Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE3C4/7692278A7F9711EBADDC5F15C4F9AE02/26F87D4A272711EC88E40644C4F9AE02.roa
File: 26F87D4A272711EC88E40644C4F9AE02.roa (raw, json)
Hash identifier: /9xJi3PLMQkKlzkomr7AvtnsuMXJh+Vt8LpT6XO4pUs=
Subject key identifier: C7:DB:95:6E:DF:18:E0:D9:5A:43:64:4E:1A:48:1F:CA:D8:D2:FC:3E
Certificate issuer: /CN=A91CE3C4/serialNumber=FCAD461157DF681C050BD3BEEEA2EACDFB6D524B
Certificate serial: 05E1
Authority key identifier: FC:AD:46:11:57:DF:68:1C:05:0B:D3:BE:EE:A2:EA:CD:FB:6D:52:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_K1GEVffaBwFC9O-7qLqzfttUks.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE3C4/7692278A7F9711EBADDC5F15C4F9AE02/26F87D4A272711EC88E40644C4F9AE02.roa
Signing time: Tue 04 Jun 2024 05:31:26 +0000
ROA not before: Tue 04 Jun 2024 05:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17477
IP address blocks: 103.7.164.0/22 maxlen: 24
103.232.116.0/22 maxlen: 24
119.161.32.0/20 maxlen: 24
124.47.128.0/18 maxlen: 24
125.7.0.0/17 maxlen: 24
163.47.60.0/22 maxlen: 24
202.2.92.0/22 maxlen: 24
202.191.48.0/21 maxlen: 24
203.12.216.0/23 maxlen: 24
203.15.95.0/24 maxlen: 24
203.22.107.0/24 maxlen: 24
203.26.130.0/24 maxlen: 24
203.110.128.0/19 maxlen: 24
210.193.128.0/17 maxlen: 24
2400:cc00::/32 maxlen: 35
2400:cc00::/35 maxlen: 36
2400:cc00:2000::/36 maxlen: 36
2400:cc00:4000::/34 maxlen: 36
2400:cc00:8000::/33 maxlen: 36
2400:cc00:8000::/37 maxlen: 40
2400:cc00:8800::/37 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CE3C4/7692278A7F9711EBADDC5F15C4F9AE02/_K1GEVffaBwFC9O-7qLqzfttUks.crl
rsync://rpki.apnic.net/member_repository/A91CE3C4/7692278A7F9711EBADDC5F15C4F9AE02/_K1GEVffaBwFC9O-7qLqzfttUks.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_K1GEVffaBwFC9O-7qLqzfttUks.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1505 (0x5e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE3C4/serialNumber=FCAD461157DF681C050BD3BEEEA2EACDFB6D524B
Validity
Not Before: Jun 4 05:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=665ea6ae-f839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8f:14:c5:eb:35:75:8e:6b:f4:72:8b:70:92:
4c:47:c4:20:6e:d8:1b:35:49:ea:70:0e:fa:cc:b6:
99:79:cc:14:d1:87:f0:36:12:00:81:c2:ab:4a:30:
a7:ef:61:5f:c9:40:ff:54:bf:bc:14:4f:71:f2:87:
ab:0d:6e:fa:b8:38:d5:3f:f7:1c:b3:9b:7e:e7:50:
bf:5d:4e:f0:b8:1f:2c:4c:54:38:d3:b3:3f:e7:b7:
17:0c:a2:e0:7a:29:0d:2d:04:1e:95:d0:8a:70:cc:
4f:5b:5f:d8:ac:6b:ea:02:a0:a4:47:1b:bc:92:9c:
7f:b9:b7:22:2d:44:e2:8c:a9:6d:8d:f4:39:c1:7a:
af:6a:58:30:ed:05:01:cf:c6:b6:de:aa:a8:35:52:
c9:cf:f2:9b:ce:5c:c6:19:5b:c0:b1:67:57:a5:08:
b0:75:8f:60:b8:a0:80:de:58:38:a2:43:56:8d:95:
18:d3:e2:d9:3d:e4:51:d1:4a:47:f3:f3:e7:60:c7:
fa:31:60:9c:dc:bd:b6:5f:c8:96:30:8b:b1:fe:e9:
1d:7e:71:46:12:51:7f:0f:82:e3:59:6a:50:90:bd:
07:7c:72:bb:aa:37:07:44:b9:61:4c:ae:b2:0d:9b:
f3:8d:29:5f:f8:77:3d:6d:46:91:51:d3:02:2d:d1:
a5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:DB:95:6E:DF:18:E0:D9:5A:43:64:4E:1A:48:1F:CA:D8:D2:FC:3E
X509v3 Authority Key Identifier:
keyid:FC:AD:46:11:57:DF:68:1C:05:0B:D3:BE:EE:A2:EA:CD:FB:6D:52:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE3C4/7692278A7F9711EBADDC5F15C4F9AE02/_K1GEVffaBwFC9O-7qLqzfttUks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_K1GEVffaBwFC9O-7qLqzfttUks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE3C4/7692278A7F9711EBADDC5F15C4F9AE02/26F87D4A272711EC88E40644C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.7.164.0/22
103.232.116.0/22
119.161.32.0/20
124.47.128.0/18
125.7.0.0/17
163.47.60.0/22
202.2.92.0/22
202.191.48.0/21
203.12.216.0/23
203.15.95.0/24
203.22.107.0/24
203.26.130.0/24
203.110.128.0/19
210.193.128.0/17
IPv6:
2400:cc00::/32
Signature Algorithm: sha256WithRSAEncryption
6a:ba:42:b1:9f:e5:be:8e:4b:55:4a:8a:ee:d6:d2:03:3a:ae:
29:5b:dc:db:0f:ba:9a:f6:c6:ab:db:3e:50:cb:8b:a8:0c:d4:
2c:f3:47:d2:e1:83:78:76:c4:04:ae:aa:ff:68:cf:1b:da:a7:
99:2b:e9:db:ee:9e:45:0f:d2:6e:82:63:6c:d5:fb:d8:fd:95:
d5:89:3f:c3:b9:0b:c6:89:40:4c:0b:59:29:34:5d:da:9e:8e:
72:c3:1e:a7:9f:0e:eb:c3:de:28:ef:f7:09:51:1e:af:58:55:
53:5f:6c:32:e6:8b:31:c0:ad:ec:63:dd:38:65:cb:1f:7d:a8:
db:78:f4:5a:ef:50:9e:62:bc:d4:09:aa:c5:1a:6d:52:65:75:
18:90:39:e3:ad:97:71:9d:7e:38:07:4c:28:9f:5f:4e:3a:08:
b4:2a:d4:2b:e2:d6:74:55:34:81:c6:8b:6a:be:be:5f:d7:13:
31:0d:bb:44:2a:e7:0a:81:b2:58:1c:09:32:0c:c8:42:ad:3b:
de:a0:79:5f:34:dc:37:8c:2a:00:bd:b8:e1:d6:ff:84:14:74:
34:41:ad:0d:9e:48:41:16:5b:48:86:2e:be:46:1e:8d:e4:15:
0a:6d:45:64:a8:af:4c:32:ac:b4:89:5c:39:29:39:48:83:cd:
b0:f7:5c:b7
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgICBeEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0UzQzQxMTAvBgNVBAUTKEZDQUQ0NjExNTdERjY4MUMwNTBCRDNCRUVFQTJFQUNE
RkI2RDUyNEIwHhcNMjQwNjA0MDUzMTI2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVlYTZhZS1mODM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqo8Uxes1dY5r9HKLcJJMR8QgbtgbNUnqcA76zLaZecwU0YfwNhIAgcKrSjCn
72FfyUD/VL+8FE9x8oerDW76uDjVP/ccs5t+51C/XU7wuB8sTFQ407M/57cXDKLg
eikNLQQeldCKcMxPW1/YrGvqAqCkRxu8kpx/ubciLUTijKltjfQ5wXqvalgw7QUB
z8a23qqoNVLJz/KbzlzGGVvAsWdXpQiwdY9guKCA3lg4okNWjZUY0+LZPeRR0UpH
8/PnYMf6MWCc3L22X8iWMIux/ukdfnFGElF/D4LjWWpQkL0HfHK7qjcHRLlhTK6y
DZvzjSlf+Hc9bUaRUdMCLdGlmQIDAQABo4IC8jCCAu4wHQYDVR0OBBYEFMfblW7f
GODZWkNkThpIH8rY0vw+MB8GA1UdIwQYMBaAFPytRhFX32gcBQvTvu6i6s37bVJL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTNDNC83NjkyMjc4QTdG
OTcxMUVCQUREQzVGMTVDNEY5QUUwMi9fSzFHRVZmZmFCd0ZDOU8tN3FMcXpmdHRV
a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19LMUdFVmZmYUJ3RkM5Ty03cUxxemZ0dFVrcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0UzQzQvNzY5MjI3OEE3Rjk3MTFFQkFEREM1RjE1QzRGOUFFMDIvMjZGODdENEEy
NzI3MTFFQzg4RTQwNjQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfAYIKwYBBQUHAQcBAf8E
bTBrMFoEAgABMFQDBAJnB6QDBAJn6HQDBAR3oSADBAZ8L4ADBAd9BwADBAKjLzwD
BALKAlwDBAPKvzADBAHLDNgDBADLD18DBADLFmsDBADLGoIDBAXLboADBAfSwYAw
DQQCAAIwBwMFACQAzAAwDQYJKoZIhvcNAQELBQADggEBAGq6QrGf5b6OS1VKiu7W
0gM6rilb3NsPupr2xqvbPlDLi6gM1CzzR9Lhg3h2xASuqv9ozxvap5kr6dvunkUP
0m6CY2zV+9j9ldWJP8O5C8aJQEwLWSk0XdqejnLDHqefDuvD3ijv9wlRHq9YVVNf
bDLmizHArexj3Thlyx99qNt49FrvUJ5ivNQJqsUabVJldRiQOeOtl3GdfjgHTCif
X046CLQq1Cvi1nRVNIHGi2q+vl/XEzENu0Qq5wqBslgcCTIMyEKtO96geV803DeM
KgC9uOHW/4QUdDRBrQ2eSEEWW0iGLr5GHo3kFQptRWSor0wyrLSJXDkpOUiDzbD3
XLc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:08:50 2024 by rpki-client on console-ams.rpki-client.org