Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE6B9/526E16A4044E11EA8442D40FC4F9AE02/D91746DE044F11EA8C37D012C4F9AE02.roa
File: D91746DE044F11EA8C37D012C4F9AE02.roa (raw, json)
Hash identifier: alyiVZNnvo5j+FeNDvZT50h35M8ryhRQyKsBnyLFnkg=
Subject key identifier: F4:B2:0B:59:38:3F:F5:D6:E8:7E:4D:87:21:59:3D:EF:B4:D0:E6:0C
Certificate issuer: /CN=A91AE6B9/serialNumber=DEA2D0260C17095167E1E3BCD65989FE7647CB6A
Certificate serial: 0BE7
Authority key identifier: DE:A2:D0:26:0C:17:09:51:67:E1:E3:BC:D6:59:89:FE:76:47:CB:6A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qLQJgwXCVFn4eO81lmJ_nZHy2o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE6B9/526E16A4044E11EA8442D40FC4F9AE02/D91746DE044F11EA8C37D012C4F9AE02.roa
Signing time: Thu 14 Nov 2024 06:51:22 +0000
ROA not before: Thu 14 Nov 2024 06:51:22 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 139722
IP address blocks: 103.144.42.0/23 maxlen: 23
103.144.42.0/24 maxlen: 24
103.144.43.0/24 maxlen: 24
2405:6540::/48 maxlen: 48
2405:6540:1::/48 maxlen: 48
2405:6540:2::/48 maxlen: 48
2405:6540:3::/48 maxlen: 48
2405:6540:4::/48 maxlen: 48
2405:6540:5::/48 maxlen: 48
2405:6540:6::/48 maxlen: 48
2405:6540:7::/48 maxlen: 48
2405:6540:8::/48 maxlen: 48
2405:6540:9::/48 maxlen: 48
2405:6540:a::/48 maxlen: 48
2405:6540:b::/48 maxlen: 48
2405:6540:c::/48 maxlen: 48
2405:6540:d::/48 maxlen: 48
2405:6540:e::/48 maxlen: 48
2405:6540:f::/48 maxlen: 48
2405:6540:10::/48 maxlen: 48
2405:6540:11::/48 maxlen: 48
2405:6540:12::/48 maxlen: 48
2405:6540:13::/48 maxlen: 48
2405:6540:14::/48 maxlen: 48
2405:6540:15::/48 maxlen: 48
2405:6540:16::/48 maxlen: 48
2405:6540:17::/48 maxlen: 48
2405:6540:18::/48 maxlen: 48
2405:6540:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AE6B9/526E16A4044E11EA8442D40FC4F9AE02/3qLQJgwXCVFn4eO81lmJ_nZHy2o.crl
rsync://rpki.apnic.net/member_repository/A91AE6B9/526E16A4044E11EA8442D40FC4F9AE02/3qLQJgwXCVFn4eO81lmJ_nZHy2o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qLQJgwXCVFn4eO81lmJ_nZHy2o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 18:23:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3047 (0xbe7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE6B9/serialNumber=DEA2D0260C17095167E1E3BCD65989FE7647CB6A
Validity
Not Before: Nov 14 06:51:22 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67359de9-89d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:61:e4:16:81:bd:88:76:7f:24:8f:07:32:ba:
d0:c8:70:44:be:be:c8:e8:40:e2:33:f3:6b:11:35:
d0:08:03:07:f5:1c:81:e8:14:69:3d:87:de:db:7b:
e9:7b:d5:22:5f:4f:73:b5:b8:a3:4a:1b:ee:86:38:
76:43:02:1d:70:b2:3b:ee:35:a2:d3:54:e3:a6:f5:
91:8a:97:e9:10:f8:9c:17:41:12:b3:1a:15:ee:ab:
2f:0b:75:cf:bc:19:90:9a:4d:c7:7a:27:6b:20:1b:
68:7d:db:2d:f5:b7:cd:b3:c5:61:53:eb:f0:5a:3b:
4d:79:6b:f5:bf:34:66:76:19:45:c1:86:d0:d6:c7:
bf:ee:ce:e0:34:60:6c:79:b8:4f:3c:7f:a6:fa:3f:
23:cb:a2:58:6d:38:a2:cd:87:24:ff:23:4f:93:b5:
92:e5:5e:35:26:05:7c:5a:ca:1c:c8:e5:8d:c2:70:
76:d8:d0:1e:10:39:8f:71:44:b7:df:b1:38:1e:0f:
29:73:94:43:8e:2b:8e:d5:5e:56:76:54:01:40:ca:
54:fb:d6:39:83:11:c9:ae:44:b2:c8:fb:dd:6f:43:
2e:9e:c9:35:1f:98:ad:5c:c5:67:23:06:db:b4:0f:
96:4c:15:96:c5:3c:ff:74:eb:e6:c0:3a:79:0e:b0:
f7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B2:0B:59:38:3F:F5:D6:E8:7E:4D:87:21:59:3D:EF:B4:D0:E6:0C
X509v3 Authority Key Identifier:
keyid:DE:A2:D0:26:0C:17:09:51:67:E1:E3:BC:D6:59:89:FE:76:47:CB:6A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE6B9/526E16A4044E11EA8442D40FC4F9AE02/3qLQJgwXCVFn4eO81lmJ_nZHy2o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3qLQJgwXCVFn4eO81lmJ_nZHy2o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE6B9/526E16A4044E11EA8442D40FC4F9AE02/D91746DE044F11EA8C37D012C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.144.42.0/23
IPv6:
2405:6540::-2405:6540:19:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4c:f2:ed:1c:27:90:ef:0f:e6:90:14:90:91:a4:32:69:28:b5:
bf:6f:78:11:ab:df:d5:82:10:9e:61:61:5d:af:08:cd:52:8d:
a1:8e:02:9e:fb:06:50:b2:f7:23:f0:78:cd:92:06:14:d5:c1:
f0:04:7f:e6:63:91:e2:31:be:1e:38:36:20:ad:4a:bc:ec:fd:
72:85:6d:e0:98:8d:e2:30:b8:b2:8a:db:73:ca:79:55:02:00:
83:96:e0:f8:46:c2:72:a6:d7:7c:c3:a2:14:84:62:a6:26:19:
53:d9:26:bb:1d:a3:d2:3b:c3:0a:2d:b5:fa:cf:22:7b:34:d4:
7c:f0:60:37:e4:be:77:a6:fc:a8:53:d9:cc:c9:28:ef:c8:fd:
34:90:68:6c:03:3b:e4:7f:d5:e5:f3:ea:ca:09:b5:40:3d:e3:
56:c1:00:ef:6e:0d:d7:0d:ac:78:ce:b5:e9:a3:78:5b:94:48:
d4:6d:f1:c1:8e:df:3b:55:ae:53:67:01:ca:10:c7:73:7f:c1:
84:4e:03:c6:3a:6c:f1:2d:e2:2b:59:8d:07:9b:60:2d:61:02:
27:49:33:4b:93:d2:0e:04:d9:e7:f8:d6:e3:16:c8:e2:cc:c0:
f8:28:51:32:4a:05:68:fd:79:4b:e3:bc:85:63:8c:7b:ef:2f:
0a:5a:d6:02
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICC+cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUU2QjkxMTAvBgNVBAUTKERFQTJEMDI2MEMxNzA5NTE2N0UxRTNCQ0Q2NTk4OUZF
NzY0N0NCNkEwHhcNMjQxMTE0MDY1MTIyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzM1OWRlOS04OWQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvGHkFoG9iHZ/JI8HMrrQyHBEvr7I6EDiM/NrETXQCAMH9RyB6BRpPYfe23vp
e9UiX09ztbijShvuhjh2QwIdcLI77jWi01TjpvWRipfpEPicF0ESsxoV7qsvC3XP
vBmQmk3HeidrIBtofdst9bfNs8VhU+vwWjtNeWv1vzRmdhlFwYbQ1se/7s7gNGBs
ebhPPH+m+j8jy6JYbTiizYck/yNPk7WS5V41JgV8WsocyOWNwnB22NAeEDmPcUS3
37E4Hg8pc5RDjiuO1V5WdlQBQMpU+9Y5gxHJrkSyyPvdb0Munsk1H5itXMVnIwbb
tA+WTBWWxTz/dOvmwDp5DrD3bwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFPSyC1k4
P/XW6H5NhyFZPe+00OYMMB8GA1UdIwQYMBaAFN6i0CYMFwlRZ+HjvNZZif52R8tq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTZCOS81MjZFMTZBNDA0
NEUxMUVBODQ0MkQ0MEZDNEY5QUUwMi8zcUxRSmd3WENWRm40ZU84MWxtSl9uWkh5
Mm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNxTFFKZ3dYQ1ZGbjRlTzgxbG1KX25aSHkyby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUU2QjkvNTI2RTE2QTQwNDRFMTFFQTg0NDJENDBGQzRGOUFFMDIvRDkxNzQ2REUw
NDRGMTFFQThDMzdEMDEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMAwEAgABMAYDBAFnkCowGAQCAAIwEjAQAwUGJAVlQAMHASQFZUAAGDANBgkq
hkiG9w0BAQsFAAOCAQEATPLtHCeQ7w/mkBSQkaQyaSi1v294Eavf1YIQnmFhXa8I
zVKNoY4CnvsGULL3I/B4zZIGFNXB8AR/5mOR4jG+Hjg2IK1KvOz9coVt4JiN4jC4
sorbc8p5VQIAg5bg+EbCcqbXfMOiFIRipiYZU9kmux2j0jvDCi21+s8iezTUfPBg
N+S+d6b8qFPZzMko78j9NJBobAM75H/V5fPqygm1QD3jVsEA724N1w2seM616aN4
W5RI1G3xwY7fO1WuU2cByhDHc3/BhE4Dxjps8S3iK1mNB5tgLWECJ0kzS5PSDgTZ
5/jW4xbI4szA+ChRMkoFaP15S+O8hWOMe+8vClrWAg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:45:02 2024 by rpki-client on console-fra.rpki-client.org