Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91775B7/08A49BD21DA211E29364959408B02CD2/92210D6AB66711EC86445C11C4F9AE02.roa
File: 92210D6AB66711EC86445C11C4F9AE02.roa (raw, json)
Hash identifier: d5k3YRL/FAKw8Wd7VKIcrrwAMtmamoxhcmJJDByEkkQ=
Subject key identifier: 24:0E:0A:78:F7:5E:D5:90:2D:D9:BE:BD:BC:B9:F3:1B:AA:9D:22:5A
Certificate issuer: /CN=A91775B7/serialNumber=7A8F8E6A0E58F575FC7DE1CD838479D7F73FE279
Certificate serial: 3425
Authority key identifier: 7A:8F:8E:6A:0E:58:F5:75:FC:7D:E1:CD:83:84:79:D7:F7:3F:E2:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eo-Oag5Y9XX8feHNg4R51_c_4nk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91775B7/08A49BD21DA211E29364959408B02CD2/92210D6AB66711EC86445C11C4F9AE02.roa
Signing time: Wed 02 Oct 2024 15:21:14 +0000
ROA not before: Wed 02 Oct 2024 15:21:14 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 45910
IP address blocks: 103.11.228.0/24 maxlen: 24
103.11.229.0/24 maxlen: 24
103.11.230.0/24 maxlen: 24
103.11.231.0/24 maxlen: 24
103.15.20.0/24 maxlen: 24
103.15.21.0/24 maxlen: 24
103.15.22.0/24 maxlen: 24
103.15.23.0/24 maxlen: 24
180.188.192.0/24 maxlen: 24
180.188.193.0/24 maxlen: 24
180.188.194.0/24 maxlen: 24
180.188.195.0/24 maxlen: 24
182.173.76.0/24 maxlen: 24
182.173.77.0/24 maxlen: 24
182.173.78.0/24 maxlen: 24
182.173.79.0/24 maxlen: 24
2404:fc00::/32 maxlen: 32
2404:fc00:20::/48 maxlen: 48
2404:fc00:21::/48 maxlen: 48
2404:fc00:22::/48 maxlen: 48
2404:fc00:23::/48 maxlen: 48
2404:fc00:76::/48 maxlen: 48
2404:fc00:77::/48 maxlen: 48
2404:fc00:78::/48 maxlen: 48
2404:fc00:79::/48 maxlen: 48
2404:fc00:192::/48 maxlen: 48
2404:fc00:193::/48 maxlen: 48
2404:fc00:194::/48 maxlen: 48
2404:fc00:195::/48 maxlen: 48
2404:fc00:230::/48 maxlen: 48
2404:fc00:231::/48 maxlen: 48
2404:fc00:1001::/48 maxlen: 48
2404:fc00:1002::/48 maxlen: 48
2404:fc00:1003::/48 maxlen: 48
2404:fc00:1004::/48 maxlen: 48
2404:fc00:1005::/48 maxlen: 48
2404:fc00:1006::/48 maxlen: 48
2404:fc00:1007::/48 maxlen: 48
2404:fc00:1008::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91775B7/08A49BD21DA211E29364959408B02CD2/eo-Oag5Y9XX8feHNg4R51_c_4nk.crl
rsync://rpki.apnic.net/member_repository/A91775B7/08A49BD21DA211E29364959408B02CD2/eo-Oag5Y9XX8feHNg4R51_c_4nk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eo-Oag5Y9XX8feHNg4R51_c_4nk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 15:07:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13349 (0x3425)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91775B7/serialNumber=7A8F8E6A0E58F575FC7DE1CD838479D7F73FE279
Validity
Not Before: Oct 2 15:21:14 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=66fd64e9-2d56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:45:12:a9:a5:54:35:94:3c:7b:8b:47:63:f2:
65:e5:5c:01:43:7d:0e:5c:07:7b:1f:ad:d2:66:61:
b0:03:ee:ad:ee:29:5d:86:8d:b2:8f:73:1d:94:4e:
d3:02:c0:86:b4:26:32:0f:71:e0:91:c0:89:ae:14:
fc:60:b4:ec:11:68:c7:63:4e:56:1e:09:c1:3f:21:
c9:c4:99:53:fb:76:ad:a8:af:67:11:89:6e:0b:a1:
0e:bb:49:25:07:fa:61:b6:28:56:74:6d:eb:c4:d1:
21:d7:41:f4:ab:b8:63:90:0d:5c:95:24:2b:c4:78:
09:3d:a5:51:cd:cc:6e:eb:cf:c9:99:2b:4d:b6:57:
c4:59:23:8a:ef:d6:dc:24:b9:d1:f0:3c:15:ee:19:
d4:fb:2e:e6:e4:fc:59:8f:b7:ea:24:ed:5f:df:04:
7a:77:53:1c:67:a1:f0:25:4e:f7:1e:76:01:76:b7:
1d:a3:2c:20:88:5c:67:f0:6b:80:11:22:86:da:2f:
d7:57:75:0d:bb:39:a9:67:15:eb:c8:99:b6:6a:e4:
ae:61:d0:56:35:33:89:e1:31:dd:03:7d:94:6a:1f:
e8:69:6e:d1:2e:df:e2:eb:53:3f:11:33:46:66:2f:
cd:14:f4:21:7e:1d:38:cf:4e:85:f2:e2:fa:9e:4e:
43:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0E:0A:78:F7:5E:D5:90:2D:D9:BE:BD:BC:B9:F3:1B:AA:9D:22:5A
X509v3 Authority Key Identifier:
keyid:7A:8F:8E:6A:0E:58:F5:75:FC:7D:E1:CD:83:84:79:D7:F7:3F:E2:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91775B7/08A49BD21DA211E29364959408B02CD2/eo-Oag5Y9XX8feHNg4R51_c_4nk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eo-Oag5Y9XX8feHNg4R51_c_4nk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91775B7/08A49BD21DA211E29364959408B02CD2/92210D6AB66711EC86445C11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.228.0/22
103.15.20.0/22
180.188.192.0/22
182.173.76.0/22
IPv6:
2404:fc00::/32
Signature Algorithm: sha256WithRSAEncryption
7e:9d:ee:68:3d:ac:02:5d:15:40:77:0a:b5:9f:55:8d:7b:fe:
0c:ed:fd:00:91:f0:f7:98:cb:99:c5:aa:2e:2f:89:d5:64:71:
35:69:4e:99:23:88:6f:85:1a:19:11:34:12:6b:05:7a:7a:cc:
67:29:2a:e8:80:24:63:1f:42:13:3b:44:b5:5a:3e:1b:80:c9:
e8:b1:60:e5:94:cf:3f:00:75:b3:9a:fb:54:17:ed:4e:87:50:
72:72:bf:2f:fb:c3:bc:d2:15:be:27:1a:e2:d2:86:a4:b5:e3:
51:4e:5d:a2:b4:8d:3e:c9:ca:29:d2:7d:89:95:9d:74:71:24:
fb:15:9b:1f:ad:95:50:ff:be:ae:51:fc:f8:4a:52:28:47:e5:
6c:0d:45:b3:f5:6d:72:b6:ab:a7:97:57:19:dd:64:69:ca:db:
8a:d4:bb:3b:06:11:3a:5c:6d:24:dd:43:fe:f7:58:71:ca:88:
02:50:c5:c0:a6:13:42:17:0a:3c:55:47:ee:02:90:49:b5:be:
c6:49:3a:68:0d:14:1f:0e:7d:af:51:56:bc:3d:99:27:9e:52:
d1:eb:38:f3:1d:e7:da:1b:61:40:e4:b8:9e:b3:9b:11:31:d3:
f7:b0:5d:50:4f:75:0e:41:65:b1:73:f4:3e:ae:4e:43:14:80:
80:55:42:29
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICNCUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzc1QjcxMTAvBgNVBAUTKDdBOEY4RTZBMEU1OEY1NzVGQzdERTFDRDgzODQ3OUQ3
RjczRkUyNzkwHhcNMjQxMDAyMTUyMTE0WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZkNjRlOS0yZDU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoEUSqaVUNZQ8e4tHY/Jl5VwBQ30OXAd7H63SZmGwA+6t7ildho2yj3MdlE7T
AsCGtCYyD3HgkcCJrhT8YLTsEWjHY05WHgnBPyHJxJlT+3atqK9nEYluC6EOu0kl
B/phtihWdG3rxNEh10H0q7hjkA1clSQrxHgJPaVRzcxu68/JmStNtlfEWSOK79bc
JLnR8DwV7hnU+y7m5PxZj7fqJO1f3wR6d1McZ6HwJU73HnYBdrcdoywgiFxn8GuA
ESKG2i/XV3UNuzmpZxXryJm2auSuYdBWNTOJ4THdA32Uah/oaW7RLt/i61M/ETNG
Zi/NFPQhfh04z06F8uL6nk5DyQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFCQOCnj3
XtWQLdm+vby58xuqnSJaMB8GA1UdIwQYMBaAFHqPjmoOWPV1/H3hzYOEedf3P+J5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzVCNy8wOEE0OUJEMjFE
QTIxMUUyOTM2NDk1OTQwOEIwMkNEMi9lby1PYWc1WTlYWDhmZUhOZzRSNTFfY180
bmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VvLU9hZzVZOVhYOGZlSE5nNFI1MV9jXzRuay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzc1QjcvMDhBNDlCRDIxREEyMTFFMjkzNjQ5NTk0MDhCMDJDRDIvOTIyMTBENkFC
NjY3MTFFQzg2NDQ1QzExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnC+QDBAJnDxQDBAK0vMADBAK2rUwwDQQCAAIwBwMFACQE
/AAwDQYJKoZIhvcNAQELBQADggEBAH6d7mg9rAJdFUB3CrWfVY17/gzt/QCR8PeY
y5nFqi4vidVkcTVpTpkjiG+FGhkRNBJrBXp6zGcpKuiAJGMfQhM7RLVaPhuAyeix
YOWUzz8AdbOa+1QX7U6HUHJyvy/7w7zSFb4nGuLShqS141FOXaK0jT7JyinSfYmV
nXRxJPsVmx+tlVD/vq5R/PhKUihH5WwNRbP1bXK2q6eXVxndZGnK24rUuzsGETpc
bSTdQ/73WHHKiAJQxcCmE0IXCjxVR+4CkEm1vsZJOmgNFB8Ofa9RVrw9mSeeUtHr
OPMd59obYUDkuJ6zmxEx0/ewXVBPdQ5BZbFz9D6uTkMUgIBVQik=
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:55:49 2024 by rpki-client on console-fra.rpki-client.org