Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9123E38/A1087D3600EA11E8BC93B16BC4F9AE02/24CFDABE00EC11E8AAC4DD6EC4F9AE02.roa
File: 24CFDABE00EC11E8AAC4DD6EC4F9AE02.roa (raw, json)
Hash identifier: Tn37t4Yj5sJCewe1sqQ2TqZG25hRlkur3rpPotUcRcA=
Subject key identifier: 58:A3:6C:03:43:39:FA:26:5F:2D:A4:5C:7A:28:16:F6:7E:EB:43:7C
Certificate issuer: /CN=A9123E38/serialNumber=D54BF399BE1B659B132314B821933A20BA38B96A
Certificate serial: 1589
Authority key identifier: D5:4B:F3:99:BE:1B:65:9B:13:23:14:B8:21:93:3A:20:BA:38:B9:6A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Uvzmb4bZZsTIxS4IZM6ILo4uWo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9123E38/A1087D3600EA11E8BC93B16BC4F9AE02/24CFDABE00EC11E8AAC4DD6EC4F9AE02.roa
Signing time: Tue 26 Sep 2023 02:34:06 +0000
ROA not before: Tue 26 Sep 2023 02:34:06 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 24337
IP address blocks: 103.228.252.0/24 maxlen: 24
103.228.253.0/24 maxlen: 24
103.228.254.0/24 maxlen: 24
103.228.255.0/24 maxlen: 24
139.5.156.0/22 maxlen: 22
139.5.156.0/24 maxlen: 24
139.5.157.0/24 maxlen: 24
139.5.158.0/24 maxlen: 24
139.5.159.0/24 maxlen: 24
141.164.96.0/20 maxlen: 20
141.164.96.0/24 maxlen: 24
141.164.97.0/24 maxlen: 24
141.164.98.0/24 maxlen: 24
141.164.99.0/24 maxlen: 24
141.164.103.0/24 maxlen: 24
141.164.107.0/24 maxlen: 24
141.164.108.0/24 maxlen: 24
141.164.109.0/24 maxlen: 24
141.164.110.0/24 maxlen: 24
141.164.111.0/24 maxlen: 24
202.123.176.0/21 maxlen: 21
202.123.176.0/24 maxlen: 24
202.123.177.0/24 maxlen: 24
202.123.178.0/24 maxlen: 24
202.123.179.0/24 maxlen: 24
202.123.180.0/24 maxlen: 24
202.123.181.0/24 maxlen: 24
202.123.182.0/24 maxlen: 24
202.123.183.0/24 maxlen: 24
2400:c180::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9123E38/A1087D3600EA11E8BC93B16BC4F9AE02/1Uvzmb4bZZsTIxS4IZM6ILo4uWo.crl
rsync://rpki.apnic.net/member_repository/A9123E38/A1087D3600EA11E8BC93B16BC4F9AE02/1Uvzmb4bZZsTIxS4IZM6ILo4uWo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Uvzmb4bZZsTIxS4IZM6ILo4uWo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5513 (0x1589)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9123E38/serialNumber=D54BF399BE1B659B132314B821933A20BA38B96A
Validity
Not Before: Sep 26 02:34:06 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6512431e-c708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:22:be:82:f6:2f:61:f6:df:80:17:44:32:11:
cd:f3:d8:11:ab:4d:64:ad:4f:a0:ae:b3:16:55:f5:
49:cf:c8:10:07:74:06:4b:6a:8d:18:be:f7:8e:6b:
b6:d6:93:5f:85:3b:cc:fd:52:87:bc:18:09:ac:7f:
f5:a5:4e:5d:4d:40:e8:94:11:c2:1b:5c:8d:20:98:
40:79:f5:a7:fc:e2:c2:f2:fd:36:3a:27:c8:c2:56:
3c:3c:29:c4:34:f7:e3:99:52:3d:76:26:c6:d7:5a:
90:0a:2f:53:a2:1b:35:3a:0c:01:9d:39:b3:1d:dd:
12:bc:7b:4a:50:dc:d0:74:b0:f2:39:63:76:72:4d:
e6:8e:cf:85:53:ed:52:9e:c6:09:ad:3e:45:a7:a3:
84:3a:07:ac:86:15:1d:86:56:45:48:ee:3d:a6:26:
bd:30:17:7a:c2:59:e0:85:33:98:be:a7:0f:8d:95:
65:ad:fd:79:88:a6:e2:3a:c5:5f:bb:89:9d:6a:d3:
ab:5f:d2:e9:19:28:40:43:8a:5c:5c:76:17:38:c7:
35:0d:2d:e8:db:4f:4f:17:f2:4f:07:8b:f1:07:81:
cc:84:3d:55:93:15:fd:06:3c:21:9f:66:5e:d6:41:
72:a4:a8:b7:8c:5b:fa:60:2a:2a:2a:15:54:a2:3a:
9a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:A3:6C:03:43:39:FA:26:5F:2D:A4:5C:7A:28:16:F6:7E:EB:43:7C
X509v3 Authority Key Identifier:
keyid:D5:4B:F3:99:BE:1B:65:9B:13:23:14:B8:21:93:3A:20:BA:38:B9:6A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9123E38/A1087D3600EA11E8BC93B16BC4F9AE02/1Uvzmb4bZZsTIxS4IZM6ILo4uWo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1Uvzmb4bZZsTIxS4IZM6ILo4uWo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123E38/A1087D3600EA11E8BC93B16BC4F9AE02/24CFDABE00EC11E8AAC4DD6EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.228.252.0/22
139.5.156.0/22
141.164.96.0/20
202.123.176.0/21
IPv6:
2400:c180::/32
Signature Algorithm: sha256WithRSAEncryption
73:ed:6f:eb:3d:9f:82:84:b5:73:a8:d8:f6:9a:24:f8:a7:e5:
57:f0:b7:7c:e3:df:7d:4e:f8:16:78:f5:27:ce:7a:d8:f8:fb:
4f:86:c3:70:c2:24:ca:39:16:b7:3f:13:b5:f7:2e:4a:d1:a5:
10:dd:2c:81:54:e4:92:2f:0a:98:99:bf:6a:f7:15:bf:4f:98:
8b:c9:51:ba:66:b0:c8:77:ff:de:23:be:6a:88:7d:4a:f2:42:
2d:4e:14:8f:34:74:56:d0:58:ce:30:40:33:25:45:f2:e6:62:
0a:4f:5e:f4:e4:49:fe:5c:29:9d:5e:fd:fe:40:07:a2:d5:39:
28:6b:ec:fa:e9:9d:ab:68:d7:6e:47:54:cf:8c:37:f9:c4:2f:
59:9a:a9:45:7a:52:53:d5:f3:1a:4d:09:ea:d0:1b:6c:f2:3d:
2a:8c:d4:ad:31:81:a8:51:e9:ce:84:d3:c8:b7:18:9d:f0:7b:
eb:f1:49:d9:cd:f9:e2:3f:26:79:3c:e5:f2:d9:b7:a7:d8:63:
87:e7:01:eb:01:1e:5a:be:13:d6:59:e1:fe:3c:11:7e:94:89:
2a:b3:eb:a8:2a:04:35:4e:62:b7:6b:16:db:15:e5:9e:70:7d:
c1:3a:09:71:fb:6e:9e:3b:48:c0:06:66:10:7d:40:ea:83:90:
4b:d2:15:78
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICFYkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjNFMzgxMTAvBgNVBAUTKEQ1NEJGMzk5QkUxQjY1OUIxMzIzMTRCODIxOTMzQTIw
QkEzOEI5NkEwHhcNMjMwOTI2MDIzNDA2WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTEyNDMxZS1jNzA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4SK+gvYvYfbfgBdEMhHN89gRq01krU+grrMWVfVJz8gQB3QGS2qNGL73jmu2
1pNfhTvM/VKHvBgJrH/1pU5dTUDolBHCG1yNIJhAefWn/OLC8v02OifIwlY8PCnE
NPfjmVI9dibG11qQCi9Tohs1OgwBnTmzHd0SvHtKUNzQdLDyOWN2ck3mjs+FU+1S
nsYJrT5Fp6OEOgeshhUdhlZFSO49pia9MBd6wlnghTOYvqcPjZVlrf15iKbiOsVf
u4mdatOrX9LpGShAQ4pcXHYXOMc1DS3o209PF/JPB4vxB4HMhD1VkxX9Bjwhn2Ze
1kFypKi3jFv6YCoqKhVUojqa2QIDAQABo4ICtjCCArIwHQYDVR0OBBYEFFijbAND
OfomXy2kXHooFvZ+60N8MB8GA1UdIwQYMBaAFNVL85m+G2WbEyMUuCGTOiC6OLlq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0UzOC9BMTA4N0QzNjAw
RUExMUU4QkM5M0IxNkJDNEY5QUUwMi8xVXZ6bWI0Ylpac1RJeFM0SVpNNklMbzR1
V28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFVdnptYjRiWlpzVEl4UzRJWk02SUxvNHVXby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjNFMzgvQTEwODdEMzYwMEVBMTFFOEJDOTNCMTZCQzRGOUFFMDIvMjRDRkRBQkUw
MEVDMTFFOEFBQzRERDZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJn5PwDBAKLBZwDBASNpGADBAPKe7AwDQQCAAIwBwMFACQA
wYAwDQYJKoZIhvcNAQELBQADggEBAHPtb+s9n4KEtXOo2PaaJPin5Vfwt3zj331O
+BZ49SfOetj4+0+Gw3DCJMo5Frc/E7X3LkrRpRDdLIFU5JIvCpiZv2r3Fb9PmIvJ
UbpmsMh3/94jvmqIfUryQi1OFI80dFbQWM4wQDMlRfLmYgpPXvTkSf5cKZ1e/f5A
B6LVOShr7Prpnato125HVM+MN/nEL1maqUV6UlPV8xpNCerQG2zyPSqM1K0xgahR
6c6E08i3GJ3we+vxSdnN+eI/Jnk85fLZt6fYY4fnAesBHlq+E9ZZ4f48EX6UiSqz
66gqBDVOYrdrFtsV5Z5wfcE6CXH7bp47SMAGZhB9QOqDkEvSFXg=
-----END CERTIFICATE-----
Generated at Sat May 18 18:21:35 2024 by rpki-client on console-ams.rpki-client.org