Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/C74924EE159F11EEBCFC135CC4F9AE02.roa
File: C74924EE159F11EEBCFC135CC4F9AE02.roa (raw, json)
Hash identifier: 6QYV9FQpqrhneDa4DXvOdtP1INWlFJdLfJWnJ4N05bI=
Subject key identifier: 07:43:48:17:70:76:06:E1:E1:FE:99:2E:B9:86:E4:3D:FD:6C:8F:91
Certificate issuer: /CN=A9171D35/serialNumber=27B9176D7501AC46FDA01926BABE7EBF095F928E
Certificate serial: 0E1D
Authority key identifier: 27:B9:17:6D:75:01:AC:46:FD:A0:19:26:BA:BE:7E:BF:09:5F:92:8E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7kXbXUBrEb9oBkmur5-vwlfko4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/C74924EE159F11EEBCFC135CC4F9AE02.roa
Signing time: Thu 04 Jul 2024 18:15:58 +0000
ROA not before: Thu 04 Jul 2024 18:15:58 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 136732
IP address blocks: 103.94.216.0/22 maxlen: 22
103.94.216.0/23 maxlen: 23
103.94.216.0/24 maxlen: 24
103.94.217.0/24 maxlen: 24
103.94.218.0/23 maxlen: 23
103.94.218.0/24 maxlen: 24
103.94.219.0/24 maxlen: 24
2401:50c0::/32 maxlen: 32
2401:50c0::/48 maxlen: 48
2401:50c0:1::/48 maxlen: 48
2401:50c0:2::/48 maxlen: 48
2401:50c0:3::/48 maxlen: 48
2401:50c0:4::/48 maxlen: 48
2401:50c0:5::/48 maxlen: 48
2401:50c0:6::/48 maxlen: 48
2401:50c0:7::/48 maxlen: 48
2401:50c0:9::/48 maxlen: 48
2401:50c0:1a::/48 maxlen: 48
2401:50c0:1000::/48 maxlen: 48
2401:50c0:1001::/48 maxlen: 48
2401:50c0:1002::/48 maxlen: 48
2401:50c0:1003::/48 maxlen: 48
2401:50c0:1004::/48 maxlen: 48
2401:50c0:1005::/48 maxlen: 48
2401:50c0:1006::/48 maxlen: 48
2401:50c0:1007::/48 maxlen: 48
2401:50c0:1008::/48 maxlen: 48
2401:50c0:1009::/48 maxlen: 48
2401:50c0:100a::/48 maxlen: 48
2401:50c0:100b::/48 maxlen: 48
2401:50c0:100c::/48 maxlen: 48
2401:50c0:100d::/48 maxlen: 48
2401:50c0:100e::/48 maxlen: 48
2401:50c0:100f::/48 maxlen: 48
2401:50c0:1010::/48 maxlen: 48
2401:50c0:1011::/48 maxlen: 48
2401:50c0:1012::/48 maxlen: 48
2401:50c0:1013::/48 maxlen: 48
2401:50c0:1014::/48 maxlen: 48
2401:50c0:1015::/48 maxlen: 48
2401:50c0:1016::/48 maxlen: 48
2401:50c0:1017::/48 maxlen: 48
2401:50c0:1018::/48 maxlen: 48
2401:50c0:1019::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/J7kXbXUBrEb9oBkmur5-vwlfko4.crl
rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/J7kXbXUBrEb9oBkmur5-vwlfko4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7kXbXUBrEb9oBkmur5-vwlfko4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 17:43:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3613 (0xe1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9171D35/serialNumber=27B9176D7501AC46FDA01926BABE7EBF095F928E
Validity
Not Before: Jul 4 18:15:58 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6686e6dd-1484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e4:1c:cf:83:42:d2:d1:79:d7:3b:4e:e1:82:
4c:fc:b7:15:4f:85:5e:a2:75:60:e2:f6:39:fd:1b:
0d:4c:8b:c9:ab:bd:11:7f:3a:92:fa:c2:ae:8d:86:
b1:9b:58:cb:57:f7:d7:80:13:5c:6b:fc:92:3b:17:
c5:1d:11:6c:55:21:29:ac:d9:01:fe:80:80:90:cd:
2c:93:b6:71:87:e1:96:1e:f5:a8:70:68:f6:75:83:
c7:c8:df:c1:3d:0d:37:a9:ac:6f:f7:48:0b:73:23:
17:c0:33:e7:22:3a:97:cc:02:0e:c0:45:ff:9b:2e:
7b:0c:2d:89:e2:18:6b:52:12:4d:7e:c8:33:75:54:
86:13:15:9c:3a:e8:67:a5:9d:f5:53:61:3c:de:47:
d7:6c:d7:ba:3e:95:ff:d0:c9:ea:31:99:92:d6:6a:
b9:6e:d0:33:6c:25:40:e0:f1:88:e0:3e:f3:41:3d:
e5:bc:77:50:8b:39:d0:26:2b:e0:36:5a:5d:c3:3a:
7b:c2:53:c9:84:e2:7a:6c:e7:64:1a:fa:ea:f8:27:
e8:35:8b:6c:c6:c7:7d:1d:44:f6:42:85:23:55:6e:
e8:35:88:ca:a0:be:fa:93:51:78:7b:26:28:f1:36:
fd:e1:07:4a:05:be:1a:22:c9:5b:f9:a5:7a:45:6e:
23:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:43:48:17:70:76:06:E1:E1:FE:99:2E:B9:86:E4:3D:FD:6C:8F:91
X509v3 Authority Key Identifier:
keyid:27:B9:17:6D:75:01:AC:46:FD:A0:19:26:BA:BE:7E:BF:09:5F:92:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/J7kXbXUBrEb9oBkmur5-vwlfko4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7kXbXUBrEb9oBkmur5-vwlfko4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/C74924EE159F11EEBCFC135CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.94.216.0/22
IPv6:
2401:50c0::/32
Signature Algorithm: sha256WithRSAEncryption
99:ed:55:95:33:07:b9:ad:21:89:9b:98:a2:97:c1:09:a8:61:
ca:02:1e:e3:1c:28:ba:de:e7:ee:d3:46:82:b5:aa:46:c7:79:
6f:4a:fe:5e:6c:af:69:20:f2:a3:96:04:9e:d5:61:8b:8e:5c:
77:d2:31:4f:8e:86:a0:66:0b:92:2e:c1:98:d9:74:2b:c3:30:
b5:48:2c:41:78:35:3c:34:ec:18:7c:f6:ac:62:c8:61:ed:b3:
d9:d6:5a:5f:a4:65:d9:2d:c7:90:7c:4f:52:e9:93:47:33:c7:
72:58:12:de:ef:9f:7a:78:e3:10:29:24:44:cb:59:6d:db:77:
8e:2e:bf:78:29:ac:f9:32:19:63:17:0d:33:e4:5a:6b:b8:c4:
1f:c3:64:d6:47:3c:35:a0:94:2c:2c:67:b1:10:85:26:55:c0:
b6:1f:e5:87:25:c9:72:e6:08:e1:db:bc:f3:b4:31:7c:59:6d:
c8:26:02:6d:ad:ea:d1:0b:87:13:88:67:33:62:8e:c2:02:d8:
5e:f1:5d:f8:91:34:0f:44:65:e8:c2:8b:36:c9:fd:51:30:16:
84:0a:18:4e:6f:41:96:ec:29:3b:47:5b:db:3a:4f:fa:84:57:
e7:2e:0d:4c:fa:70:23:4c:f3:16:c3:fa:a6:dc:ce:99:5f:3e:
53:db:57:b6
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDh0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzFEMzUxMTAvBgNVBAUTKDI3QjkxNzZENzUwMUFDNDZGREEwMTkyNkJBQkU3RUJG
MDk1RjkyOEUwHhcNMjQwNzA0MTgxNTU4WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg2ZTZkZC0xNDg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwuQcz4NC0tF51ztO4YJM/LcVT4VeonVg4vY5/RsNTIvJq70RfzqS+sKujYax
m1jLV/fXgBNca/ySOxfFHRFsVSEprNkB/oCAkM0sk7Zxh+GWHvWocGj2dYPHyN/B
PQ03qaxv90gLcyMXwDPnIjqXzAIOwEX/my57DC2J4hhrUhJNfsgzdVSGExWcOuhn
pZ31U2E83kfXbNe6PpX/0MnqMZmS1mq5btAzbCVA4PGI4D7zQT3lvHdQiznQJivg
Nlpdwzp7wlPJhOJ6bOdkGvrq+CfoNYtsxsd9HUT2QoUjVW7oNYjKoL76k1F4eyYo
8Tb94QdKBb4aIslb+aV6RW4jjQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFAdDSBdw
dgbh4f6ZLrmG5D39bI+RMB8GA1UdIwQYMBaAFCe5F211AaxG/aAZJrq+fr8JX5KO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUQzNS9FQTREQ0ExQzhF
REExMUU5OEQyMDYxNDFDNEY5QUUwMi9KN2tYYlhVQnJFYjlvQmttdXI1LXZ3bGZr
bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0o3a1hiWFVCckViOW9Ca211cjUtdndsZmtvNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzFEMzUvRUE0RENBMUM4RURBMTFFOThEMjA2MTQxQzRGOUFFMDIvQzc0OTI0RUUx
NTlGMTFFRUJDRkMxMzVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnXtgwDQQCAAIwBwMFACQBUMAwDQYJKoZIhvcNAQELBQAD
ggEBAJntVZUzB7mtIYmbmKKXwQmoYcoCHuMcKLre5+7TRoK1qkbHeW9K/l5sr2kg
8qOWBJ7VYYuOXHfSMU+OhqBmC5IuwZjZdCvDMLVILEF4NTw07Bh89qxiyGHts9nW
Wl+kZdktx5B8T1Lpk0czx3JYEt7vn3p44xApJETLWW3bd44uv3gprPkyGWMXDTPk
Wmu4xB/DZNZHPDWglCwsZ7EQhSZVwLYf5YclyXLmCOHbvPO0MXxZbcgmAm2t6tEL
hxOIZzNijsIC2F7xXfiRNA9EZejCizbJ/VEwFoQKGE5vQZbsKTtHW9s6T/qEV+cu
DUz6cCNM8xbD+qbczplfPlPbV7Y=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:44:59 2024 by rpki-client on console-fra.rpki-client.org