Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/9F12E3A025A511EE87132E45C4F9AE02.roa
File: 9F12E3A025A511EE87132E45C4F9AE02.roa (raw, json)
Hash identifier: o1E2TDzfrYXVJOP/YJY3szBmvDulSoV6uw7KuOgewO4=
Subject key identifier: 97:19:11:55:BA:88:4E:4D:01:66:DA:8A:A6:64:6B:10:5D:6B:9A:C7
Certificate issuer: /CN=A91A495C/serialNumber=78BEDBEDC0459B900C282892F13B1782A9560429
Certificate serial: 0CC2
Authority key identifier: 78:BE:DB:ED:C0:45:9B:90:0C:28:28:92:F1:3B:17:82:A9:56:04:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eL7b7cBFm5AMKCiS8TsXgqlWBCk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/9F12E3A025A511EE87132E45C4F9AE02.roa
Signing time: Tue 01 Oct 2024 06:10:43 +0000
ROA not before: Tue 01 Oct 2024 06:10:43 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 137967
IP address blocks: 103.117.192.0/22 maxlen: 22
103.117.192.0/23 maxlen: 23
103.117.192.0/24 maxlen: 24
103.117.193.0/24 maxlen: 24
103.117.194.0/23 maxlen: 23
103.117.194.0/24 maxlen: 24
103.117.195.0/24 maxlen: 24
2403:1e40::/32 maxlen: 36
2403:1e40::/48 maxlen: 48
2403:1e40:100::/48 maxlen: 48
2403:1e40:150::/48 maxlen: 48
2403:1e40:151::/48 maxlen: 48
2403:1e40:152::/48 maxlen: 48
2403:1e40:153::/48 maxlen: 48
2403:1e40:154::/48 maxlen: 48
2403:1e40:168::/48 maxlen: 48
2403:1e40:169::/48 maxlen: 48
2403:1e40:1000::/37 maxlen: 40
2403:1e40:1000::/41 maxlen: 48
2403:1e40:1080::/41 maxlen: 48
2403:1e40:1100::/41 maxlen: 48
2403:1e40:1180::/41 maxlen: 48
2403:1e40:1200::/41 maxlen: 48
2403:1e40:1280::/41 maxlen: 48
2403:1e40:1300::/41 maxlen: 48
2403:1e40:1380::/41 maxlen: 48
2403:1e40:1400::/41 maxlen: 48
2403:1e40:1800::/37 maxlen: 40
2403:1e40:1800::/41 maxlen: 48
2403:1e40:1880::/41 maxlen: 45
2403:1e40:1880::/42 maxlen: 48
2403:1e40:18c0::/43 maxlen: 48
2403:1e40:18e0::/44 maxlen: 48
2403:1e40:18f0::/45 maxlen: 48
2403:1e40:18f8::/46 maxlen: 46
2403:1e40:18f8::/47 maxlen: 48
2403:1e40:1a00::/41 maxlen: 48
2403:1e40:1a80::/41 maxlen: 48
2403:1e40:70ff::/48 maxlen: 48
2403:1e40:80ff::/48 maxlen: 48
2403:1e40:90ff::/48 maxlen: 48
2403:1e40:97ff::/48 maxlen: 48
2403:1e40:fffd::/48 maxlen: 48
2403:1e40:fffe::/48 maxlen: 48
2403:1e40:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/eL7b7cBFm5AMKCiS8TsXgqlWBCk.crl
rsync://rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/eL7b7cBFm5AMKCiS8TsXgqlWBCk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eL7b7cBFm5AMKCiS8TsXgqlWBCk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 18:06:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3266 (0xcc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A495C/serialNumber=78BEDBEDC0459B900C282892F13B1782A9560429
Validity
Not Before: Oct 1 06:10:43 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66fb9263-89d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4a:8d:8f:5c:92:b0:4e:6f:36:70:88:9c:47:
f9:ee:fb:45:d0:bf:ec:17:30:7f:c2:c6:71:21:7e:
37:4f:b9:45:be:3d:ee:e8:4f:87:a7:cb:51:d7:1f:
c6:4d:fd:62:08:ba:3e:94:cc:d1:90:a9:3b:52:91:
cb:0f:2b:bc:61:61:0b:78:95:93:83:5a:d2:13:a3:
92:12:ea:ee:2b:bf:1f:c2:b2:e0:c9:a6:9e:9a:8f:
da:45:ea:c9:da:eb:bd:30:60:11:54:7c:22:e8:55:
8c:75:55:c3:a2:cd:47:6a:49:69:97:06:95:82:da:
fc:41:fa:fc:c2:b3:95:ac:27:02:46:fb:33:c4:fe:
c1:f5:b4:06:43:fc:cb:e4:2e:cf:51:23:f6:9a:b7:
16:e2:4d:56:8d:86:16:ca:a4:45:40:5b:b8:3d:86:
e3:aa:a5:7c:60:90:f2:80:e7:29:c1:5a:23:e9:2b:
21:9d:50:ee:ce:e4:31:c8:13:99:87:27:fe:f3:e4:
31:ab:cb:4f:1c:09:d2:97:ec:23:a2:2d:ab:12:92:
e3:87:a0:e9:44:c9:65:09:ca:16:e0:91:c2:4b:b2:
31:a8:58:77:81:2d:f2:c0:5d:2d:1c:3b:f7:d0:bd:
81:e9:ba:48:5e:89:c4:e4:36:5d:3a:5c:16:a3:79:
e9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:19:11:55:BA:88:4E:4D:01:66:DA:8A:A6:64:6B:10:5D:6B:9A:C7
X509v3 Authority Key Identifier:
keyid:78:BE:DB:ED:C0:45:9B:90:0C:28:28:92:F1:3B:17:82:A9:56:04:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/eL7b7cBFm5AMKCiS8TsXgqlWBCk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eL7b7cBFm5AMKCiS8TsXgqlWBCk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/9F12E3A025A511EE87132E45C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.192.0/22
IPv6:
2403:1e40::/32
Signature Algorithm: sha256WithRSAEncryption
08:4c:a9:4e:4e:10:5c:8d:de:83:b4:80:8c:bb:9e:f8:6c:d0:
27:28:06:dd:0c:5b:64:09:ca:db:18:ee:24:fd:e4:78:9e:b5:
c0:02:98:e9:15:bb:da:19:13:c0:12:9d:76:96:ef:20:f3:83:
d5:07:9d:d2:7f:d5:0d:48:30:f4:24:4b:f7:57:46:e2:f3:ad:
07:41:b9:ab:b0:42:6a:f4:15:e2:07:17:79:09:53:58:db:54:
1e:c9:ec:46:5c:43:fb:d8:2e:91:9f:b9:3a:13:c9:bb:98:ec:
e4:80:e5:a5:57:e5:c6:24:1a:c6:85:ac:36:4f:c9:d7:4d:fa:
87:47:4f:ec:92:83:47:1c:2a:09:aa:05:11:87:90:32:cd:80:
8f:3f:5c:ce:25:19:a6:43:a7:d9:18:d6:db:ce:d8:1d:2d:25:
bd:15:43:cb:d2:e5:9c:ee:4f:cb:37:ff:02:a1:ff:49:11:1c:
6e:2e:9b:99:f3:72:93:fe:b3:38:ea:61:f8:cb:41:6a:ac:08:
78:bb:01:13:03:4a:90:bc:09:cb:03:52:e7:cb:3a:10:c8:05:
b8:05:3c:de:c7:32:32:5f:3e:3e:e8:22:4f:cc:ac:c2:81:d5:
d9:9e:99:c2:bd:46:53:1d:08:60:12:1f:02:c8:ef:56:fb:58:
c9:a8:4c:29
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDMIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ5NUMxMTAvBgNVBAUTKDc4QkVEQkVEQzA0NTlCOTAwQzI4Mjg5MkYxM0IxNzgy
QTk1NjA0MjkwHhcNMjQxMDAxMDYxMDQzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZiOTI2My04OWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqEqNj1ySsE5vNnCInEf57vtF0L/sFzB/wsZxIX43T7lFvj3u6E+Hp8tR1x/G
Tf1iCLo+lMzRkKk7UpHLDyu8YWELeJWTg1rSE6OSEuruK78fwrLgyaaemo/aRerJ
2uu9MGARVHwi6FWMdVXDos1HaklplwaVgtr8Qfr8wrOVrCcCRvszxP7B9bQGQ/zL
5C7PUSP2mrcW4k1WjYYWyqRFQFu4PYbjqqV8YJDygOcpwVoj6SshnVDuzuQxyBOZ
hyf+8+Qxq8tPHAnSl+wjoi2rEpLjh6DpRMllCcoW4JHCS7IxqFh3gS3ywF0tHDv3
0L2B6bpIXonE5DZdOlwWo3npPQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFJcZEVW6
iE5NAWbaiqZkaxBda5rHMB8GA1UdIwQYMBaAFHi+2+3ARZuQDCgokvE7F4KpVgQp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDk1Qy81NTkxODAwNEUy
QUQxMUU5QjRBMjc1NDZDNEY5QUUwMi9lTDdiN2NCRm01QU1LQ2lTOFRzWGdxbFdC
Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VMN2I3Y0JGbTVBTUtDaVM4VHNYZ3FsV0JDay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ5NUMvNTU5MTgwMDRFMkFEMTFFOUI0QTI3NTQ2QzRGOUFFMDIvOUYxMkUzQTAy
NUE1MTFFRTg3MTMyRTQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJndcAwDQQCAAIwBwMFACQDHkAwDQYJKoZIhvcNAQELBQAD
ggEBAAhMqU5OEFyN3oO0gIy7nvhs0CcoBt0MW2QJytsY7iT95HietcACmOkVu9oZ
E8ASnXaW7yDzg9UHndJ/1Q1IMPQkS/dXRuLzrQdBuauwQmr0FeIHF3kJU1jbVB7J
7EZcQ/vYLpGfuToTybuY7OSA5aVX5cYkGsaFrDZPyddN+odHT+ySg0ccKgmqBRGH
kDLNgI8/XM4lGaZDp9kY1tvO2B0tJb0VQ8vS5ZzuT8s3/wKh/0kRHG4um5nzcpP+
szjqYfjLQWqsCHi7ARMDSpC8CcsDUufLOhDIBbgFPN7HMjJfPj7oIk/MrMKB1dme
mcK9RlMdCGASHwLI71b7WMmoTCk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:45:01 2024 by rpki-client on console-fra.rpki-client.org