Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
File: A508D320BBC711ED8DF23C40C4F9AE02.roa (raw, json)
Hash identifier: Zh/Tjd/SF+RsN/kVNLHh3aj6ikiB7pm8zxWkTBX3Oxk=
Subject key identifier: 1E:94:90:DA:1B:44:CF:CA:57:30:67:7A:69:4A:A8:78:78:78:00:B2
Certificate issuer: /CN=A91A57F8/serialNumber=9F64FE50992537FB0B40E52F9CFAC310CA271918
Certificate serial: 0165
Authority key identifier: 9F:64:FE:50:99:25:37:FB:0B:40:E5:2F:9C:FA:C3:10:CA:27:19:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
Signing time: Mon 11 Nov 2024 21:00:45 +0000
ROA not before: Mon 11 Nov 2024 21:00:45 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 136000
IP address blocks: 103.117.166.0/23 maxlen: 23
103.134.20.0/22 maxlen: 22
103.196.240.0/22 maxlen: 22
103.209.12.0/22 maxlen: 22
118.91.188.0/24 maxlen: 24
202.14.177.0/24 maxlen: 24
202.62.240.0/22 maxlen: 22
202.73.30.0/23 maxlen: 23
203.14.201.0/24 maxlen: 24
203.18.242.0/23 maxlen: 23
203.23.53.0/24 maxlen: 24
203.24.148.0/23 maxlen: 23
203.28.160.0/24 maxlen: 24
203.29.91.0/24 maxlen: 24
203.32.98.0/23 maxlen: 23
203.55.150.0/24 maxlen: 24
203.56.119.0/24 maxlen: 24
203.57.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.crl
rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:35:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 357 (0x165)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A57F8/serialNumber=9F64FE50992537FB0B40E52F9CFAC310CA271918
Validity
Not Before: Nov 11 21:00:45 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6732707d-712c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e2:68:b7:95:01:8e:f9:a8:f6:3b:74:62:f3:
0d:08:45:7a:d1:9d:ab:38:e6:08:0b:23:5b:04:c7:
ab:f6:6b:1a:eb:38:3d:45:86:91:32:70:2f:66:39:
a0:0a:6e:5c:de:4b:8a:cb:1e:7b:50:15:2e:a5:6a:
f9:a6:39:51:fd:61:d6:27:82:0a:07:f6:c9:c9:d6:
6a:a7:bf:ac:62:8c:64:8d:48:85:05:de:84:a7:4c:
dc:f7:b0:a3:95:da:53:42:02:f0:07:e6:aa:f5:3f:
54:d6:b0:0a:2b:5e:2a:f1:74:55:ff:2b:9f:1e:14:
65:1d:4d:df:28:5b:e7:47:65:b4:76:b4:34:4e:d5:
ce:a5:46:63:60:ca:d7:9e:e2:36:4b:e7:a2:5e:ca:
20:99:18:1c:53:46:f1:65:cd:2b:ad:5b:11:ce:cd:
73:1a:e0:f9:d4:cf:b8:6b:a7:f6:24:fa:b2:ef:c7:
67:cc:77:c9:64:3f:ff:b2:61:e2:1a:c0:a1:aa:10:
f8:f4:c4:59:e3:55:53:a6:4c:a2:78:67:93:a2:34:
20:99:82:7e:5c:8f:18:d4:aa:f6:0d:64:17:63:a0:
ac:f6:5c:cd:b4:d9:9a:ac:f4:f7:81:30:6b:7a:47:
ab:db:fb:ec:f3:87:9f:b0:a9:cc:6d:2f:dc:5b:1d:
3a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:94:90:DA:1B:44:CF:CA:57:30:67:7A:69:4A:A8:78:78:78:00:B2
X509v3 Authority Key Identifier:
keyid:9F:64:FE:50:99:25:37:FB:0B:40:E5:2F:9C:FA:C3:10:CA:27:19:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/n2T-UJklN_sLQOUvnPrDEMonGRg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n2T-UJklN_sLQOUvnPrDEMonGRg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A57F8/34509400B97511ED8040DE22C4F9AE02/A508D320BBC711ED8DF23C40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.117.166.0/23
103.134.20.0/22
103.196.240.0/22
103.209.12.0/22
118.91.188.0/24
202.14.177.0/24
202.62.240.0/22
202.73.30.0/23
203.14.201.0/24
203.18.242.0/23
203.23.53.0/24
203.24.148.0/23
203.28.160.0/24
203.29.91.0/24
203.32.98.0/23
203.55.150.0/24
203.56.119.0/24
203.57.252.0/24
Signature Algorithm: sha256WithRSAEncryption
11:dc:16:87:44:fa:f9:43:cd:e0:f7:ef:df:a7:61:ee:86:f2:
ad:f1:c8:d7:58:1e:ba:4f:55:ba:73:00:e6:ee:6a:eb:6e:0c:
be:c3:6e:45:f4:df:16:6b:a5:85:a1:26:f1:92:4b:b5:09:72:
b2:04:c9:d0:77:46:76:c5:e6:32:aa:3c:01:bd:e8:ac:f9:1e:
80:f5:11:55:3f:bc:67:fe:08:e3:c2:d6:ba:a0:6a:c6:52:a8:
81:eb:16:97:4d:ed:0d:75:32:f6:25:9a:fc:d4:95:e3:fa:15:
ae:a2:ca:2a:a2:be:16:a7:c3:7f:81:f2:4b:6f:ae:2e:40:28:
86:86:d8:84:92:ef:f1:56:55:b7:85:81:9f:f0:b6:72:a2:67:
8b:32:1c:93:d0:b3:df:f3:c5:9a:a5:90:9d:5d:93:b7:fd:1f:
5d:12:81:a8:ef:fc:0d:31:90:43:8c:ca:49:c2:53:4f:ea:8a:
d4:1c:8f:af:94:9a:8b:b4:a5:0c:a6:bf:e8:f8:0a:bc:78:25:
24:a3:ea:53:e4:90:94:c3:25:9e:32:c6:d1:e2:86:42:7e:6c:
14:bf:9b:34:34:eb:3b:37:68:43:b9:c1:4c:52:1b:02:bc:80:
d6:16:40:0b:b0:8d:ed:c7:df:9b:17:94:dd:ed:a1:95:8d:4f:
86:2d:85:58
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgICAWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU3RjgxMTAvBgNVBAUTKDlGNjRGRTUwOTkyNTM3RkIwQjQwRTUyRjlDRkFDMzEw
Q0EyNzE5MTgwHhcNMjQxMTExMjEwMDQ1WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzMyNzA3ZC03MTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyOJot5UBjvmo9jt0YvMNCEV60Z2rOOYICyNbBMer9msa6zg9RYaRMnAvZjmg
Cm5c3kuKyx57UBUupWr5pjlR/WHWJ4IKB/bJydZqp7+sYoxkjUiFBd6Ep0zc97Cj
ldpTQgLwB+aq9T9U1rAKK14q8XRV/yufHhRlHU3fKFvnR2W0drQ0TtXOpUZjYMrX
nuI2S+eiXsogmRgcU0bxZc0rrVsRzs1zGuD51M+4a6f2JPqy78dnzHfJZD//smHi
GsChqhD49MRZ41VTpkyieGeTojQgmYJ+XI8Y1Kr2DWQXY6Cs9lzNtNmarPT3gTBr
eker2/vs84efsKnMbS/cWx06gQIDAQABo4IC/DCCAvgwHQYDVR0OBBYEFB6UkNob
RM/KVzBnemlKqHh4eACyMB8GA1UdIwQYMBaAFJ9k/lCZJTf7C0DlL5z6wxDKJxkY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTdGOC8zNDUwOTQwMEI5
NzUxMUVEODA0MERFMjJDNEY5QUUwMi9uMlQtVUprbE5fc0xRT1V2blByREVNb25H
UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL24yVC1VSmtsTl9zTFFPVXZuUHJERU1vbkdSZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU3RjgvMzQ1MDk0MDBCOTc1MTFFRDgwNDBERTIyQzRGOUFFMDIvQTUwOEQzMjBC
QkM3MTFFRDhERjIzQzQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYUGCCsGAQUFBwEHAQH/
BHYwdDByBAIAATBsAwQBZ3WmAwQCZ4YUAwQCZ8TwAwQCZ9EMAwQAdlu8AwQAyg6x
AwQCyj7wAwQBykkeAwQAyw7JAwQByxLyAwQAyxc1AwQByxiUAwQAyxygAwQAyx1b
AwQByyBiAwQAyzeWAwQAyzh3AwQAyzn8MA0GCSqGSIb3DQEBCwUAA4IBAQAR3BaH
RPr5Q83g9+/fp2HuhvKt8cjXWB66T1W6cwDm7mrrbgy+w25F9N8Wa6WFoSbxkku1
CXKyBMnQd0Z2xeYyqjwBveis+R6A9RFVP7xn/gjjwta6oGrGUqiB6xaXTe0NdTL2
JZr81JXj+hWuosoqor4Wp8N/gfJLb64uQCiGhtiEku/xVlW3hYGf8LZyomeLMhyT
0LPf88WapZCdXZO3/R9dEoGo7/wNMZBDjMpJwlNP6orUHI+vlJqLtKUMpr/o+Aq8
eCUko+pT5JCUwyWeMsbR4oZCfmwUv5s0NOs7N2hDucFMUhsCvIDWFkALsI3tx9+b
F5Td7aGVjU+GLYVY
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:58:46 2024 by rpki-client on console-ams.rpki-client.org