Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918232F/3345C4C6664C11E8B71AFE46C4F9AE02/530FB34C664D11E89967A549C4F9AE02.roa
File: 530FB34C664D11E89967A549C4F9AE02.roa (raw, json)
Hash identifier: c2VkZk/hkd5VMNsXVjPwdPvb5rT2P+YAQ+KRDvYsv9k=
Subject key identifier: 9D:71:A7:C3:EF:60:B0:A0:A5:65:19:05:0B:26:18:F0:9A:85:4D:9D
Certificate issuer: /CN=A918232F/serialNumber=A727F59B24B114A251FDF77F53BFA0EC691E25A5
Certificate serial: 13B8
Authority key identifier: A7:27:F5:9B:24:B1:14:A2:51:FD:F7:7F:53:BF:A0:EC:69:1E:25:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pyf1mySxFKJR_fd_U7-g7GkeJaU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918232F/3345C4C6664C11E8B71AFE46C4F9AE02/530FB34C664D11E89967A549C4F9AE02.roa
Signing time: Mon 08 Apr 2024 17:55:19 +0000
ROA not before: Mon 08 Apr 2024 17:55:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135139
IP address blocks: 103.114.208.0/22 maxlen: 22
103.114.208.0/23 maxlen: 23
103.114.208.0/24 maxlen: 24
103.114.209.0/24 maxlen: 24
103.114.210.0/23 maxlen: 23
103.114.210.0/24 maxlen: 24
103.114.211.0/24 maxlen: 24
2402:d540::/32 maxlen: 32
2402:d540:1::/48 maxlen: 48
2402:d540:2::/48 maxlen: 48
2402:d540:3::/48 maxlen: 48
2402:d540:4::/48 maxlen: 48
2402:d540:5::/48 maxlen: 48
2402:d540:6::/48 maxlen: 48
2402:d540:7::/48 maxlen: 48
2402:d540:8::/48 maxlen: 48
2402:d540:9::/48 maxlen: 48
2402:d540:a::/48 maxlen: 48
2402:d540:b::/48 maxlen: 48
2402:d540:c::/48 maxlen: 48
2402:d540:d::/48 maxlen: 48
2402:d540:e::/48 maxlen: 48
2402:d540:f::/48 maxlen: 48
2402:d540:10::/48 maxlen: 48
2402:d540:11::/48 maxlen: 48
2402:d540:12::/48 maxlen: 48
2402:d540:13::/48 maxlen: 48
2402:d540:14::/48 maxlen: 48
2402:d540:15::/48 maxlen: 48
2402:d540:16::/48 maxlen: 48
2402:d540:17::/48 maxlen: 48
2402:d540:18::/48 maxlen: 48
2402:d540:19::/48 maxlen: 48
2402:d540:1a::/48 maxlen: 48
2402:d540:1b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918232F/3345C4C6664C11E8B71AFE46C4F9AE02/pyf1mySxFKJR_fd_U7-g7GkeJaU.crl
rsync://rpki.apnic.net/member_repository/A918232F/3345C4C6664C11E8B71AFE46C4F9AE02/pyf1mySxFKJR_fd_U7-g7GkeJaU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pyf1mySxFKJR_fd_U7-g7GkeJaU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5048 (0x13b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918232F/serialNumber=A727F59B24B114A251FDF77F53BFA0EC691E25A5
Validity
Not Before: Apr 8 17:55:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66142f87-36b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:69:b8:be:19:c3:24:c0:bc:73:91:3c:73:e8:
71:41:36:6d:21:06:23:d8:5d:e8:ac:ed:98:82:51:
9d:5b:6c:bf:dc:2e:e3:b1:e3:91:ab:e0:0f:51:24:
90:6f:4b:df:c5:e6:7a:d1:a6:cd:88:c8:a6:f3:a4:
e3:09:51:e8:32:05:37:2f:c7:d8:9c:09:9d:8b:e7:
64:c7:ca:31:11:b7:48:24:48:01:8a:a0:71:21:12:
c2:70:90:34:dc:5c:31:e5:f6:d1:dd:57:70:de:56:
97:4d:98:64:81:e8:36:01:5d:a9:ba:61:c0:c4:fe:
f2:30:10:89:79:f6:28:bc:8d:0b:38:79:9f:f4:f4:
83:32:30:a9:b7:50:4a:0b:ec:30:ff:93:51:9b:17:
4f:d0:a6:0d:c7:b7:a4:9e:8b:93:df:85:0a:04:10:
84:52:3d:9a:fa:9e:aa:8f:af:58:cd:d0:cd:a4:5e:
32:5b:02:ab:e4:30:86:8e:2e:a8:cc:63:a3:fc:d1:
c8:0e:a2:b0:ab:02:7e:05:43:07:58:fb:10:4c:f1:
11:2f:2d:c5:bd:78:5c:c4:77:55:82:f4:04:f9:78:
ad:55:4a:5d:50:6a:e5:34:e2:7d:89:78:03:a6:71:
c8:c4:f9:7a:64:0f:bd:db:90:69:9d:63:57:ac:0a:
d6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:71:A7:C3:EF:60:B0:A0:A5:65:19:05:0B:26:18:F0:9A:85:4D:9D
X509v3 Authority Key Identifier:
keyid:A7:27:F5:9B:24:B1:14:A2:51:FD:F7:7F:53:BF:A0:EC:69:1E:25:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918232F/3345C4C6664C11E8B71AFE46C4F9AE02/pyf1mySxFKJR_fd_U7-g7GkeJaU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pyf1mySxFKJR_fd_U7-g7GkeJaU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918232F/3345C4C6664C11E8B71AFE46C4F9AE02/530FB34C664D11E89967A549C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.114.208.0/22
IPv6:
2402:d540::/32
Signature Algorithm: sha256WithRSAEncryption
9d:b5:b5:88:f8:5d:13:16:69:07:1a:05:9e:3d:d8:d0:d8:11:
62:e8:c0:6b:2a:f6:18:ed:dd:27:b6:8d:bc:20:72:ab:8c:d3:
77:f2:d1:56:5e:32:d4:c5:58:cc:c2:f6:1a:31:c3:f9:51:ca:
29:0f:da:9e:ef:a7:a0:c6:20:74:e0:3b:52:45:80:39:25:91:
2a:f2:7e:08:9b:29:60:c3:dc:16:89:c6:02:5b:12:33:b8:c8:
00:1a:11:e9:cd:f3:6a:ca:5d:60:e2:e0:e0:9c:2f:ae:27:79:
8b:33:37:55:ad:9e:eb:17:7d:51:45:f8:7f:3a:80:0c:88:28:
a1:c1:53:71:cb:70:f5:84:94:ff:d7:9c:b8:7c:e2:3e:fa:6f:
6b:72:0d:fe:12:a7:da:f7:95:57:2c:88:40:db:bc:cd:52:bf:
e5:d9:d3:a4:bc:78:40:15:f0:a4:f8:3a:18:dc:ee:c2:f1:57:
a6:08:1b:bb:0c:f6:f5:84:b6:29:05:63:53:a3:c9:a7:7f:60:
05:23:be:57:df:9f:e0:c2:a8:31:65:df:1b:9f:ac:82:fc:9c:
43:96:15:4c:35:04:23:22:33:53:0d:ee:a3:f9:f1:6c:98:ba:
e4:0e:61:a5:ab:75:57:93:fc:b4:c0:cf:45:e8:0d:66:4c:d6:
97:ee:a2:4a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICE7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODIzMkYxMTAvBgNVBAUTKEE3MjdGNTlCMjRCMTE0QTI1MUZERjc3RjUzQkZBMEVD
NjkxRTI1QTUwHhcNMjQwNDA4MTc1NTE5WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE0MmY4Ny0zNmI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxmm4vhnDJMC8c5E8c+hxQTZtIQYj2F3orO2YglGdW2y/3C7jseORq+APUSSQ
b0vfxeZ60abNiMim86TjCVHoMgU3L8fYnAmdi+dkx8oxEbdIJEgBiqBxIRLCcJA0
3Fwx5fbR3Vdw3laXTZhkgeg2AV2pumHAxP7yMBCJefYovI0LOHmf9PSDMjCpt1BK
C+ww/5NRmxdP0KYNx7eknouT34UKBBCEUj2a+p6qj69YzdDNpF4yWwKr5DCGji6o
zGOj/NHIDqKwqwJ+BUMHWPsQTPERLy3FvXhcxHdVgvQE+XitVUpdUGrlNOJ9iXgD
pnHIxPl6ZA+925BpnWNXrArWfQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJ1xp8Pv
YLCgpWUZBQsmGPCahU2dMB8GA1UdIwQYMBaAFKcn9ZsksRSiUf33f1O/oOxpHiWl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MjMyRi8zMzQ1QzRDNjY2
NEMxMUU4QjcxQUZFNDZDNEY5QUUwMi9weWYxbXlTeEZLSlJfZmRfVTctZzdHa2VK
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3B5ZjFteVN4RktKUl9mZF9VNy1nN0drZUphVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODIzMkYvMzM0NUM0QzY2NjRDMTFFOEI3MUFGRTQ2QzRGOUFFMDIvNTMwRkIzNEM2
NjREMTFFODk5NjdBNTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnctAwDQQCAAIwBwMFACQC1UAwDQYJKoZIhvcNAQELBQAD
ggEBAJ21tYj4XRMWaQcaBZ492NDYEWLowGsq9hjt3Se2jbwgcquM03fy0VZeMtTF
WMzC9hoxw/lRyikP2p7vp6DGIHTgO1JFgDklkSryfgibKWDD3BaJxgJbEjO4yAAa
EenN82rKXWDi4OCcL64neYszN1WtnusXfVFF+H86gAyIKKHBU3HLcPWElP/XnLh8
4j76b2tyDf4Sp9r3lVcsiEDbvM1Sv+XZ06S8eEAV8KT4Ohjc7sLxV6YIG7sM9vWE
tikFY1Ojyad/YAUjvlffn+DCqDFl3xufrIL8nEOWFUw1BCMiM1MN7qP58WyYuuQO
YaWrdVeT/LTAz0XoDWZM1pfuoko=
-----END CERTIFICATE-----
Generated at Sat May 18 18:12:32 2024 by rpki-client on console-fra.rpki-client.org