Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/AB9A0D320D6011EDA50DFA25C4F9AE02.roa
File: AB9A0D320D6011EDA50DFA25C4F9AE02.roa (raw, json)
Hash identifier: ZH0sVl0w6+grV2jPlK6llRZ7lJDHaTAvfA3w4SNuHEc=
Subject key identifier: 9E:2A:05:D9:41:86:F5:77:1B:8E:3E:A2:CC:88:18:C7:66:8A:AB:FE
Certificate issuer: /CN=A91DA898/serialNumber=1A55DB627A2A2E4B26672EE0E1D7512F86414E83
Certificate serial: 3350
Authority key identifier: 1A:55:DB:62:7A:2A:2E:4B:26:67:2E:E0:E1:D7:51:2F:86:41:4E:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GlXbYnoqLksmZy7g4ddRL4ZBToM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/AB9A0D320D6011EDA50DFA25C4F9AE02.roa
Signing time: Sat 08 Jul 2023 14:50:29 +0000
ROA not before: Sat 08 Jul 2023 14:50:29 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 10219
IP address blocks: 103.23.48.0/22 maxlen: 22
103.23.48.0/24 maxlen: 24
103.23.49.0/24 maxlen: 24
103.23.50.0/24 maxlen: 24
103.23.51.0/24 maxlen: 24
112.72.0.0/20 maxlen: 20
112.72.0.0/24 maxlen: 24
112.72.1.0/24 maxlen: 24
112.72.2.0/24 maxlen: 24
112.72.3.0/24 maxlen: 24
112.72.4.0/24 maxlen: 24
112.72.5.0/24 maxlen: 24
112.72.6.0/24 maxlen: 24
112.72.7.0/24 maxlen: 24
112.72.8.0/24 maxlen: 24
112.72.9.0/24 maxlen: 24
112.72.10.0/24 maxlen: 24
112.72.11.0/24 maxlen: 24
112.72.12.0/24 maxlen: 24
112.72.13.0/24 maxlen: 24
112.72.14.0/24 maxlen: 24
112.72.15.0/24 maxlen: 24
202.9.40.0/21 maxlen: 21
202.9.40.0/24 maxlen: 24
202.9.41.0/24 maxlen: 24
202.9.42.0/24 maxlen: 24
202.9.43.0/24 maxlen: 24
202.9.44.0/24 maxlen: 24
202.9.45.0/24 maxlen: 24
202.9.46.0/24 maxlen: 24
202.9.47.0/24 maxlen: 24
202.55.176.0/20 maxlen: 20
202.55.176.0/24 maxlen: 24
202.55.177.0/24 maxlen: 24
202.55.178.0/24 maxlen: 24
202.55.179.0/24 maxlen: 24
202.55.180.0/24 maxlen: 24
202.55.181.0/24 maxlen: 24
202.55.182.0/24 maxlen: 24
202.55.183.0/24 maxlen: 24
202.55.184.0/24 maxlen: 24
202.55.185.0/24 maxlen: 24
202.55.186.0/24 maxlen: 24
202.55.187.0/24 maxlen: 24
202.55.188.0/24 maxlen: 24
202.55.189.0/24 maxlen: 24
202.55.190.0/24 maxlen: 24
202.55.191.0/24 maxlen: 24
2405:ae00::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/GlXbYnoqLksmZy7g4ddRL4ZBToM.crl
rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/GlXbYnoqLksmZy7g4ddRL4ZBToM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GlXbYnoqLksmZy7g4ddRL4ZBToM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13136 (0x3350)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA898/serialNumber=1A55DB627A2A2E4B26672EE0E1D7512F86414E83
Validity
Not Before: Jul 8 14:50:29 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64a977b5-37fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d4:8a:ca:a6:e2:b5:0b:ff:c1:11:80:36:29:
69:b9:c3:84:5e:b1:1f:ed:0e:9e:1f:86:69:92:fe:
7e:f9:47:6f:0d:5c:8d:60:c0:60:06:53:5e:95:b1:
8a:b8:cf:99:dd:86:1b:13:61:22:df:11:cc:94:40:
19:70:18:ce:84:c7:ec:79:85:4d:c7:68:f3:48:ab:
35:44:00:23:bf:d0:37:28:e3:ef:5d:63:a6:08:1b:
7b:6e:15:ac:24:8f:27:cf:a0:a2:f7:8c:0e:93:49:
8c:46:d0:58:45:e8:b4:08:71:64:e1:7c:88:30:61:
f4:59:e1:44:a5:3b:26:5f:e4:10:8f:74:cd:23:a5:
d4:37:7d:9b:59:c8:06:46:10:be:74:71:29:f6:b1:
1c:8d:08:9d:ab:55:4e:8a:4e:9a:2b:49:36:d8:42:
94:6e:e9:84:27:62:7f:59:ed:c4:fa:67:0c:86:3d:
5a:29:a0:25:cb:97:92:51:37:ed:d4:0d:ff:9d:7b:
33:d8:1b:f0:96:a2:3a:12:21:f5:ad:25:31:0e:fb:
e9:91:3e:e3:69:d8:9b:46:94:e3:f8:11:95:c5:d4:
4f:22:84:26:3c:ef:81:43:88:ef:cd:a2:f7:46:1f:
8a:3b:83:aa:2c:5b:f6:84:de:8e:60:3f:1d:a9:00:
96:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:2A:05:D9:41:86:F5:77:1B:8E:3E:A2:CC:88:18:C7:66:8A:AB:FE
X509v3 Authority Key Identifier:
keyid:1A:55:DB:62:7A:2A:2E:4B:26:67:2E:E0:E1:D7:51:2F:86:41:4E:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/GlXbYnoqLksmZy7g4ddRL4ZBToM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GlXbYnoqLksmZy7g4ddRL4ZBToM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA898/69ADC19E1D8C11E286B69EE708B02CD2/AB9A0D320D6011EDA50DFA25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.48.0/22
112.72.0.0/20
202.9.40.0/21
202.55.176.0/20
IPv6:
2405:ae00::/32
Signature Algorithm: sha256WithRSAEncryption
98:48:6f:96:61:16:cf:a9:91:5f:e1:03:87:5d:86:ca:3e:f9:
25:b9:f6:2a:5e:24:de:db:dc:19:e1:c7:13:a5:1f:c5:ed:72:
1c:69:c9:85:59:53:ad:7b:87:4b:a7:2d:fb:bd:34:15:97:e2:
46:f8:d3:c8:49:ac:5a:56:26:5b:58:0a:d7:75:98:76:02:25:
24:f6:6b:c5:2a:86:9c:61:fa:63:27:3a:f2:6b:61:1b:b9:2a:
64:6f:14:0d:14:f2:86:da:1b:bb:10:01:8f:34:79:22:ea:65:
eb:78:6f:86:e2:ab:52:1b:73:5c:8d:a6:95:24:03:82:11:c6:
b3:15:c4:b2:41:a8:56:44:f9:e0:4c:14:f3:de:63:d0:13:c1:
f7:0c:a3:c1:e5:a8:b1:c0:6a:b8:08:72:d1:54:62:5d:08:0e:
9e:61:34:09:29:72:c1:17:d5:5d:a4:0a:52:86:ca:8b:6b:46:
44:75:47:97:6e:30:03:d1:8f:8d:ed:f6:53:c0:ad:00:5f:c3:
bf:d5:5a:dd:44:0e:6d:5f:8a:22:36:65:20:03:0e:e8:d0:65:
18:05:91:3d:3a:06:92:f4:e6:32:a5:e3:2f:0a:64:99:82:b9:
c1:a6:bb:d3:19:95:f0:54:05:c6:6f:b3:6f:30:b1:b5:7e:ee:
30:d3:a4:db
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICM1AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REE4OTgxMTAvBgNVBAUTKDFBNTVEQjYyN0EyQTJFNEIyNjY3MkVFMEUxRDc1MTJG
ODY0MTRFODMwHhcNMjMwNzA4MTQ1MDI5WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE5NzdiNS0zN2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArNSKyqbitQv/wRGANilpucOEXrEf7Q6eH4Zpkv5++UdvDVyNYMBgBlNelbGK
uM+Z3YYbE2Ei3xHMlEAZcBjOhMfseYVNx2jzSKs1RAAjv9A3KOPvXWOmCBt7bhWs
JI8nz6Ci94wOk0mMRtBYRei0CHFk4XyIMGH0WeFEpTsmX+QQj3TNI6XUN32bWcgG
RhC+dHEp9rEcjQidq1VOik6aK0k22EKUbumEJ2J/We3E+mcMhj1aKaAly5eSUTft
1A3/nXsz2BvwlqI6EiH1rSUxDvvpkT7jadibRpTj+BGVxdRPIoQmPO+BQ4jvzaL3
Rh+KO4OqLFv2hN6OYD8dqQCWzwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFJ4qBdlB
hvV3G44+osyIGMdmiqv+MB8GA1UdIwQYMBaAFBpV22J6Ki5LJmcu4OHXUS+GQU6D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTg5OC82OUFEQzE5RTFE
OEMxMUUyODZCNjlFRTcwOEIwMkNEMi9HbFhiWW5vcUxrc21aeTdnNGRkUkw0WkJU
b00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dsWGJZbm9xTGtzbVp5N2c0ZGRSTDRaQlRvTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REE4OTgvNjlBREMxOUUxRDhDMTFFMjg2QjY5RUU3MDhCMDJDRDIvQUI5QTBEMzIw
RDYwMTFFREE1MERGQTI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnFzADBARwSAADBAPKCSgDBATKN7AwDQQCAAIwBwMFACQF
rgAwDQYJKoZIhvcNAQELBQADggEBAJhIb5ZhFs+pkV/hA4ddhso++SW59ipeJN7b
3BnhxxOlH8XtchxpyYVZU617h0unLfu9NBWX4kb408hJrFpWJltYCtd1mHYCJST2
a8Uqhpxh+mMnOvJrYRu5KmRvFA0U8obaG7sQAY80eSLqZet4b4biq1Ibc1yNppUk
A4IRxrMVxLJBqFZE+eBMFPPeY9ATwfcMo8HlqLHAargIctFUYl0IDp5hNAkpcsEX
1V2kClKGyotrRkR1R5duMAPRj43t9lPArQBfw7/VWt1EDm1fiiI2ZSADDujQZRgF
kT06BpL05jKl4y8KZJmCucGmu9MZlfBUBcZvs28wsbV+7jDTpNs=
-----END CERTIFICATE-----
Generated at Wed May 8 15:19:10 2024 by rpki-client on console-fra.rpki-client.org