Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/58EC5A1A8F3E11EF9B5DE37CC4F9AE02.roa
File: 58EC5A1A8F3E11EF9B5DE37CC4F9AE02.roa (raw, json)
Hash identifier: 5alAYtTxlTPz7H9FR7DrZV0C+EIeEapBMkQZSRp1vSw=
Subject key identifier: 21:09:1D:DE:75:A4:B2:20:9C:1C:78:84:A5:AE:62:29:A6:94:1B:F1
Certificate issuer: /CN=A91EAF4B/serialNumber=AD71DEC1389B14A012001076991F59ABE2CAB1E6
Certificate serial: 95
Authority key identifier: AD:71:DE:C1:38:9B:14:A0:12:00:10:76:99:1F:59:AB:E2:CA:B1:E6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rXHewTibFKASABB2mR9Zq-LKseY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/58EC5A1A8F3E11EF9B5DE37CC4F9AE02.roa
Signing time: Tue 22 Oct 2024 09:14:23 +0000
ROA not before: Tue 22 Oct 2024 09:14:23 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 140077
IP address blocks: 103.148.50.0/24 maxlen: 24
103.148.51.0/24 maxlen: 24
2405:cbc0::/48 maxlen: 48
2405:cbc0:1::/48 maxlen: 48
2405:cbc0:2::/48 maxlen: 48
2405:cbc0:3::/48 maxlen: 48
2405:cbc0:4::/48 maxlen: 48
2405:cbc0:5::/48 maxlen: 48
2405:cbc0:6::/48 maxlen: 48
2405:cbc0:7::/48 maxlen: 48
2405:cbc0:8::/48 maxlen: 48
2405:cbc0:9::/48 maxlen: 48
2405:cbc0:10::/48 maxlen: 48
2405:cbc0:11::/48 maxlen: 48
2405:cbc0:12::/48 maxlen: 48
2405:cbc0:13::/48 maxlen: 48
2405:cbc0:14::/48 maxlen: 48
2405:cbc0:15::/48 maxlen: 48
2405:cbc0:16::/48 maxlen: 48
2405:cbc0:17::/48 maxlen: 48
2405:cbc0:18::/48 maxlen: 48
2405:cbc0:19::/48 maxlen: 48
2405:cbc0:20::/48 maxlen: 48
2405:cbc0:21::/48 maxlen: 48
2405:cbc0:22::/48 maxlen: 48
2405:cbc0:23::/48 maxlen: 48
2405:cbc0:24::/48 maxlen: 48
2405:cbc0:25::/48 maxlen: 48
2405:cbc0:26::/48 maxlen: 48
2405:cbc0:27::/48 maxlen: 48
2405:cbc0:28::/48 maxlen: 48
2405:cbc0:29::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/rXHewTibFKASABB2mR9Zq-LKseY.crl
rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/rXHewTibFKASABB2mR9Zq-LKseY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rXHewTibFKASABB2mR9Zq-LKseY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 19:20:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149 (0x95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAF4B/serialNumber=AD71DEC1389B14A012001076991F59ABE2CAB1E6
Validity
Not Before: Oct 22 09:14:23 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=67176cee-c3e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9c:a4:5e:3d:e5:49:69:27:1b:53:69:1c:36:
ef:f1:d0:9d:9d:3e:44:a0:b5:a9:5d:cc:5c:5b:80:
ce:d3:53:b4:a1:5c:a8:74:f9:ea:b7:6d:29:8e:d1:
7e:46:1d:32:f6:a5:48:75:8c:84:31:c5:19:c5:69:
6e:c5:70:07:1c:b7:04:2f:0b:3f:f0:72:e5:3c:80:
9c:b6:18:75:a2:c8:17:96:59:8c:3c:9e:a9:9e:76:
35:6a:af:9f:b7:fe:17:17:87:ef:00:e0:fe:1f:92:
82:ea:ca:c6:4f:3a:c8:bd:9d:8b:88:0d:99:50:7e:
36:4f:0b:97:59:cc:00:a2:6c:c1:66:ec:a5:ca:4a:
8f:fd:b3:44:0f:d2:ca:4c:2c:50:df:28:e0:0c:06:
81:16:0e:df:63:df:ea:e8:1c:01:74:cf:92:5a:da:
cb:d0:fd:c6:97:c7:b7:60:d7:47:de:3e:96:26:68:
22:eb:b8:15:0c:06:95:9e:8f:61:b3:20:be:e6:d9:
6f:e3:1d:96:ab:af:49:ce:bb:c9:91:eb:e4:72:d1:
78:a5:3f:36:9b:30:e0:50:f9:a6:f8:32:2c:41:01:
c2:63:d8:b5:e1:a3:c2:3b:9d:6f:81:6b:a4:3f:c3:
11:16:64:df:fb:e5:d2:57:34:e3:40:5c:35:21:cc:
24:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:09:1D:DE:75:A4:B2:20:9C:1C:78:84:A5:AE:62:29:A6:94:1B:F1
X509v3 Authority Key Identifier:
keyid:AD:71:DE:C1:38:9B:14:A0:12:00:10:76:99:1F:59:AB:E2:CA:B1:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/rXHewTibFKASABB2mR9Zq-LKseY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rXHewTibFKASABB2mR9Zq-LKseY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAF4B/84858F6A471911EA90863072C4F9AE02/58EC5A1A8F3E11EF9B5DE37CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.50.0/23
IPv6:
2405:cbc0::-2405:cbc0:9:ffff:ffff:ffff:ffff:ffff
2405:cbc0:10::-2405:cbc0:19:ffff:ffff:ffff:ffff:ffff
2405:cbc0:20::-2405:cbc0:29:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
84:bd:e1:2f:6f:f0:76:87:cc:c0:13:34:5d:21:d1:32:9b:ee:
bf:24:28:50:c0:70:35:2d:88:ee:6d:7f:15:01:49:e9:51:d2:
e8:44:8d:af:c8:32:41:42:39:3e:4f:9b:de:d6:c9:b3:bb:0d:
3c:75:41:15:2e:fb:32:09:41:f7:1d:03:ef:a4:d2:f2:a8:31:
4f:d3:64:7d:25:2a:02:8d:8d:cd:04:e1:41:4f:52:07:86:a4:
db:1a:5f:6a:81:52:48:78:3f:65:bf:a2:6a:9f:25:22:24:06:
f2:ae:5c:7e:de:e3:47:11:47:de:5c:97:44:b5:8c:5b:68:f1:
03:3b:18:1c:4a:94:a1:3e:f2:6f:b7:1b:69:09:b7:b4:b5:b0:
c4:f7:bc:2c:22:dd:f5:4f:59:f9:0c:93:6f:b9:bf:be:f3:46:
1c:62:0a:8f:dd:d1:d6:8b:6b:d9:30:86:d3:f5:c9:d2:f8:d3:
0d:0f:a5:39:82:0e:16:3f:71:71:b9:80:6d:87:49:f7:bc:72:
e4:8e:3d:24:b3:d6:95:5f:f4:1a:ac:97:f0:ba:1f:56:b4:5f:
81:93:bd:18:b1:51:aa:53:fc:7f:82:20:29:2a:13:00:a7:ca:
c3:54:bf:43:d7:91:ff:65:00:bd:e0:bb:aa:b3:66:9a:c4:36:
8b:0d:76:f7
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgICAJUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFGNEIxMTAvBgNVBAUTKEFENzFERUMxMzg5QjE0QTAxMjAwMTA3Njk5MUY1OUFC
RTJDQUIxRTYwHhcNMjQxMDIyMDkxNDIzWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE3NmNlZS1jM2U5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvJykXj3lSWknG1NpHDbv8dCdnT5EoLWpXcxcW4DO01O0oVyodPnqt20pjtF+
Rh0y9qVIdYyEMcUZxWluxXAHHLcELws/8HLlPICcthh1osgXllmMPJ6pnnY1aq+f
t/4XF4fvAOD+H5KC6srGTzrIvZ2LiA2ZUH42TwuXWcwAomzBZuylykqP/bNED9LK
TCxQ3yjgDAaBFg7fY9/q6BwBdM+SWtrL0P3Gl8e3YNdH3j6WJmgi67gVDAaVno9h
syC+5tlv4x2Wq69JzrvJkevkctF4pT82mzDgUPmm+DIsQQHCY9i14aPCO51vgWuk
P8MRFmTf++XSVzTjQFw1IcwkmQIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFCEJHd51
pLIgnBx4hKWuYimmlBvxMB8GA1UdIwQYMBaAFK1x3sE4mxSgEgAQdpkfWaviyrHm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUY0Qi84NDg1OEY2QTQ3
MTkxMUVBOTA4NjMwNzJDNEY5QUUwMi9yWEhld1RpYkZLQVNBQkIybVI5WnEtTEtz
ZVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JYSGV3VGliRktBU0FCQjJtUjlacS1MS3NlWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFGNEIvODQ4NThGNkE0NzE5MTFFQTkwODYzMDcyQzRGOUFFMDIvNThFQzVBMUE4
RjNFMTFFRjlCNURFMzdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E
UjBQMAwEAgABMAYDBAFnlDIwQAQCAAIwOjAQAwUGJAXLwAMHASQFy8AACDASAwcE
JAXLwAAQAwcBJAXLwAAYMBIDBwUkBcvAACADBwEkBcvAACgwDQYJKoZIhvcNAQEL
BQADggEBAIS94S9v8HaHzMATNF0h0TKb7r8kKFDAcDUtiO5tfxUBSelR0uhEja/I
MkFCOT5Pm97WybO7DTx1QRUu+zIJQfcdA++k0vKoMU/TZH0lKgKNjc0E4UFPUgeG
pNsaX2qBUkh4P2W/omqfJSIkBvKuXH7e40cRR95cl0S1jFto8QM7GBxKlKE+8m+3
G2kJt7S1sMT3vCwi3fVPWfkMk2+5v77zRhxiCo/d0daLa9kwhtP1ydL40w0PpTmC
DhY/cXG5gG2HSfe8cuSOPSSz1pVf9Bqsl/C6H1a0X4GTvRixUapT/H+CICkqEwCn
ysNUv0PXkf9lAL3gu6qzZprENosNdvc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:49 2024 by rpki-client on console-ams.rpki-client.org