Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/64DF1E90EE3F11ECA9E43485C4F9AE02.roa
File: 64DF1E90EE3F11ECA9E43485C4F9AE02.roa (raw, json)
Hash identifier: hVZJ0zpXl3HIf84EQwJt238SaOF7zZFnGXXrUjVRB7A=
Subject key identifier: 82:62:39:8F:05:D6:EB:44:D1:3D:ED:82:03:8D:D2:32:4E:B2:5C:4C
Certificate issuer: /CN=A91D90B9/serialNumber=5A183B1E0FFCA6DADD796F6BB4AAAF93692F0DC9
Certificate serial: 029F
Authority key identifier: 5A:18:3B:1E:0F:FC:A6:DA:DD:79:6F:6B:B4:AA:AF:93:69:2F:0D:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Whg7Hg_8ptrdeW9rtKqvk2kvDck.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/64DF1E90EE3F11ECA9E43485C4F9AE02.roa
Signing time: Tue 07 May 2024 18:17:32 +0000
ROA not before: Tue 07 May 2024 18:17:32 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 58945
IP address blocks: 103.26.112.0/22 maxlen: 24
103.35.156.0/23 maxlen: 24
103.35.159.0/24 maxlen: 24
106.0.52.0/22 maxlen: 24
2401:4440::/32 maxlen: 32
2401:4440::/36 maxlen: 36
2401:4440::/48 maxlen: 48
2401:4440:1000::/36 maxlen: 36
2401:4440:2000::/36 maxlen: 36
2401:4440:3000::/36 maxlen: 36
2401:4440:4000::/36 maxlen: 36
2401:4440:5000::/36 maxlen: 36
2401:4440:6000::/36 maxlen: 36
2401:4440:7000::/36 maxlen: 36
2401:4440:8000::/36 maxlen: 36
2401:4440:9000::/36 maxlen: 36
2401:4440:a000::/36 maxlen: 36
2401:4440:a001::/48 maxlen: 48
2401:4440:a002::/48 maxlen: 48
2401:4440:b000::/36 maxlen: 36
2401:4440:c000::/36 maxlen: 36
2401:4440:d000::/36 maxlen: 36
2401:4440:e000::/36 maxlen: 36
2401:4440:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/Whg7Hg_8ptrdeW9rtKqvk2kvDck.crl
rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/Whg7Hg_8ptrdeW9rtKqvk2kvDck.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Whg7Hg_8ptrdeW9rtKqvk2kvDck.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 May 2024 02:53:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 671 (0x29f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D90B9/serialNumber=5A183B1E0FFCA6DADD796F6BB4AAAF93692F0DC9
Validity
Not Before: May 7 18:17:32 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=663a703c-e163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:37:cb:5d:62:ce:5c:04:97:eb:64:12:9c:09:
d8:56:e7:85:ec:11:94:8e:34:28:b1:ab:f9:9c:03:
9e:94:42:65:1d:e3:cf:63:a0:25:ee:cb:06:fa:14:
db:f6:9b:de:40:cc:22:98:28:d7:fa:59:0f:eb:3f:
a3:c0:9e:1d:2e:c1:f2:99:47:49:12:0e:82:a7:26:
51:ae:a8:5d:b3:d0:70:71:85:55:02:c5:7b:04:25:
18:07:16:8b:e9:5b:1c:b9:15:95:00:13:1a:95:54:
7d:3b:e1:4e:65:dd:96:2a:22:9f:4e:f2:ed:b8:7b:
1c:e9:71:53:2f:2f:dd:ba:60:52:af:b2:fa:f7:6c:
fc:e2:29:90:3b:82:5b:43:4b:20:15:f5:1f:44:60:
ba:16:0c:d7:35:5c:e8:d0:ea:c4:2d:d2:f5:a4:e4:
cc:c0:d9:c8:74:ce:f3:6b:40:f1:4e:4b:7f:83:27:
28:c1:39:59:f7:1b:a3:d5:ef:4c:42:31:a1:f6:db:
5c:c1:cd:2f:97:3c:4a:db:cb:46:d3:bd:38:36:32:
e4:00:f3:d6:2e:a5:58:4b:44:d8:4e:dd:ef:1d:4d:
d9:6f:d6:2c:b3:c9:8d:f6:10:9f:49:ae:ce:5f:3a:
b6:04:79:6a:f4:e5:e2:8b:03:cb:3c:4c:f7:22:7f:
58:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:62:39:8F:05:D6:EB:44:D1:3D:ED:82:03:8D:D2:32:4E:B2:5C:4C
X509v3 Authority Key Identifier:
keyid:5A:18:3B:1E:0F:FC:A6:DA:DD:79:6F:6B:B4:AA:AF:93:69:2F:0D:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/Whg7Hg_8ptrdeW9rtKqvk2kvDck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Whg7Hg_8ptrdeW9rtKqvk2kvDck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D90B9/D1EA8CF4B58711ECBEDB9229C4F9AE02/64DF1E90EE3F11ECA9E43485C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.26.112.0/22
103.35.156.0/23
103.35.159.0/24
106.0.52.0/22
IPv6:
2401:4440::/32
Signature Algorithm: sha256WithRSAEncryption
04:8f:a1:a8:c9:9a:9d:77:f2:04:06:d3:13:df:65:ba:d6:4c:
c8:71:0f:c1:c8:b9:3b:3b:23:9f:58:3e:26:f3:8e:2d:3c:db:
7d:98:c6:da:17:5b:86:9b:5d:1b:db:e9:49:ea:b2:ce:cc:c2:
9a:ea:f1:f3:3b:3a:62:f3:f5:6b:ac:1b:42:d8:1e:a6:d0:3b:
bd:b9:f6:d4:a4:48:32:b2:ab:ae:ae:86:1a:88:ad:a7:d9:30:
3a:b9:b9:82:d7:d3:dc:fa:78:15:25:e9:ea:59:81:52:a7:11:
0f:14:5a:21:c8:9f:32:5e:b2:f4:ea:dc:27:53:9a:ca:6f:a1:
1d:4c:6c:97:2f:2f:89:a6:70:08:88:b0:1e:3b:9a:51:4a:93:
fa:46:b1:f2:b6:07:55:aa:85:b0:e9:4f:89:fc:ff:20:f9:89:
1b:a6:41:7b:f6:b8:f5:e7:43:c8:59:42:59:30:73:3a:3c:4e:
da:84:72:fb:52:91:89:6d:df:68:71:c7:fb:26:2d:58:71:7c:
7d:cb:58:80:be:16:ba:6d:ad:4e:1a:24:70:b4:b9:06:ca:31:
13:3b:57:94:11:06:10:14:6b:54:5b:d8:bd:0c:43:ea:2e:e6:
24:c0:5c:26:04:ee:8f:cc:eb:db:1c:45:72:4e:9a:0c:9d:74:
5f:02:b7:a0
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICAp8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDkwQjkxMTAvBgNVBAUTKDVBMTgzQjFFMEZGQ0E2REFERDc5NkY2QkI0QUFBRjkz
NjkyRjBEQzkwHhcNMjQwNTA3MTgxNzMyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNhNzAzYy1lMTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9zfLXWLOXASX62QSnAnYVueF7BGUjjQosav5nAOelEJlHePPY6Al7ssG+hTb
9pveQMwimCjX+lkP6z+jwJ4dLsHymUdJEg6CpyZRrqhds9BwcYVVAsV7BCUYBxaL
6VscuRWVABMalVR9O+FOZd2WKiKfTvLtuHsc6XFTLy/dumBSr7L692z84imQO4Jb
Q0sgFfUfRGC6FgzXNVzo0OrELdL1pOTMwNnIdM7za0DxTkt/gycowTlZ9xuj1e9M
QjGh9ttcwc0vlzxK28tG0704NjLkAPPWLqVYS0TYTt3vHU3Zb9Yss8mN9hCfSa7O
Xzq2BHlq9OXiiwPLPEz3In9YHQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFIJiOY8F
1utE0T3tggON0jJOslxMMB8GA1UdIwQYMBaAFFoYOx4P/Kba3Xlva7Sqr5NpLw3J
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTBCOS9EMUVBOENGNEI1
ODcxMUVDQkVEQjkyMjlDNEY5QUUwMi9XaGc3SGdfOHB0cmRlVzlydEtxdmsya3ZE
Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1doZzdIZ184cHRyZGVXOXJ0S3F2azJrdkRjay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDkwQjkvRDFFQThDRjRCNTg3MTFFQ0JFREI5MjI5QzRGOUFFMDIvNjRERjFFOTBF
RTNGMTFFQ0E5RTQzNDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnGnADBAFnI5wDBABnI58DBAJqADQwDQQCAAIwBwMFACQB
REAwDQYJKoZIhvcNAQELBQADggEBAASPoajJmp138gQG0xPfZbrWTMhxD8HIuTs7
I59YPibzji08232YxtoXW4abXRvb6Unqss7Mwprq8fM7OmLz9WusG0LYHqbQO725
9tSkSDKyq66uhhqIrafZMDq5uYLX09z6eBUl6epZgVKnEQ8UWiHInzJesvTq3CdT
mspvoR1MbJcvL4mmcAiIsB47mlFKk/pGsfK2B1WqhbDpT4n8/yD5iRumQXv2uPXn
Q8hZQlkwczo8TtqEcvtSkYlt32hxx/smLVhxfH3LWIC+FrptrU4aJHC0uQbKMRM7
V5QRBhAUa1Rb2L0MQ+ou5iTAXCYE7o/M69scRXJOmgyddF8Ct6A=
-----END CERTIFICATE-----
Generated at Fri May 17 04:26:40 2024 by rpki-client on console-fra.rpki-client.org