Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91616DC/44A7E5E8095F11EAA281681DC4F9AE02/64A2C96E919E11EEA5241125C4F9AE02.roa
File: 64A2C96E919E11EEA5241125C4F9AE02.roa (raw, json)
Hash identifier: PHT0R0By0KnpLrMi3zP82mzv8fIUmcYHPXXMUoRy514=
Subject key identifier: 5F:DD:4D:B5:16:E3:8B:6A:FF:F4:30:14:29:B9:CE:F0:D9:3C:CD:00
Certificate issuer: /CN=A91616DC/serialNumber=9776BFB1E8EA8A1ABC8F8CFD6F6622736DD8CA34
Certificate serial: 0BF7
Authority key identifier: 97:76:BF:B1:E8:EA:8A:1A:BC:8F:8C:FD:6F:66:22:73:6D:D8:CA:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l3a_sejqihq8j4z9b2Yic23YyjQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91616DC/44A7E5E8095F11EAA281681DC4F9AE02/64A2C96E919E11EEA5241125C4F9AE02.roa
Signing time: Fri 23 Aug 2024 11:25:19 +0000
ROA not before: Fri 23 Aug 2024 11:25:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137515
IP address blocks: 103.111.120.0/22 maxlen: 24
2405:7e40::/32 maxlen: 36
2405:7e40:f100::/48 maxlen: 48
2405:7e40:f101::/48 maxlen: 48
2405:7e40:f102::/48 maxlen: 48
2405:7e40:f103::/48 maxlen: 48
2405:7e40:f104::/48 maxlen: 48
2405:7e40:f105::/48 maxlen: 48
2405:7e40:f106::/48 maxlen: 48
2405:7e40:f107::/48 maxlen: 48
2405:7e40:f108::/48 maxlen: 48
2405:7e40:f109::/48 maxlen: 48
2405:7e40:f10a::/48 maxlen: 48
2405:7e40:f10b::/48 maxlen: 48
2405:7e40:f10c::/48 maxlen: 48
2405:7e40:f10d::/48 maxlen: 48
2405:7e40:f10e::/48 maxlen: 48
2405:7e40:f10f::/48 maxlen: 48
2405:7e40:f110::/48 maxlen: 48
2405:7e40:f111::/48 maxlen: 48
2405:7e40:f112::/48 maxlen: 48
2405:7e40:f113::/48 maxlen: 48
2405:7e40:f114::/48 maxlen: 48
2405:7e40:f115::/48 maxlen: 48
2405:7e40:f116::/48 maxlen: 48
2405:7e40:f117::/48 maxlen: 48
2405:7e40:f118::/48 maxlen: 48
2405:7e40:f119::/48 maxlen: 48
2405:7e40:f11a::/48 maxlen: 48
2405:7e40:f11b::/48 maxlen: 48
2405:7e40:f11c::/48 maxlen: 48
2405:7e40:f11d::/48 maxlen: 48
2405:7e40:f11e::/48 maxlen: 48
2405:7e40:f11f::/48 maxlen: 48
2405:7e40:f120::/48 maxlen: 48
2405:7e40:f121::/48 maxlen: 48
2405:7e40:f122::/48 maxlen: 48
2405:7e40:f123::/48 maxlen: 48
2405:7e40:f124::/48 maxlen: 48
2405:7e40:f125::/48 maxlen: 48
2405:7e40:f126::/48 maxlen: 48
2405:7e40:f127::/48 maxlen: 48
2405:7e40:f128::/48 maxlen: 48
2405:7e40:f129::/48 maxlen: 48
2405:7e40:f12a::/48 maxlen: 48
2405:7e40:f12b::/48 maxlen: 48
2405:7e40:f12c::/48 maxlen: 48
2405:7e40:f12d::/48 maxlen: 48
2405:7e40:f12e::/48 maxlen: 48
2405:7e40:f12f::/48 maxlen: 48
2405:7e40:f130::/48 maxlen: 48
2405:7e40:f131::/48 maxlen: 48
2405:7e40:f132::/48 maxlen: 48
2405:7e40:f133::/48 maxlen: 48
2405:7e40:f134::/48 maxlen: 48
2405:7e40:f135::/48 maxlen: 48
2405:7e40:f136::/48 maxlen: 48
2405:7e40:f137::/48 maxlen: 48
2405:7e40:f138::/48 maxlen: 48
2405:7e40:f139::/48 maxlen: 48
2405:7e40:f13a::/48 maxlen: 48
2405:7e40:f13b::/48 maxlen: 48
2405:7e40:f13c::/48 maxlen: 48
2405:7e40:f13d::/48 maxlen: 48
2405:7e40:f13e::/48 maxlen: 48
2405:7e40:f13f::/48 maxlen: 48
2405:7e40:f910::/48 maxlen: 48
2405:7e40:f911::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91616DC/44A7E5E8095F11EAA281681DC4F9AE02/l3a_sejqihq8j4z9b2Yic23YyjQ.crl
rsync://rpki.apnic.net/member_repository/A91616DC/44A7E5E8095F11EAA281681DC4F9AE02/l3a_sejqihq8j4z9b2Yic23YyjQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l3a_sejqihq8j4z9b2Yic23YyjQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 03 Dec 2024 18:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3063 (0xbf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91616DC/serialNumber=9776BFB1E8EA8A1ABC8F8CFD6F6622736DD8CA34
Validity
Not Before: Aug 23 11:25:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66c8719e-37f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6b:87:b3:3c:85:91:21:bf:7d:c8:8e:67:b0:
2d:c7:a8:7c:fb:f0:08:ec:81:7a:b4:17:3e:ba:19:
5e:25:67:6b:9b:d6:b6:d7:9c:bd:cf:03:a7:3d:8a:
b0:65:ac:82:99:c4:a1:79:9c:9c:f1:b4:a4:29:e6:
91:41:16:5d:53:c1:30:b2:2b:b3:c2:74:55:11:2a:
45:39:fe:17:52:9a:fb:85:e4:2f:e7:b0:28:a2:75:
5e:df:23:6c:61:6b:59:c3:64:49:d1:d2:fc:0f:09:
5c:d7:12:4f:b8:59:60:24:57:4e:6b:23:e6:f1:bd:
38:84:65:e3:2d:e2:8e:fa:1d:40:22:c9:d5:72:e9:
75:ef:6d:68:ba:1c:e4:c6:43:b3:11:ea:3d:f1:36:
9a:4f:72:d8:0f:1e:99:a7:8e:2f:78:10:5d:4f:a9:
aa:de:97:33:26:ef:4c:64:bf:ea:ab:a6:3e:ba:c5:
e1:96:bf:37:98:58:1d:c9:4f:71:38:aa:02:30:45:
00:48:1e:7e:d6:2a:7e:50:37:a8:2e:2e:da:9c:b3:
96:89:9a:21:09:a9:de:72:f3:eb:e2:5f:6b:c3:fe:
a9:90:36:3f:94:df:be:af:e2:3b:9e:ee:03:2b:49:
b6:19:93:d7:0a:a4:e0:49:9e:a6:fb:ed:c6:0e:85:
08:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DD:4D:B5:16:E3:8B:6A:FF:F4:30:14:29:B9:CE:F0:D9:3C:CD:00
X509v3 Authority Key Identifier:
keyid:97:76:BF:B1:E8:EA:8A:1A:BC:8F:8C:FD:6F:66:22:73:6D:D8:CA:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91616DC/44A7E5E8095F11EAA281681DC4F9AE02/l3a_sejqihq8j4z9b2Yic23YyjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l3a_sejqihq8j4z9b2Yic23YyjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91616DC/44A7E5E8095F11EAA281681DC4F9AE02/64A2C96E919E11EEA5241125C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.120.0/22
IPv6:
2405:7e40::/32
Signature Algorithm: sha256WithRSAEncryption
56:43:dd:31:e8:3b:80:6c:db:7e:34:5f:7c:db:07:77:18:75:
fa:15:79:bb:c7:45:97:5f:4b:ce:09:67:f5:2c:27:69:8e:c5:
fb:ae:4a:88:c5:82:9f:46:0d:09:4d:83:93:4a:c3:5b:10:81:
0c:68:ba:6d:37:0d:16:8a:41:0f:b5:92:5d:d6:1d:d5:96:ab:
d7:58:86:9a:f2:13:78:68:b5:86:04:ca:8e:e3:e2:9e:78:40:
58:22:60:b8:e6:90:62:06:92:b1:af:fc:ed:75:27:e9:50:73:
96:c0:04:96:82:9a:32:67:73:54:cc:01:fa:70:dd:b1:4d:f6:
60:0d:3b:08:cd:17:e7:5d:0c:72:6f:e5:43:19:8e:2e:58:b9:
0c:58:e0:6c:39:ae:a5:77:73:f4:93:49:0a:1d:6c:81:25:df:
b0:15:38:6d:68:c6:57:d3:c8:24:a7:75:a2:5b:3a:ee:08:90:
60:98:df:f2:b5:40:ca:be:06:7b:58:00:89:bf:bf:61:5b:16:
4e:60:78:dd:05:5e:c3:b4:e2:12:ba:7a:e2:f5:1a:f2:c4:d1:
aa:4c:5d:0b:69:54:ed:9a:03:08:47:2e:39:60:f3:d3:5b:b5:
fc:fc:cd:9a:ab:a7:3e:6e:a5:4c:7f:ee:01:5f:a3:08:44:78:
ab:17:a0:c7
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC/cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjE2REMxMTAvBgNVBAUTKDk3NzZCRkIxRThFQThBMUFCQzhGOENGRDZGNjYyMjcz
NkREOENBMzQwHhcNMjQwODIzMTEyNTE5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmM4NzE5ZS0zN2Y4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwWuHszyFkSG/fciOZ7Atx6h8+/AI7IF6tBc+uhleJWdrm9a215y9zwOnPYqw
ZayCmcSheZyc8bSkKeaRQRZdU8EwsiuzwnRVESpFOf4XUpr7heQv57AoonVe3yNs
YWtZw2RJ0dL8Dwlc1xJPuFlgJFdOayPm8b04hGXjLeKO+h1AIsnVcul1721ouhzk
xkOzEeo98TaaT3LYDx6Zp44veBBdT6mq3pczJu9MZL/qq6Y+usXhlr83mFgdyU9x
OKoCMEUASB5+1ip+UDeoLi7anLOWiZohCanecvPr4l9rw/6pkDY/lN++r+I7nu4D
K0m2GZPXCqTgSZ6m++3GDoUIKQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFF/dTbUW
44tq//QwFCm5zvDZPM0AMB8GA1UdIwQYMBaAFJd2v7Ho6ooavI+M/W9mInNt2Mo0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MTZEQy80NEE3RTVFODA5
NUYxMUVBQTI4MTY4MURDNEY5QUUwMi9sM2Ffc2VqcWlocThqNHo5YjJZaWMyM1l5
alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2wzYV9zZWpxaWhxOGo0ejliMllpYzIzWXlqUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjE2REMvNDRBN0U1RTgwOTVGMTFFQUEyODE2ODFEQzRGOUFFMDIvNjRBMkM5NkU5
MTlFMTFFRUE1MjQxMTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnb3gwDQQCAAIwBwMFACQFfkAwDQYJKoZIhvcNAQELBQAD
ggEBAFZD3THoO4Bs2340X3zbB3cYdfoVebvHRZdfS84JZ/UsJ2mOxfuuSojFgp9G
DQlNg5NKw1sQgQxoum03DRaKQQ+1kl3WHdWWq9dYhpryE3hotYYEyo7j4p54QFgi
YLjmkGIGkrGv/O11J+lQc5bABJaCmjJnc1TMAfpw3bFN9mANOwjNF+ddDHJv5UMZ
ji5YuQxY4Gw5rqV3c/STSQodbIEl37AVOG1oxlfTyCSndaJbOu4IkGCY3/K1QMq+
BntYAIm/v2FbFk5geN0FXsO04hK6euL1GvLE0apMXQtpVO2aAwhHLjlg89Nbtfz8
zZqrpz5upUx/7gFfowhEeKsXoMc=
-----END CERTIFICATE-----
Generated at Tue Nov 26 19:39:39 2024 by rpki-client on console-ams.rpki-client.org