Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/5D73B28421F911EFAF8DD824C4F9AE02.roa
File: 5D73B28421F911EFAF8DD824C4F9AE02.roa (raw, json)
Hash identifier: i2YNi83/orqDBNfNUa80ExexK4FtLNMUjcoWzzX1+Rc=
Subject key identifier: 2D:94:21:EA:0F:77:3C:1C:B1:85:5F:C7:56:DD:C4:86:1E:5A:9C:AA
Certificate issuer: /CN=A913900D/serialNumber=C603786D55A904124E7592EED2899EF578921100
Certificate serial: 7CEB
Authority key identifier: C6:03:78:6D:55:A9:04:12:4E:75:92:EE:D2:89:9E:F5:78:92:11:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/5D73B28421F911EFAF8DD824C4F9AE02.roa
Signing time: Mon 16 Sep 2024 17:25:06 +0000
ROA not before: Mon 16 Sep 2024 17:25:06 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 3949
IP address blocks: 103.13.83.144/29 maxlen: 29
103.13.83.152/29 maxlen: 29
103.13.83.160/29 maxlen: 29
103.13.83.161/32 maxlen: 32
202.68.66.76/30 maxlen: 30
202.68.67.48/29 maxlen: 29
202.68.68.0/26 maxlen: 26
202.68.68.96/27 maxlen: 27
202.68.68.96/28 maxlen: 28
202.68.68.112/28 maxlen: 28
202.68.68.192/26 maxlen: 26
202.68.68.192/27 maxlen: 27
202.68.68.224/27 maxlen: 27
202.68.69.0/27 maxlen: 27
202.68.69.32/29 maxlen: 29
202.68.69.48/28 maxlen: 28
202.68.69.64/27 maxlen: 28
202.68.69.68/30 maxlen: 30
202.68.69.96/28 maxlen: 28
202.68.69.128/25 maxlen: 25
202.68.71.0/26 maxlen: 26
202.68.71.64/26 maxlen: 26
202.68.71.128/26 maxlen: 26
202.68.71.192/29 maxlen: 29
202.68.71.200/29 maxlen: 29
202.68.71.208/29 maxlen: 29
202.68.71.216/29 maxlen: 29
202.68.71.224/29 maxlen: 29
202.68.71.232/29 maxlen: 29
202.68.71.240/28 maxlen: 28
202.68.72.0/24 maxlen: 24
202.68.73.88/29 maxlen: 29
202.68.73.192/27 maxlen: 27
202.68.74.32/29 maxlen: 29
202.68.74.96/28 maxlen: 28
202.68.74.112/28 maxlen: 28
202.68.74.156/30 maxlen: 30
202.68.74.208/28 maxlen: 28
202.68.75.64/28 maxlen: 28
202.68.75.80/28 maxlen: 28
202.68.75.240/28 maxlen: 28
202.68.79.0/24 maxlen: 24
202.68.79.0/25 maxlen: 25
202.68.79.128/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.crl
rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 17:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31979 (0x7ceb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913900D/serialNumber=C603786D55A904124E7592EED2899EF578921100
Validity
Not Before: Sep 16 17:25:06 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66e869f2-65a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6f:7a:99:d8:fc:91:5b:17:a7:85:ad:03:4f:
64:93:04:50:af:de:ad:17:6b:2f:5b:a6:57:31:12:
a2:92:78:c7:a0:5a:6f:cd:e1:fb:4d:30:6e:3e:23:
3d:a5:cb:47:74:4b:a6:b0:c3:2c:d6:fb:64:51:e3:
ef:f6:b9:88:cc:3d:09:1e:24:c8:ff:b6:e5:ce:8a:
de:53:46:1a:c5:42:55:35:df:16:9e:f8:28:ae:df:
bb:8f:71:3e:53:79:21:d8:b6:f7:69:a7:22:e0:0d:
d7:74:d3:1e:a6:da:a0:3d:bf:10:81:68:00:eb:c4:
79:40:e8:cd:06:34:b8:3e:a1:d7:44:9c:e5:df:0a:
8b:3f:eb:84:78:f1:30:22:59:2c:e0:89:7f:d8:63:
83:c4:ca:c4:85:99:85:5f:ec:4d:2b:c9:ba:b7:df:
dd:db:0a:1c:63:c6:5c:0d:1e:d2:3c:c8:15:de:3b:
5d:43:45:54:f1:4e:1e:df:3d:4e:f8:12:01:d4:5d:
c5:31:a6:87:2a:ca:72:98:22:c8:3f:03:58:51:85:
1c:43:af:1d:44:34:82:66:d7:74:3e:1f:2d:d7:a2:
d3:58:3c:7d:e9:f6:cc:2c:5c:31:c9:46:b2:52:4f:
3d:f7:f4:5d:d6:56:8c:b1:09:f6:e0:79:08:fd:54:
88:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:94:21:EA:0F:77:3C:1C:B1:85:5F:C7:56:DD:C4:86:1E:5A:9C:AA
X509v3 Authority Key Identifier:
keyid:C6:03:78:6D:55:A9:04:12:4E:75:92:EE:D2:89:9E:F5:78:92:11:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/5D73B28421F911EFAF8DD824C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.13.83.144-103.13.83.167
202.68.66.76/30
202.68.67.48/29
202.68.68.0/26
202.68.68.96/27
202.68.68.192-202.68.69.39
202.68.69.48-202.68.69.111
202.68.69.128/25
202.68.71.0-202.68.72.255
202.68.73.88/29
202.68.73.192/27
202.68.74.32/29
202.68.74.96/27
202.68.74.156/30
202.68.74.208/28
202.68.75.64/27
202.68.75.240/28
202.68.79.0/24
Signature Algorithm: sha256WithRSAEncryption
00:69:be:b1:a8:7a:e8:9f:5e:82:ee:45:f5:dd:ed:b0:df:fa:
60:3b:5e:6d:5e:cb:68:30:f8:38:7f:9d:a8:10:a8:f2:6a:6f:
7c:39:44:6a:7a:b0:10:74:b6:c6:80:0c:dc:da:b5:40:bf:9d:
dc:30:60:3f:a2:86:80:b5:e9:84:64:b6:50:d2:a3:76:60:70:
51:24:af:74:c4:3b:47:f8:5b:51:22:29:7d:0a:c2:b9:3c:89:
6c:70:f3:a8:a4:41:f2:ac:4e:60:2d:a1:21:4a:bf:a4:aa:e7:
6b:52:b8:66:37:04:9d:2b:c7:a9:92:21:63:2a:b1:10:b7:12:
4e:69:d2:3b:4b:ab:f9:68:ae:53:6d:6e:1d:44:94:f9:41:7c:
d8:9b:87:14:29:58:3b:42:11:03:fa:6f:34:a6:c1:a7:18:7c:
3f:e9:ee:e8:da:cc:52:d4:ff:aa:47:f8:2a:00:81:91:eb:2a:
8d:8a:60:5b:33:39:de:c3:dc:df:d4:36:49:f7:fc:e6:42:87:
3b:11:61:c5:fa:94:35:55:49:63:10:ef:c7:de:18:be:ce:5a:
5c:2b:fc:01:f3:3a:f6:81:9d:6d:4b:26:4e:9c:81:39:f2:1e:
6d:d3:0b:ff:13:c4:c3:ff:61:b5:d5:5b:bb:66:a2:1e:7d:82:
24:fa:8f:10
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgICfOswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkwMEQxMTAvBgNVBAUTKEM2MDM3ODZENTVBOTA0MTI0RTc1OTJFRUQyODk5RUY1
Nzg5MjExMDAwHhcNMjQwOTE2MTcyNTA2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmU4NjlmMi02NWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2G96mdj8kVsXp4WtA09kkwRQr96tF2svW6ZXMRKiknjHoFpvzeH7TTBuPiM9
pctHdEumsMMs1vtkUePv9rmIzD0JHiTI/7blzoreU0YaxUJVNd8Wnvgort+7j3E+
U3kh2Lb3aaci4A3XdNMeptqgPb8QgWgA68R5QOjNBjS4PqHXRJzl3wqLP+uEePEw
Ilks4Il/2GODxMrEhZmFX+xNK8m6t9/d2wocY8ZcDR7SPMgV3jtdQ0VU8U4e3z1O
+BIB1F3FMaaHKspymCLIPwNYUYUcQ68dRDSCZtd0Ph8t16LTWDx96fbMLFwxyUay
Uk899/Rd1laMsQn24HkI/VSIXQIDAQABo4IDMzCCAy8wHQYDVR0OBBYEFC2UIeoP
dzwcsYVfx1bdxIYeWpyqMB8GA1UdIwQYMBaAFMYDeG1VqQQSTnWS7tKJnvV4khEA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTAwRC9GQ0RDRDNBMEFD
OUQxMUU4OTJDREFEMERDNEY5QUUwMi94Z040YlZXcEJCSk9kWkx1MG9tZTlYaVNF
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hnTjRiVldwQkJKT2RaTHUwb21lOVhpU0VRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkwMEQvRkNEQ0QzQTBBQzlEMTFFODkyQ0RBRDBEQzRGOUFFMDIvNUQ3M0IyODQy
MUY5MTFFRkFGOEREODI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbwGCCsGAQUFBwEHAQH/
BIGsMIGpMIGmBAIAATCBnzAOAwUEZw1TkAMFA2cNU6ADBQLKREJMAwUDykRDMAMF
BspERAADBQXKRERgMA4DBQbKRETAAwUDykRFIDAOAwUEykRFMAMFBMpERWADBQfK
REWAMAwDBADKREcDBADKREgDBQPKRElYAwUFykRJwAMFA8pESiADBQXKREpgAwUC
ykRKnAMFBMpEStADBQXKREtAAwUEykRL8AMEAMpETzANBgkqhkiG9w0BAQsFAAOC
AQEAAGm+sah66J9egu5F9d3tsN/6YDtebV7LaDD4OH+dqBCo8mpvfDlEanqwEHS2
xoAM3Nq1QL+d3DBgP6KGgLXphGS2UNKjdmBwUSSvdMQ7R/hbUSIpfQrCuTyJbHDz
qKRB8qxOYC2hIUq/pKrna1K4ZjcEnSvHqZIhYyqxELcSTmnSO0ur+WiuU21uHUSU
+UF82JuHFClYO0IRA/pvNKbBpxh8P+nu6NrMUtT/qkf4KgCBkesqjYpgWzM53sPc
39Q2Sff85kKHOxFhxfqUNVVJYxDvx94Yvs5aXCv8AfM69oGdbUsmTpyBOfIebdML
/xPEw/9htdVbu2aiHn2CJPqPEA==
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:44:50 2024 by rpki-client on console-fra.rpki-client.org