Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
File: 844EFBDA766C11EF8CE33A86C4F9AE02.roa (raw, json)
Hash identifier: 3/3c8JBHEDit/ef+RH49x0K/QqTGfmGDTH1KKCGAiSA=
Subject key identifier: 96:BC:46:5F:97:53:77:82:6D:B4:D1:F3:37:74:9E:C0:62:45:27:10
Certificate issuer: /CN=A9162EE1/serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Certificate serial: 0386
Authority key identifier: 60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
Signing time: Wed 09 Oct 2024 01:14:53 +0000
ROA not before: Wed 09 Oct 2024 01:14:53 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 147049
IP address blocks: 103.173.150.0/23 maxlen: 23
103.173.150.0/24 maxlen: 24
103.173.151.0/24 maxlen: 24
116.204.193.0/24 maxlen: 24
116.204.194.0/24 maxlen: 24
116.204.195.0/24 maxlen: 24
2407:e8c0::/48 maxlen: 48
2407:e8c0:1::/48 maxlen: 48
2407:e8c0:2::/48 maxlen: 48
2407:e8c0:3::/48 maxlen: 48
2407:e8c0:4::/48 maxlen: 48
2407:e8c0:5::/48 maxlen: 48
2407:e8c0:6::/48 maxlen: 48
2407:e8c0:7::/48 maxlen: 48
2407:e8c0:8::/48 maxlen: 48
2407:e8c0:9::/48 maxlen: 48
2407:e8c0:a::/48 maxlen: 48
2407:e8c0:b::/48 maxlen: 48
2407:e8c0:c::/48 maxlen: 48
2407:e8c0:d::/48 maxlen: 48
2407:e8c0:e::/48 maxlen: 48
2407:e8c0:f::/48 maxlen: 48
2407:e8c0:11::/48 maxlen: 48
2407:e8c0:4a00::/40 maxlen: 40
2407:e8c0:4b00::/40 maxlen: 40
2407:e8c0:4c00::/40 maxlen: 40
2407:e8c0:4d00::/40 maxlen: 40
2407:e8c0:4e00::/40 maxlen: 40
2407:e8c0:4f00::/40 maxlen: 40
2407:e8c0:5000::/40 maxlen: 40
2407:e8c0:5100::/40 maxlen: 40
2407:e8c0:5200::/40 maxlen: 40
2407:e8c0:5300::/40 maxlen: 40
2407:e8c0:5400::/40 maxlen: 40
2407:e8c0:5500::/40 maxlen: 40
2407:e8c0:5600::/40 maxlen: 40
2407:e8c0:5700::/40 maxlen: 40
2407:e8c0:5800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 20:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 902 (0x386)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162EE1/serialNumber=6076BD0BA4DB797A72A68FEFF9BFB558C44398B2
Validity
Not Before: Oct 9 01:14:53 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6705d90d-868b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c7:c0:34:cb:f0:e1:a4:1f:07:85:00:9f:2b:
de:87:02:ac:01:d2:dc:93:ba:60:90:3c:60:4e:2f:
9e:25:13:1e:e4:35:67:b9:6a:27:ac:6a:56:4c:08:
38:58:10:e1:99:d3:02:50:0a:d6:d9:0c:97:88:92:
f8:19:1a:b3:be:60:44:ad:4a:d6:74:e1:ec:14:ca:
c8:4e:e6:87:fc:14:ad:eb:b8:d1:aa:c7:c5:07:5b:
ab:42:39:3e:4b:6f:dd:9e:35:c3:f4:15:57:91:dd:
d0:9e:f3:44:97:3e:20:49:bc:0e:8e:11:67:52:f6:
6f:00:9c:9e:6c:a7:e6:fe:ec:5d:b5:46:9e:39:41:
61:67:a9:e8:f5:44:a6:62:1a:13:5e:be:b6:69:94:
41:98:07:1f:e6:07:71:48:18:dc:27:b5:dc:ff:7a:
5c:06:fb:0a:44:eb:04:ef:10:5b:33:2e:b4:e3:c3:
2f:bd:c3:dd:56:ee:2e:d2:67:25:a5:d3:e3:27:48:
72:d5:62:c1:2e:07:66:67:0f:3d:41:68:b5:6e:e8:
dc:ed:c1:41:d5:32:fa:b6:fd:66:db:de:8e:a0:0f:
f3:c9:b3:e9:1e:7c:c9:88:1c:f1:02:09:d0:20:a6:
e0:02:ff:f8:a1:5e:13:68:1a:4d:fc:29:d0:ba:d9:
9f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BC:46:5F:97:53:77:82:6D:B4:D1:F3:37:74:9E:C0:62:45:27:10
X509v3 Authority Key Identifier:
keyid:60:76:BD:0B:A4:DB:79:7A:72:A6:8F:EF:F9:BF:B5:58:C4:43:98:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/YHa9C6TbeXpypo_v-b-1WMRDmLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YHa9C6TbeXpypo_v-b-1WMRDmLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9162EE1/752D42E88FD211EC948A937EC4F9AE02/844EFBDA766C11EF8CE33A86C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.173.150.0/23
116.204.193.0-116.204.195.255
IPv6:
2407:e8c0::/44
2407:e8c0:11::/48
2407:e8c0:4a00::-2407:e8c0:58ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5c:50:b4:c5:7f:bb:8c:1d:25:13:74:b0:ef:87:c6:e5:8d:83:
90:b2:4b:ce:01:b6:4e:9d:9b:b5:08:f1:83:6b:d2:e2:ff:5f:
f7:7d:3b:d3:0b:fd:0b:9c:39:14:b1:84:81:71:42:1a:98:3c:
cd:7a:89:96:0b:8c:40:2e:da:08:7f:d8:f5:1e:18:4b:90:61:
93:6b:e5:9a:a8:fe:28:30:cb:af:8a:3e:86:96:c8:8d:6c:f1:
cc:01:50:47:38:bf:d0:7f:0d:59:55:7c:13:30:49:e1:01:8b:
d3:8e:43:eb:11:52:54:17:57:c8:ef:6f:e6:ec:9c:5b:13:79:
da:8d:6a:e6:6c:4c:8c:56:2c:30:34:e3:01:e6:8d:4b:02:a5:
1b:db:eb:76:a9:14:6a:1d:1e:ff:09:f5:83:dd:cf:c2:0c:52:
51:ad:56:19:4c:0a:0e:95:b9:d2:53:36:16:0e:16:c1:81:a8:
63:0c:33:27:39:4c:a7:99:77:c8:8f:70:08:92:c1:72:b3:23:
cd:3a:f5:cb:05:f3:67:5b:ac:c5:94:9a:be:0b:91:40:91:94:
62:6b:c4:f8:e6:ac:06:df:39:c2:05:fb:94:0e:f3:5a:9c:7f:
59:70:e5:61:12:9d:52:3a:43:8f:64:0e:99:b0:12:f1:b9:4d:
85:69:a0:ee
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICA4YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjJFRTExMTAvBgNVBAUTKDYwNzZCRDBCQTREQjc5N0E3MkE2OEZFRkY5QkZCNTU4
QzQ0Mzk4QjIwHhcNMjQxMDA5MDExNDUzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA1ZDkwZC04NjhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs8fANMvw4aQfB4UAnyvehwKsAdLck7pgkDxgTi+eJRMe5DVnuWonrGpWTAg4
WBDhmdMCUArW2QyXiJL4GRqzvmBErUrWdOHsFMrITuaH/BSt67jRqsfFB1urQjk+
S2/dnjXD9BVXkd3QnvNElz4gSbwOjhFnUvZvAJyebKfm/uxdtUaeOUFhZ6no9USm
YhoTXr62aZRBmAcf5gdxSBjcJ7Xc/3pcBvsKROsE7xBbMy6048MvvcPdVu4u0mcl
pdPjJ0hy1WLBLgdmZw89QWi1bujc7cFB1TL6tv1m296OoA/zybPpHnzJiBzxAgnQ
IKbgAv/4oV4TaBpN/CnQutmfNQIDAQABo4ICzzCCAsswHQYDVR0OBBYEFJa8Rl+X
U3eCbbTR8zd0nsBiRScQMB8GA1UdIwQYMBaAFGB2vQuk23l6cqaP7/m/tVjEQ5iy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MkVFMS83NTJENDJFODhG
RDIxMUVDOTQ4QTkzN0VDNEY5QUUwMi9ZSGE5QzZUYmVYcHlwb192LWItMVdNUkRt
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lIYTlDNlRiZVhweXBvX3YtYi0xV01SRG1MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjJFRTEvNzUyRDQyRTg4RkQyMTFFQzk0OEE5MzdFQzRGOUFFMDIvODQ0RUZCREE3
NjZDMTFFRjhDRTMzQTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMBoEAgABMBQDBAFnrZYwDAMEAHTMwQMEAnTMwDAqBAIAAjAkAwcEJAfowAAA
AwcAJAfowAARMBADBgEkB+jASgMGACQH6MBYMA0GCSqGSIb3DQEBCwUAA4IBAQBc
ULTFf7uMHSUTdLDvh8bljYOQskvOAbZOnZu1CPGDa9Li/1/3fTvTC/0LnDkUsYSB
cUIamDzNeomWC4xALtoIf9j1HhhLkGGTa+WaqP4oMMuvij6GlsiNbPHMAVBHOL/Q
fw1ZVXwTMEnhAYvTjkPrEVJUF1fI72/m7JxbE3najWrmbEyMViwwNOMB5o1LAqUb
2+t2qRRqHR7/CfWD3c/CDFJRrVYZTAoOlbnSUzYWDhbBgahjDDMnOUynmXfIj3AI
ksFysyPNOvXLBfNnW6zFlJq+C5FAkZRia8T45qwG3znCBfuUDvNanH9ZcOVhEp1S
OkOPZA6ZsBLxuU2FaaDu
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:31:54 2024 by rpki-client on console-fra.rpki-client.org