Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/C74924EE159F11EEBCFC135CC4F9AE02.roa
File: C74924EE159F11EEBCFC135CC4F9AE02.roa (raw, json)
Hash identifier: UrjQq7PIBs5lKsBrQnwGq822JYG0LWKYh2tvAHwa9aI=
Subject key identifier: 05:00:85:D9:CF:4C:BF:20:77:83:AA:89:0F:A3:9C:1D:B2:F0:4B:A6
Certificate issuer: /CN=A9171D35/serialNumber=27B9176D7501AC46FDA01926BABE7EBF095F928E
Certificate serial: 0D57
Authority key identifier: 27:B9:17:6D:75:01:AC:46:FD:A0:19:26:BA:BE:7E:BF:09:5F:92:8E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7kXbXUBrEb9oBkmur5-vwlfko4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/C74924EE159F11EEBCFC135CC4F9AE02.roa
Signing time: Wed 28 Jun 2023 10:37:29 +0000
ROA not before: Wed 28 Jun 2023 10:37:29 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 136732
IP address blocks: 103.94.216.0/22 maxlen: 22
103.94.216.0/23 maxlen: 23
103.94.216.0/24 maxlen: 24
103.94.217.0/24 maxlen: 24
103.94.218.0/23 maxlen: 23
103.94.218.0/24 maxlen: 24
103.94.219.0/24 maxlen: 24
2401:50c0::/32 maxlen: 32
2401:50c0::/48 maxlen: 48
2401:50c0:1::/48 maxlen: 48
2401:50c0:2::/48 maxlen: 48
2401:50c0:3::/48 maxlen: 48
2401:50c0:4::/48 maxlen: 48
2401:50c0:5::/48 maxlen: 48
2401:50c0:6::/48 maxlen: 48
2401:50c0:7::/48 maxlen: 48
2401:50c0:9::/48 maxlen: 48
2401:50c0:1a::/48 maxlen: 48
2401:50c0:1000::/48 maxlen: 48
2401:50c0:1001::/48 maxlen: 48
2401:50c0:1002::/48 maxlen: 48
2401:50c0:1003::/48 maxlen: 48
2401:50c0:1004::/48 maxlen: 48
2401:50c0:1005::/48 maxlen: 48
2401:50c0:1006::/48 maxlen: 48
2401:50c0:1007::/48 maxlen: 48
2401:50c0:1008::/48 maxlen: 48
2401:50c0:1009::/48 maxlen: 48
2401:50c0:100a::/48 maxlen: 48
2401:50c0:100b::/48 maxlen: 48
2401:50c0:100c::/48 maxlen: 48
2401:50c0:100d::/48 maxlen: 48
2401:50c0:100e::/48 maxlen: 48
2401:50c0:100f::/48 maxlen: 48
2401:50c0:1010::/48 maxlen: 48
2401:50c0:1011::/48 maxlen: 48
2401:50c0:1012::/48 maxlen: 48
2401:50c0:1013::/48 maxlen: 48
2401:50c0:1014::/48 maxlen: 48
2401:50c0:1015::/48 maxlen: 48
2401:50c0:1016::/48 maxlen: 48
2401:50c0:1017::/48 maxlen: 48
2401:50c0:1018::/48 maxlen: 48
2401:50c0:1019::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/J7kXbXUBrEb9oBkmur5-vwlfko4.crl
rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/J7kXbXUBrEb9oBkmur5-vwlfko4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7kXbXUBrEb9oBkmur5-vwlfko4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 31 May 2024 18:34:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3415 (0xd57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9171D35/serialNumber=27B9176D7501AC46FDA01926BABE7EBF095F928E
Validity
Not Before: Jun 28 10:37:29 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=649c0d68-31f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:cb:b1:d0:d9:6d:b0:41:e7:0f:39:91:d1:3b:
01:50:96:64:67:bc:5e:00:73:63:f5:26:9a:92:ca:
f2:80:e2:e0:9c:fd:be:db:c2:4c:b0:17:4b:2e:32:
25:2c:5b:ff:80:c0:f7:01:a3:bd:b8:6c:df:dc:2e:
93:84:c0:31:a4:67:45:6d:a4:55:a6:92:8c:9a:71:
1d:a0:b7:c7:c9:9d:e7:5b:5d:9f:a7:c9:5f:a2:e8:
26:c1:3f:0e:b3:e6:0d:fc:6b:c4:2a:b1:2e:ad:0b:
dd:8d:b4:9c:49:54:f6:ce:dc:b8:82:ba:d1:d9:53:
5f:09:f6:61:db:8e:9e:01:84:0c:46:36:61:d2:94:
d8:4a:5d:17:fd:a3:6a:20:69:97:38:e9:74:61:f1:
6d:95:2d:08:b9:69:6b:82:ae:a1:6f:3d:e5:12:ae:
b3:b0:c1:f1:3f:ae:a3:3c:ab:bb:c1:9a:b9:9e:b8:
b9:38:01:bf:4a:ac:0c:5b:7d:0f:ea:a4:2a:25:d5:
a9:ee:95:fc:ca:b3:60:ca:6f:95:f8:ca:36:de:76:
cb:6e:a1:fc:19:30:a3:59:c7:4c:b1:37:4e:ae:8f:
df:80:ad:dc:85:08:89:9e:3d:c1:24:22:97:09:e6:
16:cf:4d:84:2a:3c:ce:af:b0:26:da:b6:44:c6:03:
0c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:00:85:D9:CF:4C:BF:20:77:83:AA:89:0F:A3:9C:1D:B2:F0:4B:A6
X509v3 Authority Key Identifier:
keyid:27:B9:17:6D:75:01:AC:46:FD:A0:19:26:BA:BE:7E:BF:09:5F:92:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/J7kXbXUBrEb9oBkmur5-vwlfko4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7kXbXUBrEb9oBkmur5-vwlfko4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/C74924EE159F11EEBCFC135CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.94.216.0/22
IPv6:
2401:50c0::/32
Signature Algorithm: sha256WithRSAEncryption
56:39:3e:69:2e:6b:64:b8:f6:5d:7b:c5:aa:c7:cb:e2:69:07:
ce:14:fd:b4:6b:96:e5:67:a5:29:b6:5a:8d:4e:9c:84:df:c1:
b7:bb:cb:0d:5e:e3:86:b1:fd:81:ae:bb:40:9a:97:c0:8b:f8:
cb:ea:4c:50:bb:26:a7:a5:35:a0:11:5e:94:f5:5d:72:f8:20:
83:18:4a:6d:6b:92:46:95:10:86:b2:0f:4a:17:c4:8c:64:3f:
9a:ff:4b:66:9c:52:76:c7:6a:c9:13:09:93:25:ae:1a:2d:0c:
8a:c1:67:4a:32:e0:1c:47:c9:84:69:06:52:70:a7:43:d5:a2:
eb:78:35:8f:c3:c4:79:9b:5e:3e:21:ee:48:d7:29:a1:4c:08:
78:54:8b:fd:a1:0f:9d:64:5f:64:e4:a7:f0:53:ff:03:72:e0:
9b:3e:64:dc:3c:f9:32:20:94:99:9e:65:a7:be:17:f4:70:41:
8f:69:4b:e1:bb:51:83:6f:d3:a2:d3:f6:cc:38:26:a6:1f:80:
37:0e:7e:63:fb:ee:a2:b8:24:7c:77:11:60:ea:e2:04:13:64:
35:aa:8e:ce:9a:26:41:57:fe:87:6f:d4:66:64:94:9e:b1:6f:
78:32:3b:1b:a8:fe:ad:e1:f9:70:bb:23:06:4d:23:47:73:4e:
c5:d2:10:2c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDVcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzFEMzUxMTAvBgNVBAUTKDI3QjkxNzZENzUwMUFDNDZGREEwMTkyNkJBQkU3RUJG
MDk1RjkyOEUwHhcNMjMwNjI4MTAzNzI5WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDljMGQ2OC0zMWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx8ux0NltsEHnDzmR0TsBUJZkZ7xeAHNj9SaaksrygOLgnP2+28JMsBdLLjIl
LFv/gMD3AaO9uGzf3C6ThMAxpGdFbaRVppKMmnEdoLfHyZ3nW12fp8lfougmwT8O
s+YN/GvEKrEurQvdjbScSVT2zty4grrR2VNfCfZh246eAYQMRjZh0pTYSl0X/aNq
IGmXOOl0YfFtlS0IuWlrgq6hbz3lEq6zsMHxP66jPKu7wZq5nri5OAG/SqwMW30P
6qQqJdWp7pX8yrNgym+V+Mo23nbLbqH8GTCjWcdMsTdOro/fgK3chQiJnj3BJCKX
CeYWz02EKjzOr7Am2rZExgMMVwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAUAhdnP
TL8gd4OqiQ+jnB2y8EumMB8GA1UdIwQYMBaAFCe5F211AaxG/aAZJrq+fr8JX5KO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUQzNS9FQTREQ0ExQzhF
REExMUU5OEQyMDYxNDFDNEY5QUUwMi9KN2tYYlhVQnJFYjlvQmttdXI1LXZ3bGZr
bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0o3a1hiWFVCckViOW9Ca211cjUtdndsZmtvNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzFEMzUvRUE0RENBMUM4RURBMTFFOThEMjA2MTQxQzRGOUFFMDIvQzc0OTI0RUUx
NTlGMTFFRUJDRkMxMzVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnXtgwDQQCAAIwBwMFACQBUMAwDQYJKoZIhvcNAQELBQAD
ggEBAFY5Pmkua2S49l17xarHy+JpB84U/bRrluVnpSm2Wo1OnITfwbe7yw1e44ax
/YGuu0Cal8CL+MvqTFC7JqelNaARXpT1XXL4IIMYSm1rkkaVEIayD0oXxIxkP5r/
S2acUnbHaskTCZMlrhotDIrBZ0oy4BxHyYRpBlJwp0PVout4NY/DxHmbXj4h7kjX
KaFMCHhUi/2hD51kX2Tkp/BT/wNy4Js+ZNw8+TIglJmeZae+F/RwQY9pS+G7UYNv
06LT9sw4JqYfgDcOfmP77qK4JHx3EWDq4gQTZDWqjs6aJkFX/odv1GZklJ6xb3gy
Oxuo/q3h+XC7IwZNI0dzTsXSECw=
-----END CERTIFICATE-----
Generated at Fri May 24 21:43:07 2024 by rpki-client on console-ams.rpki-client.org