Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/9A8EDB32864B11EBA888881DC4F9AE02.roa
File: 9A8EDB32864B11EBA888881DC4F9AE02.roa (raw, json)
Hash identifier: Redi/nnOwVItne3rgJ0kqU2o6rhRuL+4XnA8DEYcIv8=
Subject key identifier: D6:79:AD:0D:9D:8D:B8:02:01:1C:A0:BC:45:FE:E7:5A:48:71:A9:AC
Certificate issuer: /CN=A913F6DE/serialNumber=5D428682E89E9FED962BE9C4432B34C45E2E09C9
Certificate serial: 0AA5
Authority key identifier: 5D:42:86:82:E8:9E:9F:ED:96:2B:E9:C4:43:2B:34:C4:5E:2E:09:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUKGguien-2WK-nEQys0xF4uCck.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/9A8EDB32864B11EBA888881DC4F9AE02.roa
Signing time: Tue 08 Aug 2023 19:37:20 +0000
ROA not before: Tue 08 Aug 2023 19:37:20 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 131464
IP address blocks: 103.69.148.0/22 maxlen: 22
103.69.148.0/23 maxlen: 23
103.69.148.0/24 maxlen: 24
103.69.149.0/24 maxlen: 24
103.69.150.0/23 maxlen: 23
103.69.150.0/24 maxlen: 24
103.69.151.0/24 maxlen: 24
180.149.232.0/22 maxlen: 22
180.149.232.0/23 maxlen: 23
180.149.232.0/24 maxlen: 24
180.149.233.0/24 maxlen: 24
180.149.234.0/23 maxlen: 23
180.149.234.0/24 maxlen: 24
180.149.235.0/24 maxlen: 24
2405:f280::/32 maxlen: 32
2405:f280::/36 maxlen: 36
2405:f280:1::/48 maxlen: 48
2405:f280:14::/48 maxlen: 48
2405:f280:34::/48 maxlen: 48
2405:f280:5c::/48 maxlen: 48
2405:f280:1000::/36 maxlen: 36
2405:f280:1000::/48 maxlen: 48
2405:f280:1001::/48 maxlen: 48
2405:f280:1038::/48 maxlen: 48
2405:f280:1039::/48 maxlen: 48
2405:f280:2000::/36 maxlen: 36
2405:f280:3000::/36 maxlen: 36
2405:f280:4000::/36 maxlen: 36
2405:f280:5000::/36 maxlen: 36
2405:f280:6000::/36 maxlen: 36
2405:f280:7000::/36 maxlen: 36
2405:f280:8000::/36 maxlen: 36
2405:f280:9000::/36 maxlen: 36
2405:f280:9000::/48 maxlen: 48
2405:f280:9001::/48 maxlen: 48
2405:f280:a000::/36 maxlen: 36
2405:f280:b000::/36 maxlen: 36
2405:f280:c000::/36 maxlen: 36
2405:f280:d000::/36 maxlen: 36
2405:f280:e000::/36 maxlen: 36
2405:f280:e004::/48 maxlen: 48
2405:f280:e005::/48 maxlen: 48
2405:f280:e006::/48 maxlen: 48
2405:f280:e007::/48 maxlen: 48
2405:f280:e008::/48 maxlen: 48
2405:f280:e009::/48 maxlen: 48
2405:f280:e00a::/48 maxlen: 48
2405:f280:e00b::/48 maxlen: 48
2405:f280:e00c::/48 maxlen: 48
2405:f280:e00d::/48 maxlen: 48
2405:f280:e034::/48 maxlen: 48
2405:f280:ef00::/48 maxlen: 48
2405:f280:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/XUKGguien-2WK-nEQys0xF4uCck.crl
rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/XUKGguien-2WK-nEQys0xF4uCck.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUKGguien-2WK-nEQys0xF4uCck.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 May 2024 19:55:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2725 (0xaa5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913F6DE/serialNumber=5D428682E89E9FED962BE9C4432B34C45E2E09C9
Validity
Not Before: Aug 8 19:37:20 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64d29970-23cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:4d:f9:ad:06:2b:f9:6b:58:ab:77:9d:40:17:
24:2e:ec:3c:5e:d6:cd:55:40:3e:23:05:98:9d:22:
0a:b5:3b:18:44:ff:af:b4:18:78:65:27:1c:f9:65:
1d:e1:3d:68:6d:da:56:4f:4f:3d:c9:68:f3:ce:56:
d9:3e:dd:45:01:d3:d9:e6:07:56:c1:88:64:4d:80:
78:f3:1f:fd:ba:ee:ee:8f:2a:16:7d:d1:5a:27:0f:
db:35:e2:34:a6:57:96:17:9e:a1:5a:34:c3:25:f5:
db:4d:62:27:d7:be:85:a5:2c:1e:0a:a8:64:f7:ac:
0c:d6:1a:1d:7a:2c:ac:8c:fa:1a:1b:32:b2:e4:a6:
08:65:cd:46:9e:6b:f6:ec:a1:db:2f:e6:2b:3b:bb:
5b:c8:37:41:66:29:90:80:b6:45:71:95:35:fe:ae:
07:7a:f3:98:e1:46:47:8c:6b:72:8b:70:7b:f6:81:
3d:5c:9e:47:07:23:48:03:ed:c5:d3:72:12:4a:56:
b3:18:1f:3a:2c:82:f0:7c:5f:cf:58:d7:9f:db:27:
bc:04:61:e2:3b:59:67:4a:c7:68:c9:a7:bd:55:32:
fd:0d:49:73:2d:4d:39:f9:2d:d0:2b:10:f3:d8:23:
d3:5d:9f:2b:d1:26:a3:af:bc:81:f5:3d:0b:de:f0:
ec:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:79:AD:0D:9D:8D:B8:02:01:1C:A0:BC:45:FE:E7:5A:48:71:A9:AC
X509v3 Authority Key Identifier:
keyid:5D:42:86:82:E8:9E:9F:ED:96:2B:E9:C4:43:2B:34:C4:5E:2E:09:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/XUKGguien-2WK-nEQys0xF4uCck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUKGguien-2WK-nEQys0xF4uCck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/9A8EDB32864B11EBA888881DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.69.148.0/22
180.149.232.0/22
IPv6:
2405:f280::/32
Signature Algorithm: sha256WithRSAEncryption
a0:ba:22:68:ce:fd:2f:11:26:f7:a6:32:84:86:d0:98:1a:85:
5d:9a:27:d3:4d:28:83:c8:bd:e4:7b:df:43:18:ac:ce:3f:47:
b8:4a:40:16:a3:21:09:06:37:3d:7f:d8:6f:35:c4:5e:7b:97:
c0:69:21:49:2e:ef:85:d9:e4:33:b4:1c:02:58:8a:bc:a3:d0:
70:3c:56:1a:b5:c6:7f:f6:07:93:29:4d:43:a6:d8:28:56:da:
c8:4b:dc:3f:ee:4e:f8:8c:b7:a1:f2:d3:e1:2b:9d:7a:25:57:
66:75:c6:07:45:5f:ec:c4:18:c0:0e:c0:ad:cc:df:bf:1f:8c:
9e:3a:34:84:e2:46:33:87:cb:ee:ce:96:6f:99:71:36:80:0f:
26:bb:8f:4c:fb:54:06:d2:39:b8:ee:db:a6:80:d1:a3:e9:3f:
81:7d:f1:08:4f:7f:0d:91:f5:35:5b:2b:1e:40:4f:74:34:c7:
61:b0:4d:46:9c:fc:63:01:ac:1e:de:8e:bc:3e:56:24:72:2b:
e4:b4:32:64:e8:73:41:5c:32:ce:20:49:f8:c0:d5:e7:d4:99:
2e:3a:d8:fb:d8:4a:33:ba:d6:08:eb:ae:2f:4e:bd:ad:90:c2:
8f:7b:a7:28:8b:31:83:e5:50:85:64:a6:79:cf:82:86:d0:09:
7d:32:a7:b0
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCqUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0Y2REUxMTAvBgNVBAUTKDVENDI4NjgyRTg5RTlGRUQ5NjJCRTlDNDQzMkIzNEM0
NUUyRTA5QzkwHhcNMjMwODA4MTkzNzIwWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQyOTk3MC0yM2NmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5E35rQYr+WtYq3edQBckLuw8XtbNVUA+IwWYnSIKtTsYRP+vtBh4ZScc+WUd
4T1obdpWT089yWjzzlbZPt1FAdPZ5gdWwYhkTYB48x/9uu7ujyoWfdFaJw/bNeI0
pleWF56hWjTDJfXbTWIn176FpSweCqhk96wM1hodeiysjPoaGzKy5KYIZc1Gnmv2
7KHbL+YrO7tbyDdBZimQgLZFcZU1/q4HevOY4UZHjGtyi3B79oE9XJ5HByNIA+3F
03ISSlazGB86LILwfF/PWNef2ye8BGHiO1lnSsdoyae9VTL9DUlzLU05+S3QKxDz
2CPTXZ8r0Sajr7yB9T0L3vDsKwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNZ5rQ2d
jbgCARygvEX+51pIcamsMB8GA1UdIwQYMBaAFF1ChoLonp/tlivpxEMrNMReLgnJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjZERS84N0FBRTc0QTFC
M0ExMUVBQjRDREM2NTlDNEY5QUUwMi9YVUtHZ3VpZW4tMldLLW5FUXlzMHhGNHVD
Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hVS0dndWllbi0yV0stbkVReXMweEY0dUNjay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0Y2REUvODdBQUU3NEExQjNBMTFFQUI0Q0RDNjU5QzRGOUFFMDIvOUE4RURCMzI4
NjRCMTFFQkE4ODg4ODFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnRZQDBAK0legwDQQCAAIwBwMFACQF8oAwDQYJKoZIhvcN
AQELBQADggEBAKC6ImjO/S8RJvemMoSG0JgahV2aJ9NNKIPIveR730MYrM4/R7hK
QBajIQkGNz1/2G81xF57l8BpIUku74XZ5DO0HAJYiryj0HA8Vhq1xn/2B5MpTUOm
2ChW2shL3D/uTviMt6Hy0+ErnXolV2Z1xgdFX+zEGMAOwK3M378fjJ46NITiRjOH
y+7Olm+ZcTaADya7j0z7VAbSObju26aA0aPpP4F98QhPfw2R9TVbKx5AT3Q0x2Gw
TUac/GMBrB7ejrw+ViRyK+S0MmToc0FcMs4gSfjA1efUmS462PvYSjO61gjrri9O
va2Qwo97pyiLMYPlUIVkpnnPgobQCX0yp7A=
-----END CERTIFICATE-----
Generated at Mon May 20 21:17:36 2024 by rpki-client on console-ams.rpki-client.org