Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/7BC4E6DE322C11EFBC879F31C4F9AE02.roa
File: 7BC4E6DE322C11EFBC879F31C4F9AE02.roa (raw, json)
Hash identifier: gYsoSmLyEmfNsV6SexFxZ+i2l3QJSOLw2j/lALUlIrI=
Subject key identifier: 81:F6:2F:7C:FF:10:2B:36:37:32:5A:2A:EF:BD:2E:92:2F:76:32:80
Certificate issuer: /CN=A91B1185/serialNumber=FE3CD37CEC0E382307B4F9D5FFD57E97F121F053
Certificate serial: 15A4
Authority key identifier: FE:3C:D3:7C:EC:0E:38:23:07:B4:F9:D5:FF:D5:7E:97:F1:21:F0:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/7BC4E6DE322C11EFBC879F31C4F9AE02.roa
Signing time: Mon 24 Jun 2024 13:20:11 +0000
ROA not before: Mon 24 Jun 2024 13:20:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24435
IP address blocks: 103.27.22.0/24 maxlen: 24
175.111.0.0/23 maxlen: 24
175.111.3.0/24 maxlen: 24
175.111.4.0/23 maxlen: 24
203.130.0.0/20 maxlen: 20
203.130.0.0/24 maxlen: 24
203.130.1.0/24 maxlen: 24
203.130.2.0/24 maxlen: 24
203.130.3.0/24 maxlen: 24
203.130.4.0/24 maxlen: 24
203.130.5.0/24 maxlen: 24
203.130.6.0/24 maxlen: 24
203.130.7.0/24 maxlen: 24
203.130.8.0/24 maxlen: 24
203.130.9.0/24 maxlen: 24
203.130.10.0/24 maxlen: 24
203.130.11.0/24 maxlen: 24
203.130.12.0/24 maxlen: 24
203.130.13.0/24 maxlen: 24
203.130.14.0/24 maxlen: 24
203.130.15.0/24 maxlen: 24
203.130.16.0/24 maxlen: 24
203.130.17.0/24 maxlen: 24
203.130.18.0/24 maxlen: 24
203.130.19.0/24 maxlen: 24
203.130.20.0/24 maxlen: 24
203.130.21.0/24 maxlen: 24
203.130.22.0/24 maxlen: 24
203.130.23.0/24 maxlen: 24
203.130.24.0/24 maxlen: 24
203.130.25.0/24 maxlen: 24
203.130.26.0/23 maxlen: 24
203.130.28.0/22 maxlen: 22
203.130.28.0/24 maxlen: 24
203.130.29.0/24 maxlen: 24
203.130.30.0/24 maxlen: 24
203.130.31.0/24 maxlen: 24
2001:fe8::/48 maxlen: 48
2001:fe8:1::/48 maxlen: 48
2001:fe8:2::/48 maxlen: 48
2001:fe8:10::/48 maxlen: 48
2001:fe8:4000::/48 maxlen: 48
2001:fe8:4001::/48 maxlen: 48
2001:fe8:4100::/48 maxlen: 48
2001:fe8:4101::/48 maxlen: 48
2001:fe8:8100::/48 maxlen: 48
2001:fe8:8101::/48 maxlen: 48
2001:fe8:8110::/48 maxlen: 48
2001:fe8:8111::/48 maxlen: 48
2001:fe8:8130::/48 maxlen: 48
2001:fe8:8131::/48 maxlen: 48
2001:fe8:c001::/48 maxlen: 48
2001:fe8:c100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.crl
rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 16:43:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5540 (0x15a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B1185/serialNumber=FE3CD37CEC0E382307B4F9D5FFD57E97F121F053
Validity
Not Before: Jun 24 13:20:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6679728b-234b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fa:b0:88:d9:83:9d:bb:54:33:d0:b8:45:e6:
78:c3:e4:2f:f5:bf:40:94:15:fb:30:d7:86:2c:58:
3f:f9:22:ef:ed:37:75:a3:b9:99:f6:dd:6f:b4:a0:
9a:a4:a3:3d:38:8a:53:15:10:1d:ff:b2:50:7a:de:
d8:f8:fe:59:ec:e5:98:9a:aa:de:2a:8a:bc:6e:49:
f5:78:51:ca:1c:01:1a:87:83:4b:a7:31:27:3a:5f:
1b:8a:b1:de:40:9c:05:e2:68:25:1d:04:aa:14:dd:
fa:22:4f:2f:ee:48:e5:c7:e8:86:04:8d:4a:40:d4:
e1:2b:df:bd:04:e5:ca:7f:84:ef:af:41:02:9e:1e:
80:89:0f:0a:27:c1:d1:6b:fd:53:bd:c6:77:bf:da:
fc:93:88:d8:5a:de:83:72:b7:d7:61:2b:cb:0f:f4:
be:67:ec:5c:d2:f0:af:61:37:35:33:ba:76:bd:fc:
88:31:01:85:34:6f:11:d1:0a:d6:54:e0:06:65:c9:
8d:fd:72:f8:04:d3:e8:c5:0c:89:95:b4:ba:21:17:
2d:bd:30:a6:99:5d:71:50:f3:ed:b9:42:5c:19:5a:
80:d5:c1:51:56:a9:35:08:ea:a9:d1:65:78:ca:ac:
1d:3b:40:20:bf:85:92:3a:f5:06:13:17:6f:c6:db:
f3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F6:2F:7C:FF:10:2B:36:37:32:5A:2A:EF:BD:2E:92:2F:76:32:80
X509v3 Authority Key Identifier:
keyid:FE:3C:D3:7C:EC:0E:38:23:07:B4:F9:D5:FF:D5:7E:97:F1:21:F0:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_jzTfOwOOCMHtPnV_9V-l_Eh8FM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1185/3EA9DD3A162311E892C4A940C4F9AE02/7BC4E6DE322C11EFBC879F31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.27.22.0/24
175.111.0.0/23
175.111.3.0-175.111.5.255
203.130.0.0/19
IPv6:
2001:fe8::-2001:fe8:2:ffff:ffff:ffff:ffff:ffff
2001:fe8:10::/48
2001:fe8:4000::/47
2001:fe8:4100::/47
2001:fe8:8100::/47
2001:fe8:8110::/47
2001:fe8:8130::/47
2001:fe8:c001::/48
2001:fe8:c100::/48
Signature Algorithm: sha256WithRSAEncryption
62:ea:ea:02:25:5c:60:b6:2f:90:f4:d8:31:cd:b6:d1:ec:f3:
b7:e2:9c:da:4c:2e:20:49:70:09:3a:8f:2d:6d:bb:e8:67:68:
2d:b4:82:db:b2:0d:e6:6a:6d:d4:79:6e:20:e5:3a:0f:d6:7c:
d5:5e:5d:15:0b:a6:7e:8e:93:ba:81:d9:aa:40:36:e6:e5:95:
d8:26:20:4b:59:0a:7d:56:9a:c9:6c:73:ad:18:8b:42:d0:45:
dd:c9:8a:3f:c3:b1:18:97:f3:62:92:16:bf:75:3c:26:5e:91:
40:cc:7e:e6:f6:49:a2:99:32:b6:ad:53:49:f3:2f:4a:36:c1:
43:03:ca:1f:91:68:ad:cd:44:b6:2d:a6:55:78:db:8f:2c:70:
56:ac:7a:fb:2b:b4:8e:fa:89:b2:57:fd:ee:0a:69:ab:ba:8d:
2d:95:ae:92:45:a8:99:75:34:f3:35:a2:52:57:1f:bf:10:d8:
c9:1c:e7:7f:ca:ff:25:63:42:f0:24:9a:fb:9c:e0:62:2d:d5:
31:b4:05:72:5f:6c:5b:28:4b:e5:15:b2:b7:9c:01:47:6d:51:
55:a7:33:59:58:7d:24:0a:e1:1c:23:9e:c0:dc:69:41:f8:34:
5f:9c:c1:d8:88:40:98:ca:f2:5c:30:be:98:27:8e:57:5c:55:
ad:97:d0:84
-----BEGIN CERTIFICATE-----
MIIF8DCCBNigAwIBAgICFaQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjExODUxMTAvBgNVBAUTKEZFM0NEMzdDRUMwRTM4MjMwN0I0RjlENUZGRDU3RTk3
RjEyMUYwNTMwHhcNMjQwNjI0MTMyMDExWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc5NzI4Yi0yMzRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArPqwiNmDnbtUM9C4ReZ4w+Qv9b9AlBX7MNeGLFg/+SLv7Td1o7mZ9t1vtKCa
pKM9OIpTFRAd/7JQet7Y+P5Z7OWYmqreKoq8bkn1eFHKHAEah4NLpzEnOl8birHe
QJwF4mglHQSqFN36Ik8v7kjlx+iGBI1KQNThK9+9BOXKf4Tvr0ECnh6AiQ8KJ8HR
a/1TvcZ3v9r8k4jYWt6DcrfXYSvLD/S+Z+xc0vCvYTc1M7p2vfyIMQGFNG8R0QrW
VOAGZcmN/XL4BNPoxQyJlbS6IRctvTCmmV1xUPPtuUJcGVqA1cFRVqk1COqp0WV4
yqwdO0Agv4WSOvUGExdvxtvzGQIDAQABo4IDFDCCAxAwHQYDVR0OBBYEFIH2L3z/
ECs2NzJaKu+9LpIvdjKAMB8GA1UdIwQYMBaAFP4803zsDjgjB7T51f/VfpfxIfBT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMTE4NS8zRUE5REQzQTE2
MjMxMUU4OTJDNEE5NDBDNEY5QUUwMi9fanpUZk93T09DTUh0UG5WXzlWLWxfRWg4
Rk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19qelRmT3dPT0NNSHRQblZfOVYtbF9FaDhGTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjExODUvM0VBOUREM0ExNjIzMTFFODkyQzRBOTQwQzRGOUFFMDIvN0JDNEU2REUz
MjJDMTFFRkJDODc5RjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZ0GCCsGAQUFBwEHAQH/
BIGNMIGKMCYEAgABMCADBABnGxYDBAGvbwAwDAMEAK9vAwMEAa9vBAMEBcuCADBg
BAIAAjBaMBADBQMgAQ/oAwcAIAEP6AACAwcAIAEP6AAQAwcBIAEP6EAAAwcBIAEP
6EEAAwcBIAEP6IEAAwcBIAEP6IEQAwcBIAEP6IEwAwcAIAEP6MABAwcAIAEP6MEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBi6uoCJVxgti+Q9NgxzbbR7PO34pzaTC4gSXAJ
Oo8tbbvoZ2gttILbsg3mam3UeW4g5ToP1nzVXl0VC6Z+jpO6gdmqQDbm5ZXYJiBL
WQp9VprJbHOtGItC0EXdyYo/w7EYl/Nikha/dTwmXpFAzH7m9kmimTK2rVNJ8y9K
NsFDA8ofkWitzUS2LaZVeNuPLHBWrHr7K7SO+omyV/3uCmmruo0tla6SRaiZdTTz
NaJSVx+/ENjJHOd/yv8lY0LwJJr7nOBiLdUxtAVyX2xbKEvlFbK3nAFHbVFVpzNZ
WH0kCuEcI57A3GlB+DRfnMHYiECYyvJcML6YJ45XXFWtl9CE
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:06:05 2024 by rpki-client on console-ams.rpki-client.org