Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/1C85059C1EB911E88533FA4EC4F9AE02.roa
File: 1C85059C1EB911E88533FA4EC4F9AE02.roa (raw, json)
Hash identifier: OL39VuRaTO6++N4sfRM3PA54REESO/zOJiR+TFOYEMI=
Subject key identifier: 4B:AB:EC:C6:68:3C:2D:D3:DA:F2:3A:6E:71:A3:90:E4:ED:5C:15:8C
Certificate issuer: /CN=A91A1103/serialNumber=29DCF2697BA34A5D4C57F2ED96718D031BBC5630
Certificate serial: 14F4
Authority key identifier: 29:DC:F2:69:7B:A3:4A:5D:4C:57:F2:ED:96:71:8D:03:1B:BC:56:30
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdzyaXujSl1MV_LtlnGNAxu8VjA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/1C85059C1EB911E88533FA4EC4F9AE02.roa
Signing time: Wed 06 Dec 2023 17:24:46 +0000
ROA not before: Wed 06 Dec 2023 17:24:46 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 24514
IP address blocks: 103.17.78.0/24 maxlen: 24
103.26.47.0/24 maxlen: 24
103.26.74.0/24 maxlen: 24
103.26.75.0/24 maxlen: 24
122.129.120.0/24 maxlen: 24
122.129.121.0/24 maxlen: 24
122.129.122.0/24 maxlen: 24
122.129.123.0/24 maxlen: 24
122.129.124.0/24 maxlen: 24
122.129.125.0/24 maxlen: 24
122.129.126.0/24 maxlen: 24
122.129.127.0/24 maxlen: 24
150.129.184.0/24 maxlen: 24
150.129.185.0/24 maxlen: 24
150.129.186.0/24 maxlen: 24
203.80.16.0/24 maxlen: 24
203.80.17.0/24 maxlen: 24
203.80.18.0/24 maxlen: 24
203.80.19.0/24 maxlen: 24
203.80.20.0/24 maxlen: 24
203.80.21.0/24 maxlen: 24
203.80.22.0/24 maxlen: 24
203.80.23.0/24 maxlen: 24
2404:a8:5::/48 maxlen: 48
2404:a8:10::/48 maxlen: 48
2404:a8:19::/48 maxlen: 48
2404:a8:163::/48 maxlen: 48
2404:a8:3ff::/48 maxlen: 48
2404:a8:400b::/48 maxlen: 48
2404:a8:4094::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.crl
rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdzyaXujSl1MV_LtlnGNAxu8VjA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 17:27:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5364 (0x14f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1103/serialNumber=29DCF2697BA34A5D4C57F2ED96718D031BBC5630
Validity
Not Before: Dec 6 17:24:46 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6570ae5e-b194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8f:d0:67:71:3c:98:8a:d2:d6:a5:0a:49:47:
40:19:d4:9c:bf:eb:ed:79:39:ab:68:12:f0:db:df:
c5:6c:32:5f:14:4d:6a:68:5a:87:09:92:76:3e:64:
2b:e7:94:05:b6:00:b1:6b:79:07:29:1c:20:f6:5f:
c9:71:fa:42:50:37:cc:98:1c:51:d9:73:52:8b:3b:
cf:69:4c:6c:25:db:e7:8b:d4:12:15:c7:a6:5e:f1:
4b:a4:9f:cc:42:3d:02:88:16:95:ca:03:10:81:dc:
2a:73:02:ee:26:23:e3:8a:d3:19:79:c3:aa:b1:5c:
89:ea:2e:7f:68:a7:f7:9e:38:13:d4:c5:88:06:21:
a6:6b:d8:29:5b:8f:7d:64:ef:aa:c3:16:0e:79:59:
2d:17:1a:35:0a:13:67:a7:c7:91:ab:58:4c:18:c6:
8c:cd:18:b2:7a:56:4f:f2:63:3f:8b:ff:66:e0:77:
d4:63:e6:c0:a9:ec:9f:43:9f:c4:cc:cc:c2:f1:1c:
a5:54:f1:3d:2d:61:b9:73:d9:13:96:2d:d8:53:c4:
1d:a6:3e:7a:ca:fb:e5:e4:a3:e8:a8:e7:7c:75:4b:
ed:0e:17:b6:cf:b6:2b:f2:3d:2b:52:fb:dc:3d:e2:
51:72:8d:a8:30:26:88:ef:3b:f0:29:26:2a:71:0c:
b8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:AB:EC:C6:68:3C:2D:D3:DA:F2:3A:6E:71:A3:90:E4:ED:5C:15:8C
X509v3 Authority Key Identifier:
keyid:29:DC:F2:69:7B:A3:4A:5D:4C:57:F2:ED:96:71:8D:03:1B:BC:56:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdzyaXujSl1MV_LtlnGNAxu8VjA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/1C85059C1EB911E88533FA4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.78.0/24
103.26.47.0/24
103.26.74.0/23
122.129.120.0/21
150.129.184.0-150.129.186.255
203.80.16.0/21
IPv6:
2404:a8:5::/48
2404:a8:10::/48
2404:a8:19::/48
2404:a8:163::/48
2404:a8:3ff::/48
2404:a8:400b::/48
2404:a8:4094::/48
Signature Algorithm: sha256WithRSAEncryption
8a:61:43:70:fc:13:ba:13:df:91:d1:ea:e2:67:fd:07:a7:78:
60:ca:6b:f6:86:38:fe:32:79:72:3a:8e:14:af:53:53:64:98:
b9:8e:26:e4:c7:8a:d7:4a:72:33:93:5a:d7:17:db:57:c9:dc:
3e:83:fe:3f:5b:c5:1f:54:d9:55:57:95:37:fa:af:0a:c2:16:
ae:b6:0b:a4:72:93:e3:66:da:8c:f8:0a:e4:aa:1f:34:27:1e:
24:e2:24:f9:07:98:ea:bf:05:c7:b5:50:8e:cf:c0:93:fb:7b:
cc:49:51:ba:7e:eb:30:8b:c7:f2:f0:fe:dc:c8:e6:97:0a:a4:
f6:ca:6d:29:e5:1a:9b:55:3b:7e:f8:69:29:ac:7a:ea:bf:2f:
25:e3:67:db:88:78:35:da:a4:98:2d:41:0f:20:c5:fe:5b:d6:
b6:2a:c9:60:a7:fe:df:19:e8:7e:cc:65:59:74:8a:d3:9a:f0:
03:75:57:65:68:6c:00:97:40:19:c4:60:99:9a:2a:ef:4b:47:
86:11:5d:c0:49:95:ec:3b:0b:86:a9:ea:65:93:1e:8c:73:b6:
73:2d:b3:82:11:37:94:2b:6f:70:f2:6c:d8:04:92:3b:76:0a:
ce:de:57:d3:74:d9:3d:93:58:06:73:a7:1f:44:d5:06:df:b2:
03:3e:f5:67
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgICFPQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTExMDMxMTAvBgNVBAUTKDI5RENGMjY5N0JBMzRBNUQ0QzU3RjJFRDk2NzE4RDAz
MUJCQzU2MzAwHhcNMjMxMjA2MTcyNDQ2WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTcwYWU1ZS1iMTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwI/QZ3E8mIrS1qUKSUdAGdScv+vteTmraBLw29/FbDJfFE1qaFqHCZJ2PmQr
55QFtgCxa3kHKRwg9l/JcfpCUDfMmBxR2XNSizvPaUxsJdvni9QSFcemXvFLpJ/M
Qj0CiBaVygMQgdwqcwLuJiPjitMZecOqsVyJ6i5/aKf3njgT1MWIBiGma9gpW499
ZO+qwxYOeVktFxo1ChNnp8eRq1hMGMaMzRiyelZP8mM/i/9m4HfUY+bAqeyfQ5/E
zMzC8RylVPE9LWG5c9kTli3YU8Qdpj56yvvl5KPoqOd8dUvtDhe2z7Yr8j0rUvvc
PeJRco2oMCaI7zvwKSYqcQy4MQIDAQABo4IDAzCCAv8wHQYDVR0OBBYEFEur7MZo
PC3T2vI6bnGjkOTtXBWMMB8GA1UdIwQYMBaAFCnc8ml7o0pdTFfy7ZZxjQMbvFYw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMTEwMy8yMDk1QUE2MjFB
MDcxMUU4QkUyNEE1NThDNEY5QUUwMi9LZHp5YVh1alNsMU1WX0x0bG5HTkF4dThW
akEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tkenlhWHVqU2wxTVZfTHRsbkdOQXh1OFZqQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTExMDMvMjA5NUFBNjIxQTA3MTFFOEJFMjRBNTU4QzRGOUFFMDIvMUM4NTA1OUMx
RUI5MTFFODg1MzNGQTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYwGCCsGAQUFBwEHAQH/
BH0wezAyBAIAATAsAwQAZxFOAwQAZxovAwQBZxpKAwQDeoF4MAwDBAOWgbgDBACW
gboDBAPLUBAwRQQCAAIwPwMHACQEAKgABQMHACQEAKgAEAMHACQEAKgAGQMHACQE
AKgBYwMHACQEAKgD/wMHACQEAKhACwMHACQEAKhAlDANBgkqhkiG9w0BAQsFAAOC
AQEAimFDcPwTuhPfkdHq4mf9B6d4YMpr9oY4/jJ5cjqOFK9TU2SYuY4m5MeK10py
M5Na1xfbV8ncPoP+P1vFH1TZVVeVN/qvCsIWrrYLpHKT42bajPgK5KofNCceJOIk
+QeY6r8Fx7VQjs/Ak/t7zElRun7rMIvH8vD+3Mjmlwqk9sptKeUam1U7fvhpKax6
6r8vJeNn24h4NdqkmC1BDyDF/lvWtirJYKf+3xnofsxlWXSK05rwA3VXZWhsAJdA
GcRgmZoq70tHhhFdwEmV7DsLhqnqZZMejHO2cy2zghE3lCtvcPJs2ASSO3YKzt5X
03TZPZNYBnOnH0TVBt+yAz71Zw==
-----END CERTIFICATE-----
Generated at Thu May 16 18:26:08 2024 by rpki-client on console-fra.rpki-client.org