Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/8F75257455E911E9AE112D6CC4F9AE02.roa
File: 8F75257455E911E9AE112D6CC4F9AE02.roa (raw, json)
Hash identifier: lSqQwjZot8nB0h5x6YdA4gBJ52DKStyjQ+rFV6EF8s0=
Subject key identifier: BB:16:47:15:4D:50:AC:6B:C8:93:2C:14:DE:09:E4:05:9C:08:03:86
Certificate issuer: /CN=A914BE96/serialNumber=FE4B2E54F180C809AF1EC99E9A7C7E2732D9DDA6
Certificate serial: 0E5B
Authority key identifier: FE:4B:2E:54:F1:80:C8:09:AF:1E:C9:9E:9A:7C:7E:27:32:D9:DD:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/8F75257455E911E9AE112D6CC4F9AE02.roa
Signing time: Sun 28 May 2023 18:58:23 +0000
ROA not before: Sun 28 May 2023 18:58:23 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 136531
IP address blocks: 103.91.228.0/22 maxlen: 22
103.91.228.0/24 maxlen: 24
103.91.229.0/24 maxlen: 24
103.91.230.0/24 maxlen: 24
103.91.231.0/24 maxlen: 24
2401:14c0::/32 maxlen: 32
2401:14c0:1::/48 maxlen: 48
2401:14c0:2::/48 maxlen: 48
2401:14c0:3::/48 maxlen: 48
2401:14c0:4::/48 maxlen: 48
2401:14c0:5::/48 maxlen: 48
2401:14c0:6::/48 maxlen: 48
2401:14c0:7::/48 maxlen: 48
2401:14c0:8::/48 maxlen: 48
2401:14c0:9::/48 maxlen: 48
2401:14c0:a::/48 maxlen: 48
2401:14c0:b::/48 maxlen: 48
2401:14c0:c::/48 maxlen: 48
2401:14c0:d::/48 maxlen: 48
2401:14c0:e::/48 maxlen: 48
2401:14c0:f::/48 maxlen: 48
2401:14c0:10::/48 maxlen: 48
2401:14c0:11::/48 maxlen: 48
2401:14c0:12::/48 maxlen: 48
2401:14c0:13::/48 maxlen: 48
2401:14c0:14::/48 maxlen: 48
2401:14c0:15::/48 maxlen: 48
2401:14c0:16::/48 maxlen: 48
2401:14c0:21::/48 maxlen: 48
2401:14c0:2a::/48 maxlen: 48
2401:14c0:2c::/48 maxlen: 48
2401:14c0:2d::/48 maxlen: 48
2401:14c0:4a::/48 maxlen: 48
2401:14c0:8a::/48 maxlen: 48
2401:14c0:8b::/48 maxlen: 48
2401:14c0:8c::/48 maxlen: 48
2401:14c0:8d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.crl
rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3675 (0xe5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BE96/serialNumber=FE4B2E54F180C809AF1EC99E9A7C7E2732D9DDA6
Validity
Not Before: May 28 18:58:23 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6473a44f-fb99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b0:b4:ea:a0:92:ee:9d:d6:b2:dd:5c:91:20:
f8:f7:45:76:8f:ee:bd:99:67:ce:c2:a9:d4:b8:06:
2f:43:a2:84:63:02:66:af:25:04:3d:af:7e:36:14:
71:9c:71:a3:21:6e:d8:01:9b:32:01:5c:3e:2c:80:
2e:c7:cd:13:60:20:86:ff:b5:c1:49:1c:fe:49:14:
66:3e:fd:13:eb:4c:12:db:61:7c:a7:80:c8:40:5c:
a5:d0:2d:ac:a8:76:67:f2:a6:c8:cd:56:ec:3d:33:
8b:8e:3e:ab:e4:72:58:fe:1d:93:3f:38:df:e0:a2:
8a:57:41:20:4c:f9:92:5b:c0:47:2a:f8:ed:ad:2a:
2b:fc:7b:fd:5e:14:f7:45:a7:b3:79:b3:6b:06:a3:
4b:a7:6c:0e:f1:22:db:c9:90:23:c6:69:16:12:21:
9d:2d:b4:aa:c3:94:53:02:91:4a:e3:21:f2:e2:df:
7a:73:99:e3:36:98:b7:98:1a:12:a0:3d:49:29:96:
6e:e1:a9:76:95:a7:93:96:56:17:59:71:24:90:9e:
c2:e2:04:67:17:69:68:c2:e0:c1:aa:ec:94:55:b7:
30:98:1e:b0:b8:bd:6d:b9:d0:f1:98:0d:73:39:04:
fe:35:9b:42:26:4e:e8:ba:cc:65:6f:c2:2f:74:26:
40:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:16:47:15:4D:50:AC:6B:C8:93:2C:14:DE:09:E4:05:9C:08:03:86
X509v3 Authority Key Identifier:
keyid:FE:4B:2E:54:F1:80:C8:09:AF:1E:C9:9E:9A:7C:7E:27:32:D9:DD:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/8F75257455E911E9AE112D6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.91.228.0/22
IPv6:
2401:14c0::/32
Signature Algorithm: sha256WithRSAEncryption
43:6b:b0:be:01:be:aa:bc:0a:c0:54:a9:56:d5:e5:2d:52:1d:
b9:76:22:96:2d:e5:7b:af:81:34:1f:34:9e:c3:d5:f0:f9:6d:
7c:de:c3:2b:0c:ca:2f:1d:02:48:52:8c:73:21:df:8c:78:6b:
7d:eb:7d:0d:a5:25:20:98:6b:92:b6:ff:0d:84:47:2f:78:5e:
2f:f1:f1:fb:a4:67:66:47:6f:39:f2:05:6f:cb:9b:bf:d4:06:
2d:8e:b0:78:01:ba:20:17:64:7c:82:37:f1:a4:bf:a9:d8:10:
01:d4:80:a7:83:e7:0f:59:40:c5:33:ba:7e:5d:de:15:44:16:
d0:dc:56:fd:58:86:b0:24:92:a5:6c:70:d9:99:93:46:4c:e6:
61:df:9e:86:58:a0:24:5b:85:54:66:62:2e:62:cd:93:a3:7b:
4c:0a:4a:eb:53:af:66:0c:ba:08:ca:3e:4f:f3:4a:36:50:fd:
81:9d:50:22:79:2a:2a:71:db:e7:9d:5c:5b:fc:87:94:a6:2c:
16:74:29:c0:e4:0b:cd:fd:f8:5c:6c:d1:4e:42:6d:ee:23:4f:
f8:d8:78:bb:94:85:41:bb:ab:c4:34:02:4d:74:1f:51:7d:41:
57:c3:25:e4:48:d1:6e:50:ac:bc:57:d5:c3:cb:db:30:cc:06:
09:42:70:07
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDlswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJFOTYxMTAvBgNVBAUTKEZFNEIyRTU0RjE4MEM4MDlBRjFFQzk5RTlBN0M3RTI3
MzJEOUREQTYwHhcNMjMwNTI4MTg1ODIzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDczYTQ0Zi1mYjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3LC06qCS7p3Wst1ckSD490V2j+69mWfOwqnUuAYvQ6KEYwJmryUEPa9+NhRx
nHGjIW7YAZsyAVw+LIAux80TYCCG/7XBSRz+SRRmPv0T60wS22F8p4DIQFyl0C2s
qHZn8qbIzVbsPTOLjj6r5HJY/h2TPzjf4KKKV0EgTPmSW8BHKvjtrSor/Hv9XhT3
RaezebNrBqNLp2wO8SLbyZAjxmkWEiGdLbSqw5RTApFK4yHy4t96c5njNpi3mBoS
oD1JKZZu4al2laeTllYXWXEkkJ7C4gRnF2lowuDBquyUVbcwmB6wuL1tudDxmA1z
OQT+NZtCJk7ousxlb8IvdCZA5wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLsWRxVN
UKxryJMsFN4J5AWcCAOGMB8GA1UdIwQYMBaAFP5LLlTxgMgJrx7Jnpp8ficy2d2m
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkU5Ni9FREE2NUFDNDU1
RTgxMUU5QjMwNTM3NkJDNEY5QUUwMi9fa3N1VlBHQXlBbXZIc21lbW54LUp6TFoz
YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19rc3VWUEdBeUFtdkhzbWVtbngtSnpMWjNhWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJFOTYvRURBNjVBQzQ1NUU4MTFFOUIzMDUzNzZCQzRGOUFFMDIvOEY3NTI1NzQ1
NUU5MTFFOUFFMTEyRDZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnW+QwDQQCAAIwBwMFACQBFMAwDQYJKoZIhvcNAQELBQAD
ggEBAENrsL4Bvqq8CsBUqVbV5S1SHbl2IpYt5XuvgTQfNJ7D1fD5bXzewysMyi8d
AkhSjHMh34x4a33rfQ2lJSCYa5K2/w2ERy94Xi/x8fukZ2ZHbznyBW/Lm7/UBi2O
sHgBuiAXZHyCN/Gkv6nYEAHUgKeD5w9ZQMUzun5d3hVEFtDcVv1YhrAkkqVscNmZ
k0ZM5mHfnoZYoCRbhVRmYi5izZOje0wKSutTr2YMugjKPk/zSjZQ/YGdUCJ5Kipx
2+edXFv8h5SmLBZ0KcDkC839+Fxs0U5Cbe4jT/jYeLuUhUG7q8Q0Ak10H1F9QVfD
JeRI0W5QrLxX1cPL2zDMBglCcAc=
-----END CERTIFICATE-----
Generated at Fri May 10 20:05:25 2024 by rpki-client on console-fra.rpki-client.org