Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/8F75257455E911E9AE112D6CC4F9AE02.roa
File: 8F75257455E911E9AE112D6CC4F9AE02.roa (raw, json)
Hash identifier: ADwuiMuCXWdbcH0qjtPSZ/UoUy9O3h+eNA26nMvAOHs=
Subject key identifier: 78:65:30:38:75:BE:8D:C2:31:A2:F9:74:FE:60:61:73:10:33:BC:1D
Certificate issuer: /CN=A914BE96/serialNumber=FE4B2E54F180C809AF1EC99E9A7C7E2732D9DDA6
Certificate serial: 0F1C
Authority key identifier: FE:4B:2E:54:F1:80:C8:09:AF:1E:C9:9E:9A:7C:7E:27:32:D9:DD:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/8F75257455E911E9AE112D6CC4F9AE02.roa
Signing time: Fri 31 May 2024 19:11:21 +0000
ROA not before: Fri 31 May 2024 19:11:21 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 136531
IP address blocks: 103.91.228.0/22 maxlen: 22
103.91.228.0/24 maxlen: 24
103.91.229.0/24 maxlen: 24
103.91.230.0/24 maxlen: 24
103.91.231.0/24 maxlen: 24
2401:14c0::/32 maxlen: 32
2401:14c0:1::/48 maxlen: 48
2401:14c0:2::/48 maxlen: 48
2401:14c0:3::/48 maxlen: 48
2401:14c0:4::/48 maxlen: 48
2401:14c0:5::/48 maxlen: 48
2401:14c0:6::/48 maxlen: 48
2401:14c0:7::/48 maxlen: 48
2401:14c0:8::/48 maxlen: 48
2401:14c0:9::/48 maxlen: 48
2401:14c0:a::/48 maxlen: 48
2401:14c0:b::/48 maxlen: 48
2401:14c0:c::/48 maxlen: 48
2401:14c0:d::/48 maxlen: 48
2401:14c0:e::/48 maxlen: 48
2401:14c0:f::/48 maxlen: 48
2401:14c0:10::/48 maxlen: 48
2401:14c0:11::/48 maxlen: 48
2401:14c0:12::/48 maxlen: 48
2401:14c0:13::/48 maxlen: 48
2401:14c0:14::/48 maxlen: 48
2401:14c0:15::/48 maxlen: 48
2401:14c0:16::/48 maxlen: 48
2401:14c0:21::/48 maxlen: 48
2401:14c0:2a::/48 maxlen: 48
2401:14c0:2c::/48 maxlen: 48
2401:14c0:2d::/48 maxlen: 48
2401:14c0:4a::/48 maxlen: 48
2401:14c0:8a::/48 maxlen: 48
2401:14c0:8b::/48 maxlen: 48
2401:14c0:8c::/48 maxlen: 48
2401:14c0:8d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.crl
rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 17:32:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3868 (0xf1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BE96/serialNumber=FE4B2E54F180C809AF1EC99E9A7C7E2732D9DDA6
Validity
Not Before: May 31 19:11:21 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=665a20d9-25f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f9:81:1f:33:72:ce:87:60:d7:c0:a3:cf:a0:
84:b3:8c:b9:f4:93:bc:b2:6d:64:61:9f:1d:23:c6:
e0:b7:b6:6c:b0:32:84:ad:98:0a:a6:bb:1e:25:08:
00:ce:d5:6b:dc:90:cd:c4:81:1f:66:66:c2:4c:c6:
46:ad:c4:7a:86:a8:88:54:17:ff:50:8a:dd:7c:4b:
b1:e3:6c:44:53:45:8e:93:a1:c9:d4:bb:91:fb:0d:
ab:e4:0d:61:a3:ee:29:43:c0:f4:8c:24:18:40:a2:
dd:0c:2f:68:7c:b8:14:e9:c2:cd:c4:18:4f:b2:e2:
f7:81:81:fa:60:bf:6f:8c:ba:d3:e0:f4:77:ae:05:
ec:18:95:11:bb:7e:36:7e:e4:46:ba:b3:81:a4:80:
3a:14:e4:8e:4d:d6:fb:44:28:c0:ce:1f:9f:0b:c4:
5b:57:8a:2a:26:05:c5:fc:e5:c5:5d:25:2e:99:a8:
2c:00:b7:3e:36:10:ee:2d:39:78:b3:23:85:f5:d4:
7d:a0:34:42:1d:29:d1:bf:9e:39:8b:77:84:df:7c:
6e:9a:7a:30:9e:c5:c3:d9:8a:37:77:73:d6:5a:20:
72:bf:25:10:a9:ad:55:11:3e:af:22:5e:24:b4:de:
50:5c:64:96:8f:ac:2c:a4:bf:c6:c7:92:6a:9f:2e:
e6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:65:30:38:75:BE:8D:C2:31:A2:F9:74:FE:60:61:73:10:33:BC:1D
X509v3 Authority Key Identifier:
keyid:FE:4B:2E:54:F1:80:C8:09:AF:1E:C9:9E:9A:7C:7E:27:32:D9:DD:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/_ksuVPGAyAmvHsmemnx-JzLZ3aY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_ksuVPGAyAmvHsmemnx-JzLZ3aY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BE96/EDA65AC455E811E9B305376BC4F9AE02/8F75257455E911E9AE112D6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.91.228.0/22
IPv6:
2401:14c0::/32
Signature Algorithm: sha256WithRSAEncryption
aa:f2:3d:e0:ab:bd:48:84:88:46:f9:7d:0a:9e:a8:43:48:60:
4e:ab:a8:c1:fe:ed:7e:1e:bf:78:99:ff:01:73:f1:05:4e:f2:
fa:d5:89:09:96:84:45:f8:c1:be:5e:a1:80:d9:f2:14:95:2b:
c1:6d:da:ff:1a:78:d3:2c:0c:63:14:2b:8d:cb:5d:de:f8:d3:
f5:64:41:35:2f:de:fc:ee:ae:07:36:d0:ee:ce:18:bb:c0:df:
e8:96:9c:9a:3f:bd:e1:48:4d:76:4b:7e:5d:1a:a7:ef:5b:ba:
2b:06:35:49:e4:7d:ad:c2:bc:5e:f8:8e:0b:3d:17:85:99:bf:
39:fa:60:01:c5:60:de:a9:70:9b:8c:09:01:28:f7:1c:82:52:
db:d1:28:1e:7c:ce:df:dd:21:e1:82:f7:4f:ca:2e:31:70:90:
03:8f:52:e2:9c:88:a1:73:cd:0c:4b:a2:03:f4:6c:8f:bf:c7:
52:c6:54:0b:6b:15:ea:75:34:15:02:13:16:8c:b4:fc:16:e6:
39:69:96:0c:43:f4:21:8e:5e:22:2a:4e:f1:2d:c3:90:e8:55:
f2:5c:48:f0:66:2f:fd:22:ff:ea:e5:42:a3:5c:8c:b1:a3:aa:
57:b1:b8:c3:8b:b5:8c:92:7b:39:e4:72:eb:25:c1:d2:c2:83:
65:fe:4d:a8
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDxwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEJFOTYxMTAvBgNVBAUTKEZFNEIyRTU0RjE4MEM4MDlBRjFFQzk5RTlBN0M3RTI3
MzJEOUREQTYwHhcNMjQwNTMxMTkxMTIxWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVhMjBkOS0yNWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArPmBHzNyzodg18Cjz6CEs4y59JO8sm1kYZ8dI8bgt7ZssDKErZgKprseJQgA
ztVr3JDNxIEfZmbCTMZGrcR6hqiIVBf/UIrdfEux42xEU0WOk6HJ1LuR+w2r5A1h
o+4pQ8D0jCQYQKLdDC9ofLgU6cLNxBhPsuL3gYH6YL9vjLrT4PR3rgXsGJURu342
fuRGurOBpIA6FOSOTdb7RCjAzh+fC8RbV4oqJgXF/OXFXSUumagsALc+NhDuLTl4
syOF9dR9oDRCHSnRv545i3eE33xumnownsXD2Yo3d3PWWiByvyUQqa1VET6vIl4k
tN5QXGSWj6wspL/Gx5Jqny7m/QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHhlMDh1
vo3CMaL5dP5gYXMQM7wdMB8GA1UdIwQYMBaAFP5LLlTxgMgJrx7Jnpp8ficy2d2m
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QkU5Ni9FREE2NUFDNDU1
RTgxMUU5QjMwNTM3NkJDNEY5QUUwMi9fa3N1VlBHQXlBbXZIc21lbW54LUp6TFoz
YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19rc3VWUEdBeUFtdkhzbWVtbngtSnpMWjNhWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEJFOTYvRURBNjVBQzQ1NUU4MTFFOUIzMDUzNzZCQzRGOUFFMDIvOEY3NTI1NzQ1
NUU5MTFFOUFFMTEyRDZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnW+QwDQQCAAIwBwMFACQBFMAwDQYJKoZIhvcNAQELBQAD
ggEBAKryPeCrvUiEiEb5fQqeqENIYE6rqMH+7X4ev3iZ/wFz8QVO8vrViQmWhEX4
wb5eoYDZ8hSVK8Ft2v8aeNMsDGMUK43LXd740/VkQTUv3vzurgc20O7OGLvA3+iW
nJo/veFITXZLfl0ap+9buisGNUnkfa3CvF74jgs9F4WZvzn6YAHFYN6pcJuMCQEo
9xyCUtvRKB58zt/dIeGC90/KLjFwkAOPUuKciKFzzQxLogP0bI+/x1LGVAtrFep1
NBUCExaMtPwW5jlplgxD9CGOXiIqTvEtw5DoVfJcSPBmL/0i/+rlQqNcjLGjqlex
uMOLtYySeznkcuslwdLCg2X+Tag=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:44:58 2024 by rpki-client on console-fra.rpki-client.org