Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/2C9502D83C4011EA852C097BC4F9AE02.roa
File: 2C9502D83C4011EA852C097BC4F9AE02.roa (raw, json)
Hash identifier: gQbrYaQX93Dy7t6tPlyoJ+ydeyI3aXJAqSLNxQcjczs=
Subject key identifier: 03:96:33:1D:32:0E:1B:90:9D:73:C1:2D:0F:CD:16:D3:69:2C:14:1E
Certificate issuer: /CN=A91AEA8C/serialNumber=870B9CD2E41DAB05BD5527C9150E948959716696
Certificate serial: 1BE7
Authority key identifier: 87:0B:9C:D2:E4:1D:AB:05:BD:55:27:C9:15:0E:94:89:59:71:66:96
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/2C9502D83C4011EA852C097BC4F9AE02.roa
Signing time: Mon 11 Sep 2023 08:23:47 +0000
ROA not before: Mon 11 Sep 2023 08:23:47 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 133524
IP address blocks: 43.242.134.0/23 maxlen: 23
43.242.134.0/24 maxlen: 24
43.242.135.0/24 maxlen: 24
43.245.44.0/22 maxlen: 22
43.245.44.0/24 maxlen: 24
43.245.45.0/24 maxlen: 24
43.245.46.0/24 maxlen: 24
43.245.47.0/24 maxlen: 24
103.25.76.0/22 maxlen: 22
103.25.76.0/24 maxlen: 24
103.25.77.0/24 maxlen: 24
103.25.78.0/24 maxlen: 24
103.25.79.0/24 maxlen: 24
103.29.90.0/23 maxlen: 23
103.29.90.0/24 maxlen: 24
103.29.91.0/24 maxlen: 24
103.233.204.0/22 maxlen: 22
103.233.204.0/24 maxlen: 24
103.233.205.0/24 maxlen: 24
103.233.206.0/24 maxlen: 24
103.233.207.0/24 maxlen: 24
185.133.212.0/22 maxlen: 22
185.133.212.0/24 maxlen: 24
185.133.213.0/24 maxlen: 24
185.133.214.0/24 maxlen: 24
185.133.215.0/24 maxlen: 24
2407:2a80::/32 maxlen: 32
2407:2a80::/36 maxlen: 36
2407:2a80:a::/48 maxlen: 48
2407:2a80:1000::/36 maxlen: 36
2407:2a80:2000::/36 maxlen: 36
2407:2a80:3000::/36 maxlen: 36
2407:2a80:4000::/36 maxlen: 36
2407:2a80:5000::/36 maxlen: 36
2407:2a80:6000::/36 maxlen: 36
2407:2a80:7000::/36 maxlen: 36
2407:2a80:8000::/36 maxlen: 36
2407:2a80:9000::/36 maxlen: 36
2407:2a80:a000::/36 maxlen: 36
2407:2a80:b000::/36 maxlen: 36
2407:2a80:c000::/36 maxlen: 36
2407:2a80:d000::/36 maxlen: 36
2407:2a80:e000::/36 maxlen: 36
2407:2a80:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.crl
rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 31 May 2024 16:36:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7143 (0x1be7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEA8C/serialNumber=870B9CD2E41DAB05BD5527C9150E948959716696
Validity
Not Before: Sep 11 08:23:47 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64fece93-98a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a5:be:5c:f6:ba:6e:fc:e2:e4:34:1e:9f:b8:
de:88:83:9d:3b:de:21:a6:aa:c8:7c:6d:28:39:19:
3f:bd:29:50:20:ba:f1:38:55:85:df:6b:00:fd:2c:
51:c3:f6:33:8b:0c:e7:df:22:6b:fc:61:61:fa:f1:
64:23:82:a3:ca:a3:25:5d:c1:8e:08:bf:97:86:d2:
86:c7:91:56:70:0d:9c:60:aa:45:68:66:86:36:49:
d6:1c:c0:e6:9f:a7:71:12:95:35:95:68:07:13:49:
db:09:8c:2d:bc:ad:0d:f8:37:41:a3:0c:87:3b:ae:
ec:8f:a7:57:58:e4:28:4d:15:78:8e:9a:78:fb:4f:
b7:9b:5b:7d:b8:09:07:55:c2:c4:de:5c:80:0f:82:
bb:1b:1e:7c:c3:88:94:fa:6a:8f:af:01:ee:c6:7d:
bd:a2:e3:c6:b8:3f:05:70:cb:4c:1e:ac:26:1c:b2:
0f:9c:62:d5:3c:97:b0:ee:42:73:9b:62:e4:b7:1e:
f5:ad:52:3f:48:39:2a:19:17:40:0d:2d:4e:89:56:
6c:5d:0c:59:17:a8:41:04:fd:ae:bf:b2:fa:2e:ef:
ab:95:7f:76:e6:e5:a6:48:6c:0b:34:14:09:97:66:
23:81:43:98:b6:f2:a5:6c:96:56:85:d7:5c:39:22:
37:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:96:33:1D:32:0E:1B:90:9D:73:C1:2D:0F:CD:16:D3:69:2C:14:1E
X509v3 Authority Key Identifier:
keyid:87:0B:9C:D2:E4:1D:AB:05:BD:55:27:C9:15:0E:94:89:59:71:66:96
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hwuc0uQdqwW9VSfJFQ6UiVlxZpY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEA8C/F27B9CDEBB8611E68FF50C57C4F9AE02/2C9502D83C4011EA852C097BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.242.134.0/23
43.245.44.0/22
103.25.76.0/22
103.29.90.0/23
103.233.204.0/22
185.133.212.0/22
IPv6:
2407:2a80::/32
Signature Algorithm: sha256WithRSAEncryption
06:be:de:1c:f8:44:94:35:df:d8:5b:1d:d4:7b:56:ec:6a:39:
fa:9f:84:d0:31:13:6b:3c:fa:07:5e:6e:d5:dc:c0:30:68:0f:
47:d9:2b:54:aa:51:96:bb:24:0c:8e:0c:cd:c0:b2:5d:b0:c4:
a1:57:5f:69:97:f2:f4:d7:e3:a3:6d:a7:1a:ff:55:8f:f9:af:
ee:65:ba:0e:45:3e:bc:5a:8c:c6:42:ea:79:b1:28:e6:48:96:
b1:33:95:c0:ae:5a:71:7d:e7:0e:f8:0f:a9:4b:26:ae:f7:32:
d4:e5:e2:9f:7d:99:43:14:1c:37:ae:79:29:09:7d:9d:3d:0c:
d9:12:5d:3e:bc:c0:9a:dc:65:51:7f:33:2d:a2:2e:7c:c9:a8:
44:39:ec:9d:3e:9e:de:ae:e8:5c:7f:0b:b6:a1:f7:f1:6d:59:
b2:48:c9:11:e0:5f:90:45:2d:8d:1b:8c:96:ed:d5:e7:e7:a4:
c0:87:27:87:6e:3e:6d:b7:8b:c4:14:b4:cd:6c:4e:0d:ed:15:
e0:56:58:b4:79:cd:61:68:61:48:21:a3:dc:ac:74:35:93:cf:
98:b2:58:c0:08:33:64:6b:2f:5a:89:4e:05:eb:4c:e6:da:55:
e1:de:7c:03:ea:13:ed:30:94:d0:9f:6b:84:74:25:55:d9:f1:
dc:ce:77:34
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICG+cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUVBOEMxMTAvBgNVBAUTKDg3MEI5Q0QyRTQxREFCMDVCRDU1MjdDOTE1MEU5NDg5
NTk3MTY2OTYwHhcNMjMwOTExMDgyMzQ3WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGZlY2U5My05OGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApaW+XPa6bvzi5DQen7jeiIOdO94hpqrIfG0oORk/vSlQILrxOFWF32sA/SxR
w/Yziwzn3yJr/GFh+vFkI4KjyqMlXcGOCL+XhtKGx5FWcA2cYKpFaGaGNknWHMDm
n6dxEpU1lWgHE0nbCYwtvK0N+DdBowyHO67sj6dXWOQoTRV4jpp4+0+3m1t9uAkH
VcLE3lyAD4K7Gx58w4iU+mqPrwHuxn29ouPGuD8FcMtMHqwmHLIPnGLVPJew7kJz
m2Lktx71rVI/SDkqGRdADS1OiVZsXQxZF6hBBP2uv7L6Lu+rlX925uWmSGwLNBQJ
l2YjgUOYtvKlbJZWhddcOSI3awIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFAOWMx0y
DhuQnXPBLQ/NFtNpLBQeMB8GA1UdIwQYMBaAFIcLnNLkHasFvVUnyRUOlIlZcWaW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUE4Qy9GMjdCOUNERUJC
ODYxMUU2OEZGNTBDNTdDNEY5QUUwMi9od3VjMHVRZHF3VzlWU2ZKRlE2VWlWbHha
cFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h3dWMwdVFkcXdXOVZTZkpGUTZVaVZseFpwWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUVBOEMvRjI3QjlDREVCQjg2MTFFNjhGRjUwQzU3QzRGOUFFMDIvMkM5NTAyRDgz
QzQwMTFFQTg1MkMwOTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAEr8oYDBAIr9SwDBAJnGUwDBAFnHVoDBAJn6cwDBAK5hdQw
DQQCAAIwBwMFACQHKoAwDQYJKoZIhvcNAQELBQADggEBAAa+3hz4RJQ139hbHdR7
VuxqOfqfhNAxE2s8+gdebtXcwDBoD0fZK1SqUZa7JAyODM3Asl2wxKFXX2mX8vTX
46Ntpxr/VY/5r+5lug5FPrxajMZC6nmxKOZIlrEzlcCuWnF95w74D6lLJq73MtTl
4p99mUMUHDeueSkJfZ09DNkSXT68wJrcZVF/My2iLnzJqEQ57J0+nt6u6Fx/C7ah
9/FtWbJIyRHgX5BFLY0bjJbt1efnpMCHJ4duPm23i8QUtM1sTg3tFeBWWLR5zWFo
YUgho9ysdDWTz5iyWMAIM2RrL1qJTgXrTObaVeHefAPqE+0wlNCfa4R0JVXZ8dzO
dzQ=
-----END CERTIFICATE-----
Generated at Fri May 24 17:56:59 2024 by rpki-client on console-fra.rpki-client.org