Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9185344/515CABE01DA111E2B2CD6D9308B02CD2/7D2A30D22CD111ECBE97C117C4F9AE02.roa
File: 7D2A30D22CD111ECBE97C117C4F9AE02.roa (raw, json)
Hash identifier: SwJ2X1A9A5qXtXFAHQ6Zd6q3zF72hT+xMRuLRWt1XKE=
Subject key identifier: ED:5F:E3:00:4B:C0:7F:75:A2:B0:0B:72:A6:A3:43:51:C3:07:D5:73
Certificate issuer: /CN=A9185344/serialNumber=89FD27C5067B4CF412296FEBA6CE6D831185800B
Certificate serial: 3375
Authority key identifier: 89:FD:27:C5:06:7B:4C:F4:12:29:6F:EB:A6:CE:6D:83:11:85:80:0B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/if0nxQZ7TPQSKW_rps5tgxGFgAs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9185344/515CABE01DA111E2B2CD6D9308B02CD2/7D2A30D22CD111ECBE97C117C4F9AE02.roa
Signing time: Tue 31 Oct 2023 15:20:57 +0000
ROA not before: Tue 31 Oct 2023 15:20:57 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 131284
IP address blocks: 103.13.64.0/24 maxlen: 24
103.13.65.0/24 maxlen: 24
103.13.66.0/24 maxlen: 24
103.13.67.0/24 maxlen: 24
137.59.120.0/24 maxlen: 24
137.59.121.0/24 maxlen: 24
137.59.122.0/24 maxlen: 24
137.59.123.0/24 maxlen: 24
180.222.136.0/21 maxlen: 21
180.222.136.0/24 maxlen: 24
180.222.137.0/24 maxlen: 24
180.222.138.0/24 maxlen: 24
180.222.139.0/24 maxlen: 24
180.222.140.0/24 maxlen: 24
180.222.141.0/24 maxlen: 24
180.222.142.0/24 maxlen: 24
180.222.143.0/24 maxlen: 24
203.171.96.0/22 maxlen: 23
203.171.96.0/24 maxlen: 24
203.171.97.0/24 maxlen: 24
203.171.98.0/24 maxlen: 24
203.171.99.0/24 maxlen: 24
203.171.100.0/24 maxlen: 24
203.171.101.0/24 maxlen: 24
203.171.102.0/23 maxlen: 24
203.171.104.0/22 maxlen: 24
203.171.108.0/22 maxlen: 24
203.171.112.0/22 maxlen: 24
203.171.116.0/22 maxlen: 24
203.171.120.0/22 maxlen: 24
203.171.124.0/24 maxlen: 24
203.171.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9185344/515CABE01DA111E2B2CD6D9308B02CD2/if0nxQZ7TPQSKW_rps5tgxGFgAs.crl
rsync://rpki.apnic.net/member_repository/A9185344/515CABE01DA111E2B2CD6D9308B02CD2/if0nxQZ7TPQSKW_rps5tgxGFgAs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/if0nxQZ7TPQSKW_rps5tgxGFgAs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13173 (0x3375)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9185344/serialNumber=89FD27C5067B4CF412296FEBA6CE6D831185800B
Validity
Not Before: Oct 31 15:20:57 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65411b58-dc88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:42:57:21:f7:7f:96:fb:e1:95:0c:7c:e2:2c:
7a:dc:a5:6b:0c:2a:fb:81:30:90:ab:59:6c:47:b7:
5c:19:22:46:9f:c9:49:81:44:a9:3b:62:95:58:21:
9e:55:a3:75:9c:25:85:b3:19:51:bc:1c:d6:74:f5:
9b:06:a1:de:e9:40:5e:a4:6a:6e:67:40:08:73:b2:
3e:ca:28:68:bf:1b:cc:14:85:62:41:89:ed:63:9b:
c0:1a:e5:38:c8:f7:58:2e:f8:21:cc:1d:82:74:bb:
ac:60:8a:3e:5d:26:8d:3d:9e:67:9f:65:3f:5d:a3:
4b:fa:f7:47:36:d9:eb:71:80:d3:4c:c3:23:f0:8c:
57:af:3a:0a:16:cd:8c:bd:46:e0:63:56:6c:3e:2f:
1c:a1:d8:57:23:ab:29:b5:2c:d1:60:df:ad:29:bd:
6b:c9:72:94:fb:76:16:b9:42:5d:cb:aa:a0:52:a3:
c2:d0:06:b9:32:73:01:e3:ca:70:8e:9e:8b:19:49:
63:50:03:83:88:a7:ea:9e:a8:91:fe:f7:af:ab:30:
c8:1a:1b:f9:4a:a1:f8:87:6c:ba:be:9f:5c:f2:82:
78:b5:0d:0a:f3:6d:2d:4a:32:c6:d4:3d:63:9e:8d:
a9:72:94:7f:ce:21:45:0d:7d:ca:11:e1:3d:b5:f6:
34:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:5F:E3:00:4B:C0:7F:75:A2:B0:0B:72:A6:A3:43:51:C3:07:D5:73
X509v3 Authority Key Identifier:
keyid:89:FD:27:C5:06:7B:4C:F4:12:29:6F:EB:A6:CE:6D:83:11:85:80:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9185344/515CABE01DA111E2B2CD6D9308B02CD2/if0nxQZ7TPQSKW_rps5tgxGFgAs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/if0nxQZ7TPQSKW_rps5tgxGFgAs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185344/515CABE01DA111E2B2CD6D9308B02CD2/7D2A30D22CD111ECBE97C117C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.13.64.0/22
137.59.120.0/22
180.222.136.0/21
203.171.96.0-203.171.125.255
Signature Algorithm: sha256WithRSAEncryption
13:c1:e7:e6:cd:a6:fd:16:6a:cd:b0:45:83:4a:ed:e5:de:08:
09:ce:e0:c7:ce:e5:4a:8e:44:ce:d4:f1:96:4b:8b:16:61:91:
0c:36:6b:46:a0:48:ae:c5:ea:88:63:ad:24:cf:2a:f1:3c:b2:
a0:ad:8d:e5:77:fd:88:8b:56:9c:ad:52:7b:cc:58:4e:1e:71:
1b:18:cb:7a:f5:bd:ce:21:f5:05:21:ab:66:19:c0:d9:45:72:
7d:be:5c:f7:52:9c:d9:cb:5b:2c:f8:82:86:4c:79:c0:00:dc:
ca:ca:da:b1:94:c0:d4:c6:88:c8:8c:e1:02:d1:bf:54:b6:34:
a9:2c:e0:64:46:c5:3e:2d:8e:99:cd:1d:b9:4d:82:fc:2a:94:
bb:1d:83:bc:0d:44:5a:a0:cc:9a:37:4d:58:e0:38:b7:48:3b:
5d:f8:ed:c5:a7:1c:7c:82:71:a4:96:62:38:10:b0:78:01:e3:
46:0f:fd:ba:0b:1c:2b:1d:91:6c:10:e7:c0:df:c0:71:b3:ef:
f4:81:8f:85:bc:6e:72:bd:6e:ff:2c:77:aa:1c:fe:f7:26:b3:
cf:d6:d5:c6:ae:35:cb:61:3e:be:d2:86:b6:26:e4:8e:63:a3:
c9:d1:c5:b8:13:57:70:f4:3d:0b:8e:32:31:7d:7b:9c:cb:3e:
26:19:d3:f3
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICM3UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODUzNDQxMTAvBgNVBAUTKDg5RkQyN0M1MDY3QjRDRjQxMjI5NkZFQkE2Q0U2RDgz
MTE4NTgwMEIwHhcNMjMxMDMxMTUyMDU3WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQxMWI1OC1kYzg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxEJXIfd/lvvhlQx84ix63KVrDCr7gTCQq1lsR7dcGSJGn8lJgUSpO2KVWCGe
VaN1nCWFsxlRvBzWdPWbBqHe6UBepGpuZ0AIc7I+yihovxvMFIViQYntY5vAGuU4
yPdYLvghzB2CdLusYIo+XSaNPZ5nn2U/XaNL+vdHNtnrcYDTTMMj8IxXrzoKFs2M
vUbgY1ZsPi8codhXI6sptSzRYN+tKb1ryXKU+3YWuUJdy6qgUqPC0Aa5MnMB48pw
jp6LGUljUAODiKfqnqiR/vevqzDIGhv5SqH4h2y6vp9c8oJ4tQ0K820tSjLG1D1j
no2pcpR/ziFFDX3KEeE9tfY0fwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFO1f4wBL
wH91orALcqajQ1HDB9VzMB8GA1UdIwQYMBaAFIn9J8UGe0z0Eilv66bObYMRhYAL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTM0NC81MTVDQUJFMDFE
QTExMUUyQjJDRDZEOTMwOEIwMkNEMi9pZjBueFFaN1RQUVNLV19ycHM1dGd4R0Zn
QXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lmMG54UVo3VFBRU0tXX3JwczV0Z3hHRmdBcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODUzNDQvNTE1Q0FCRTAxREExMTFFMkIyQ0Q2RDkzMDhCMDJDRDIvN0QyQTMwRDIy
Q0QxMTFFQ0JFOTdDMTE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAJnDUADBAKJO3gDBAO03ogwDAMEBcurYAMEAcurfDANBgkq
hkiG9w0BAQsFAAOCAQEAE8Hn5s2m/RZqzbBFg0rt5d4ICc7gx87lSo5EztTxlkuL
FmGRDDZrRqBIrsXqiGOtJM8q8TyyoK2N5Xf9iItWnK1Se8xYTh5xGxjLevW9ziH1
BSGrZhnA2UVyfb5c91Kc2ctbLPiChkx5wADcysrasZTA1MaIyIzhAtG/VLY0qSzg
ZEbFPi2Omc0duU2C/CqUux2DvA1EWqDMmjdNWOA4t0g7XfjtxaccfIJxpJZiOBCw
eAHjRg/9ugscKx2RbBDnwN/AcbPv9IGPhbxucr1u/yx3qhz+9yazz9bVxq41y2E+
vtKGtibkjmOjydHFuBNXcPQ9C44yMX17nMs+JhnT8w==
-----END CERTIFICATE-----
Generated at Sat May 18 15:58:22 2024 by rpki-client on console-ams.rpki-client.org