Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/8A721F4EB10C11E5BB6B2A16C4F9AE02.roa
File: 8A721F4EB10C11E5BB6B2A16C4F9AE02.roa (raw, json)
Hash identifier: Fly4ayuNsMK9IP2qOntpA6n3IB5Im4wYeT50ZiUvTv0=
Subject key identifier: CF:64:1A:47:8D:1A:A7:A3:8C:3F:22:1B:E1:48:51:43:E0:76:7B:5E
Certificate issuer: /CN=A91240E6/serialNumber=6DCE52F9A228CBF6F30CD55D43384D1268487B65
Certificate serial: 23C5
Authority key identifier: 6D:CE:52:F9:A2:28:CB:F6:F3:0C:D5:5D:43:38:4D:12:68:48:7B:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/8A721F4EB10C11E5BB6B2A16C4F9AE02.roa
Signing time: Sun 21 Aug 2022 16:12:20 +0000
ROA not before: Sun 21 Aug 2022 16:12:20 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 38203
IP address blocks: 103.4.116.0/22 maxlen: 22
103.4.116.0/22 maxlen: 24
103.4.116.0/24 maxlen: 24
103.4.117.0/24 maxlen: 24
103.4.118.0/24 maxlen: 24
103.4.119.0/24 maxlen: 24
103.234.200.0/22 maxlen: 22
103.234.200.0/24 maxlen: 24
103.234.201.0/24 maxlen: 24
103.234.202.0/24 maxlen: 24
103.234.203.0/24 maxlen: 24
103.251.120.0/22 maxlen: 22
103.251.120.0/22 maxlen: 24
103.251.120.0/24 maxlen: 24
103.251.121.0/24 maxlen: 24
103.251.122.0/24 maxlen: 24
103.251.123.0/24 maxlen: 24
163.47.144.0/22 maxlen: 22
163.47.144.0/22 maxlen: 24
163.47.144.0/24 maxlen: 24
163.47.145.0/24 maxlen: 24
163.47.146.0/24 maxlen: 24
163.47.147.0/24 maxlen: 24
202.51.176.0/20 maxlen: 20
202.51.176.0/20 maxlen: 24
202.51.176.0/24 maxlen: 24
202.51.177.0/24 maxlen: 24
202.51.178.0/24 maxlen: 24
202.51.179.0/24 maxlen: 24
202.51.180.0/24 maxlen: 24
202.51.181.0/24 maxlen: 24
202.51.182.0/24 maxlen: 24
202.51.183.0/24 maxlen: 24
202.51.184.0/24 maxlen: 24
202.51.185.0/24 maxlen: 24
202.51.186.0/24 maxlen: 24
202.51.187.0/24 maxlen: 24
202.51.188.0/24 maxlen: 24
202.51.189.0/24 maxlen: 24
202.51.190.0/24 maxlen: 24
202.51.191.0/24 maxlen: 24
2402:b500::/32 maxlen: 48
2402:b500:1::/48 maxlen: 48
2402:b500:2::/48 maxlen: 48
2402:b500:3::/48 maxlen: 48
2402:b500:4::/48 maxlen: 48
2402:b500:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl
rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 21 Mar 2023 16:16:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9157 (0x23c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91240E6/serialNumber=6DCE52F9A228CBF6F30CD55D43384D1268487B65
Validity
Not Before: Aug 21 16:12:20 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=63025963-fec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ed:24:bf:22:6c:f7:e0:cb:fd:41:68:95:29:
9c:b7:be:34:8b:66:e7:59:12:c7:03:86:e5:fe:33:
db:bb:74:32:f4:14:50:a1:36:9d:ce:12:ff:d0:bb:
66:e5:89:99:9b:08:57:0a:98:d0:1f:70:50:67:96:
bd:e4:ad:24:09:0b:a4:b8:a4:bb:6d:7f:e0:62:16:
67:2a:af:99:af:36:72:ed:f4:61:de:13:ad:e7:d5:
2b:ef:2f:df:d7:e9:2a:a1:3a:6a:ef:41:dc:af:c2:
03:f8:dd:e8:63:5c:21:4e:4d:b5:ab:a7:8a:fb:8f:
8b:8b:71:5a:1e:eb:43:f8:14:6b:12:3c:a3:d4:60:
d2:19:53:e1:35:22:18:52:c9:72:a3:90:5b:13:8d:
db:c3:6c:fb:f4:96:28:58:09:53:10:b5:e8:3a:ce:
3c:96:b1:13:90:81:8f:0e:ce:cf:9c:48:88:7e:55:
f0:0a:bb:60:68:c1:55:02:73:85:2f:1f:f2:43:7f:
59:d1:5c:67:55:34:02:0f:fc:36:6b:69:f6:d0:ec:
69:93:c9:1a:21:69:eb:90:0a:b8:b2:a3:77:88:0a:
80:8b:6f:9b:cb:2f:d8:da:86:55:95:bb:78:57:cd:
39:aa:f3:ac:f1:e3:83:da:21:3c:89:1f:35:79:cd:
86:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:64:1A:47:8D:1A:A7:A3:8C:3F:22:1B:E1:48:51:43:E0:76:7B:5E
X509v3 Authority Key Identifier:
keyid:6D:CE:52:F9:A2:28:CB:F6:F3:0C:D5:5D:43:38:4D:12:68:48:7B:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/8A721F4EB10C11E5BB6B2A16C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.4.116.0/22
103.234.200.0/22
103.251.120.0/22
163.47.144.0/22
202.51.176.0/20
IPv6:
2402:b500::/32
Signature Algorithm: sha256WithRSAEncryption
9e:8b:87:5b:9e:da:c0:ad:b5:01:16:5b:54:5b:55:20:fb:a7:
3d:ec:90:ae:57:36:dd:7a:4c:91:3a:14:fd:ae:ad:4a:f9:c1:
ed:8c:ca:34:11:f7:44:c0:a6:b6:aa:54:f3:61:29:ab:9d:49:
c5:73:55:e8:3f:17:ef:5b:66:77:e1:e2:75:03:9b:b7:6f:cd:
ed:5e:6e:e7:73:3c:32:37:7b:23:36:a7:e5:78:f5:d1:68:0d:
61:48:28:75:99:d7:f0:07:88:e2:9b:21:43:04:d4:04:8d:ac:
c9:20:5d:e4:e1:6f:7d:64:dc:0f:4c:9e:f0:30:7a:d2:70:b4:
3a:a9:c1:82:88:ca:d7:73:f3:db:a6:3c:ef:bc:45:3f:80:48:
c6:cf:35:1c:43:fe:01:ac:aa:95:1f:36:df:91:5f:72:75:2d:
05:69:33:04:2f:ab:bb:9a:77:07:ae:8d:82:05:61:cb:42:00:
24:38:92:39:e2:52:b4:55:ba:6a:15:8d:07:5c:97:5d:02:4c:
6d:3d:8b:65:5f:0b:fa:34:b9:06:e0:32:2f:31:3b:a2:31:94:
b5:7f:a3:39:ee:3f:6a:8c:1b:c7:08:b3:c0:f2:d4:c6:24:fc:
d1:50:5b:db:13:7c:33:b4:91:16:4e:76:7f:6c:af:6a:30:10:
e2:17:fd:1a
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICI8UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQwRTYxMTAvBgNVBAUTKDZEQ0U1MkY5QTIyOENCRjZGMzBDRDU1RDQzMzg0RDEy
Njg0ODdCNjUwHhcNMjIwODIxMTYxMjIwWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzAyNTk2My1mZWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2O0kvyJs9+DL/UFolSmct740i2bnWRLHA4bl/jPbu3Qy9BRQoTadzhL/0Ltm
5YmZmwhXCpjQH3BQZ5a95K0kCQukuKS7bX/gYhZnKq+ZrzZy7fRh3hOt59Ur7y/f
1+kqoTpq70Hcr8ID+N3oY1whTk21q6eK+4+Li3FaHutD+BRrEjyj1GDSGVPhNSIY
Uslyo5BbE43bw2z79JYoWAlTELXoOs48lrETkIGPDs7PnEiIflXwCrtgaMFVAnOF
Lx/yQ39Z0VxnVTQCD/w2a2n20Oxpk8kaIWnrkAq4sqN3iAqAi2+byy/Y2oZVlbt4
V805qvOs8eOD2iE8iR81ec2GeQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFM9kGkeN
GqejjD8iG+FIUUPgdnteMB8GA1UdIwQYMBaAFG3OUvmiKMv28wzVXUM4TRJoSHtl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDBFNi82NjA3NDJDOEZE
MjExMUU0ODhBQjBDMzRDNEY5QUUwMi9iYzVTLWFJb3lfYnpETlZkUXpoTkVtaEll
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JjNVMtYUlveV9iekROVmRRemhORW1oSWUyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQwRTYvNjYwNzQyQzhGRDIxMTFFNDg4QUIwQzM0QzRGOUFFMDIvOEE3MjFGNEVC
MTBDMTFFNUJCNkIyQTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAJnBHQDBAJn6sgDBAJn+3gDBAKjL5ADBATKM7AwDQQCAAIw
BwMFACQCtQAwDQYJKoZIhvcNAQELBQADggEBAJ6Lh1ue2sCttQEWW1RbVSD7pz3s
kK5XNt16TJE6FP2urUr5we2MyjQR90TApraqVPNhKaudScVzVeg/F+9bZnfh4nUD
m7dvze1ebudzPDI3eyM2p+V49dFoDWFIKHWZ1/AHiOKbIUME1ASNrMkgXeThb31k
3A9MnvAwetJwtDqpwYKIytdz89umPO+8RT+ASMbPNRxD/gGsqpUfNt+RX3J1LQVp
MwQvq7uadweujYIFYctCACQ4kjniUrRVumoVjQdcl10CTG09i2VfC/o0uQbgMi8x
O6IxlLV/oznuP2qMG8cIs8Dy1MYk/NFQW9sTfDO0kRZOdn9sr2owEOIX/Ro=
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:53:13 2023 by rpki-client on console-fra.rpki-client.org