Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/46948AC87B8511EDB9E3E055C4F9AE02.roa
File: 46948AC87B8511EDB9E3E055C4F9AE02.roa (raw, json)
Hash identifier: ypZQBV+9EY4yetvyYDHXDbrcGsO7ZcQXKAjYkY4gbwo=
Subject key identifier: 18:C6:D8:00:86:27:1D:7B:95:F6:3B:28:03:69:BA:64:2B:27:56:CF
Certificate issuer: /CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420
Certificate serial: 07FA
Authority key identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/46948AC87B8511EDB9E3E055C4F9AE02.roa
Signing time: Thu 04 Jan 2024 21:59:21 +0000
ROA not before: Thu 04 Jan 2024 21:59:21 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 10207
IP address blocks: 101.234.128.0/23 maxlen: 23
101.234.128.0/23 maxlen: 24
101.234.130.0/23 maxlen: 23
101.234.130.0/23 maxlen: 24
101.234.135.0/24 maxlen: 24
101.234.138.0/23 maxlen: 23
101.234.138.0/23 maxlen: 24
101.234.155.0/24 maxlen: 24
101.234.159.0/24 maxlen: 24
101.234.170.0/24 maxlen: 24
101.234.171.0/24 maxlen: 24
114.111.152.0/23 maxlen: 24
114.111.154.0/23 maxlen: 23
114.111.154.0/23 maxlen: 24
122.100.5.0/24 maxlen: 24
122.100.12.0/23 maxlen: 24
2406:5800:1000::/40 maxlen: 48
2406:5800:1100::/40 maxlen: 48
2406:5800:1200::/40 maxlen: 48
2406:5800:1300::/40 maxlen: 48
2406:5800:ff00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl
rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 20:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2042 (0x7fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420
Validity
Not Before: Jan 4 21:59:21 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65972a39-15b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:33:2a:1a:50:fe:e9:02:b0:67:97:b2:0b:06:
bd:b8:02:9f:ee:c6:80:a9:9e:96:c6:78:42:0b:6d:
a0:39:a8:b4:ee:03:e1:db:ea:5a:c9:f9:51:dc:23:
dd:9f:ac:14:fd:a2:b4:78:a3:5d:0a:7a:4d:5a:64:
cd:83:eb:01:2e:8e:31:10:62:77:97:6f:3b:51:2e:
9d:23:40:10:fe:1e:7e:fd:af:4c:02:d8:43:40:5d:
ed:a8:f3:83:b6:7a:63:17:3c:6e:8f:46:27:7b:2e:
74:c4:56:86:7b:32:8a:3e:c8:65:e6:7d:60:5a:93:
bd:a1:e8:e8:49:ad:71:f1:8c:01:dd:eb:56:49:fb:
a4:1d:94:84:2c:89:d0:dc:49:12:21:b1:f1:d8:f9:
e2:c0:e7:46:59:7c:3a:fc:e4:ed:dd:2c:98:a8:59:
8d:47:fa:8c:63:7f:80:03:3c:30:ac:51:cf:1e:79:
5b:51:d3:44:e4:1f:32:ae:ec:43:54:b2:66:a0:33:
d0:f5:61:50:73:45:6f:0c:09:49:9c:b4:ce:1b:d9:
45:a7:0d:e8:7c:d3:a4:b3:3b:1c:ec:4a:00:06:ca:
1a:3c:17:9a:33:7f:d7:78:9c:96:14:14:00:55:29:
c2:20:bf:66:29:9e:a5:9a:3f:0c:78:6f:d0:b0:c1:
05:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C6:D8:00:86:27:1D:7B:95:F6:3B:28:03:69:BA:64:2B:27:56:CF
X509v3 Authority Key Identifier:
keyid:6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/46948AC87B8511EDB9E3E055C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.234.128.0/22
101.234.135.0/24
101.234.138.0/23
101.234.155.0/24
101.234.159.0/24
101.234.170.0/23
114.111.152.0/22
122.100.5.0/24
122.100.12.0/23
IPv6:
2406:5800:1000::/38
2406:5800:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
26:65:b1:6a:6f:06:9c:59:63:65:0f:fe:79:be:ba:0c:ea:03:
2d:e2:90:06:dc:47:88:0c:f0:ad:cb:a2:96:7c:ec:79:4f:d0:
d8:99:9f:f5:60:58:9e:3b:0d:1d:54:1c:f8:b5:18:88:c7:08:
4a:ac:19:f8:94:42:95:e6:03:54:d8:4c:b7:0b:ec:5f:c9:04:
38:f5:be:16:da:bc:db:fd:6b:a9:76:da:8f:93:95:16:ad:d7:
10:d6:8a:22:22:36:55:d6:49:f2:b4:c0:98:c5:35:9c:6a:75:
1f:8b:59:15:e0:81:cd:42:28:17:b9:cf:60:d9:e4:63:96:b6:
c3:d1:1b:93:ab:c4:67:c5:e2:94:6d:29:30:ab:fb:b3:e4:f7:
97:af:0b:0d:c2:2b:a8:bf:07:a4:0e:04:37:a8:21:db:e5:f5:
0e:6f:d4:8f:fc:70:84:93:2a:81:65:35:79:77:e8:bd:1b:f5:
19:ff:2f:8c:6d:91:12:f8:e5:b7:72:ef:26:98:76:66:0e:ac:
89:7d:6c:4a:81:73:d5:73:ec:5b:7c:d6:d3:72:c0:3c:98:35:
4c:49:9e:14:57:00:00:70:55:7a:8e:bc:58:15:cf:61:6d:13:
9d:87:74:fc:11:52:8c:b5:a1:14:71:f7:67:44:37:26:ac:28:
a0:11:5b:99
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgICB/owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU0NkUxMTAvBgNVBAUTKDZDNUE1ODlGOTI0Q0U5QkVEMUZEODlGNUFGRjYzMEM5
Mjc1NzQ0MjAwHhcNMjQwMTA0MjE1OTIxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk3MmEzOS0xNWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2jMqGlD+6QKwZ5eyCwa9uAKf7saAqZ6WxnhCC22gOai07gPh2+payflR3CPd
n6wU/aK0eKNdCnpNWmTNg+sBLo4xEGJ3l287US6dI0AQ/h5+/a9MAthDQF3tqPOD
tnpjFzxuj0Yney50xFaGezKKPshl5n1gWpO9oejoSa1x8YwB3etWSfukHZSELInQ
3EkSIbHx2PniwOdGWXw6/OTt3SyYqFmNR/qMY3+AAzwwrFHPHnlbUdNE5B8yruxD
VLJmoDPQ9WFQc0VvDAlJnLTOG9lFpw3ofNOkszsc7EoABsoaPBeaM3/XeJyWFBQA
VSnCIL9mKZ6lmj8MeG/QsMEFnwIDAQABo4IC3jCCAtowHQYDVR0OBBYEFBjG2ACG
Jx17lfY7KANpumQrJ1bPMB8GA1UdIwQYMBaAFGxaWJ+STOm+0f2J9a/2MMknV0Qg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTQ2RS8wQ0Q0MURBOEI3
NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZiN1JfWW4xcl9Zd3lTZFhS
Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JGcFluNUpNNmI3Ul9ZbjFyX1l3eVNkWFJDQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU0NkUvMENENDFEQThCNzZBMTFFQTgxNEY1MDg0QzRGOUFFMDIvNDY5NDhBQzg3
Qjg1MTFFREI5RTNFMDU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwaAYIKwYBBQUHAQcBAf8E
WTBXMDwEAgABMDYDBAJl6oADBABl6ocDBAFl6ooDBABl6psDBABl6p8DBAFl6qoD
BAJyb5gDBAB6ZAUDBAF6ZAwwFwQCAAIwEQMGAiQGWAAQAwcAJAZYAP8AMA0GCSqG
SIb3DQEBCwUAA4IBAQAmZbFqbwacWWNlD/55vroM6gMt4pAG3EeIDPCty6KWfOx5
T9DYmZ/1YFieOw0dVBz4tRiIxwhKrBn4lEKV5gNU2Ey3C+xfyQQ49b4W2rzb/Wup
dtqPk5UWrdcQ1ooiIjZV1knytMCYxTWcanUfi1kV4IHNQigXuc9g2eRjlrbD0RuT
q8RnxeKUbSkwq/uz5PeXrwsNwiuovwekDgQ3qCHb5fUOb9SP/HCEkyqBZTV5d+i9
G/UZ/y+MbZES+OW3cu8mmHZmDqyJfWxKgXPVc+xbfNbTcsA8mDVMSZ4UVwAAcFV6
jrxYFc9hbROdh3T8EVKMtaEUcfdnRDcmrCigEVuZ
-----END CERTIFICATE-----
Generated at Thu May 16 22:34:51 2024 by rpki-client on console-ams.rpki-client.org