Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
File: 373C0EEEAFB011EC9688644FC4F9AE02.roa (raw, json)
Hash identifier: 4ROYaEWNrV2vz012AOwl9KfhXGAAvoY7wptr4uiFLwI=
Subject key identifier: C6:B5:D2:99:E6:E0:CB:9F:23:FE:62:58:F7:32:96:41:BB:FB:3D:2F
Certificate issuer: /CN=A91C9B08/serialNumber=614CCD24F785E9299215916408294042F1463294
Certificate serial: 0360
Authority key identifier: 61:4C:CD:24:F7:85:E9:29:92:15:91:64:08:29:40:42:F1:46:32:94
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
Signing time: Sat 14 Sep 2024 21:23:41 +0000
ROA not before: Sat 14 Sep 2024 21:23:41 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 200325
IP address blocks: 103.180.114.0/23 maxlen: 24
2400:52e0::/32 maxlen: 32
2400:52e0:1::/48 maxlen: 48
2400:52e0:2::/48 maxlen: 48
2400:52e0:1500::/48 maxlen: 48
2400:52e0:1501::/48 maxlen: 48
2400:52e0:1502::/48 maxlen: 48
2400:52e0:1690::/48 maxlen: 48
2400:52e0:1a00::/48 maxlen: 48
2400:52e0:1a01::/48 maxlen: 48
2400:52e0:1a02::/48 maxlen: 48
2400:52e0:1a03::/48 maxlen: 48
2400:52e0:1a04::/48 maxlen: 48
2400:52e0:1a05::/48 maxlen: 48
2400:52e0:1a06::/48 maxlen: 48
2400:52e0:1a07::/48 maxlen: 48
2400:52e0:1a08::/48 maxlen: 48
2400:52e0:1a09::/48 maxlen: 48
2400:52e0:1e00::/48 maxlen: 48
2400:52e0:1e01::/48 maxlen: 48
2400:52e0:1e02::/48 maxlen: 48
2400:52e0:1e03::/48 maxlen: 48
2400:52e0:1e04::/48 maxlen: 48
2400:52e0:1e05::/48 maxlen: 48
2400:52e0:1e06::/48 maxlen: 48
2400:52e0:1e07::/48 maxlen: 48
2400:52e0:1e08::/48 maxlen: 48
2400:52e0:1e09::/48 maxlen: 48
2400:52e0:1e10::/48 maxlen: 48
2400:52e0:fff0::/48 maxlen: 48
2400:52e0:fff1::/48 maxlen: 48
2400:52e0:fff2::/48 maxlen: 48
2400:52e0:fff3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.crl
rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 20:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 864 (0x360)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9B08/serialNumber=614CCD24F785E9299215916408294042F1463294
Validity
Not Before: Sep 14 21:23:41 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=66e5fedd-6846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:dc:cc:7d:58:5b:3e:f6:ef:00:04:ca:82:71:
75:3b:13:86:68:4b:ba:b5:8e:bb:64:a2:02:e9:47:
35:38:5e:ef:a1:4d:3f:d2:d4:bd:c6:4f:c6:df:cf:
cf:66:47:27:f9:22:75:db:b5:d5:44:31:63:73:e2:
2f:87:cc:8f:07:8f:ce:cb:8d:1d:fd:b5:78:99:45:
33:29:94:bc:cd:d5:4e:5d:cf:59:22:6c:a1:16:9d:
a8:08:54:70:f9:af:b8:9f:84:b3:15:ef:b0:53:be:
77:51:94:07:e1:b6:dd:c0:89:fb:25:58:21:50:5b:
ae:26:4c:ce:1f:1c:e9:28:8b:83:12:49:26:65:7d:
c5:f6:6a:a4:fd:62:ba:5f:46:61:01:b1:6a:c1:ce:
30:5e:58:e2:68:10:04:ee:d2:c7:28:27:c1:5a:bb:
d1:48:ae:00:5f:1f:66:22:9a:1a:66:a9:19:2a:47:
7f:30:92:6b:58:25:4e:94:37:ef:ff:c2:7a:d7:c1:
03:e4:67:ad:04:6d:df:5e:b6:ce:73:a9:c4:6a:1e:
ee:39:db:d8:26:11:47:b9:d8:a5:0d:89:66:c5:37:
eb:fb:3b:3e:36:83:5b:7a:d2:97:f8:2d:b4:16:85:
ff:1d:b0:c6:a2:50:de:85:8b:3c:75:85:78:47:fa:
b5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B5:D2:99:E6:E0:CB:9F:23:FE:62:58:F7:32:96:41:BB:FB:3D:2F
X509v3 Authority Key Identifier:
keyid:61:4C:CD:24:F7:85:E9:29:92:15:91:64:08:29:40:42:F1:46:32:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.114.0/23
IPv6:
2400:52e0::/32
Signature Algorithm: sha256WithRSAEncryption
5a:b8:8f:dc:d4:6d:ce:a5:e1:66:bc:7a:4f:66:c5:02:b2:15:
ac:9c:79:ca:69:23:c8:6f:3f:b2:8b:ed:eb:7a:62:ca:fd:1f:
6c:55:83:aa:16:56:88:a9:65:4e:91:6f:6f:fb:dd:16:64:32:
7a:40:d5:8b:37:6e:fd:5a:3f:44:2c:c1:bb:15:79:e0:46:29:
ee:27:98:47:a6:65:fc:f0:fd:a1:a0:71:dc:5d:fc:31:f5:35:
51:6c:21:e5:82:42:78:fd:0f:53:90:dc:a8:06:fc:d2:e8:64:
e9:26:40:d6:17:ca:70:69:68:27:a9:a0:74:18:27:6e:59:d4:
76:14:a5:6d:a9:24:2e:c5:9f:9f:d1:1e:0e:a1:fa:f8:6c:6f:
1c:1f:9c:91:f3:9a:a5:31:2c:3d:41:7f:ed:da:51:40:7e:19:
ee:c2:44:c1:41:80:c7:94:bd:f4:eb:59:ad:31:0e:8e:cb:73:
e9:9d:77:27:cc:75:11:66:1e:a4:0a:49:29:68:ae:74:dd:2b:
88:ca:9d:f6:a5:54:4a:19:39:ac:49:d7:06:0a:04:85:2b:e8:
ed:4d:d8:79:59:a1:25:2a:87:76:49:a5:3d:2c:c6:4f:dd:41:
17:2e:2a:5b:9d:8a:dd:1b:ca:eb:8f:59:60:94:a6:7d:a2:b9:
9f:f9:fd:fb
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA2AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlCMDgxMTAvBgNVBAUTKDYxNENDRDI0Rjc4NUU5Mjk5MjE1OTE2NDA4Mjk0MDQy
RjE0NjMyOTQwHhcNMjQwOTE0MjEyMzQxWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmU1ZmVkZC02ODQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+tzMfVhbPvbvAATKgnF1OxOGaEu6tY67ZKIC6Uc1OF7voU0/0tS9xk/G38/P
Zkcn+SJ127XVRDFjc+Ivh8yPB4/Oy40d/bV4mUUzKZS8zdVOXc9ZImyhFp2oCFRw
+a+4n4SzFe+wU753UZQH4bbdwIn7JVghUFuuJkzOHxzpKIuDEkkmZX3F9mqk/WK6
X0ZhAbFqwc4wXljiaBAE7tLHKCfBWrvRSK4AXx9mIpoaZqkZKkd/MJJrWCVOlDfv
/8J618ED5GetBG3fXrbOc6nEah7uOdvYJhFHudilDYlmxTfr+zs+NoNbetKX+C20
FoX/HbDGolDehYs8dYV4R/q1eQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMa10pnm
4MufI/5iWPcylkG7+z0vMB8GA1UdIwQYMBaAFGFMzST3hekpkhWRZAgpQELxRjKU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUIwOC8zNzU1M0E1Njg5
OUQxMUVDOEI0MjRFMEJDNEY5QUUwMi9ZVXpOSlBlRjZTbVNGWkZrQ0NsQVF2RkdN
cFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lVek5KUGVGNlNtU0ZaRmtDQ2xBUXZGR01wUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlCMDgvMzc1NTNBNTY4OTlEMTFFQzhCNDI0RTBCQzRGOUFFMDIvMzczQzBFRUVB
RkIwMTFFQzk2ODg2NDRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFntHIwDQQCAAIwBwMFACQAUuAwDQYJKoZIhvcNAQELBQAD
ggEBAFq4j9zUbc6l4Wa8ek9mxQKyFaycecppI8hvP7KL7et6Ysr9H2xVg6oWVoip
ZU6Rb2/73RZkMnpA1Ys3bv1aP0QswbsVeeBGKe4nmEemZfzw/aGgcdxd/DH1NVFs
IeWCQnj9D1OQ3KgG/NLoZOkmQNYXynBpaCepoHQYJ25Z1HYUpW2pJC7Fn5/RHg6h
+vhsbxwfnJHzmqUxLD1Bf+3aUUB+Ge7CRMFBgMeUvfTrWa0xDo7Lc+mddyfMdRFm
HqQKSSlornTdK4jKnfalVEoZOaxJ1wYKBIUr6O1N2HlZoSUqh3ZJpT0sxk/dQRcu
Kludit0byuuPWWCUpn2iuZ/5/fs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:31:57 2024 by rpki-client on console-fra.rpki-client.org