Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/7980C32AA71B11EFA8320136C4F9AE02.roa
File: 7980C32AA71B11EFA8320136C4F9AE02.roa (raw, json)
Hash identifier: hJsUf4TXH8x/dBCx0NqRGC8PLycMzLRzxEAEp3v9Kv8=
Subject key identifier: 92:8A:7B:47:2B:FF:F9:CB:E8:BA:3A:19:9C:A2:63:54:76:39:54:8A
Certificate issuer: /CN=A91BDC3F/serialNumber=6CE0E949711B203E4ACB22B680F3FFF47ED16C61
Certificate serial: 78
Authority key identifier: 6C:E0:E9:49:71:1B:20:3E:4A:CB:22:B6:80:F3:FF:F4:7E:D1:6C:61
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/7980C32AA71B11EFA8320136C4F9AE02.roa
Signing time: Wed 20 Nov 2024 08:43:12 +0000
ROA not before: Wed 20 Nov 2024 08:43:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38532
IP address blocks: 43.227.231.0/24 maxlen: 24
43.229.84.0/22 maxlen: 22
43.229.128.0/23 maxlen: 23
43.229.130.0/24 maxlen: 24
103.7.8.0/22 maxlen: 22
103.14.212.0/22 maxlen: 22
103.26.40.0/22 maxlen: 22
103.26.41.0/24 maxlen: 24
103.36.92.0/22 maxlen: 22
103.62.4.0/22 maxlen: 24
103.254.255.0/24 maxlen: 24
113.11.248.0/21 maxlen: 21
113.197.32.0/21 maxlen: 21
116.12.48.0/21 maxlen: 21
124.6.60.0/22 maxlen: 24
2400:1480::/48 maxlen: 48
2407:d200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.crl
rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120 (0x78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDC3F/serialNumber=6CE0E949711B203E4ACB22B680F3FFF47ED16C61
Validity
Not Before: Nov 20 08:43:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=673da11f-e866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:5c:06:ef:7d:af:93:71:7b:db:8b:89:9d:86:
49:69:f7:dc:76:53:9c:bd:99:d9:17:02:3a:47:41:
27:51:39:b5:bb:e3:db:f3:b5:d1:84:b5:aa:26:b9:
3b:c1:23:d7:3a:1e:ac:48:97:64:d1:ed:fe:61:fc:
a1:4b:f8:eb:3c:e3:7f:89:bd:d8:97:7f:b2:17:b5:
2d:68:c9:fd:0e:87:05:fa:50:3e:32:4e:16:97:22:
4b:6b:42:71:cd:46:5a:29:aa:8d:61:67:f8:7f:e9:
00:2e:4b:c9:fa:82:09:31:a8:31:a9:c3:d8:bb:8c:
e3:0e:a2:fa:61:5a:d3:9b:a7:9f:ac:57:35:e4:50:
92:b0:bc:ea:dc:33:39:d0:b3:a9:be:8c:19:64:ea:
21:91:29:bd:59:53:67:f9:dc:e5:f1:00:db:15:c3:
2e:d2:4b:e2:19:9c:4d:d8:f7:fc:f3:71:e6:bd:1b:
c7:10:59:3d:78:4a:0d:bc:18:f3:ac:80:07:29:5f:
63:a9:8d:f4:3d:bc:20:46:4a:2b:54:d0:9a:02:3a:
62:5b:f8:ed:0f:c7:b8:4b:09:a9:4d:2b:f6:b3:30:
7a:08:9c:17:b5:bf:b4:1a:23:74:84:91:5f:49:de:
30:52:49:79:0a:3e:ec:3c:98:ea:71:3c:4a:e1:38:
e7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:8A:7B:47:2B:FF:F9:CB:E8:BA:3A:19:9C:A2:63:54:76:39:54:8A
X509v3 Authority Key Identifier:
keyid:6C:E0:E9:49:71:1B:20:3E:4A:CB:22:B6:80:F3:FF:F4:7E:D1:6C:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/7980C32AA71B11EFA8320136C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.231.0/24
43.229.84.0/22
43.229.128.0-43.229.130.255
103.7.8.0/22
103.14.212.0/22
103.26.40.0/22
103.36.92.0/22
103.62.4.0/22
103.254.255.0/24
113.11.248.0/21
113.197.32.0/21
116.12.48.0/21
124.6.60.0/22
IPv6:
2400:1480::/48
2407:d200::/32
Signature Algorithm: sha256WithRSAEncryption
ac:80:bf:7a:cd:9b:cd:c2:e5:bf:5a:0d:59:c9:e4:1e:39:90:
e2:f9:69:12:ca:fc:5a:94:7e:d9:f2:eb:c2:3c:2a:31:ee:32:
ab:1f:c2:52:d9:34:1a:a3:d0:ff:a2:9d:b1:32:54:10:18:24:
a5:fc:c0:4e:c8:16:24:38:76:d1:f7:0f:91:fc:e9:0c:41:8a:
ee:f3:a1:40:71:cb:df:2d:85:8a:2f:d3:52:ef:50:31:ac:74:
4f:81:a4:42:2d:f5:54:2e:68:05:7f:46:7b:2a:ca:92:38:2f:
fe:0b:a7:8c:09:a6:34:e7:85:61:61:bf:b4:11:3c:fd:fe:7c:
4f:d8:a7:84:9a:aa:a4:0d:ec:b0:7c:d4:5e:0d:e7:7f:11:40:
38:a5:00:ba:23:a2:e5:e1:d9:d2:7c:86:04:0f:3f:2d:93:78:
25:ff:e6:cf:55:2e:1b:a9:0c:52:fb:81:9a:7e:3f:3c:aa:b3:
19:de:96:5d:95:0f:04:26:5d:2c:59:02:f2:1a:b1:1b:39:71:
27:14:0b:55:a2:90:35:ea:38:85:0c:78:92:4f:7b:0e:21:9c:
1b:75:31:29:0a:39:f8:28:08:64:e9:31:a3:8f:d4:72:91:a6:
11:8a:80:f7:f7:ca:36:03:f5:e4:af:fc:60:ec:c1:60:c1:55:
f3:50:31:4a
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIBeDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
REMzRjExMC8GA1UEBRMoNkNFMEU5NDk3MTFCMjAzRTRBQ0IyMkI2ODBGM0ZGRjQ3
RUQxNkM2MTAeFw0yNDExMjAwODQzMTJaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3M2RhMTFmLWU4NjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDXXAbvfa+TcXvbi4mdhklp99x2U5y9mdkXAjpHQSdRObW749vztdGEtaomuTvB
I9c6HqxIl2TR7f5h/KFL+Os843+JvdiXf7IXtS1oyf0OhwX6UD4yThaXIktrQnHN
Rlopqo1hZ/h/6QAuS8n6ggkxqDGpw9i7jOMOovphWtObp5+sVzXkUJKwvOrcMznQ
s6m+jBlk6iGRKb1ZU2f53OXxANsVwy7SS+IZnE3Y9/zzcea9G8cQWT14Sg28GPOs
gAcpX2OpjfQ9vCBGSitU0JoCOmJb+O0Px7hLCalNK/azMHoInBe1v7QaI3SEkV9J
3jBSSXkKPuw8mOpxPErhOOcvAgMBAAGjggL+MIIC+jAdBgNVHQ4EFgQUkop7Ryv/
+cvoujoZnKJjVHY5VIowHwYDVR0jBBgwFoAUbODpSXEbID5KyyK2gPP/9H7RbGEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJEQzNGLzVDRTgxMDQ2MEVC
MDExRUY4NzJFODEyN0M0RjlBRTAyL2JPRHBTWEViSUQ1S3l5SzJnUFBfOUg3UmJH
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYk9EcFNYRWJJRDVLeXlLMmdQUF85SDdSYkdFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
REMzRi81Q0U4MTA0NjBFQjAxMUVGODcyRTgxMjdDNEY5QUUwMi83OTgwQzMyQUE3
MUIxMUVGQTgzMjAxMzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCBhwYIKwYBBQUHAQcBAf8E
eDB2MFwEAgABMFYDBAAr4+cDBAIr5VQwDAMEByvlgAMEACvlggMEAmcHCAMEAmcO
1AMEAmcaKAMEAmckXAMEAmc+BAMEAGf+/wMEA3EL+AMEA3HFIAMEA3QMMAMEAnwG
PDAWBAIAAjAQAwcAJAAUgAAAAwUAJAfSADANBgkqhkiG9w0BAQsFAAOCAQEArIC/
es2bzcLlv1oNWcnkHjmQ4vlpEsr8WpR+2fLrwjwqMe4yqx/CUtk0GqPQ/6KdsTJU
EBgkpfzATsgWJDh20fcPkfzpDEGK7vOhQHHL3y2Fii/TUu9QMax0T4GkQi31VC5o
BX9GeyrKkjgv/gunjAmmNOeFYWG/tBE8/f58T9inhJqqpA3ssHzUXg3nfxFAOKUA
uiOi5eHZ0nyGBA8/LZN4Jf/mz1UuG6kMUvuBmn4/PKqzGd6WXZUPBCZdLFkC8hqx
GzlxJxQLVaKQNeo4hQx4kk97DiGcG3UxKQo5+CgIZOkxo4/UcpGmEYqA9/fKNgP1
5K/8YOzBYMFV81AxSg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:21:29 2024 by rpki-client on console-fra.rpki-client.org