Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/AB9A0D320D6011EDA50DFA25C4F9AE02.roa
File: AB9A0D320D6011EDA50DFA25C4F9AE02.roa (raw, json)
Hash identifier: Ml46u2z0U+I2ZQaPPsePPmtgvCBhdMDLTPQJk8d3bl4=
Subject key identifier: 29:25:D5:FB:1A:11:95:C7:1F:C9:DC:E9:80:CB:EB:B6:9E:CD:80:91
Certificate issuer: /CN=A91DA898/serialNumber=1A55DB627A2A2E4B26672EE0E1D7512F86414E83
Certificate serial: 341F
Authority key identifier: 1A:55:DB:62:7A:2A:2E:4B:26:67:2E:E0:E1:D7:51:2F:86:41:4E:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GlXbYnoqLksmZy7g4ddRL4ZBToM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/AB9A0D320D6011EDA50DFA25C4F9AE02.roa
Signing time: Thu 08 Aug 2024 14:40:39 +0000
ROA not before: Thu 08 Aug 2024 14:40:38 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 10219
IP address blocks: 103.23.48.0/22 maxlen: 22
103.23.48.0/24 maxlen: 24
103.23.49.0/24 maxlen: 24
103.23.50.0/24 maxlen: 24
103.23.51.0/24 maxlen: 24
112.72.0.0/20 maxlen: 20
112.72.0.0/24 maxlen: 24
112.72.1.0/24 maxlen: 24
112.72.2.0/24 maxlen: 24
112.72.3.0/24 maxlen: 24
112.72.4.0/24 maxlen: 24
112.72.5.0/24 maxlen: 24
112.72.6.0/24 maxlen: 24
112.72.7.0/24 maxlen: 24
112.72.8.0/24 maxlen: 24
112.72.9.0/24 maxlen: 24
112.72.10.0/24 maxlen: 24
112.72.11.0/24 maxlen: 24
112.72.12.0/24 maxlen: 24
112.72.13.0/24 maxlen: 24
112.72.14.0/24 maxlen: 24
112.72.15.0/24 maxlen: 24
202.9.40.0/21 maxlen: 21
202.9.40.0/24 maxlen: 24
202.9.41.0/24 maxlen: 24
202.9.42.0/24 maxlen: 24
202.9.43.0/24 maxlen: 24
202.9.44.0/24 maxlen: 24
202.9.45.0/24 maxlen: 24
202.9.46.0/24 maxlen: 24
202.9.47.0/24 maxlen: 24
202.55.176.0/20 maxlen: 20
202.55.176.0/24 maxlen: 24
202.55.177.0/24 maxlen: 24
202.55.178.0/24 maxlen: 24
202.55.179.0/24 maxlen: 24
202.55.180.0/24 maxlen: 24
202.55.181.0/24 maxlen: 24
202.55.182.0/24 maxlen: 24
202.55.183.0/24 maxlen: 24
202.55.184.0/24 maxlen: 24
202.55.185.0/24 maxlen: 24
202.55.186.0/24 maxlen: 24
202.55.187.0/24 maxlen: 24
202.55.188.0/24 maxlen: 24
202.55.189.0/24 maxlen: 24
202.55.190.0/24 maxlen: 24
202.55.191.0/24 maxlen: 24
2405:ae00::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/GlXbYnoqLksmZy7g4ddRL4ZBToM.crl
rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/GlXbYnoqLksmZy7g4ddRL4ZBToM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GlXbYnoqLksmZy7g4ddRL4ZBToM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:36:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13343 (0x341f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA898/serialNumber=1A55DB627A2A2E4B26672EE0E1D7512F86414E83
Validity
Not Before: Aug 8 14:40:38 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66b4d8e6-ae41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:34:50:26:c4:a8:9c:45:e8:45:2c:8a:1d:a3:
e3:1b:10:f9:b1:2a:b2:65:03:93:0c:fe:cd:fd:9b:
3d:c5:0f:d9:5c:49:b4:8e:7d:12:43:d3:e3:8c:83:
f6:73:69:1d:aa:28:3c:78:38:a1:56:43:b4:27:b1:
66:b0:a3:c0:c4:28:39:58:32:ea:dc:75:d0:f0:27:
9f:d1:0d:16:d3:97:61:a2:aa:22:ed:94:5a:c2:07:
d2:aa:61:32:b5:94:66:88:63:82:ff:9a:9c:cb:fd:
7e:2e:7c:e3:2a:8e:4c:b0:94:45:f3:ae:b9:c7:ed:
0c:72:dd:39:8d:c9:b1:e9:dc:c4:fe:b8:88:b3:e7:
80:a2:f2:59:f3:5f:e8:e0:19:d2:8d:73:7c:df:ca:
70:5e:bc:1f:d7:18:82:d9:0b:ac:3a:51:15:f3:b6:
e7:ed:31:5a:8c:d1:f5:10:e5:bb:d9:10:09:11:7f:
bd:d1:7d:c0:78:46:56:11:bd:03:aa:6b:43:70:6d:
63:b0:53:ca:b2:6d:4c:d7:f2:74:fc:b8:d2:70:bd:
76:ca:74:4d:94:8a:c8:17:0b:a2:33:98:b2:ab:63:
75:79:fc:8d:61:4d:1f:35:76:af:de:f0:6f:61:cc:
37:b0:63:a2:38:c9:69:2f:7a:c5:76:76:97:c1:14:
22:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:25:D5:FB:1A:11:95:C7:1F:C9:DC:E9:80:CB:EB:B6:9E:CD:80:91
X509v3 Authority Key Identifier:
keyid:1A:55:DB:62:7A:2A:2E:4B:26:67:2E:E0:E1:D7:51:2F:86:41:4E:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/GlXbYnoqLksmZy7g4ddRL4ZBToM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GlXbYnoqLksmZy7g4ddRL4ZBToM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/AB9A0D320D6011EDA50DFA25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.48.0/22
112.72.0.0/20
202.9.40.0/21
202.55.176.0/20
IPv6:
2405:ae00::/32
Signature Algorithm: sha256WithRSAEncryption
23:25:90:5c:fb:c8:9e:11:60:0b:cc:0a:f2:92:4a:a2:3b:38:
68:a8:ce:d7:87:d6:15:36:a9:e3:20:71:f5:cf:a9:3d:71:c6:
a7:83:70:51:dc:f3:34:fb:c2:1a:ee:5d:2a:72:2d:1a:b7:e7:
9a:99:ab:e6:94:fb:9b:71:82:15:f0:e3:b4:ee:4e:db:a7:b4:
fa:b0:ef:ed:17:ee:90:7d:83:ec:28:94:06:8c:76:ae:49:c2:
e9:ad:a5:93:ae:61:bf:53:3c:09:c9:c6:f3:5d:a6:42:50:2c:
43:01:8f:5e:ae:04:2c:80:7d:c7:e2:2c:91:99:ff:56:0f:06:
c7:2f:1f:8c:41:de:2e:2b:50:8d:39:6d:b7:8d:22:0f:44:ef:
45:c7:68:89:5f:c8:b1:c2:16:89:32:cc:85:8b:63:d4:92:a2:
87:7f:16:9d:44:b9:0d:56:9c:68:d6:8d:0e:a1:a6:10:14:e8:
d1:b0:f7:e8:7f:0e:f3:23:d5:e5:c3:02:4f:bf:46:43:87:2a:
88:5e:2c:af:af:ee:fe:d5:3d:5e:5e:d1:ae:bf:e0:a5:2c:55:
de:23:70:d5:da:d8:0b:6b:08:02:6c:d6:34:d9:f9:6a:81:40:
cd:66:bc:a8:58:a6:4b:c8:89:7a:34:9c:54:24:8f:21:f8:bf:
c0:88:8f:a0
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICNB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REE4OTgxMTAvBgNVBAUTKDFBNTVEQjYyN0EyQTJFNEIyNjY3MkVFMEUxRDc1MTJG
ODY0MTRFODMwHhcNMjQwODA4MTQ0MDM4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI0ZDhlNi1hZTQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtDRQJsSonEXoRSyKHaPjGxD5sSqyZQOTDP7N/Zs9xQ/ZXEm0jn0SQ9PjjIP2
c2kdqig8eDihVkO0J7FmsKPAxCg5WDLq3HXQ8Cef0Q0W05dhoqoi7ZRawgfSqmEy
tZRmiGOC/5qcy/1+LnzjKo5MsJRF8665x+0Mct05jcmx6dzE/riIs+eAovJZ81/o
4BnSjXN838pwXrwf1xiC2QusOlEV87bn7TFajNH1EOW72RAJEX+90X3AeEZWEb0D
qmtDcG1jsFPKsm1M1/J0/LjScL12ynRNlIrIFwuiM5iyq2N1efyNYU0fNXav3vBv
Ycw3sGOiOMlpL3rFdnaXwRQi8wIDAQABo4ICtjCCArIwHQYDVR0OBBYEFCkl1fsa
EZXHH8nc6YDL67aezYCRMB8GA1UdIwQYMBaAFBpV22J6Ki5LJmcu4OHXUS+GQU6D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTg5OC82OUFEQzE5RTFE
OEMxMUUyODZCNjlFRTcwOEIwMkNEMi9HbFhiWW5vcUxrc21aeTdnNGRkUkw0WkJU
b00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dsWGJZbm9xTGtzbVp5N2c0ZGRSTDRaQlRvTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REE4OTgvNjlBREMxOUUxRDhDMTFFMjg2QjY5RUU3MDhCMDJDRDIvQUI5QTBEMzIw
RDYwMTFFREE1MERGQTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnFzADBARwSAADBAPKCSgDBATKN7AwDQQCAAIwBwMFACQF
rgAwDQYJKoZIhvcNAQELBQADggEBACMlkFz7yJ4RYAvMCvKSSqI7OGiozteH1hU2
qeMgcfXPqT1xxqeDcFHc8zT7whruXSpyLRq355qZq+aU+5txghXw47TuTtuntPqw
7+0X7pB9g+wolAaMdq5JwumtpZOuYb9TPAnJxvNdpkJQLEMBj16uBCyAfcfiLJGZ
/1YPBscvH4xB3i4rUI05bbeNIg9E70XHaIlfyLHCFokyzIWLY9SSood/Fp1EuQ1W
nGjWjQ6hphAU6NGw9+h/DvMj1eXDAk+/RkOHKoheLK+v7v7VPV5e0a6/4KUsVd4j
cNXa2AtrCAJs1jTZ+WqBQM1mvKhYpkvIiXo0nFQkjyH4v8CIj6A=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:50:04 2024 by rpki-client on console-ams.rpki-client.org