Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/41969D1C8F3011EEA61ACF62C4F9AE02.roa
File: 41969D1C8F3011EEA61ACF62C4F9AE02.roa (raw, json)
Hash identifier: W7ba5JYerHkkZ4+27LlJwNkE8nn+BEtnpt42cK9Iauc=
Subject key identifier: 01:F3:6D:17:11:8E:BB:D3:17:75:3D:6E:5D:E8:7C:3B:7E:8F:FF:0F
Certificate issuer: /CN=A9179F22/serialNumber=FCF753D346AAAB95AB14C6267515CDF13F80FBBB
Certificate serial: 5E
Authority key identifier: FC:F7:53:D3:46:AA:AB:95:AB:14:C6:26:75:15:CD:F1:3F:80:FB:BB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_PdT00aqq5WrFMYmdRXN8T-A-7s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/41969D1C8F3011EEA61ACF62C4F9AE02.roa
Signing time: Fri 26 Apr 2024 05:08:19 +0000
ROA not before: Fri 26 Apr 2024 05:08:19 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 16509
IP address blocks: 103.150.252.0/24 maxlen: 24
2400:a4a0:1::/48 maxlen: 48
2400:a4a0:30::/48 maxlen: 48
2400:a4a0:40::/48 maxlen: 48
2400:a4a0:41::/48 maxlen: 48
2400:a4a0:42::/48 maxlen: 48
2400:a4a0:90::/48 maxlen: 48
2400:a4a0:100::/48 maxlen: 48
2400:a4a0:101::/48 maxlen: 48
2400:a4a0:115::/48 maxlen: 48
2400:a4a0:a100::/48 maxlen: 48
2400:a4a0:aaa2::/48 maxlen: 48
2400:a4a0:aaa3::/48 maxlen: 48
2400:a4a0:aaa4::/48 maxlen: 48
2400:a4a0:aaa5::/48 maxlen: 48
2400:a4a0:b100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/_PdT00aqq5WrFMYmdRXN8T-A-7s.crl
rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/_PdT00aqq5WrFMYmdRXN8T-A-7s.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_PdT00aqq5WrFMYmdRXN8T-A-7s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 08 May 2024 08:12:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94 (0x5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9179F22/serialNumber=FCF753D346AAAB95AB14C6267515CDF13F80FBBB
Validity
Not Before: Apr 26 05:08:19 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=662b36c2-492f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fa:6d:ac:b9:20:27:75:d1:17:a2:32:a6:b3:
73:3e:13:bb:93:47:28:30:a4:6c:9f:69:25:38:6f:
e2:c8:96:17:73:2d:05:77:6c:79:aa:c7:4e:2a:5e:
a5:eb:07:b0:b7:1e:46:ce:f1:05:cd:f7:2e:9c:80:
3a:7a:4a:6d:f8:7b:b6:19:f2:97:13:32:2b:c3:13:
c4:64:c0:e2:38:33:d6:34:34:7d:3c:45:4c:e0:b0:
43:7e:a3:24:62:df:c5:5c:cc:5e:bc:3b:6a:f7:05:
a2:ee:5b:85:a4:d7:54:4c:18:74:a4:e0:bc:73:72:
c5:08:5f:61:1f:e1:25:13:3e:31:b2:bf:2f:a7:38:
a5:85:33:a5:9e:81:2b:47:38:bf:7d:0b:17:c6:12:
19:a5:8c:c1:26:50:db:61:60:1d:67:7a:72:54:97:
02:68:c3:98:e6:91:3b:9d:0f:bf:ad:b1:cb:44:a2:
1d:1f:88:27:19:49:a8:da:2f:dd:ee:93:e1:1e:8b:
5c:b0:0d:80:5b:4b:ff:35:e1:16:89:e7:92:9e:fd:
55:a7:36:8e:ce:b5:2a:2e:a5:46:7d:7f:bc:ef:e6:
2a:ef:19:c1:59:95:41:a3:38:d7:48:6d:51:a9:92:
2d:fa:8a:fd:31:25:6f:3e:47:39:0e:aa:cc:52:f5:
6c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F3:6D:17:11:8E:BB:D3:17:75:3D:6E:5D:E8:7C:3B:7E:8F:FF:0F
X509v3 Authority Key Identifier:
keyid:FC:F7:53:D3:46:AA:AB:95:AB:14:C6:26:75:15:CD:F1:3F:80:FB:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/_PdT00aqq5WrFMYmdRXN8T-A-7s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_PdT00aqq5WrFMYmdRXN8T-A-7s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9179F22/CF9BF5FE8F2F11EE9CBFD961C4F9AE02/41969D1C8F3011EEA61ACF62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.150.252.0/24
IPv6:
2400:a4a0:1::/48
2400:a4a0:30::/48
2400:a4a0:40::-2400:a4a0:42:ffff:ffff:ffff:ffff:ffff
2400:a4a0:90::/48
2400:a4a0:100::/47
2400:a4a0:115::/48
2400:a4a0:a100::/48
2400:a4a0:aaa2::-2400:a4a0:aaa5:ffff:ffff:ffff:ffff:ffff
2400:a4a0:b100::/48
Signature Algorithm: sha256WithRSAEncryption
69:04:1c:7e:4a:b2:83:96:d1:c7:47:cd:6e:b3:a5:20:80:fb:
fd:3b:1c:e9:b0:13:77:f7:81:64:d5:ed:94:ed:6c:44:ce:5f:
59:1f:ef:7d:22:9f:90:c4:bc:16:f2:eb:10:ba:8a:1b:ca:29:
f8:a1:da:67:1f:46:f4:76:a0:70:b5:6f:7a:92:47:ec:37:c2:
a8:88:45:13:44:4c:ba:5c:a9:a3:ac:59:fd:18:6b:32:97:04:
ac:24:0b:e3:f3:97:46:19:09:5e:ae:1c:ed:94:38:68:f3:8c:
5c:20:7a:2f:ae:2a:b1:49:80:e3:d0:62:32:e9:c1:cd:61:f0:
3e:9d:46:bb:7e:56:ad:a1:02:25:53:e7:4d:3e:82:1b:49:8b:
10:4d:17:53:2a:7b:ce:a9:1f:50:a1:5f:c4:22:c8:e4:d2:31:
94:97:17:cd:de:57:cf:04:67:34:fa:93:ef:8f:bd:3a:f1:62:
4d:37:ab:96:3c:16:ea:49:a6:f3:1b:cb:67:8a:fa:48:79:c5:
a3:1c:d2:15:ef:cf:2d:c0:89:b5:27:ef:e7:70:e7:1c:3a:c5:
cf:93:f6:b6:1a:fa:be:cc:1e:71:f3:11:c1:e2:08:36:7c:84:
b8:26:0a:25:27:e8:01:f3:1b:97:e3:ad:36:77:75:59:31:0d:
87:c3:f3:1d
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgIBXjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
OUYyMjExMC8GA1UEBRMoRkNGNzUzRDM0NkFBQUI5NUFCMTRDNjI2NzUxNUNERjEz
RjgwRkJCQjAeFw0yNDA0MjYwNTA4MTlaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MmIzNmMyLTQ5MmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDU+m2suSAnddEXojKms3M+E7uTRygwpGyfaSU4b+LIlhdzLQV3bHmqx04qXqXr
B7C3HkbO8QXN9y6cgDp6Sm34e7YZ8pcTMivDE8RkwOI4M9Y0NH08RUzgsEN+oyRi
38VczF68O2r3BaLuW4Wk11RMGHSk4LxzcsUIX2Ef4SUTPjGyvy+nOKWFM6WegStH
OL99CxfGEhmljMEmUNthYB1nenJUlwJow5jmkTudD7+tsctEoh0fiCcZSajaL93u
k+Eei1ywDYBbS/814RaJ55Ke/VWnNo7OtSoupUZ9f7zv5irvGcFZlUGjONdIbVGp
ki36iv0xJW8+RzkOqsxS9WzLAgMBAAGjggMFMIIDATAdBgNVHQ4EFgQUAfNtFxGO
u9MXdT1uXeh8O36P/w8wHwYDVR0jBBgwFoAU/PdT00aqq5WrFMYmdRXN8T+A+7sw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc5RjIyL0NGOUJGNUZFOEYy
RjExRUU5Q0JGRDk2MUM0RjlBRTAyL19QZFQwMGFxcTVXckZNWW1kUlhOOFQtQS03
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvX1BkVDAwYXFxNVdyRk1ZbWRSWE44VC1BLTdzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
OUYyMi9DRjlCRjVGRThGMkYxMUVFOUNCRkQ5NjFDNEY5QUUwMi80MTk2OUQxQzhG
MzAxMUVFQTYxQUNGNjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCBjgYIKwYBBQUHAQcBAf8E
fzB9MAwEAgABMAYDBABnlvwwbQQCAAIwZwMHACQApKAAAQMHACQApKAAMDASAwcG
JACkoABAAwcAJACkoABCAwcAJACkoACQAwcBJACkoAEAAwcAJACkoAEVAwcAJACk
oKEAMBIDBwEkAKSgqqIDBwEkAKSgqqQDBwAkAKSgsQAwDQYJKoZIhvcNAQELBQAD
ggEBAGkEHH5KsoOW0cdHzW6zpSCA+/07HOmwE3f3gWTV7ZTtbETOX1kf730in5DE
vBby6xC6ihvKKfih2mcfRvR2oHC1b3qSR+w3wqiIRRNETLpcqaOsWf0YazKXBKwk
C+Pzl0YZCV6uHO2UOGjzjFwgei+uKrFJgOPQYjLpwc1h8D6dRrt+Vq2hAiVT500+
ghtJixBNF1Mqe86pH1ChX8QiyOTSMZSXF83eV88EZzT6k++PvTrxYk03q5Y8FupJ
pvMby2eK+kh5xaMc0hXvzy3AibUn7+dw5xw6xc+T9rYa+r7MHnHzEcHiCDZ8hLgm
CiUn6AHzG5fjrTZ3dVkxDYfD8x0=
-----END CERTIFICATE-----
Generated at Wed May 1 10:33:40 2024 by rpki-client on console-fra.rpki-client.org