Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/1C85059C1EB911E88533FA4EC4F9AE02.roa
File: 1C85059C1EB911E88533FA4EC4F9AE02.roa (raw, json)
Hash identifier: RqHN2PwZe21iOjQw65O1dXW58VJkxhmOGxQkFQUXslk=
Subject key identifier: A8:D7:9A:21:87:3F:49:72:84:73:13:C9:89:7C:8C:91:15:C2:53:52
Certificate issuer: /CN=A91A1103/serialNumber=29DCF2697BA34A5D4C57F2ED96718D031BBC5630
Certificate serial: 15BA
Authority key identifier: 29:DC:F2:69:7B:A3:4A:5D:4C:57:F2:ED:96:71:8D:03:1B:BC:56:30
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdzyaXujSl1MV_LtlnGNAxu8VjA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/1C85059C1EB911E88533FA4EC4F9AE02.roa
Signing time: Sun 22 Dec 2024 16:54:39 +0000
ROA not before: Sun 22 Dec 2024 16:54:39 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 24514
IP address blocks: 103.17.78.0/24 maxlen: 24
103.26.47.0/24 maxlen: 24
103.26.74.0/24 maxlen: 24
103.26.75.0/24 maxlen: 24
122.129.120.0/24 maxlen: 24
122.129.121.0/24 maxlen: 24
122.129.122.0/24 maxlen: 24
122.129.123.0/24 maxlen: 24
122.129.124.0/24 maxlen: 24
122.129.125.0/24 maxlen: 24
122.129.126.0/24 maxlen: 24
122.129.127.0/24 maxlen: 24
150.129.184.0/24 maxlen: 24
150.129.185.0/24 maxlen: 24
150.129.186.0/24 maxlen: 24
203.80.16.0/24 maxlen: 24
203.80.17.0/24 maxlen: 24
203.80.18.0/24 maxlen: 24
203.80.19.0/24 maxlen: 24
203.80.20.0/24 maxlen: 24
203.80.21.0/24 maxlen: 24
203.80.22.0/24 maxlen: 24
203.80.23.0/24 maxlen: 24
2404:a8:5::/48 maxlen: 48
2404:a8:10::/48 maxlen: 48
2404:a8:19::/48 maxlen: 48
2404:a8:163::/48 maxlen: 48
2404:a8:3ff::/48 maxlen: 48
2404:a8:400b::/48 maxlen: 48
2404:a8:4094::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.crl
rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdzyaXujSl1MV_LtlnGNAxu8VjA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5562 (0x15ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1103
Validity
Not Before: Dec 22 16:54:39 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6768444e-a3eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d7:28:df:77:63:41:1c:03:88:4c:55:48:fb:
52:47:13:e3:a4:89:15:62:29:a3:24:b4:d7:50:4f:
29:c6:e5:d5:cc:1a:9b:1f:54:32:17:3b:c4:28:b7:
cd:a7:96:6e:8c:83:82:86:e5:0c:8d:5b:2c:80:fa:
4f:cd:68:20:50:e7:b0:b1:ff:bc:c5:60:51:b6:ac:
fd:56:02:22:c2:60:a1:29:ac:ac:79:c6:28:d1:56:
53:fd:9d:cf:ed:4b:fe:72:bd:7c:6f:b7:37:b2:af:
1e:b1:ba:12:4a:0e:72:7d:b9:b8:bf:9c:d9:aa:13:
91:75:a4:10:37:7b:e8:f4:30:13:43:d4:08:e6:44:
fa:2f:40:1a:17:58:b6:3e:52:5f:13:28:46:cf:78:
bf:bd:96:32:4d:f0:33:d3:ad:a6:f7:20:25:4c:b3:
41:85:42:42:e5:33:f0:e4:9a:23:75:a0:ed:38:d7:
a7:ac:d1:06:34:a1:04:c9:31:d0:89:c0:96:57:42:
46:7d:18:16:e9:ce:c1:a6:90:e9:7a:43:fd:b8:a3:
01:aa:6b:5a:97:88:b4:84:93:27:a4:85:36:41:e2:
46:fe:9d:00:5c:61:e2:2e:42:cc:00:fc:db:05:ad:
28:27:89:1b:3f:03:8f:df:67:45:cb:0c:6c:b6:84:
dc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:D7:9A:21:87:3F:49:72:84:73:13:C9:89:7C:8C:91:15:C2:53:52
X509v3 Authority Key Identifier:
keyid:29:DC:F2:69:7B:A3:4A:5D:4C:57:F2:ED:96:71:8D:03:1B:BC:56:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdzyaXujSl1MV_LtlnGNAxu8VjA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/1C85059C1EB911E88533FA4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.78.0/24
103.26.47.0/24
103.26.74.0/23
122.129.120.0/21
150.129.184.0-150.129.186.255
203.80.16.0/21
IPv6:
2404:a8:5::/48
2404:a8:10::/48
2404:a8:19::/48
2404:a8:163::/48
2404:a8:3ff::/48
2404:a8:400b::/48
2404:a8:4094::/48
Signature Algorithm: sha256WithRSAEncryption
18:e7:6f:20:52:41:58:66:96:77:b7:34:fd:6e:bf:fa:9e:45:
bb:44:25:81:95:6b:6d:57:9b:32:8e:d8:bf:7f:e4:a1:fc:3c:
3f:14:87:c1:54:77:04:58:28:10:e8:ff:ec:e1:7e:69:7e:1f:
68:60:ba:88:37:d0:a5:89:b1:63:68:5d:35:80:db:c3:fc:3f:
80:45:a7:c0:3e:4c:c3:43:17:2c:7b:17:94:ff:2c:ad:03:37:
7e:92:30:58:e4:49:07:35:dd:1e:0e:dd:34:41:22:4f:75:5d:
3f:84:c2:7b:89:f0:2b:5a:80:6b:d1:7b:3d:dd:a5:f9:a9:33:
d6:c5:b2:cd:43:7f:91:1e:1e:31:57:6c:c8:cb:e8:c1:7d:c2:
db:2f:ff:79:0c:5c:29:1a:3b:68:fa:2a:2a:a7:95:27:c7:2b:
63:24:cb:06:c5:e1:66:35:cc:eb:1f:1f:b0:1e:62:b5:fd:d4:
f9:d4:86:f9:d3:cf:9b:1d:4d:de:1d:81:f0:42:d4:ae:1f:ce:
c3:30:03:b5:90:07:13:5c:f1:e5:5a:61:9a:3d:8b:0d:12:07:
25:4b:e2:2d:7e:c5:69:23:c5:1b:f9:31:02:75:62:60:a8:1e:
d5:36:16:74:eb:c6:fc:69:de:4c:e5:bb:d0:b3:15:d7:d9:3d:
eb:38:82:46
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgICFbowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTExMDMxMTAvBgNVBAUTKDI5RENGMjY5N0JBMzRBNUQ0QzU3RjJFRDk2NzE4RDAz
MUJCQzU2MzAwHhcNMjQxMjIyMTY1NDM5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY4NDQ0ZS1hM2ViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA39co33djQRwDiExVSPtSRxPjpIkVYimjJLTXUE8pxuXVzBqbH1QyFzvEKLfN
p5ZujIOChuUMjVssgPpPzWggUOewsf+8xWBRtqz9VgIiwmChKaysecYo0VZT/Z3P
7Uv+cr18b7c3sq8esboSSg5yfbm4v5zZqhORdaQQN3vo9DATQ9QI5kT6L0AaF1i2
PlJfEyhGz3i/vZYyTfAz062m9yAlTLNBhUJC5TPw5JojdaDtONenrNEGNKEEyTHQ
icCWV0JGfRgW6c7BppDpekP9uKMBqmtal4i0hJMnpIU2QeJG/p0AXGHiLkLMAPzb
Ba0oJ4kbPwOP32dFywxstoTcvwIDAQABo4IDAzCCAv8wHQYDVR0OBBYEFKjXmiGH
P0lyhHMTyYl8jJEVwlNSMB8GA1UdIwQYMBaAFCnc8ml7o0pdTFfy7ZZxjQMbvFYw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMTEwMy8yMDk1QUE2MjFB
MDcxMUU4QkUyNEE1NThDNEY5QUUwMi9LZHp5YVh1alNsMU1WX0x0bG5HTkF4dThW
akEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tkenlhWHVqU2wxTVZfTHRsbkdOQXh1OFZqQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTExMDMvMjA5NUFBNjIxQTA3MTFFOEJFMjRBNTU4QzRGOUFFMDIvMUM4NTA1OUMx
RUI5MTFFODg1MzNGQTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYwGCCsGAQUFBwEHAQH/
BH0wezAyBAIAATAsAwQAZxFOAwQAZxovAwQBZxpKAwQDeoF4MAwDBAOWgbgDBACW
gboDBAPLUBAwRQQCAAIwPwMHACQEAKgABQMHACQEAKgAEAMHACQEAKgAGQMHACQE
AKgBYwMHACQEAKgD/wMHACQEAKhACwMHACQEAKhAlDANBgkqhkiG9w0BAQsFAAOC
AQEAGOdvIFJBWGaWd7c0/W6/+p5Fu0QlgZVrbVebMo7Yv3/kofw8PxSHwVR3BFgo
EOj/7OF+aX4faGC6iDfQpYmxY2hdNYDbw/w/gEWnwD5Mw0MXLHsXlP8srQM3fpIw
WORJBzXdHg7dNEEiT3VdP4TCe4nwK1qAa9F7Pd2l+akz1sWyzUN/kR4eMVdsyMvo
wX3C2y//eQxcKRo7aPoqKqeVJ8crYyTLBsXhZjXM6x8fsB5itf3U+dSG+dPPmx1N
3h2B8ELUrh/OwzADtZAHE1zx5Vphmj2LDRIHJUviLX7FaSPFG/kxAnViYKge1TYW
dOvG/GneTOW70LMV19k96ziCRg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:43 2025 by rpki-client