Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/AA1961BE0B8911EFB4D34833C4F9AE02.roa
File: AA1961BE0B8911EFB4D34833C4F9AE02.roa (raw, json)
Hash identifier: Dv/9PE3NiKAfv4gh4Z0NoYk8ZOGS7i3iGybfvJwlGF8=
Subject key identifier: 58:99:F8:DB:C0:C0:2A:C8:FA:CB:1A:AB:3B:C0:B5:72:A0:ED:4B:FC
Certificate issuer: /CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Certificate serial: 0A16
Authority key identifier: FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/AA1961BE0B8911EFB4D34833C4F9AE02.roa
Signing time: Mon 01 Jul 2024 16:00:59 +0000
ROA not before: Mon 01 Jul 2024 16:00:59 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 24105
IP address blocks: 103.17.202.0/24 maxlen: 24
110.34.36.0/24 maxlen: 24
180.92.128.0/24 maxlen: 24
180.92.129.0/24 maxlen: 24
180.92.130.0/24 maxlen: 24
180.92.131.0/24 maxlen: 24
180.92.132.0/24 maxlen: 24
180.92.133.0/24 maxlen: 24
180.92.134.0/24 maxlen: 24
180.92.135.0/24 maxlen: 24
180.92.136.0/24 maxlen: 24
180.92.137.0/24 maxlen: 24
180.92.138.0/24 maxlen: 24
180.92.139.0/24 maxlen: 24
180.92.140.0/24 maxlen: 24
180.92.141.0/24 maxlen: 24
180.92.142.0/24 maxlen: 24
180.92.143.0/24 maxlen: 24
180.92.144.0/24 maxlen: 24
180.92.145.0/24 maxlen: 24
180.92.146.0/24 maxlen: 24
180.92.147.0/24 maxlen: 24
180.92.148.0/24 maxlen: 24
180.92.149.0/24 maxlen: 24
180.92.150.0/24 maxlen: 24
180.92.151.0/24 maxlen: 24
180.92.152.0/24 maxlen: 24
180.92.153.0/24 maxlen: 24
180.92.154.0/24 maxlen: 24
180.92.155.0/24 maxlen: 24
180.92.156.0/24 maxlen: 24
180.92.157.0/24 maxlen: 24
180.92.158.0/24 maxlen: 24
180.92.159.0/24 maxlen: 24
192.135.90.0/24 maxlen: 24
192.135.91.0/24 maxlen: 24
192.144.78.0/24 maxlen: 24
192.144.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl
rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 19:56:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2582 (0xa16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AB6EB/serialNumber=FC9BD463D02E9FD2DFC3C39AE4CD5AB322658C2A
Validity
Not Before: Jul 1 16:00:59 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=6682d2bb-a2b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:16:28:42:a6:68:26:c0:aa:f0:09:34:34:70:
b4:05:f8:6a:c3:b1:ce:2a:02:5e:7c:8e:71:a2:ab:
5b:4d:b3:5b:c4:ce:bc:f5:b0:f9:4d:31:07:8c:37:
cf:1f:d0:c1:c5:b2:72:4a:c3:38:c9:5b:63:90:79:
b6:d6:31:34:2f:30:5f:c7:12:2f:1b:5c:ae:a9:bd:
64:dd:cf:8b:9c:65:7a:c1:16:c1:06:d2:ee:57:1a:
9b:d0:f2:45:0f:d7:3c:4f:8e:41:1f:be:68:f8:b5:
b3:e0:23:17:77:8b:f2:d0:5b:25:6c:d2:0b:9d:b8:
e9:ba:0f:81:95:f1:eb:f8:26:f1:e2:a9:53:04:0e:
b9:b0:c2:25:63:2f:d3:d2:94:6a:0d:73:c2:cd:da:
5f:5e:ba:20:7c:f1:b6:85:93:59:12:aa:16:5b:fb:
3d:42:a2:25:a6:7c:09:2b:ea:ab:57:6d:56:ab:19:
b2:50:19:95:ca:b0:cd:f9:32:06:be:31:3e:9a:29:
14:23:f5:4d:7e:dc:c4:4c:8f:90:77:8c:ba:16:bb:
b1:9a:c1:31:71:98:b1:9e:d5:b9:39:32:04:85:22:
6c:88:c2:cb:15:4d:ff:ea:d0:76:82:b3:bb:56:7e:
05:b1:b6:e4:b5:7f:62:e2:2c:e1:e5:d2:ee:d3:59:
df:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:99:F8:DB:C0:C0:2A:C8:FA:CB:1A:AB:3B:C0:B5:72:A0:ED:4B:FC
X509v3 Authority Key Identifier:
keyid:FC:9B:D4:63:D0:2E:9F:D2:DF:C3:C3:9A:E4:CD:5A:B3:22:65:8C:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/_JvUY9Aun9Lfw8Oa5M1asyJljCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_JvUY9Aun9Lfw8Oa5M1asyJljCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB6EB/01391B008E2B11EABF86DA4CC4F9AE02/AA1961BE0B8911EFB4D34833C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.202.0/24
110.34.36.0/24
180.92.128.0/19
192.135.90.0/23
192.144.78.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:72:eb:79:30:5d:7b:4a:e3:75:6d:aa:21:ff:b2:cd:1d:81:
de:24:00:06:97:ec:6d:48:bd:04:83:cc:fe:89:58:9a:c5:7d:
0b:70:42:00:96:5a:26:e2:c4:89:70:2c:cf:e2:ac:9d:5a:09:
74:8a:99:66:04:97:33:c4:7f:84:b4:32:1c:a3:aa:3a:d3:e8:
df:df:1a:72:5a:01:96:0a:c0:d1:91:2c:4f:0d:0f:fe:40:92:
99:73:5e:13:25:f9:e2:b5:97:9b:23:06:da:8e:a0:c0:73:9c:
12:d0:e1:89:aa:af:3a:84:40:a5:20:cd:9a:64:68:0f:29:79:
e2:3e:57:65:b5:d0:76:2e:4b:ba:10:71:82:cc:50:94:1c:64:
75:2a:28:31:29:9c:43:df:d0:db:07:3c:98:7e:15:47:1c:b2:
80:bc:4c:75:2b:45:83:6f:b0:1a:7b:c0:34:9a:2b:47:50:6b:
e2:75:a1:be:95:f5:7c:8e:ad:8c:aa:f7:1e:d3:f6:3c:8d:33:
24:fa:3e:eb:c9:25:d0:02:03:45:80:78:e7:9a:a4:d6:d0:73:
c0:82:70:22:88:60:18:85:b9:52:c0:85:38:ed:49:1b:07:3b:
11:2c:c5:23:6f:ba:23:b9:d8:7b:48:17:be:ae:42:75:e5:75:
2f:2d:e1:8f
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICChYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUI2RUIxMTAvBgNVBAUTKEZDOUJENDYzRDAyRTlGRDJERkMzQzM5QUU0Q0Q1QUIz
MjI2NThDMkEwHhcNMjQwNzAxMTYwMDU5WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjgyZDJiYi1hMmIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsxYoQqZoJsCq8Ak0NHC0Bfhqw7HOKgJefI5xoqtbTbNbxM689bD5TTEHjDfP
H9DBxbJySsM4yVtjkHm21jE0LzBfxxIvG1yuqb1k3c+LnGV6wRbBBtLuVxqb0PJF
D9c8T45BH75o+LWz4CMXd4vy0FslbNILnbjpug+BlfHr+Cbx4qlTBA65sMIlYy/T
0pRqDXPCzdpfXrogfPG2hZNZEqoWW/s9QqIlpnwJK+qrV21WqxmyUBmVyrDN+TIG
vjE+mikUI/VNftzETI+Qd4y6FruxmsExcZixntW5OTIEhSJsiMLLFU3/6tB2grO7
Vn4FsbbktX9i4izh5dLu01nfKwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFFiZ+NvA
wCrI+ssaqzvAtXKg7Uv8MB8GA1UdIwQYMBaAFPyb1GPQLp/S38PDmuTNWrMiZYwq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjZFQi8wMTM5MUIwMDhF
MkIxMUVBQkY4NkRBNENDNEY5QUUwMi9fSnZVWTlBdW45TGZ3OE9hNU0xYXN5Smxq
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19KdlVZOUF1bjlMZnc4T2E1TTFhc3lKbGpDby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUI2RUIvMDEzOTFCMDA4RTJCMTFFQUJGODZEQTRDQzRGOUFFMDIvQUExOTYxQkUw
Qjg5MTFFRkI0RDM0ODMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBABnEcoDBABuIiQDBAW0XIADBAHAh1oDBAHAkE4wDQYJKoZI
hvcNAQELBQADggEBAEty63kwXXtK43VtqiH/ss0dgd4kAAaX7G1IvQSDzP6JWJrF
fQtwQgCWWibixIlwLM/irJ1aCXSKmWYElzPEf4S0MhyjqjrT6N/fGnJaAZYKwNGR
LE8ND/5AkplzXhMl+eK1l5sjBtqOoMBznBLQ4YmqrzqEQKUgzZpkaA8peeI+V2W1
0HYuS7oQcYLMUJQcZHUqKDEpnEPf0NsHPJh+FUccsoC8THUrRYNvsBp7wDSaK0dQ
a+J1ob6V9XyOrYyq9x7T9jyNMyT6PuvJJdACA0WAeOeapNbQc8CCcCKIYBiFuVLA
hTjtSRsHOxEsxSNvuiO52HtIF76uQnXldS8t4Y8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:05:32 2024 by rpki-client on console-fra.rpki-client.org