: 24
103.205.179.0/24 maxlen: 24
116.206.140.0/24 maxlen: 24
116.206.141.0/24 maxlen: 24
116.206.143.0/24 maxlen: 24
202.143.112.0/24 maxlen: 24
202.143.113.0/24 maxlen: 24
202.143.114.0/24 maxlen: 24
202.143.115.0/24 maxlen: 24
202.143.116.0/24 maxlen: 24
202.143.117.0/24 maxlen: 24
202.143.118.0/24 maxlen: 24
202.143.119.0/24 maxlen: 24
202.143.120.0/24 maxlen: 24
202.143.121.0/24 maxlen: 24
202.143.122.0/24 maxlen: 24
202.143.123.0/24 maxlen: 24
202.143.124.0/24 maxlen: 24
202.143.125.0/24 maxlen: 24
202.143.126.0/24 maxlen: 24
202.143.127.0/24 maxlen: 24
2406:1300::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911B5D7/25872BBE03B411E7B811AA14C4F9AE02/Qf4dQTWrLWdiPnYIM5hGitT6odw.crl
rsync://rpki.apnic.net/member_repository/A911B5D7/25872BBE03B411E7B811AA14C4F9AE02/Qf4dQTWrLWdiPnYIM5hGitT6odw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qf4dQTWrLWdiPnYIM5hGitT6odw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6898 (0x1af2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B5D7/serialNumber=41FE1D4135AB2D67623E76083398468AD4FAA1DC
Validity
Not Before: May 2 17:04:32 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6633c79f-3165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:62:cb:69:51:0a:75:77:53:d1:47:16:2b:2e:
71:41:90:ad:88:bf:43:c1:6f:09:0f:76:47:6b:75:
ca:50:d0:d4:68:ed:67:00:2d:ac:c8:26:03:a8:5d:
66:cf:6c:c2:95:10:e7:60:36:b1:52:b7:8c:b7:1d:
9a:81:03:3b:af:6c:e0:fc:45:02:8e:c7:2a:24:ce:
c9:8d:2e:3b:04:d9:7c:b4:00:65:c9:e2:da:b6:ba:
ad:52:bb:1a:38:39:6e:9e:6a:27:4e:6d:53:f4:d5:
b6:69:51:05:47:75:e3:f5:d2:16:4c:3b:22:9b:cd:
9f:5a:c8:2f:e0:43:d0:6e:6e:49:7e:82:5a:8d:aa:
8d:ad:28:f1:6f:84:ba:2d:a1:ad:05:8f:62:3d:e4:
38:64:2e:4e:e5:ff:f2:b4:65:58:38:36:f8:1a:7d:
7f:40:17:90:24:3f:46:5b:80:26:14:c2:59:50:43:
25:ad:e1:af:06:fe:52:7c:95:e6:7d:1d:e5:b5:9f:
02:48:e4:e1:3e:e2:4c:bc:07:c0:9e:77:95:0a:0e:
a4:1d:25:4d:cb:16:4b:c8:67:4d:ea:48:0a:e8:14:
1a:ed:8b:3c:36:1f:b6:0b:7b:1b:6f:3f:19:9c:ad:
be:b0:65:3b:6b:ea:7a:46:cc:be:84:84:9e:e0:6b:
f5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:DB:40:7D:8D:D0:23:A1:32:3D:53:80:5B:A7:91:5A:E3:F6:61:35
X509v3 Authority Key Identifier:
keyid:41:FE:1D:41:35:AB:2D:67:62:3E:76:08:33:98:46:8A:D4:FA:A1:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B5D7/25872BBE03B411E7B811AA14C4F9AE02/Qf4dQTWrLWdiPnYIM5hGitT6odw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Qf4dQTWrLWdiPnYIM5hGitT6odw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5D7/25872BBE03B411E7B811AA14C4F9AE02/CCDEF336515711EEA61D5643C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.25.136.0/22
103.205.176.0/22
116.206.140.0/23
116.206.143.0/24
202.143.112.0/20
IPv6:
2406:1300::/48
Signature Algorithm: sha256WithRSAEncryption
8a:f5:b3:65:92:56:69:42:bc:ca:e4:9e:ba:fe:f1:02:be:9e:
5b:17:a1:77:ee:f5:d8:48:ac:61:bd:7b:c2:74:ce:73:92:77:
df:12:87:58:26:a7:aa:a9:ad:1e:53:64:e6:38:3d:c6:49:93:
f8:c2:a1:de:db:b2:2f:f3:b5:4d:16:9d:52:13:e9:e1:43:ae:
da:39:7f:dd:33:eb:f2:f9:78:32:f7:fc:0a:a8:bf:c3:31:a6:
22:70:e4:83:f1:a6:12:c3:8b:de:66:04:fa:ae:c4:bf:d3:26:
ae:b1:36:29:9d:e9:f3:29:93:0f:0d:e8:36:d4:8f:99:fb:13:
51:96:e8:62:1e:fd:5a:dd:e0:3e:43:69:47:2b:fe:86:11:ae:
1f:b0:68:e8:70:47:d3:13:ea:2a:ee:91:0e:4f:11:5a:18:50:
28:e6:c2:83:18:60:15:0d:ce:2b:db:76:20:8a:ca:df:cf:24:
2f:00:7b:13:65:7c:33:b5:16:93:8f:45:d9:4e:9c:4f:38:fe:
fa:72:4f:d0:7b:d2:61:9d:5e:34:35:df:6d:62:e8:10:41:3f:
26:6c:ee:71:c5:66:ae:80:e4:78:df:6b:30:ee:5f:0b:20:d4:
d2:24:93:0d:5f:c6:88:a9:e7:60:b4:69:c6:a9:31:1f:93:b4:
05:f9:28:34
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICGvIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI1RDcxMTAvBgNVBAUTKDQxRkUxRDQxMzVBQjJENjc2MjNFNzYwODMzOTg0NjhB
RDRGQUExREMwHhcNMjQwNTAyMTcwNDMyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMzYzc5Zi0zMTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA32LLaVEKdXdT0UcWKy5xQZCtiL9DwW8JD3ZHa3XKUNDUaO1nAC2syCYDqF1m
z2zClRDnYDaxUreMtx2agQM7r2zg/EUCjscqJM7JjS47BNl8tABlyeLatrqtUrsa
ODlunmonTm1T9NW2aVEFR3Xj9dIWTDsim82fWsgv4EPQbm5JfoJajaqNrSjxb4S6
LaGtBY9iPeQ4ZC5O5f/ytGVYODb4Gn1/QBeQJD9GW4AmFMJZUEMlreGvBv5SfJXm
fR3ltZ8CSOThPuJMvAfAnneVCg6kHSVNyxZLyGdN6kgK6BQa7Ys8Nh+2C3sbbz8Z
nK2+sGU7a+p6Rsy+hISe4Gv1oQIDAQABo4ICvjCCArowHQYDVR0OBBYEFNvbQH2N
0COhMj1TgFunkVrj9mE1MB8GA1UdIwQYMBaAFEH+HUE1qy1nYj52CDOYRorU+qHc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVENy8yNTg3MkJCRTAz
QjQxMUU3QjgxMUFBMTRDNEY5QUUwMi9RZjRkUVRXckxXZGlQbllJTTVoR2l0VDZv
ZHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FmNGRRVFdyTFdkaVBuWUlNNWhHaXRUNm9kdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI1RDcvMjU4NzJCQkUwM0I0MTFFN0I4MTFBQTE0QzRGOUFFMDIvQ0NERUYzMzY1
MTU3MTFFRUE2MUQ1NjQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MCQEAgABMB4DBAJnGYgDBAJnzbADBAF0zowDBAB0zo8DBATKj3AwDwQCAAIw
CQMHACQGEwAAADANBgkqhkiG9w0BAQsFAAOCAQEAivWzZZJWaUK8yuSeuv7xAr6e
Wxehd+712EisYb17wnTOc5J33xKHWCanqqmtHlNk5jg9xkmT+MKh3tuyL/O1TRad
UhPp4UOu2jl/3TPr8vl4Mvf8Cqi/wzGmInDkg/GmEsOL3mYE+q7Ev9MmrrE2KZ3p
8ymTDw3oNtSPmfsTUZboYh79Wt3gPkNpRyv+hhGuH7Bo6HBH0xPqKu6RDk8RWhhQ
KObCgxhgFQ3OK9t2IIrK388kLwB7E2V8M7UWk49F2U6cTzj++nJP0HvSYZ1eNDXf
bWLoEEE/JmzuccVmroDkeN9rMO5fCyDU0iSTDV/GiKnnYLRpxqkxH5O0BfkoNA==
-----END CERTIFICATE-----
Generated at Sat May 18 17:20:02 2024 by rpki-client on console-ams.rpki-client.org