Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5D815D4096F811EDA42F4660C4F9AE02.roa
File: 5D815D4096F811EDA42F4660C4F9AE02.roa (raw, json)
Hash identifier: qMbkw/S3WVryGTsTlnjOgBrFj4dt7SmpDLHSvH9Q2T0=
Subject key identifier: EA:22:91:C6:9A:F4:0F:A8:A3:8F:AF:E4:54:07:13:1F:39:E8:09:19
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 746F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5D815D4096F811EDA42F4660C4F9AE02.roa
Signing time: Fri 23 Jun 2023 11:11:58 +0000
ROA not before: Fri 23 Jun 2023 11:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137097
IP address blocks: 103.105.176.0/24 maxlen: 24
103.105.177.0/24 maxlen: 24
103.105.178.0/24 maxlen: 24
103.105.179.0/24 maxlen: 24
2400:7b60::/32 maxlen: 32
2400:7b60::/48 maxlen: 48
2400:7b60:1::/48 maxlen: 48
2400:7b60:2::/48 maxlen: 48
2400:7b60:3::/48 maxlen: 48
2400:7b60:4::/48 maxlen: 48
2400:7b60:5::/48 maxlen: 48
2400:7b60:6::/48 maxlen: 48
2400:7b60:7::/48 maxlen: 48
2400:7b60:8::/48 maxlen: 48
2400:7b60:9::/48 maxlen: 48
2400:7b60:a::/48 maxlen: 48
2400:7b60:b::/48 maxlen: 48
2400:7b60:c::/48 maxlen: 48
2400:7b60:d::/48 maxlen: 48
2400:7b60:e::/48 maxlen: 48
2400:7b60:f::/48 maxlen: 48
2400:7b60:10::/48 maxlen: 48
2400:7b60:11::/48 maxlen: 48
2400:7b60:12::/48 maxlen: 48
2400:7b60:13::/48 maxlen: 48
2400:7b60:14::/48 maxlen: 48
2400:7b60:15::/48 maxlen: 48
2400:7b60:16::/48 maxlen: 48
2400:7b60:17::/48 maxlen: 48
2400:7b60:18::/48 maxlen: 48
2400:7b60:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29807 (0x746f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 23 11:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64957dfd-16d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:ab:f4:bb:cf:36:1e:80:35:36:ad:18:24:25:
34:4e:de:fd:8c:0e:ad:f0:d2:ab:02:99:80:70:ff:
75:6a:d2:61:a6:fa:dc:98:4a:7f:eb:19:88:92:0a:
b0:79:3d:51:89:03:c9:e8:6a:c5:36:ef:a4:5e:84:
d1:ce:4f:5a:1b:e5:80:96:bb:9d:78:4a:3b:4f:51:
1c:96:61:69:72:5c:47:1b:9b:b4:7c:55:fa:88:9e:
e9:b6:e6:fb:69:7a:0b:29:fa:f3:70:43:0b:77:ad:
8a:01:c3:05:ff:0f:2f:98:39:00:75:37:1f:6f:7c:
c2:02:bf:de:85:ec:fc:04:14:aa:0a:d7:a3:6f:88:
37:48:0d:0b:ee:5b:59:b0:6a:99:0c:bd:7f:4d:0e:
20:c9:b8:b4:fc:e4:60:89:ff:6e:5b:b7:a8:31:3c:
94:7d:58:83:8b:0d:62:2e:bc:a1:e0:1f:22:fc:39:
b4:87:54:f3:0e:47:b6:0d:19:86:e4:af:69:3a:98:
6f:c4:4e:f1:1e:65:ff:6f:f3:a7:2c:17:3f:4b:21:
d5:dc:3a:ee:de:3a:c3:1b:b2:2e:61:4a:36:34:77:
72:4e:84:0e:33:19:34:37:f0:f0:96:37:81:8c:30:
12:38:2f:99:95:23:ca:fd:a5:2a:dd:f4:a7:e3:0b:
51:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:22:91:C6:9A:F4:0F:A8:A3:8F:AF:E4:54:07:13:1F:39:E8:09:19
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5D815D4096F811EDA42F4660C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.105.176.0/22
IPv6:
2400:7b60::/32
Signature Algorithm: sha256WithRSAEncryption
ba:20:7f:5a:4d:00:9d:51:d9:0f:08:e5:bd:86:29:01:f1:f7:
ff:4b:3e:8a:7c:b1:a8:6c:74:7c:68:59:8f:25:7f:b1:26:e0:
d3:e8:ec:c7:e0:34:d4:15:6e:3c:fa:46:e4:bd:24:dd:c2:f1:
f3:1f:8c:b5:0d:03:48:81:d1:67:f4:61:c4:2f:5e:5e:b2:2a:
d4:34:a4:4c:f6:0e:42:87:71:6b:5a:1d:eb:33:38:34:62:d2:
a8:c7:b3:4f:e8:f2:4c:d8:c2:d8:37:ad:8c:5b:3d:6d:88:bb:
55:c9:c4:0f:f1:e1:68:d5:71:02:25:28:c1:9b:db:87:1f:51:
e9:1c:bd:16:96:5e:ed:8e:dc:38:f1:6f:de:7a:40:d9:4a:26:
81:a9:ce:a0:20:0c:af:6e:29:68:81:d6:f1:f0:8c:69:1f:52:
a0:48:c0:ae:24:eb:16:47:3e:8b:40:65:26:1c:c6:3b:e2:85:
f0:79:99:76:2f:dd:b3:55:33:34:e2:bd:43:2d:9c:e8:00:19:
96:ae:ed:dc:85:25:c7:bc:52:6d:1b:af:94:c0:94:ea:01:23:
ab:2f:2a:51:1d:8a:28:a6:e6:7d:de:49:c5:2a:1c:b5:e1:f4:
7a:79:65:39:6d:ab:af:88:f5:c7:8b:b8:f7:e2:c8:c4:e3:28:
d2:a5:42:30
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICdG8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNjIzMTExMTU4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDk1N2RmZC0xNmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA86v0u882HoA1Nq0YJCU0Tt79jA6t8NKrApmAcP91atJhpvrcmEp/6xmIkgqw
eT1RiQPJ6GrFNu+kXoTRzk9aG+WAlrudeEo7T1EclmFpclxHG5u0fFX6iJ7ptub7
aXoLKfrzcEMLd62KAcMF/w8vmDkAdTcfb3zCAr/ehez8BBSqCtejb4g3SA0L7ltZ
sGqZDL1/TQ4gybi0/ORgif9uW7eoMTyUfViDiw1iLryh4B8i/Dm0h1TzDke2DRmG
5K9pOphvxE7xHmX/b/OnLBc/SyHV3Dru3jrDG7IuYUo2NHdyToQOMxk0N/DwljeB
jDASOC+ZlSPK/aUq3fSn4wtRmQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFOoikcaa
9A+oo4+v5FQHEx856AkZMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNUQ4MTVENDA5
NkY4MTFFREE0MkY0NjYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnabAwDQQCAAIwBwMFACQAe2AwDQYJKoZIhvcNAQELBQAD
ggEBALogf1pNAJ1R2Q8I5b2GKQHx9/9LPop8sahsdHxoWY8lf7Em4NPo7MfgNNQV
bjz6RuS9JN3C8fMfjLUNA0iB0Wf0YcQvXl6yKtQ0pEz2DkKHcWtaHeszODRi0qjH
s0/o8kzYwtg3rYxbPW2Iu1XJxA/x4WjVcQIlKMGb24cfUekcvRaWXu2O3Djxb956
QNlKJoGpzqAgDK9uKWiB1vHwjGkfUqBIwK4k6xZHPotAZSYcxjvihfB5mXYv3bNV
MzTivUMtnOgAGZau7dyFJce8Um0br5TAlOoBI6svKlEdiiim5n3eScUqHLXh9Hp5
ZTltq6+I9ceLuPfiyMTjKNKlQjA=
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:19:34 2024 by rpki-client on console-ams.rpki-client.org