Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/8A721F4EB10C11E5BB6B2A16C4F9AE02.roa
File: 8A721F4EB10C11E5BB6B2A16C4F9AE02.roa (raw, json)
Hash identifier: bCqdq6Z6AyxbXSebcht3seS/C9Ype0jJA9pNV7rNcXk=
Subject key identifier: F2:70:81:1D:71:D0:A4:E1:EB:82:4A:4B:25:3D:9E:DC:B5:F7:B6:46
Certificate issuer: /CN=A91240E6/serialNumber=6DCE52F9A228CBF6F30CD55D43384D1268487B65
Certificate serial: 258A
Authority key identifier: 6D:CE:52:F9:A2:28:CB:F6:F3:0C:D5:5D:43:38:4D:12:68:48:7B:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/8A721F4EB10C11E5BB6B2A16C4F9AE02.roa
Signing time: Fri 30 Aug 2024 16:22:40 +0000
ROA not before: Fri 30 Aug 2024 16:22:40 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 38203
IP address blocks: 103.4.116.0/22 maxlen: 22
103.4.116.0/22 maxlen: 24
103.4.116.0/24 maxlen: 24
103.4.117.0/24 maxlen: 24
103.4.118.0/24 maxlen: 24
103.4.119.0/24 maxlen: 24
103.234.200.0/22 maxlen: 22
103.234.200.0/24 maxlen: 24
103.234.201.0/24 maxlen: 24
103.234.202.0/24 maxlen: 24
103.234.203.0/24 maxlen: 24
103.251.120.0/22 maxlen: 22
103.251.120.0/22 maxlen: 24
103.251.120.0/24 maxlen: 24
103.251.121.0/24 maxlen: 24
103.251.122.0/24 maxlen: 24
103.251.123.0/24 maxlen: 24
163.47.144.0/22 maxlen: 22
163.47.144.0/22 maxlen: 24
163.47.144.0/24 maxlen: 24
163.47.145.0/24 maxlen: 24
163.47.146.0/24 maxlen: 24
163.47.147.0/24 maxlen: 24
202.51.176.0/20 maxlen: 20
202.51.176.0/20 maxlen: 24
202.51.176.0/24 maxlen: 24
202.51.177.0/24 maxlen: 24
202.51.178.0/24 maxlen: 24
202.51.179.0/24 maxlen: 24
202.51.180.0/24 maxlen: 24
202.51.181.0/24 maxlen: 24
202.51.182.0/24 maxlen: 24
202.51.183.0/24 maxlen: 24
202.51.184.0/24 maxlen: 24
202.51.185.0/24 maxlen: 24
202.51.186.0/24 maxlen: 24
202.51.187.0/24 maxlen: 24
202.51.188.0/24 maxlen: 24
202.51.189.0/24 maxlen: 24
202.51.190.0/24 maxlen: 24
202.51.191.0/24 maxlen: 24
2402:b500::/32 maxlen: 48
2402:b500:1::/48 maxlen: 48
2402:b500:2::/48 maxlen: 48
2402:b500:3::/48 maxlen: 48
2402:b500:4::/48 maxlen: 48
2402:b500:5::/48 maxlen: 48
2402:b500:31::/48 maxlen: 48
2402:b500:1000::/48 maxlen: 48
2402:b500:1001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl
rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 15:43:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9610 (0x258a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91240E6/serialNumber=6DCE52F9A228CBF6F30CD55D43384D1268487B65
Validity
Not Before: Aug 30 16:22:40 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d1f1d0-2fc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b0:ea:b9:51:97:b5:a9:c8:3f:51:14:98:00:
6d:31:ae:8e:cf:19:5a:b1:99:a7:94:24:da:1b:e4:
d9:57:01:4b:e9:c8:99:dc:38:d4:56:05:08:d4:4f:
57:72:32:1f:20:78:48:79:f9:98:f7:66:36:d7:9f:
4d:ce:50:a2:5a:73:54:cd:ac:3e:93:5a:22:1c:8a:
c2:74:49:96:8c:f2:63:eb:1d:b0:6f:54:83:f4:0a:
94:96:df:41:68:53:7c:2b:90:73:4c:05:a0:9f:c5:
56:0b:2a:da:eb:09:f6:ee:ec:62:f3:fd:60:04:21:
5d:56:bc:b2:68:ae:3b:1a:e7:1d:4b:0f:e7:58:24:
2d:74:fe:e8:b5:96:a8:a5:ce:0f:e6:bb:06:27:af:
64:b3:64:fd:92:21:10:4a:a3:a3:04:9e:a7:73:61:
36:75:5b:04:42:99:14:6b:c6:6f:c3:55:d1:7e:d6:
97:2c:11:6a:2b:f6:22:e4:13:5d:2b:0f:63:fa:3a:
50:32:f5:9c:fa:af:df:63:1b:0e:d1:47:83:ad:80:
cf:8b:73:b3:38:40:fe:af:2c:07:08:2f:ac:d2:6c:
74:ae:1e:d1:bd:0e:13:4f:35:4b:aa:57:d7:2b:b4:
d0:19:f6:78:6f:c1:73:3c:35:d7:5d:cc:a8:f2:24:
38:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:70:81:1D:71:D0:A4:E1:EB:82:4A:4B:25:3D:9E:DC:B5:F7:B6:46
X509v3 Authority Key Identifier:
keyid:6D:CE:52:F9:A2:28:CB:F6:F3:0C:D5:5D:43:38:4D:12:68:48:7B:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/bc5S-aIoy_bzDNVdQzhNEmhIe2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bc5S-aIoy_bzDNVdQzhNEmhIe2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91240E6/660742C8FD2111E488AB0C34C4F9AE02/8A721F4EB10C11E5BB6B2A16C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.4.116.0/22
103.234.200.0/22
103.251.120.0/22
163.47.144.0/22
202.51.176.0/20
IPv6:
2402:b500::/32
Signature Algorithm: sha256WithRSAEncryption
42:31:20:99:fd:e7:8f:4a:77:86:35:f3:4d:cd:2a:9a:70:2f:
ae:d2:6b:7b:fb:b7:4b:c6:fc:e4:de:01:33:02:dc:8b:a8:d1:
2d:3d:f3:b6:4e:e3:85:7f:2a:88:01:65:f2:de:4e:32:1f:1c:
b6:9c:ef:c2:e9:41:de:53:7d:6f:dc:04:b1:8a:b0:9b:e7:1c:
e5:00:6d:8b:97:7b:a9:2c:dc:7d:e1:1b:a9:9d:d6:8c:08:4e:
81:65:91:ed:68:c9:aa:37:12:0c:65:d2:f7:58:5d:e5:8f:83:
d0:3a:47:10:df:64:f8:c7:fb:96:03:c7:e8:f7:ea:2b:78:4c:
0d:53:4a:09:7a:57:da:07:de:23:fc:a3:75:12:d1:ce:90:5a:
e9:69:bd:6a:ec:87:f2:b3:4f:21:fc:20:db:89:7d:56:23:90:
c8:78:e7:44:fa:a0:2d:95:50:cc:e3:48:5d:f9:32:46:17:d3:
56:41:96:b5:03:8f:b7:d7:bb:f7:02:89:12:cc:0c:34:85:0d:
f1:ea:7b:b4:bb:f0:ab:b3:45:c0:89:a1:b9:04:11:c1:cb:ce:
56:9c:63:f1:bc:7e:4f:d1:73:c2:5d:d0:6e:db:79:ac:8d:4d:
06:b7:70:51:a3:5d:d2:f4:56:ac:88:f0:85:eb:c0:33:e1:33:
31:17:e8:37
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICJYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQwRTYxMTAvBgNVBAUTKDZEQ0U1MkY5QTIyOENCRjZGMzBDRDU1RDQzMzg0RDEy
Njg0ODdCNjUwHhcNMjQwODMwMTYyMjQwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQxZjFkMC0yZmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu7DquVGXtanIP1EUmABtMa6OzxlasZmnlCTaG+TZVwFL6ciZ3DjUVgUI1E9X
cjIfIHhIefmY92Y2159NzlCiWnNUzaw+k1oiHIrCdEmWjPJj6x2wb1SD9AqUlt9B
aFN8K5BzTAWgn8VWCyra6wn27uxi8/1gBCFdVryyaK47GucdSw/nWCQtdP7otZao
pc4P5rsGJ69ks2T9kiEQSqOjBJ6nc2E2dVsEQpkUa8Zvw1XRftaXLBFqK/Yi5BNd
Kw9j+jpQMvWc+q/fYxsO0UeDrYDPi3OzOED+rywHCC+s0mx0rh7RvQ4TTzVLqlfX
K7TQGfZ4b8FzPDXXXcyo8iQ4VQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFPJwgR1x
0KTh64JKSyU9nty197ZGMB8GA1UdIwQYMBaAFG3OUvmiKMv28wzVXUM4TRJoSHtl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDBFNi82NjA3NDJDOEZE
MjExMUU0ODhBQjBDMzRDNEY5QUUwMi9iYzVTLWFJb3lfYnpETlZkUXpoTkVtaEll
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JjNVMtYUlveV9iekROVmRRemhORW1oSWUyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQwRTYvNjYwNzQyQzhGRDIxMTFFNDg4QUIwQzM0QzRGOUFFMDIvOEE3MjFGNEVC
MTBDMTFFNUJCNkIyQTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAJnBHQDBAJn6sgDBAJn+3gDBAKjL5ADBATKM7AwDQQCAAIw
BwMFACQCtQAwDQYJKoZIhvcNAQELBQADggEBAEIxIJn9549Kd4Y1803NKppwL67S
a3v7t0vG/OTeATMC3Iuo0S0987ZO44V/KogBZfLeTjIfHLac78LpQd5TfW/cBLGK
sJvnHOUAbYuXe6ks3H3hG6md1owIToFlke1oyao3Egxl0vdYXeWPg9A6RxDfZPjH
+5YDx+j36it4TA1TSgl6V9oH3iP8o3US0c6QWulpvWrsh/KzTyH8INuJfVYjkMh4
50T6oC2VUMzjSF35MkYX01ZBlrUDj7fXu/cCiRLMDDSFDfHqe7S78KuzRcCJobkE
EcHLzlacY/G8fk/Rc8Jd0G7beayNTQa3cFGjXdL0VqyI8IXrwDPhMzEX6Dc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:55:39 2024 by rpki-client on console-fra.rpki-client.org