Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/9B9D6CA0AD4E11EE883EA646C4F9AE02.roa
File: 9B9D6CA0AD4E11EE883EA646C4F9AE02.roa (raw, json)
Hash identifier: VYrDaDeLIroB7f2ig8mD9OcuJhlDLEKA/fOuLVB60Kg=
Subject key identifier: 30:96:A2:92:84:3D:54:36:66:CF:47:3A:D5:76:D0:A4:33:07:16:7D
Certificate issuer: /CN=A918F1C9/serialNumber=398911300104D7C58B326E5664B3D79A2D4646E0
Certificate serial: 0997
Authority key identifier: 39:89:11:30:01:04:D7:C5:8B:32:6E:56:64:B3:D7:9A:2D:46:46:E0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OYkRMAEE18WLMm5WZLPXmi1GRuA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/9B9D6CA0AD4E11EE883EA646C4F9AE02.roa
Signing time: Thu 31 Oct 2024 20:39:07 +0000
ROA not before: Thu 31 Oct 2024 20:39:07 +0000
ROA not after: Sat 01 Mar 2025 00:00:00 +0000
asID: 138167
IP address blocks: 103.121.224.0/24 maxlen: 24
103.121.225.0/24 maxlen: 24
103.121.226.0/24 maxlen: 24
103.121.227.0/24 maxlen: 24
2403:72c0:a100::/40 maxlen: 40
2403:72c0:a200::/40 maxlen: 40
2403:72c0:a300::/40 maxlen: 40
2403:72c0:a400::/40 maxlen: 40
2403:72c0:a500::/40 maxlen: 40
2403:72c0:a600::/40 maxlen: 40
2403:72c0:a700::/40 maxlen: 40
2403:72c0:a800::/40 maxlen: 40
2403:72c0:a900::/40 maxlen: 40
2403:72c0:aa00::/40 maxlen: 40
2403:72c0:ab00::/40 maxlen: 40
2403:72c0:ac00::/40 maxlen: 40
2403:72c0:ad00::/40 maxlen: 40
2403:72c0:ae00::/40 maxlen: 40
2403:72c0:af00::/40 maxlen: 40
2403:72c0:b100::/40 maxlen: 40
2403:72c0:b200::/40 maxlen: 40
2403:72c0:b300::/40 maxlen: 40
2403:72c0:b400::/40 maxlen: 40
2403:72c0:b500::/40 maxlen: 40
2403:72c0:b600::/40 maxlen: 40
2403:72c0:b700::/40 maxlen: 40
2403:72c0:b800::/40 maxlen: 40
2403:72c0:b900::/40 maxlen: 40
2403:72c0:ba00::/40 maxlen: 40
2403:72c0:bb00::/40 maxlen: 40
2403:72c0:bc00::/40 maxlen: 40
2403:72c0:bd00::/40 maxlen: 40
2403:72c0:be00::/40 maxlen: 40
2403:72c0:bf00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/OYkRMAEE18WLMm5WZLPXmi1GRuA.crl
rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/OYkRMAEE18WLMm5WZLPXmi1GRuA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OYkRMAEE18WLMm5WZLPXmi1GRuA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 19:53:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2455 (0x997)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918F1C9/serialNumber=398911300104D7C58B326E5664B3D79A2D4646E0
Validity
Not Before: Oct 31 20:39:07 2024 GMT
Not After : Mar 1 00:00:00 2025 GMT
Subject: CN=6723eaea-d4e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0b:d7:d5:2c:60:07:ff:67:29:0f:d2:73:62:
f5:a1:2f:25:3d:ad:6f:bf:7a:4d:1a:a6:45:a9:6d:
6c:13:22:ce:f7:bd:de:57:6e:23:5d:67:bc:16:3a:
af:bb:8c:d3:84:5f:4d:d0:34:18:1f:e7:9f:c2:a5:
dc:b5:3d:f0:cf:50:3f:f6:70:2f:bf:ff:41:7c:04:
d3:57:0a:2f:d4:64:88:ff:fa:03:dd:af:b9:ff:81:
e8:fe:f0:1d:be:01:7a:17:d8:99:5e:2a:38:4e:2f:
e9:11:34:77:0e:4f:3f:45:af:df:7f:1c:5d:8d:63:
b2:48:a5:8c:fc:58:a4:03:69:2c:5b:48:bb:18:2f:
c0:d4:6b:97:6d:2f:fc:01:ec:cf:0a:e7:c8:ae:fa:
37:1e:5c:f9:ea:42:1a:c3:96:ad:bf:db:ba:dd:46:
25:57:3c:d3:4c:41:5d:38:d5:92:67:83:eb:06:18:
7e:ce:2c:6c:5a:88:8a:eb:8f:b1:d1:71:61:7d:8f:
b2:fb:2b:96:a6:f8:d7:5b:d4:85:98:89:62:54:63:
48:19:26:ac:6d:06:9d:dd:1a:c8:03:dc:87:e0:f2:
c3:90:88:f3:cd:f1:76:28:d2:96:3c:61:73:41:cc:
f6:40:15:a7:fe:6f:9c:b1:b8:db:70:2c:61:0f:43:
45:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:96:A2:92:84:3D:54:36:66:CF:47:3A:D5:76:D0:A4:33:07:16:7D
X509v3 Authority Key Identifier:
keyid:39:89:11:30:01:04:D7:C5:8B:32:6E:56:64:B3:D7:9A:2D:46:46:E0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/OYkRMAEE18WLMm5WZLPXmi1GRuA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OYkRMAEE18WLMm5WZLPXmi1GRuA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F1C9/6A57AB8C7F9511EAB0ED8537C4F9AE02/9B9D6CA0AD4E11EE883EA646C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.224.0/22
IPv6:
2403:72c0:a100::-2403:72c0:afff:ffff:ffff:ffff:ffff:ffff
2403:72c0:b100::-2403:72c0:bfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
88:9e:ef:b3:87:f2:9c:c1:81:15:5d:56:9a:e1:d3:07:33:1f:
1a:0a:55:fd:e5:27:91:4e:ed:af:5e:62:05:15:32:74:1d:0f:
af:1e:7d:3e:46:38:5c:84:22:ad:78:8e:eb:77:4e:49:b2:29:
67:8f:b3:d0:a1:5e:a9:04:ae:5b:89:fe:03:be:ef:11:9b:09:
ec:e2:43:df:b7:a5:a1:b7:25:66:80:55:8a:1e:a0:b9:32:f7:
9f:54:27:5e:11:d9:b2:0c:06:d7:6a:bb:a1:64:ff:bb:a0:3c:
21:d4:a4:77:96:e4:10:c1:36:6a:af:41:33:0c:df:b9:e3:b1:
94:6d:71:e2:3f:ed:10:b8:fd:25:f9:c2:18:30:5a:60:cd:88:
7e:bb:d3:26:c2:f9:62:56:50:99:53:79:7a:a5:f3:42:38:c8:
8c:4f:06:e9:4c:8c:b9:74:34:45:e2:7d:32:3f:a2:77:88:c6:
7b:46:2b:84:29:fa:35:42:63:03:4c:83:7d:7a:db:09:17:9d:
84:e7:9c:97:ee:4a:54:85:09:62:f1:d5:69:ee:9e:9c:87:fb:
25:66:43:51:7d:71:1b:bc:a7:bc:e9:93:cc:e0:db:26:49:a9:
57:52:64:75:7c:97:13:01:6f:bc:e5:02:81:ea:65:be:d9:44:
92:bd:ce:f5
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgICCZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEYxQzkxMTAvBgNVBAUTKDM5ODkxMTMwMDEwNEQ3QzU4QjMyNkU1NjY0QjNENzlB
MkQ0NjQ2RTAwHhcNMjQxMDMxMjAzOTA3WhcNMjUwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIzZWFlYS1kNGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3QvX1SxgB/9nKQ/Sc2L1oS8lPa1vv3pNGqZFqW1sEyLO973eV24jXWe8Fjqv
u4zThF9N0DQYH+efwqXctT3wz1A/9nAvv/9BfATTVwov1GSI//oD3a+5/4Ho/vAd
vgF6F9iZXio4Ti/pETR3Dk8/Ra/ffxxdjWOySKWM/FikA2ksW0i7GC/A1GuXbS/8
AezPCufIrvo3Hlz56kIaw5atv9u63UYlVzzTTEFdONWSZ4PrBhh+zixsWoiK64+x
0XFhfY+y+yuWpvjXW9SFmIliVGNIGSasbQad3RrIA9yH4PLDkIjzzfF2KNKWPGFz
Qcz2QBWn/m+csbjbcCxhD0NFIQIDAQABo4ICwTCCAr0wHQYDVR0OBBYEFDCWopKE
PVQ2Zs9HOtV20KQzBxZ9MB8GA1UdIwQYMBaAFDmJETABBNfFizJuVmSz15otRkbg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjFDOS82QTU3QUI4QzdG
OTUxMUVBQjBFRDg1MzdDNEY5QUUwMi9PWWtSTUFFRTE4V0xNbTVXWkxQWG1pMUdS
dUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09Za1JNQUVFMThXTE1tNVdaTFBYbWkxR1J1QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEYxQzkvNkE1N0FCOEM3Rjk1MTFFQUIwRUQ4NTM3QzRGOUFFMDIvOUI5RDZDQTBB
RDRFMTFFRTg4M0VBNjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSwYIKwYBBQUHAQcBAf8E
PDA6MAwEAgABMAYDBAJneeAwKgQCAAIwJDAQAwYAJANywKEDBgQkA3LAoDAQAwYA
JANywLEDBgYkA3LAgDANBgkqhkiG9w0BAQsFAAOCAQEAiJ7vs4fynMGBFV1WmuHT
BzMfGgpV/eUnkU7tr15iBRUydB0Prx59PkY4XIQirXiO63dOSbIpZ4+z0KFeqQSu
W4n+A77vEZsJ7OJD37elobclZoBVih6guTL3n1QnXhHZsgwG12q7oWT/u6A8IdSk
d5bkEME2aq9BMwzfueOxlG1x4j/tELj9JfnCGDBaYM2IfrvTJsL5YlZQmVN5eqXz
QjjIjE8G6UyMuXQ0ReJ9Mj+id4jGe0YrhCn6NUJjA0yDfXrbCRedhOecl+5KVIUJ
YvHVae6enIf7JWZDUX1xG7ynvOmTzODbJkmpV1JkdXyXEwFvvOUCgeplvtlEkr3O
9Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:35 2024 by rpki-client on console-ams.rpki-client.org