Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa
File: 6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa (raw, json)
Hash identifier: O29diGY7x4eXWAym++dxviC9GPqPH5Yep4DO4YaBc5k=
Subject key identifier: 85:E1:D4:5C:A1:30:E8:8D:7D:0D:CD:85:01:5C:E2:3E:02:59:1F:F8
Certificate issuer: /CN=A91E4463/serialNumber=771230A82EDBC27716AB3DC6A82FC5AEC45EEF67
Certificate serial: 0BD1
Authority key identifier: 77:12:30:A8:2E:DB:C2:77:16:AB:3D:C6:A8:2F:C5:AE:C4:5E:EF:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa
Signing time: Sun 20 Oct 2024 06:13:33 +0000
ROA not before: Sun 20 Oct 2024 06:13:33 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 136224
IP address blocks: 103.84.36.0/22 maxlen: 22
103.84.36.0/23 maxlen: 23
103.84.36.0/24 maxlen: 24
103.84.37.0/24 maxlen: 24
103.84.38.0/23 maxlen: 23
103.84.38.0/24 maxlen: 24
103.84.39.0/24 maxlen: 24
113.212.108.0/22 maxlen: 22
113.212.108.0/23 maxlen: 23
113.212.108.0/24 maxlen: 24
113.212.109.0/24 maxlen: 24
113.212.111.0/24 maxlen: 24
2400:9940:5::/48 maxlen: 48
2400:9940:1000::/48 maxlen: 48
2400:9940:1001::/48 maxlen: 48
2400:9940:1002::/48 maxlen: 48
2400:9940:1003::/48 maxlen: 48
2400:9940:1100::/48 maxlen: 48
2400:9940:1101::/48 maxlen: 48
2400:9940:1102::/48 maxlen: 48
2400:9940:1103::/48 maxlen: 48
2400:9940:1104::/48 maxlen: 48
2400:9940:1200::/48 maxlen: 48
2400:9940:1201::/48 maxlen: 48
2400:9940:1202::/48 maxlen: 48
2400:9940:1203::/48 maxlen: 48
2400:9940:1204::/48 maxlen: 48
2400:9940:1300::/48 maxlen: 48
2400:9940:1301::/48 maxlen: 48
2400:9940:1302::/48 maxlen: 48
2400:9940:1303::/48 maxlen: 48
2400:9940:1304::/48 maxlen: 48
2400:9940:1400::/48 maxlen: 48
2400:9940:1401::/48 maxlen: 48
2400:9940:1402::/48 maxlen: 48
2400:9940:1403::/48 maxlen: 48
2400:9940:1404::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.crl
rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 18:35:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3025 (0xbd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4463/serialNumber=771230A82EDBC27716AB3DC6A82FC5AEC45EEF67
Validity
Not Before: Oct 20 06:13:33 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=67149f8c-5f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0d:67:d8:06:a6:d3:e9:94:6c:07:69:09:53:
09:91:06:80:5d:d1:8b:4c:e3:fa:00:d2:12:a7:b7:
29:9b:40:a4:ad:2e:15:ec:dc:87:d5:4a:a0:87:e8:
60:43:48:6b:f9:b3:7d:10:a0:81:46:02:3f:98:ef:
c9:53:5e:52:5f:9d:ed:58:f8:a0:9e:f2:86:f4:4d:
57:8f:a0:84:ce:8b:f2:af:9d:48:f9:dd:0c:fd:0c:
8e:85:07:6f:d0:1b:6b:69:40:27:be:52:cb:09:45:
1d:f4:b3:b7:49:0d:79:08:9e:d3:4a:82:6a:4c:55:
c4:f5:c5:ee:be:32:72:b4:d0:74:ff:61:45:fe:6f:
02:c1:51:87:15:b7:8a:e1:6e:9d:8a:46:64:4a:d0:
17:d4:a2:3b:2f:06:4f:be:1d:fb:47:e2:89:7e:a7:
c8:15:c9:bb:20:ce:1f:1e:0d:fe:f7:ba:1f:76:95:
30:ab:bb:8e:4d:b3:df:db:07:76:a5:23:a0:22:6e:
5a:78:27:82:8e:bf:66:ad:86:f4:a9:f1:78:84:89:
51:d3:ea:f3:67:5e:bc:c0:2a:45:c0:ff:9e:35:29:
ce:14:e3:d2:7b:11:11:1d:69:1e:56:54:da:3f:b3:
b1:9d:19:32:9e:41:63:88:19:ea:17:bb:a0:6d:f1:
0a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E1:D4:5C:A1:30:E8:8D:7D:0D:CD:85:01:5C:E2:3E:02:59:1F:F8
X509v3 Authority Key Identifier:
keyid:77:12:30:A8:2E:DB:C2:77:16:AB:3D:C6:A8:2F:C5:AE:C4:5E:EF:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/dxIwqC7bwncWqz3GqC_FrsRe72c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dxIwqC7bwncWqz3GqC_FrsRe72c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4463/A4D4400C139F11EAA6582860C4F9AE02/6EBD0E788EAA11EFA6C1D33AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.36.0/22
113.212.108.0/22
IPv6:
2400:9940:5::/48
2400:9940:1000::/46
2400:9940:1100::-2400:9940:1104:ffff:ffff:ffff:ffff:ffff
2400:9940:1200::-2400:9940:1204:ffff:ffff:ffff:ffff:ffff
2400:9940:1300::-2400:9940:1304:ffff:ffff:ffff:ffff:ffff
2400:9940:1400::-2400:9940:1404:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b8:43:a8:90:8e:d7:ab:d3:63:4f:e2:f4:54:cd:ca:9f:00:bc:
87:ea:7d:3a:6f:49:78:b5:94:35:a1:0c:2e:8a:82:52:fc:46:
97:95:6d:b7:68:8c:62:9c:f4:70:1e:bf:80:26:13:f4:2f:0f:
19:dd:0e:c8:85:62:64:4b:e1:cb:d6:17:c8:3c:63:0b:6c:f4:
9d:90:5f:64:41:ae:63:ac:b5:cb:77:61:96:25:c9:a9:70:91:
a8:cf:33:b7:77:15:d3:e6:ff:c1:c2:87:f6:b9:25:87:2b:c9:
c2:31:90:4f:c7:c4:7b:b5:80:cf:3b:f7:0e:e1:a9:6e:be:28:
a8:d3:0d:f9:22:16:35:a4:d0:7f:f7:29:f0:1a:29:f9:2d:a2:
25:a6:85:19:3f:5d:d2:e9:d3:7c:e0:13:27:a4:02:09:5b:94:
fb:53:8e:aa:ed:bf:8b:3e:40:89:1c:82:ed:f7:26:65:4e:e3:
d0:35:88:d7:72:10:88:17:c2:d8:09:b5:a9:e3:78:58:a5:30:
b3:d4:68:3a:9a:43:2c:b7:40:4d:5a:e7:85:a0:30:0e:bb:81:
e6:ec:d8:21:a0:85:50:5e:94:11:d2:fb:8a:79:e6:c1:1a:89:
1c:d9:36:b3:98:7d:99:77:ec:b3:b6:29:33:9b:38:96:4f:96:
fa:8d:6a:35
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgICC9EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTQ0NjMxMTAvBgNVBAUTKDc3MTIzMEE4MkVEQkMyNzcxNkFCM0RDNkE4MkZDNUFF
QzQ1RUVGNjcwHhcNMjQxMDIwMDYxMzMzWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE0OWY4Yy01ZjMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwA1n2Aam0+mUbAdpCVMJkQaAXdGLTOP6ANISp7cpm0CkrS4V7NyH1Uqgh+hg
Q0hr+bN9EKCBRgI/mO/JU15SX53tWPignvKG9E1Xj6CEzovyr51I+d0M/QyOhQdv
0BtraUAnvlLLCUUd9LO3SQ15CJ7TSoJqTFXE9cXuvjJytNB0/2FF/m8CwVGHFbeK
4W6dikZkStAX1KI7LwZPvh37R+KJfqfIFcm7IM4fHg3+97ofdpUwq7uOTbPf2wd2
pSOgIm5aeCeCjr9mrYb0qfF4hIlR0+rzZ168wCpFwP+eNSnOFOPSexERHWkeVlTa
P7OxnRkynkFjiBnqF7ugbfEKMQIDAQABo4IDAjCCAv4wHQYDVR0OBBYEFIXh1Fyh
MOiNfQ3NhQFc4j4CWR/4MB8GA1UdIwQYMBaAFHcSMKgu28J3Fqs9xqgvxa7EXu9n
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDQ2My9BNEQ0NDAwQzEz
OUYxMUVBQTY1ODI4NjBDNEY5QUUwMi9keEl3cUM3YnduY1dxejNHcUNfRnJzUmU3
MmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2R4SXdxQzdid25jV3F6M0dxQ19GcnNSZTcyYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTQ0NjMvQTRENDQwMEMxMzlGMTFFQUE2NTgyODYwQzRGOUFFMDIvNkVCRDBFNzg4
RUFBMTFFRkE2QzFEMzNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYsGCCsGAQUFBwEHAQH/
BHwwejASBAIAATAMAwQCZ1QkAwQCcdRsMGQEAgACMF4DBwAkAJlAAAUDBwIkAJlA
EAAwEQMGACQAmUARAwcAJACZQBEEMBEDBgEkAJlAEgMHACQAmUASBDARAwYAJACZ
QBMDBwAkAJlAEwQwEQMGAiQAmUAUAwcAJACZQBQEMA0GCSqGSIb3DQEBCwUAA4IB
AQC4Q6iQjter02NP4vRUzcqfALyH6n06b0l4tZQ1oQwuioJS/EaXlW23aIxinPRw
Hr+AJhP0Lw8Z3Q7IhWJkS+HL1hfIPGMLbPSdkF9kQa5jrLXLd2GWJcmpcJGozzO3
dxXT5v/Bwof2uSWHK8nCMZBPx8R7tYDPO/cO4aluviio0w35IhY1pNB/9ynwGin5
LaIlpoUZP13S6dN84BMnpAIJW5T7U46q7b+LPkCJHILt9yZlTuPQNYjXchCIF8LY
CbWp43hYpTCz1Gg6mkMst0BNWueFoDAOu4Hm7NghoIVQXpQR0vuKeebBGokc2Taz
mH2Zd+yztikzmziWT5b6jWo1
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:19 2024 by rpki-client on console-ams.rpki-client.org