Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/67CF2A6A0EB211EFABFDC92AC4F9AE02.roa
File: 67CF2A6A0EB211EFABFDC92AC4F9AE02.roa (raw, json)
Hash identifier: FOUYi95lNXm8SEjFhVuUWGX0GAPgVX3x759HqmPgBcU=
Subject key identifier: D4:7A:32:90:39:8A:D1:44:7A:2F:B9:7F:03:A2:C0:F8:58:FF:82:0D
Certificate issuer: /CN=A91BDC3F/serialNumber=6CE0E949711B203E4ACB22B680F3FFF47ED16C61
Certificate serial: 06
Authority key identifier: 6C:E0:E9:49:71:1B:20:3E:4A:CB:22:B6:80:F3:FF:F4:7E:D1:6C:61
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/67CF2A6A0EB211EFABFDC92AC4F9AE02.roa
Signing time: Fri 10 May 2024 09:49:27 +0000
ROA not before: Fri 10 May 2024 09:49:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38532
IP address blocks: 43.227.231.0/24 maxlen: 24
43.229.84.0/22 maxlen: 22
43.229.128.0/23 maxlen: 23
43.229.130.0/24 maxlen: 24
103.7.8.0/22 maxlen: 22
103.14.212.0/22 maxlen: 22
103.26.40.0/22 maxlen: 22
103.26.41.0/24 maxlen: 24
103.36.92.0/22 maxlen: 22
103.62.7.0/24 maxlen: 24
103.254.255.0/24 maxlen: 24
113.11.248.0/21 maxlen: 21
113.197.32.0/21 maxlen: 21
116.12.48.0/21 maxlen: 21
124.6.60.0/22 maxlen: 22
2400:1480::/48 maxlen: 48
2407:d200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.crl
rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 24 Sep 2024 04:46:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDC3F/serialNumber=6CE0E949711B203E4ACB22B680F3FFF47ED16C61
Validity
Not Before: May 10 09:49:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=663deda6-d8d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:59:69:eb:76:b2:61:9f:fc:e6:fc:4b:6e:a9:
b6:6f:ca:b6:96:1b:97:80:f3:7d:58:45:dd:4f:35:
80:49:36:fe:2a:23:a6:21:af:61:e5:4c:a6:e8:14:
ac:7a:27:66:62:0e:56:65:da:c8:61:73:db:94:91:
6a:e2:07:c1:09:74:52:d7:51:45:0b:46:17:1a:78:
b4:d2:67:26:c3:bf:21:0d:50:43:37:44:34:17:f9:
e0:7f:b4:52:38:c2:bc:ea:f0:28:29:9a:94:e4:fe:
4c:8c:e5:1e:bc:58:5c:e2:b1:88:ce:36:ba:82:ee:
0a:03:50:b1:54:01:56:c8:b0:0a:a2:3f:01:57:bd:
87:b8:a7:81:c0:f6:54:43:d2:3b:bc:87:82:0a:55:
25:64:35:45:6e:a9:fc:fd:ad:94:9b:af:f0:b6:5f:
e9:93:9e:6b:4d:2b:73:48:7f:51:5c:60:5a:f0:bd:
5c:f4:15:17:61:db:5f:a3:6c:d5:2e:8d:41:cd:35:
cb:04:65:08:36:43:69:23:6a:fe:6e:9a:0b:ae:23:
0e:5d:22:b1:25:ff:99:95:a1:39:be:4b:09:c4:ed:
e5:8a:26:f8:bb:f9:8d:13:1d:32:11:d2:4b:82:b3:
b5:fa:b7:17:06:b0:9b:df:24:16:0f:76:0f:ec:ea:
0f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7A:32:90:39:8A:D1:44:7A:2F:B9:7F:03:A2:C0:F8:58:FF:82:0D
X509v3 Authority Key Identifier:
keyid:6C:E0:E9:49:71:1B:20:3E:4A:CB:22:B6:80:F3:FF:F4:7E:D1:6C:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/67CF2A6A0EB211EFABFDC92AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.231.0/24
43.229.84.0/22
43.229.128.0-43.229.130.255
103.7.8.0/22
103.14.212.0/22
103.26.40.0/22
103.36.92.0/22
103.62.7.0/24
103.254.255.0/24
113.11.248.0/21
113.197.32.0/21
116.12.48.0/21
124.6.60.0/22
IPv6:
2400:1480::/48
2407:d200::/32
Signature Algorithm: sha256WithRSAEncryption
9f:45:1f:66:ef:b3:93:7f:a0:df:a7:e1:f0:8e:75:51:c6:fb:
3c:ba:d8:2b:48:cd:ff:ab:9a:16:4f:27:9d:60:b7:0f:d7:83:
83:42:78:f0:35:96:55:bc:c1:0d:85:ab:6b:e7:ae:84:f8:a1:
dd:42:d3:32:50:fd:9e:7f:a1:66:da:87:3c:cf:e1:97:b2:8d:
5e:28:3d:d2:76:86:a7:6a:a0:49:99:f1:11:d0:96:17:0b:09:
94:05:95:33:f0:93:18:f7:c5:95:8f:1f:59:23:94:31:68:c3:
1b:85:f9:b4:5c:e5:13:75:0c:0e:3a:bc:ea:7a:29:3c:8f:ab:
20:86:79:4c:9e:97:42:79:fd:b3:c8:ee:2a:3c:9c:da:97:c1:
fa:31:4e:e5:cf:69:e3:b1:89:42:06:97:d7:e5:66:a6:89:23:
eb:7e:86:95:8b:98:f3:01:76:fa:87:57:ff:b2:b2:5f:98:8b:
76:46:e5:e0:19:0d:01:82:c7:26:dd:a4:9c:e3:78:3a:88:25:
e0:fb:e0:7c:da:25:33:2c:1c:cb:fb:48:74:71:7b:c9:7b:97:
c4:6e:d8:e9:b0:b6:50:c6:cd:16:bb:3a:35:2d:43:a0:58:9c:
77:8a:89:32:c4:3d:61:45:2f:5f:06:21:68:88:26:30:85:9e:
37:97:e4:33
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
REMzRjExMC8GA1UEBRMoNkNFMEU5NDk3MTFCMjAzRTRBQ0IyMkI2ODBGM0ZGRjQ3
RUQxNkM2MTAeFw0yNDA1MTAwOTQ5MjdaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2M2RlZGE2LWQ4ZDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDeWWnrdrJhn/zm/EtuqbZvyraWG5eA831YRd1PNYBJNv4qI6Yhr2HlTKboFKx6
J2ZiDlZl2shhc9uUkWriB8EJdFLXUUULRhcaeLTSZybDvyENUEM3RDQX+eB/tFI4
wrzq8CgpmpTk/kyM5R68WFzisYjONrqC7goDULFUAVbIsAqiPwFXvYe4p4HA9lRD
0ju8h4IKVSVkNUVuqfz9rZSbr/C2X+mTnmtNK3NIf1FcYFrwvVz0FRdh21+jbNUu
jUHNNcsEZQg2Q2kjav5umguuIw5dIrEl/5mVoTm+SwnE7eWKJvi7+Y0THTIR0kuC
s7X6txcGsJvfJBYPdg/s6g/JAgMBAAGjggL+MIIC+jAdBgNVHQ4EFgQU1HoykDmK
0UR6L7l/A6LA+Fj/gg0wHwYDVR0jBBgwFoAUbODpSXEbID5KyyK2gPP/9H7RbGEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJEQzNGLzVDRTgxMDQ2MEVC
MDExRUY4NzJFODEyN0M0RjlBRTAyL2JPRHBTWEViSUQ1S3l5SzJnUFBfOUg3UmJH
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYk9EcFNYRWJJRDVLeXlLMmdQUF85SDdSYkdFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
REMzRi81Q0U4MTA0NjBFQjAxMUVGODcyRTgxMjdDNEY5QUUwMi82N0NGMkE2QTBF
QjIxMUVGQUJGREM5MkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCBhwYIKwYBBQUHAQcBAf8E
eDB2MFwEAgABMFYDBAAr4+cDBAIr5VQwDAMEByvlgAMEACvlggMEAmcHCAMEAmcO
1AMEAmcaKAMEAmckXAMEAGc+BwMEAGf+/wMEA3EL+AMEA3HFIAMEA3QMMAMEAnwG
PDAWBAIAAjAQAwcAJAAUgAAAAwUAJAfSADANBgkqhkiG9w0BAQsFAAOCAQEAn0Uf
Zu+zk3+g36fh8I51Ucb7PLrYK0jN/6uaFk8nnWC3D9eDg0J48DWWVbzBDYWra+eu
hPih3ULTMlD9nn+hZtqHPM/hl7KNXig90naGp2qgSZnxEdCWFwsJlAWVM/CTGPfF
lY8fWSOUMWjDG4X5tFzlE3UMDjq86nopPI+rIIZ5TJ6XQnn9s8juKjyc2pfB+jFO
5c9p47GJQgaX1+Vmpokj636GlYuY8wF2+odX/7KyX5iLdkbl4BkNAYLHJt2knON4
Oogl4PvgfNolMywcy/tIdHF7yXuXxG7Y6bC2UMbNFrs6NS1DoFicd4qJMsQ9YUUv
XwYhaIgmMIWeN5fkMw==
-----END CERTIFICATE-----
Generated at Tue Sep 17 06:07:32 2024 by rpki-client on console-fra.rpki-client.org