Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/7909FCC06DF211EA806B671BC4F9AE02.roa
File: 7909FCC06DF211EA806B671BC4F9AE02.roa (raw, json)
Hash identifier: zrlY8+FTZczv83jIHrrawnKO6zqB88JtMOXAuaKvWK8=
Subject key identifier: BE:A8:BA:41:94:96:1B:E8:FF:8E:B4:6A:8F:59:4C:CA:17:AA:D3:AF
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 3411
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/7909FCC06DF211EA806B671BC4F9AE02.roa
Signing time: Tue 30 Jul 2024 16:02:36 +0000
ROA not before: Tue 30 Jul 2024 16:02:36 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 23951
IP address blocks: 103.101.136.0/24 maxlen: 24
103.101.137.0/24 maxlen: 24
103.101.138.0/24 maxlen: 24
103.101.139.0/24 maxlen: 24
117.20.48.0/24 maxlen: 24
117.20.49.0/24 maxlen: 24
117.20.50.0/24 maxlen: 24
117.20.51.0/24 maxlen: 24
117.20.52.0/24 maxlen: 24
117.20.53.0/24 maxlen: 24
117.20.54.0/24 maxlen: 24
117.20.55.0/24 maxlen: 24
117.20.56.0/24 maxlen: 24
117.20.57.0/24 maxlen: 24
117.20.58.0/24 maxlen: 24
117.20.59.0/24 maxlen: 24
117.20.60.0/24 maxlen: 24
117.20.61.0/24 maxlen: 24
117.20.62.0/24 maxlen: 24
117.20.63.0/24 maxlen: 24
202.152.129.0/24 maxlen: 24
202.152.130.0/24 maxlen: 24
202.152.131.0/24 maxlen: 24
202.152.132.0/24 maxlen: 24
202.152.133.0/24 maxlen: 24
202.152.134.0/24 maxlen: 24
202.152.135.0/24 maxlen: 24
202.152.136.0/24 maxlen: 24
202.152.137.0/24 maxlen: 24
202.152.138.0/24 maxlen: 24
202.152.139.0/24 maxlen: 24
202.152.140.0/24 maxlen: 24
202.152.141.0/24 maxlen: 24
202.152.142.0/24 maxlen: 24
202.152.143.0/24 maxlen: 24
202.152.144.0/24 maxlen: 24
202.152.145.0/24 maxlen: 24
202.152.146.0/24 maxlen: 24
202.152.147.0/24 maxlen: 24
202.152.148.0/24 maxlen: 24
202.152.149.0/24 maxlen: 24
202.152.150.0/24 maxlen: 24
202.152.151.0/24 maxlen: 24
202.152.152.0/24 maxlen: 24
202.152.153.0/24 maxlen: 24
202.152.154.0/24 maxlen: 24
202.152.155.0/24 maxlen: 24
202.152.156.0/24 maxlen: 24
202.152.157.0/24 maxlen: 24
202.152.158.0/24 maxlen: 24
202.152.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 00:51:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13329 (0x3411)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Validity
Not Before: Jul 30 16:02:36 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66a90e9c-7fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d5:58:41:d9:34:e9:fc:dd:b5:d0:13:fb:d2:
4c:ce:d0:79:04:2e:41:2f:cb:dc:97:11:cf:8d:75:
b4:e1:fa:29:99:bd:9a:e5:79:2a:a2:3b:aa:45:15:
15:81:05:67:0f:87:a9:5a:5d:26:0d:b3:89:f1:c1:
ed:65:54:23:f6:4f:92:e4:dd:f1:ce:f9:07:1c:27:
ca:af:8a:3f:37:92:5b:b1:6c:70:80:11:c0:9d:33:
0b:b3:72:00:be:69:65:02:08:0b:a1:84:76:6d:b0:
b5:ff:5a:ef:9c:5b:c7:3c:af:54:c8:e0:e0:97:e7:
55:ea:25:3e:64:95:9c:c3:42:43:4d:45:cc:6d:be:
0f:15:10:6f:99:15:31:24:8b:49:fb:00:d0:60:d6:
9a:01:10:b3:38:71:27:b5:79:4d:a8:5f:59:e3:21:
c2:99:de:df:2f:ce:65:e5:92:28:bb:d9:8d:b9:a7:
b5:28:7a:17:75:44:99:75:ff:e9:ff:27:bd:4f:9d:
ed:1b:c9:3b:44:c3:95:7d:7f:df:ff:d3:a1:79:59:
ea:cb:bc:5a:ad:76:d1:16:95:58:c2:c6:a9:26:4c:
bc:ee:81:60:e4:29:26:d2:13:a2:89:1a:38:32:cc:
44:3c:fe:2c:a6:1e:bb:25:4d:e2:10:70:d7:96:b1:
9c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:A8:BA:41:94:96:1B:E8:FF:8E:B4:6A:8F:59:4C:CA:17:AA:D3:AF
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/7909FCC06DF211EA806B671BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.101.136.0/22
117.20.48.0/20
202.152.129.0-202.152.159.255
Signature Algorithm: sha256WithRSAEncryption
94:0f:1f:b3:4a:0e:7f:ef:0c:4f:94:c2:84:a8:db:33:20:62:
4d:85:da:b9:4d:ed:60:b0:eb:24:ee:eb:75:9a:17:c5:9e:03:
a0:15:26:70:99:19:6c:09:d8:96:52:a7:0e:3c:f2:7a:7f:b5:
a9:c1:67:2e:a8:bf:fb:55:83:55:89:0d:e7:0a:38:37:e7:4b:
c1:81:3f:df:63:8d:ca:d7:55:0f:c7:a9:53:15:ec:fd:02:6f:
bd:a1:16:ca:b0:f9:df:9a:47:e6:a6:3c:8c:2a:02:3d:7c:ae:
e8:8c:63:65:b6:fe:bf:b6:8c:21:e9:27:98:62:1e:a1:be:95:
9c:04:b6:af:1b:59:14:d1:02:fc:af:b7:54:e1:94:98:20:1b:
6d:11:eb:bc:3b:0d:61:3c:f2:b5:d4:ec:a5:58:a0:dc:f6:2c:
c1:85:96:7d:29:71:75:27:88:70:c8:4e:7b:86:43:ec:04:7f:
5a:e5:cb:8b:e5:93:5d:83:a9:49:1e:36:a6:1d:27:2f:b5:39:
51:08:6c:04:23:ba:9e:91:c7:fc:88:11:da:b0:c7:b3:bf:7e:
20:62:72:8e:a9:3d:7d:aa:04:ea:37:32:aa:bd:52:6d:cc:36:
3e:4f:55:a3:72:09:fb:a1:59:84:9f:d4:c5:82:c5:f0:0f:6b:
5c:94:69:c8
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICNBEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjQwNzMwMTYwMjM2WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE5MGU5Yy03ZmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqtVYQdk06fzdtdAT+9JMztB5BC5BL8vclxHPjXW04fopmb2a5XkqojuqRRUV
gQVnD4epWl0mDbOJ8cHtZVQj9k+S5N3xzvkHHCfKr4o/N5JbsWxwgBHAnTMLs3IA
vmllAggLoYR2bbC1/1rvnFvHPK9UyODgl+dV6iU+ZJWcw0JDTUXMbb4PFRBvmRUx
JItJ+wDQYNaaARCzOHEntXlNqF9Z4yHCmd7fL85l5ZIou9mNuae1KHoXdUSZdf/p
/ye9T53tG8k7RMOVfX/f/9OheVnqy7xarXbRFpVYwsapJky87oFg5Ckm0hOiiRo4
MsxEPP4sph67JU3iEHDXlrGc1wIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFL6oukGU
lhvo/460ao9ZTMoXqtOvMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvNzkwOUZDQzA2
REYyMTFFQTgwNkI2NzFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAJnZYgDBAR1FDAwDAMEAMqYgQMEBcqYgDANBgkqhkiG9w0B
AQsFAAOCAQEAlA8fs0oOf+8MT5TChKjbMyBiTYXauU3tYLDrJO7rdZoXxZ4DoBUm
cJkZbAnYllKnDjzyen+1qcFnLqi/+1WDVYkN5wo4N+dLwYE/32ONytdVD8epUxXs
/QJvvaEWyrD535pH5qY8jCoCPXyu6IxjZbb+v7aMIeknmGIeob6VnAS2rxtZFNEC
/K+3VOGUmCAbbRHrvDsNYTzytdTspVig3PYswYWWfSlxdSeIcMhOe4ZD7AR/WuXL
i+WTXYOpSR42ph0nL7U5UQhsBCO6npHH/IgR2rDHs79+IGJyjqk9faoE6jcyqr1S
bcw2Pk9Vo3IJ+6FZhJ/UxYLF8A9rXJRpyA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:35 2024 by rpki-client on console-ams.rpki-client.org