Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/F79267D61E4011E6945BEB0DC4F9AE02.roa
File: F79267D61E4011E6945BEB0DC4F9AE02.roa (raw, json)
Hash identifier: XR4NggtP2aJ+gorFn/k8FfyvP2VT6ewFIceWNa+UHwg=
Subject key identifier: 6A:7C:FF:20:7F:BD:60:9F:47:47:DB:84:DB:F6:9E:7E:81:F6:8D:C7
Certificate issuer: /CN=A9159967/serialNumber=5330EEEEB0D0A9535FAC8505E735843AF6CE60AF
Certificate serial: 1FE5
Authority key identifier: 53:30:EE:EE:B0:D0:A9:53:5F:AC:85:05:E7:35:84:3A:F6:CE:60:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UzDu7rDQqVNfrIUF5zWEOvbOYK8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/F79267D61E4011E6945BEB0DC4F9AE02.roa
Signing time: Sun 25 Aug 2024 11:49:57 +0000
ROA not before: Sun 25 Aug 2024 11:49:57 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 135310
IP address blocks: 103.213.236.0/22 maxlen: 22
103.213.236.0/23 maxlen: 23
103.213.236.0/24 maxlen: 24
103.213.237.0/24 maxlen: 24
103.213.238.0/23 maxlen: 23
103.213.238.0/24 maxlen: 24
103.213.239.0/24 maxlen: 24
192.140.252.0/22 maxlen: 22
192.140.252.0/23 maxlen: 23
192.140.252.0/24 maxlen: 24
192.140.253.0/24 maxlen: 24
192.140.254.0/23 maxlen: 23
192.140.254.0/24 maxlen: 24
192.140.255.0/24 maxlen: 24
2404:b180::/32 maxlen: 32
2404:b180::/48 maxlen: 48
2404:b180:1::/48 maxlen: 48
2404:b180:2::/48 maxlen: 48
2404:b180:1000::/48 maxlen: 48
2404:b180:1001::/48 maxlen: 48
2404:b180:1002::/48 maxlen: 48
2404:b180:1003::/48 maxlen: 48
2404:b180:1004::/48 maxlen: 48
2404:b180:1005::/48 maxlen: 48
2404:b180:1006::/48 maxlen: 48
2404:b180:1007::/48 maxlen: 48
2404:b180:1008::/48 maxlen: 48
2404:b180:1009::/48 maxlen: 48
2404:b180:100a::/48 maxlen: 48
2404:b180:100b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/UzDu7rDQqVNfrIUF5zWEOvbOYK8.crl
rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/UzDu7rDQqVNfrIUF5zWEOvbOYK8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UzDu7rDQqVNfrIUF5zWEOvbOYK8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 15:59:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8165 (0x1fe5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9159967/serialNumber=5330EEEEB0D0A9535FAC8505E735843AF6CE60AF
Validity
Not Before: Aug 25 11:49:57 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66cb1a65-1276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b7:ae:fb:88:20:cf:a2:fc:1f:63:a1:dd:fe:
04:ca:90:d0:44:dd:3b:4e:df:37:c5:18:a1:38:8c:
4d:a4:b9:46:c1:82:4e:c2:f1:cb:85:3e:30:7b:6a:
5a:2b:c1:84:8c:84:ee:cd:ae:9a:ec:11:2b:aa:3a:
53:7d:09:7d:8e:8c:b0:7b:19:a7:d6:88:9d:ac:4c:
ab:68:63:fb:be:a4:14:fb:aa:23:24:78:9e:86:e3:
8a:56:c5:98:5e:97:6e:b9:95:af:15:18:a6:8a:3f:
61:ce:72:8e:c4:2c:04:e3:23:b5:af:2e:40:83:bb:
76:a6:20:5a:c5:3a:b8:0a:e6:d8:5b:ad:d8:f0:ec:
b7:02:90:36:a7:b8:0a:cd:ad:64:92:c0:a4:33:8a:
f3:20:21:91:cc:05:5e:25:84:c0:4d:dd:83:66:d0:
f4:b7:60:2c:09:a6:5e:18:e3:73:f5:de:e7:22:cd:
cc:a6:5e:a5:7d:47:c8:be:02:29:df:58:d7:e5:14:
40:fc:95:d2:51:4a:57:a5:4e:e9:58:85:7b:53:7d:
98:0d:6d:ab:f4:ad:4e:e8:7c:03:96:5c:64:09:06:
3e:b6:47:4b:59:32:99:95:99:66:76:33:e0:5c:d8:
50:fb:e8:ff:70:87:8f:34:d8:5d:c8:46:a1:92:00:
0b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:7C:FF:20:7F:BD:60:9F:47:47:DB:84:DB:F6:9E:7E:81:F6:8D:C7
X509v3 Authority Key Identifier:
keyid:53:30:EE:EE:B0:D0:A9:53:5F:AC:85:05:E7:35:84:3A:F6:CE:60:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/UzDu7rDQqVNfrIUF5zWEOvbOYK8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UzDu7rDQqVNfrIUF5zWEOvbOYK8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9159967/0BBF257815A911E6912D423BC4F9AE02/F79267D61E4011E6945BEB0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.213.236.0/22
192.140.252.0/22
IPv6:
2404:b180::/32
Signature Algorithm: sha256WithRSAEncryption
51:9a:d0:74:bf:32:01:97:35:5b:c0:e8:ba:47:c6:b5:a4:25:
0f:69:d9:3a:23:ca:82:65:d4:af:03:9d:7e:ed:5b:40:cd:a5:
5a:36:21:bc:1b:5f:49:25:49:e9:82:70:af:69:70:33:2f:06:
2d:63:c8:b9:f6:80:62:97:70:e0:e0:a0:fa:74:ff:67:3a:d7:
3c:54:44:42:b3:89:2a:0d:3e:a6:ef:d7:49:11:65:47:88:ee:
99:1e:e2:2e:7b:9f:66:0d:20:a7:44:1e:de:26:87:51:91:24:
6c:2d:ab:af:0f:12:57:7b:99:b2:e1:4a:97:08:96:58:b3:0e:
1f:66:15:58:29:7f:a8:fd:0b:d8:bf:e9:8d:73:9c:cc:a4:19:
84:f9:1a:0e:5d:67:69:a7:a6:54:f5:0c:6f:45:8f:18:ef:14:
68:50:b7:ee:a8:ea:1b:ee:eb:b0:8c:dc:bb:c0:73:24:d7:09:
59:34:bb:40:17:d7:18:8c:f4:82:68:66:01:ad:ed:c8:9c:9c:
68:53:1a:ae:a9:39:c6:73:62:2e:f5:64:ff:79:96:43:8d:a7:
76:fe:98:a5:a7:86:ec:23:d4:ed:25:0f:88:3f:6a:55:57:97:
63:1f:10:68:57:24:cf:5b:8f:b1:dc:de:ac:29:28:2c:ea:b2:
d4:94:64:1e
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICH+UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTk5NjcxMTAvBgNVBAUTKDUzMzBFRUVFQjBEMEE5NTM1RkFDODUwNUU3MzU4NDNB
RjZDRTYwQUYwHhcNMjQwODI1MTE0OTU3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmNiMWE2NS0xMjc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA17eu+4ggz6L8H2Oh3f4EypDQRN07Tt83xRihOIxNpLlGwYJOwvHLhT4we2pa
K8GEjITuza6a7BErqjpTfQl9joywexmn1oidrEyraGP7vqQU+6ojJHiehuOKVsWY
XpduuZWvFRimij9hznKOxCwE4yO1ry5Ag7t2piBaxTq4CubYW63Y8Oy3ApA2p7gK
za1kksCkM4rzICGRzAVeJYTATd2DZtD0t2AsCaZeGONz9d7nIs3Mpl6lfUfIvgIp
31jX5RRA/JXSUUpXpU7pWIV7U32YDW2r9K1O6HwDllxkCQY+tkdLWTKZlZlmdjPg
XNhQ++j/cIePNNhdyEahkgAL/wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGp8/yB/
vWCfR0fbhNv2nn6B9o3HMB8GA1UdIwQYMBaAFFMw7u6w0KlTX6yFBec1hDr2zmCv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1OTk2Ny8wQkJGMjU3ODE1
QTkxMUU2OTEyRDQyM0JDNEY5QUUwMi9VekR1N3JEUXFWTmZySVVGNXpXRU92Yk9Z
SzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1V6RHU3ckRRcVZOZnJJVUY1eldFT3ZiT1lLOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTk5NjcvMEJCRjI1NzgxNUE5MTFFNjkxMkQ0MjNCQzRGOUFFMDIvRjc5MjY3RDYx
RTQwMTFFNjk0NUJFQjBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJn1ewDBALAjPwwDQQCAAIwBwMFACQEsYAwDQYJKoZIhvcN
AQELBQADggEBAFGa0HS/MgGXNVvA6LpHxrWkJQ9p2TojyoJl1K8DnX7tW0DNpVo2
IbwbX0klSemCcK9pcDMvBi1jyLn2gGKXcODgoPp0/2c61zxUREKziSoNPqbv10kR
ZUeI7pke4i57n2YNIKdEHt4mh1GRJGwtq68PEld7mbLhSpcIllizDh9mFVgpf6j9
C9i/6Y1znMykGYT5Gg5dZ2mnplT1DG9FjxjvFGhQt+6o6hvu67CM3LvAcyTXCVk0
u0AX1xiM9IJoZgGt7cicnGhTGq6pOcZzYi71ZP95lkONp3b+mKWnhuwj1O0lD4g/
alVXl2MfEGhXJM9bj7Hc3qwpKCzqstSUZB4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:03 2024 by rpki-client on console-ams.rpki-client.org