Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/A7FC5DEE8D0411EFBD7A0057C4F9AE02.roa
File: A7FC5DEE8D0411EFBD7A0057C4F9AE02.roa (raw, json)
Hash identifier: wXSdBNoCEVifLDtW9z2l+U1xNZkQu9dncWMQUw8+Jp8=
Subject key identifier: FE:FE:E1:5B:E7:94:6C:17:68:7D:80:38:60:CE:5C:01:EE:46:E8:96
Certificate issuer: /CN=A91CC711/serialNumber=E429D429E66B797B3D8A1CBE2491577ADC38A48E
Certificate serial: 83
Authority key identifier: E4:29:D4:29:E6:6B:79:7B:3D:8A:1C:BE:24:91:57:7A:DC:38:A4:8E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CnUKeZreXs9ihy-JJFXetw4pI4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/A7FC5DEE8D0411EFBD7A0057C4F9AE02.roa
Signing time: Wed 23 Oct 2024 03:55:50 +0000
ROA not before: Wed 23 Oct 2024 03:55:50 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 38456
IP address blocks: 103.11.160.0/24 maxlen: 24
103.11.161.0/24 maxlen: 24
103.11.162.0/24 maxlen: 24
103.11.163.0/24 maxlen: 24
182.236.116.0/24 maxlen: 24
182.236.117.0/24 maxlen: 24
202.5.162.0/24 maxlen: 24
202.5.163.0/24 maxlen: 24
202.5.164.0/24 maxlen: 24
202.5.168.0/24 maxlen: 24
202.5.169.0/24 maxlen: 24
202.5.177.0/24 maxlen: 24
202.5.190.0/24 maxlen: 24
203.86.208.0/24 maxlen: 24
203.86.209.0/24 maxlen: 24
203.86.210.0/24 maxlen: 24
203.86.211.0/24 maxlen: 24
203.86.212.0/24 maxlen: 24
203.86.213.0/24 maxlen: 24
203.86.214.0/24 maxlen: 24
203.86.215.0/24 maxlen: 24
203.86.219.0/24 maxlen: 24
203.86.220.0/24 maxlen: 24
203.86.221.0/24 maxlen: 24
203.86.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/5CnUKeZreXs9ihy-JJFXetw4pI4.crl
rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/5CnUKeZreXs9ihy-JJFXetw4pI4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CnUKeZreXs9ihy-JJFXetw4pI4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 05:10:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 131 (0x83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CC711/serialNumber=E429D429E66B797B3D8A1CBE2491577ADC38A48E
Validity
Not Before: Oct 23 03:55:50 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=671873c6-c78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:45:26:21:21:d9:1f:fa:7e:d3:40:13:aa:73:
3f:ce:01:6e:28:ec:34:16:44:ed:7e:58:88:34:cf:
15:6b:36:b8:22:6f:53:e9:74:98:78:f7:72:4e:e3:
fc:6d:6e:0b:9f:2f:c6:4c:08:c2:3f:9b:5d:5a:12:
26:c6:2f:14:47:c2:6d:6d:71:fe:e6:2d:1d:b3:28:
58:52:44:11:64:47:a6:f0:81:e9:e2:ca:11:c4:01:
18:fe:62:79:4e:a1:69:93:21:62:0b:47:0c:fc:e5:
04:9f:8b:02:91:11:58:8e:c2:c7:8c:e3:a6:ef:cd:
f5:4b:35:d9:5a:ce:c4:1e:3e:39:b2:ac:1b:52:b7:
d8:53:86:98:0c:46:6a:14:3a:9d:cd:f5:31:40:f3:
15:0c:b3:28:6f:06:fe:8e:0c:77:40:5f:03:27:9e:
11:1c:9c:10:7e:fd:9f:71:28:68:d3:44:e1:d0:36:
e3:1f:e2:bf:be:12:f4:21:0f:a7:10:ce:be:15:71:
0e:ea:76:29:6e:e5:02:05:e2:df:23:05:1d:73:57:
cc:42:48:1c:ce:37:61:df:de:e6:94:5e:ed:f8:43:
98:c7:ae:63:03:7e:3c:c2:36:9d:3f:25:d0:fd:36:
ea:1c:0e:78:30:ef:25:c0:0c:58:71:ad:3c:38:6d:
a4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:FE:E1:5B:E7:94:6C:17:68:7D:80:38:60:CE:5C:01:EE:46:E8:96
X509v3 Authority Key Identifier:
keyid:E4:29:D4:29:E6:6B:79:7B:3D:8A:1C:BE:24:91:57:7A:DC:38:A4:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/5CnUKeZreXs9ihy-JJFXetw4pI4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CnUKeZreXs9ihy-JJFXetw4pI4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CC711/C7D1B0541EE311EF90D21234C4F9AE02/A7FC5DEE8D0411EFBD7A0057C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.160.0/22
182.236.116.0/23
202.5.162.0-202.5.164.255
202.5.168.0/23
202.5.177.0/24
202.5.190.0/24
203.86.208.0/21
203.86.219.0-203.86.222.255
Signature Algorithm: sha256WithRSAEncryption
95:12:94:61:1e:57:8b:ab:98:48:fb:3e:91:a2:31:80:92:ee:
bc:dc:34:40:3e:33:c6:8a:47:0d:11:57:01:e3:f2:ce:a7:0f:
36:72:45:ab:c9:4c:7c:b0:ea:ff:dd:b5:7d:d2:f1:be:3c:48:
f1:04:22:11:24:7b:cb:17:91:d3:f8:08:b2:06:e9:79:dd:91:
29:e6:1b:16:3f:6f:ab:af:77:15:ba:c5:d9:6d:28:f6:56:97:
6d:a6:28:e4:74:c4:e1:0b:a3:2b:18:d5:c7:7f:3d:0d:de:04:
6a:9d:18:b1:da:de:bb:34:dd:f8:27:5c:42:22:ac:50:f9:d7:
d9:26:8a:83:eb:5f:38:a8:24:32:01:9a:e9:1d:d8:44:15:0b:
43:83:5b:62:4e:0e:ca:3d:81:e0:bb:4c:a2:1d:a2:ff:72:fa:
18:9b:ae:6b:ef:cc:71:dd:c2:76:b2:43:09:14:46:0b:c7:db:
73:c5:5b:15:0f:fd:07:77:db:81:9f:1f:ff:55:c4:f0:a2:75:
e0:30:86:cc:fa:1a:ce:56:7a:e3:33:55:3c:5b:e3:46:c4:9e:
2e:75:bb:dd:74:45:e2:7a:16:31:1a:61:c2:6a:db:25:83:92:
ba:5b:aa:9b:1d:d6:2f:c9:0a:cf:ca:41:56:2b:5e:54:95:6b:
41:21:93:a9
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICAIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0M3MTExMTAvBgNVBAUTKEU0MjlENDI5RTY2Qjc5N0IzRDhBMUNCRTI0OTE1NzdB
REMzOEE0OEUwHhcNMjQxMDIzMDM1NTUwWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE4NzNjNi1jNzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp0UmISHZH/p+00ATqnM/zgFuKOw0FkTtfliINM8Vaza4Im9T6XSYePdyTuP8
bW4Lny/GTAjCP5tdWhImxi8UR8JtbXH+5i0dsyhYUkQRZEem8IHp4soRxAEY/mJ5
TqFpkyFiC0cM/OUEn4sCkRFYjsLHjOOm7831SzXZWs7EHj45sqwbUrfYU4aYDEZq
FDqdzfUxQPMVDLMobwb+jgx3QF8DJ54RHJwQfv2fcSho00Th0DbjH+K/vhL0IQ+n
EM6+FXEO6nYpbuUCBeLfIwUdc1fMQkgczjdh397mlF7t+EOYx65jA348wjadPyXQ
/TbqHA54MO8lwAxYca08OG2kcwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFP7+4Vvn
lGwXaH2AOGDOXAHuRuiWMB8GA1UdIwQYMBaAFOQp1Cnma3l7PYocviSRV3rcOKSO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQzcxMS9DN0QxQjA1NDFF
RTMxMUVGOTBEMjEyMzRDNEY5QUUwMi81Q25VS2VacmVYczlpaHktSkpGWGV0dzRw
STQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVDblVLZVpyZVhzOWloeS1KSkZYZXR3NHBJNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0M3MTEvQzdEMUIwNTQxRUUzMTFFRjkwRDIxMjM0QzRGOUFFMDIvQTdGQzVERUU4
RDA0MTFFRkJEN0EwMDU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEADBAJnC6ADBAG27HQwDAMEAcoFogMEAMoFpAMEAcoFqAMEAMoF
sQMEAMoFvgMEA8tW0DAMAwQAy1bbAwQAy1beMA0GCSqGSIb3DQEBCwUAA4IBAQCV
EpRhHleLq5hI+z6RojGAku683DRAPjPGikcNEVcB4/LOpw82ckWryUx8sOr/3bV9
0vG+PEjxBCIRJHvLF5HT+AiyBul53ZEp5hsWP2+rr3cVusXZbSj2VpdtpijkdMTh
C6MrGNXHfz0N3gRqnRix2t67NN34J1xCIqxQ+dfZJoqD6184qCQyAZrpHdhEFQtD
g1tiTg7KPYHgu0yiHaL/cvoYm65r78xx3cJ2skMJFEYLx9tzxVsVD/0Hd9uBnx//
VcTwonXgMIbM+hrOVnrjM1U8W+NGxJ4udbvddEXiehYxGmHCatslg5K6W6qbHdYv
yQrPykFWK15UlWtBIZOp
-----END CERTIFICATE-----
Generated at Thu Nov 21 06:50:50 2024 by rpki-client on console-fra.rpki-client.org