Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
File: 373C0EEEAFB011EC9688644FC4F9AE02.roa (raw, json)
Hash identifier: pgkkSoYYGd0zeJkYrvYHKtpu3oTLlMHx7HhC5AG3Q+8=
Subject key identifier: 3C:30:22:B6:22:2C:FD:B2:26:46:31:2D:B7:24:8B:D3:73:E6:AD:7B
Certificate issuer: /CN=A91C9B08/serialNumber=614CCD24F785E9299215916408294042F1463294
Certificate serial: 02FA
Authority key identifier: 61:4C:CD:24:F7:85:E9:29:92:15:91:64:08:29:40:42:F1:46:32:94
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
Signing time: Fri 01 Mar 2024 03:35:00 +0000
ROA not before: Fri 01 Mar 2024 03:35:00 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 200325
IP address blocks: 103.180.114.0/23 maxlen: 24
2400:52e0::/32 maxlen: 32
2400:52e0:1::/48 maxlen: 48
2400:52e0:2::/48 maxlen: 48
2400:52e0:1500::/48 maxlen: 48
2400:52e0:1501::/48 maxlen: 48
2400:52e0:1502::/48 maxlen: 48
2400:52e0:1690::/48 maxlen: 48
2400:52e0:1a00::/48 maxlen: 48
2400:52e0:1a01::/48 maxlen: 48
2400:52e0:1a02::/48 maxlen: 48
2400:52e0:1a03::/48 maxlen: 48
2400:52e0:1a04::/48 maxlen: 48
2400:52e0:1a05::/48 maxlen: 48
2400:52e0:1a06::/48 maxlen: 48
2400:52e0:1a07::/48 maxlen: 48
2400:52e0:1a08::/48 maxlen: 48
2400:52e0:1a09::/48 maxlen: 48
2400:52e0:1e00::/48 maxlen: 48
2400:52e0:1e01::/48 maxlen: 48
2400:52e0:1e02::/48 maxlen: 48
2400:52e0:1e03::/48 maxlen: 48
2400:52e0:1e04::/48 maxlen: 48
2400:52e0:1e05::/48 maxlen: 48
2400:52e0:1e06::/48 maxlen: 48
2400:52e0:1e07::/48 maxlen: 48
2400:52e0:1e08::/48 maxlen: 48
2400:52e0:1e09::/48 maxlen: 48
2400:52e0:1e10::/48 maxlen: 48
2400:52e0:fff0::/48 maxlen: 48
2400:52e0:fff1::/48 maxlen: 48
2400:52e0:fff2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.crl
rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 30 May 2024 02:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 762 (0x2fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9B08/serialNumber=614CCD24F785E9299215916408294042F1463294
Validity
Not Before: Mar 1 03:35:00 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65e14ce3-9eaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:99:eb:4e:58:d2:c8:16:2a:5e:c2:a4:bd:d3:
a0:1a:6e:84:6e:a4:b9:7a:97:91:df:b5:e8:ca:9a:
0f:24:c9:a7:7e:ff:72:e9:05:a9:81:f6:81:98:05:
3f:d3:41:a2:cf:f5:7b:f6:6e:f6:38:54:4c:3e:85:
5b:78:db:ab:56:3f:ae:84:3d:d3:ef:22:ff:5c:e5:
12:cd:15:20:5c:65:f0:40:b9:33:e1:ff:f9:3d:a2:
4b:4b:09:00:e8:d9:8e:06:80:0c:e7:d4:cb:78:49:
37:62:67:ce:28:3e:e2:41:fc:2a:ed:55:39:c5:27:
50:8e:e1:e6:58:2c:0c:63:1b:69:86:39:53:35:e3:
e9:8e:86:27:08:5a:60:38:c9:11:03:8a:71:8e:ef:
d0:06:5d:92:55:c3:7c:d4:29:c0:57:67:b6:8a:3d:
7c:5f:90:6c:cd:7d:7f:5a:2d:ee:1e:1e:29:ee:11:
ce:13:6f:1c:e0:80:50:ba:3f:01:ec:e6:df:c9:a4:
f7:33:71:98:24:ff:cc:cb:26:0d:4c:38:1f:e6:64:
d6:fe:e7:7e:06:6b:da:37:16:84:9a:1a:ce:f7:b4:
75:e5:45:70:a9:c3:99:32:3c:b5:93:96:07:22:d8:
eb:c5:d0:3e:2b:0e:81:29:e9:e8:0d:04:1d:1a:f3:
0f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:30:22:B6:22:2C:FD:B2:26:46:31:2D:B7:24:8B:D3:73:E6:AD:7B
X509v3 Authority Key Identifier:
keyid:61:4C:CD:24:F7:85:E9:29:92:15:91:64:08:29:40:42:F1:46:32:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/YUzNJPeF6SmSFZFkCClAQvFGMpQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YUzNJPeF6SmSFZFkCClAQvFGMpQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9B08/37553A56899D11EC8B424E0BC4F9AE02/373C0EEEAFB011EC9688644FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.114.0/23
IPv6:
2400:52e0::/32
Signature Algorithm: sha256WithRSAEncryption
66:fd:da:12:ae:55:ae:4e:7c:c6:33:bc:54:b4:77:c4:fd:70:
0b:44:c6:cb:24:e3:a6:8c:72:a4:7d:2d:17:cc:33:9e:2a:18:
26:43:d4:ec:c4:22:6f:ef:75:ed:c3:fb:bc:35:3e:75:b6:db:
e5:18:58:03:82:5e:1b:39:cd:94:f7:08:83:25:ee:7d:f9:6d:
53:48:26:44:dc:84:be:a2:da:98:19:e0:28:52:61:d8:d4:2e:
3a:f7:af:58:35:b7:22:be:4b:29:92:70:a2:9b:2f:e3:9d:71:
c7:34:75:82:88:11:46:9b:f0:fd:37:a1:c0:05:34:8c:4b:74:
03:ad:bc:38:0a:13:aa:d7:e8:ec:34:a7:29:43:8e:28:11:2d:
34:0c:ef:fc:49:ca:07:e6:9e:a0:92:bb:af:70:68:c6:41:c7:
c8:e0:95:77:03:bc:df:c4:10:b2:07:6d:55:37:c2:ad:d0:40:
58:93:25:4d:54:e6:16:81:8e:ce:77:4c:ec:fd:90:8d:b3:da:
50:15:d2:d5:02:52:a0:29:c5:79:14:ff:93:19:fc:85:bf:ee:
c5:6f:5e:d2:9a:a0:cd:f5:d4:a3:41:13:ef:b2:f8:aa:cd:36:
8a:9d:6c:e2:d8:bd:0f:b4:ef:94:27:ea:37:f3:e7:97:4d:12:
65:e8:9c:c1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAvowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlCMDgxMTAvBgNVBAUTKDYxNENDRDI0Rjc4NUU5Mjk5MjE1OTE2NDA4Mjk0MDQy
RjE0NjMyOTQwHhcNMjQwMzAxMDMzNTAwWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUxNGNlMy05ZWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxJnrTljSyBYqXsKkvdOgGm6EbqS5epeR37XoypoPJMmnfv9y6QWpgfaBmAU/
00Giz/V79m72OFRMPoVbeNurVj+uhD3T7yL/XOUSzRUgXGXwQLkz4f/5PaJLSwkA
6NmOBoAM59TLeEk3YmfOKD7iQfwq7VU5xSdQjuHmWCwMYxtphjlTNePpjoYnCFpg
OMkRA4pxju/QBl2SVcN81CnAV2e2ij18X5BszX1/Wi3uHh4p7hHOE28c4IBQuj8B
7ObfyaT3M3GYJP/MyyYNTDgf5mTW/ud+BmvaNxaEmhrO97R15UVwqcOZMjy1k5YH
ItjrxdA+Kw6BKenoDQQdGvMPXwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDwwIrYi
LP2yJkYxLbcki9Nz5q17MB8GA1UdIwQYMBaAFGFMzST3hekpkhWRZAgpQELxRjKU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUIwOC8zNzU1M0E1Njg5
OUQxMUVDOEI0MjRFMEJDNEY5QUUwMi9ZVXpOSlBlRjZTbVNGWkZrQ0NsQVF2RkdN
cFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lVek5KUGVGNlNtU0ZaRmtDQ2xBUXZGR01wUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlCMDgvMzc1NTNBNTY4OTlEMTFFQzhCNDI0RTBCQzRGOUFFMDIvMzczQzBFRUVB
RkIwMTFFQzk2ODg2NDRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFntHIwDQQCAAIwBwMFACQAUuAwDQYJKoZIhvcNAQELBQAD
ggEBAGb92hKuVa5OfMYzvFS0d8T9cAtExssk46aMcqR9LRfMM54qGCZD1OzEIm/v
de3D+7w1PnW22+UYWAOCXhs5zZT3CIMl7n35bVNIJkTchL6i2pgZ4ChSYdjULjr3
r1g1tyK+SymScKKbL+Odccc0dYKIEUab8P03ocAFNIxLdAOtvDgKE6rX6Ow0pylD
jigRLTQM7/xJygfmnqCSu69waMZBx8jglXcDvN/EELIHbVU3wq3QQFiTJU1U5haB
js53TOz9kI2z2lAV0tUCUqApxXkU/5MZ/IW/7sVvXtKaoM311KNBE++y+KrNNoqd
bOLYvQ+075Qn6jfz55dNEmXonME=
-----END CERTIFICATE-----
Generated at Thu May 23 04:27:10 2024 by rpki-client on console-ams.rpki-client.org