Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/054DC680CE7411EAA3A39A3EC4F9AE02.roa
File: 054DC680CE7411EAA3A39A3EC4F9AE02.roa (raw, json)
Hash identifier: jI5iigQ8cUJcsIOhuxWoRnC6qmQEBFHvEIO07FBDO0M=
Subject key identifier: 47:23:0C:C8:20:28:3B:0E:38:C9:54:DF:A1:F1:11:DF:16:40:41:A4
Certificate issuer: /CN=A917B9CB/serialNumber=33A7AEAFA5526DCDC56CF0876BBD41133E3D2479
Certificate serial: 33B7
Authority key identifier: 33:A7:AE:AF:A5:52:6D:CD:C5:6C:F0:87:6B:BD:41:13:3E:3D:24:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M6eur6VSbc3FbPCHa71BEz49JHk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/054DC680CE7411EAA3A39A3EC4F9AE02.roa
Signing time: Thu 04 Apr 2024 14:51:12 +0000
ROA not before: Thu 04 Apr 2024 14:51:12 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 132789
IP address blocks: 203.105.192.0/24 maxlen: 24
203.105.193.0/24 maxlen: 24
203.105.194.0/24 maxlen: 24
203.105.195.0/24 maxlen: 24
203.105.196.0/24 maxlen: 24
203.105.197.0/24 maxlen: 24
203.105.198.0/24 maxlen: 24
203.105.199.0/24 maxlen: 24
203.105.207.0/24 maxlen: 24
203.105.208.0/24 maxlen: 24
203.105.209.0/24 maxlen: 24
203.105.210.0/24 maxlen: 24
203.105.211.0/24 maxlen: 24
203.105.212.0/24 maxlen: 24
203.105.213.0/24 maxlen: 24
203.105.214.0/24 maxlen: 24
203.105.215.0/24 maxlen: 24
203.105.216.0/24 maxlen: 24
203.105.217.0/24 maxlen: 24
203.105.218.0/24 maxlen: 24
203.105.219.0/24 maxlen: 24
203.105.221.0/24 maxlen: 24
203.105.222.0/24 maxlen: 24
203.105.223.0/24 maxlen: 24
2402:3780::/48 maxlen: 48
2402:3780:2::/48 maxlen: 48
2402:3780:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/M6eur6VSbc3FbPCHa71BEz49JHk.crl
rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/M6eur6VSbc3FbPCHa71BEz49JHk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M6eur6VSbc3FbPCHa71BEz49JHk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13239 (0x33b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917B9CB/serialNumber=33A7AEAFA5526DCDC56CF0876BBD41133E3D2479
Validity
Not Before: Apr 4 14:51:12 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=660ebe60-ad39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:99:86:89:dd:f7:92:67:97:f1:a2:41:c0:bf:
fb:de:e0:25:3c:dd:b8:af:21:fc:90:ca:5e:60:d9:
75:89:eb:7e:38:6c:25:f7:7b:0a:58:66:01:2c:9c:
b0:48:48:69:d2:8f:a2:16:9a:43:47:7a:46:fb:60:
51:67:8f:d6:e0:a8:76:e8:dd:9d:94:bc:1d:eb:97:
08:86:19:2f:40:e8:b0:30:e1:be:30:57:d7:d3:ae:
4a:1c:07:96:ac:70:95:06:7a:cb:9f:a1:94:96:70:
a0:29:0a:53:9b:4e:24:26:ca:62:42:13:fd:aa:dc:
54:c4:df:90:50:fd:d6:fe:a5:6d:61:c8:6b:4b:c3:
ce:27:1d:6f:8c:9c:bc:83:7e:15:74:89:8c:90:4f:
50:ef:c3:37:98:c3:83:2f:b8:42:a3:44:0c:5e:18:
4c:5c:09:b7:92:9e:c4:19:30:52:57:9b:32:73:be:
0a:38:f5:5e:77:d0:78:ef:f9:fe:65:2d:cf:b2:97:
00:9b:a5:1e:7d:04:d1:49:d9:1d:52:1a:9b:47:e0:
56:0b:eb:ca:0f:b1:7b:d8:45:d1:a9:98:ea:1b:b5:
fd:e5:db:a2:2f:ec:98:23:d8:e0:4e:87:db:71:2c:
5f:f2:6c:e1:62:be:f3:85:ae:8f:23:3e:ca:5f:25:
92:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:23:0C:C8:20:28:3B:0E:38:C9:54:DF:A1:F1:11:DF:16:40:41:A4
X509v3 Authority Key Identifier:
keyid:33:A7:AE:AF:A5:52:6D:CD:C5:6C:F0:87:6B:BD:41:13:3E:3D:24:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/M6eur6VSbc3FbPCHa71BEz49JHk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M6eur6VSbc3FbPCHa71BEz49JHk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B9CB/6F6EDC601D8E11E2885CDFEC08B02CD2/054DC680CE7411EAA3A39A3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.105.192.0/21
203.105.207.0-203.105.219.255
203.105.221.0-203.105.223.255
IPv6:
2402:3780::/48
2402:3780:2::/48
2402:3780:1000::/48
Signature Algorithm: sha256WithRSAEncryption
2a:41:17:f6:23:c9:a5:f1:66:66:59:cc:5d:c0:98:04:5e:db:
2e:35:67:0a:f0:24:16:e4:40:e6:f1:e7:75:26:a4:28:f0:56:
52:48:b2:c7:28:f5:c6:b2:37:b9:07:c2:55:43:12:4b:0a:96:
44:63:5f:2e:f7:4b:05:2c:57:3b:93:1e:ad:42:b3:4f:14:1b:
90:fb:aa:96:eb:fd:26:88:80:74:00:6e:47:98:15:09:e5:b9:
f6:0c:97:a1:75:b8:c7:a2:f9:18:37:5d:08:e4:76:8b:aa:42:
78:fc:32:e9:e5:b0:9a:3f:b1:1c:2b:e8:60:f8:ca:0e:b8:b1:
bb:50:76:88:93:b9:27:43:26:04:8e:a6:a6:e7:3c:65:6d:07:
6c:e7:e9:53:9e:3c:f2:91:5c:45:65:74:97:9f:6d:a0:09:1e:
a4:6b:ba:62:7b:b5:68:e8:eb:5d:04:b1:cb:53:08:a3:aa:7c:
83:8a:36:71:d7:ae:c8:09:41:13:a4:91:2b:77:8c:cb:38:68:
dc:67:db:96:9b:86:bd:17:22:5d:db:f8:76:e7:ac:01:09:5b:
8b:7d:3c:0f:1e:f5:1c:35:f8:b1:a7:60:4b:39:02:8a:48:cb:
17:92:c5:da:fd:75:34:14:5c:84:43:eb:4a:a0:c8:3e:72:e8:
e2:03:a7:3f
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgICM7cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0I5Q0IxMTAvBgNVBAUTKDMzQTdBRUFGQTU1MjZEQ0RDNTZDRjA4NzZCQkQ0MTEz
M0UzRDI0NzkwHhcNMjQwNDA0MTQ1MTEyWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBlYmU2MC1hZDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmJmGid33kmeX8aJBwL/73uAlPN24ryH8kMpeYNl1iet+OGwl93sKWGYBLJyw
SEhp0o+iFppDR3pG+2BRZ4/W4Kh26N2dlLwd65cIhhkvQOiwMOG+MFfX065KHAeW
rHCVBnrLn6GUlnCgKQpTm04kJspiQhP9qtxUxN+QUP3W/qVtYchrS8POJx1vjJy8
g34VdImMkE9Q78M3mMODL7hCo0QMXhhMXAm3kp7EGTBSV5syc74KOPVed9B47/n+
ZS3PspcAm6UefQTRSdkdUhqbR+BWC+vKD7F72EXRqZjqG7X95duiL+yYI9jgTofb
cSxf8mzhYr7zha6PIz7KXyWS2wIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFEcjDMgg
KDsOOMlU36HxEd8WQEGkMB8GA1UdIwQYMBaAFDOnrq+lUm3NxWzwh2u9QRM+PSR5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QjlDQi82RjZFREM2MDFE
OEUxMUUyODg1Q0RGRUMwOEIwMkNEMi9NNmV1cjZWU2JjM0ZiUENIYTcxQkV6NDlK
SGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL002ZXVyNlZTYmMzRmJQQ0hhNzFCRXo0OUpIay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0I5Q0IvNkY2RURDNjAxRDhFMTFFMjg4NUNERkVDMDhCMDJDRDIvMDU0REM2ODBD
RTc0MTFFQUEzQTM5QTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXgYIKwYBBQUHAQcBAf8E
TzBNMCgEAgABMCIDBAPLacAwDAMEAMtpzwMEAstp2DAMAwQAy2ndAwQFy2nAMCEE
AgACMBsDBwAkAjeAAAADBwAkAjeAAAIDBwAkAjeAEAAwDQYJKoZIhvcNAQELBQAD
ggEBACpBF/YjyaXxZmZZzF3AmARe2y41ZwrwJBbkQObx53UmpCjwVlJIssco9cay
N7kHwlVDEksKlkRjXy73SwUsVzuTHq1Cs08UG5D7qpbr/SaIgHQAbkeYFQnlufYM
l6F1uMei+Rg3XQjkdouqQnj8MunlsJo/sRwr6GD4yg64sbtQdoiTuSdDJgSOpqbn
PGVtB2zn6VOePPKRXEVldJefbaAJHqRrumJ7tWjo610EsctTCKOqfIOKNnHXrsgJ
QROkkSt3jMs4aNxn25abhr0XIl3b+HbnrAEJW4t9PA8e9Rw1+LGnYEs5AopIyxeS
xdr9dTQUXIRD60qgyD5y6OIDpz8=
-----END CERTIFICATE-----
Generated at Fri May 10 17:10:26 2024 by rpki-client on console-fra.rpki-client.org