Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/38564246ABFB11EFAC5AA210C4F9AE02.roa
File: 38564246ABFB11EFAC5AA210C4F9AE02.roa (raw, json)
Hash identifier: sskp3HBILFnXPQcK4oVCISFF3ApRMJYsh2EXBArBls4=
Subject key identifier: CF:06:D0:72:51:04:F0:6E:D5:96:65:0C:C1:0B:79:CD:FB:D7:8F:4F
Certificate issuer: /CN=A91EB2B8/serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F
Certificate serial: 023D
Authority key identifier: A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/38564246ABFB11EFAC5AA210C4F9AE02.roa
Signing time: Sat 11 Jan 2025 03:44:25 +0000
ROA not before: Sat 11 Jan 2025 03:44:25 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 139057
IP address blocks: 103.138.247.0/24 maxlen: 24
103.243.92.0/24 maxlen: 24
103.243.93.0/24 maxlen: 24
103.243.94.0/24 maxlen: 24
103.243.95.0/24 maxlen: 24
123.108.72.0/24 maxlen: 24
123.108.73.0/24 maxlen: 24
2407:2440:1::/48 maxlen: 48
2407:2440:2::/48 maxlen: 48
2407:2440:3::/48 maxlen: 48
2407:2440:4::/48 maxlen: 48
2407:2440:5::/48 maxlen: 48
2407:2440:6::/48 maxlen: 48
2407:2440:7::/48 maxlen: 48
2407:2440:8::/48 maxlen: 48
2407:2440:9::/48 maxlen: 48
2407:2440:a::/48 maxlen: 48
2407:2440:b::/48 maxlen: 48
2407:2440:c::/48 maxlen: 48
2407:2440:d::/48 maxlen: 48
2407:2440:e::/48 maxlen: 48
2407:2440:f::/48 maxlen: 48
2407:2440:10::/48 maxlen: 48
2407:2440:11::/48 maxlen: 48
2407:2440:12::/48 maxlen: 48
2407:2440:13::/48 maxlen: 48
2407:2440:14::/48 maxlen: 48
2407:2440:15::/48 maxlen: 48
2407:2440:16::/48 maxlen: 48
2407:2440:17::/48 maxlen: 48
2407:2440:18::/48 maxlen: 48
2407:2440:19::/48 maxlen: 48
2407:2440:1e::/48 maxlen: 48
2407:2440:1f::/48 maxlen: 48
2407:2440:20::/48 maxlen: 48
2407:2440:22::/48 maxlen: 48
2407:2440:23::/48 maxlen: 48
2407:2440:25::/48 maxlen: 48
2407:2440:28::/48 maxlen: 48
2407:2440:2a::/48 maxlen: 48
2407:2440:2b::/48 maxlen: 48
2407:2440:2c::/48 maxlen: 48
2407:2440:2d::/48 maxlen: 48
2407:2440:a001::/48 maxlen: 48
2407:2440:a002::/48 maxlen: 48
2407:2440:e001::/48 maxlen: 48
2407:2440:e002::/48 maxlen: 48
2407:2440:e003::/48 maxlen: 48
2407:2440:f001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl
rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 12 Feb 2025 01:40:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 573 (0x23d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EB2B8
Validity
Not Before: Jan 11 03:44:25 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6781e919-a41b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fb:c0:d8:fb:04:57:75:66:66:56:85:9a:37:
18:66:b1:50:3c:cf:4f:41:5f:f6:a5:11:20:27:fa:
b1:02:6d:d7:18:cc:aa:37:95:41:f8:ff:1b:49:cb:
47:82:cf:4a:49:6e:27:d2:f9:03:2f:d7:e8:01:da:
af:3c:e9:58:66:e3:f5:f2:d6:f0:f7:80:64:5d:36:
a6:7e:bf:1a:96:97:8b:b8:1a:5a:5b:92:69:fb:9c:
1a:ae:8d:5d:c1:a0:86:cd:a4:d6:f0:80:03:7a:cd:
ce:fc:e3:98:1d:d1:82:c3:fe:b7:f7:31:2f:f3:0b:
27:c9:73:c5:4a:dc:0a:a7:69:af:10:10:8a:4f:4a:
2c:4a:30:43:91:59:90:d1:3a:0b:e1:b6:98:33:ee:
86:88:9f:04:42:68:c0:78:39:e6:cb:d3:bc:71:8f:
20:22:f7:06:d0:07:3f:43:64:c0:68:30:41:ec:4c:
5d:ec:b1:81:89:c8:99:db:a4:21:0f:73:ea:09:74:
61:32:59:f6:dc:12:77:36:ad:87:8f:ed:24:eb:03:
02:08:d2:2e:5b:d6:42:9c:a0:c2:87:06:28:c6:d7:
f3:56:fc:e2:12:04:fb:40:ab:56:74:c0:37:e6:da:
a5:6b:9d:83:39:ff:32:04:f0:2e:75:3c:08:fc:8a:
bb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:06:D0:72:51:04:F0:6E:D5:96:65:0C:C1:0B:79:CD:FB:D7:8F:4F
X509v3 Authority Key Identifier:
keyid:A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/38564246ABFB11EFAC5AA210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.247.0/24
103.243.92.0/22
123.108.72.0/23
IPv6:
2407:2440:1::-2407:2440:19:ffff:ffff:ffff:ffff:ffff
2407:2440:1e::-2407:2440:20:ffff:ffff:ffff:ffff:ffff
2407:2440:22::/47
2407:2440:25::/48
2407:2440:28::/48
2407:2440:2a::-2407:2440:2d:ffff:ffff:ffff:ffff:ffff
2407:2440:a001::-2407:2440:a002:ffff:ffff:ffff:ffff:ffff
2407:2440:e001::-2407:2440:e003:ffff:ffff:ffff:ffff:ffff
2407:2440:f001::/48
Signature Algorithm: sha256WithRSAEncryption
50:3e:50:16:4a:b6:82:66:d2:d8:b7:e2:e9:61:3f:9a:4c:73:
00:72:30:a9:51:aa:cc:d4:d7:ae:4e:6c:25:97:30:67:cb:bb:
2c:bb:d3:26:25:91:d0:a2:ae:ec:16:d5:53:39:9a:fe:24:19:
05:af:a1:2b:be:d9:9f:c6:59:0d:dd:26:8d:6d:25:eb:e6:04:
79:7d:56:1b:1e:54:4a:d0:de:22:7d:01:12:6f:5c:40:76:ff:
bd:4b:72:ff:00:b3:c7:d9:45:b8:74:8a:28:ce:fc:ab:d7:84:
02:97:bd:8b:64:bb:94:26:25:8c:c8:bb:55:e6:ea:1f:d1:d0:
41:d3:74:69:8d:16:87:db:06:dc:f9:5c:58:9b:a7:65:c7:ff:
5a:fa:c7:ee:88:70:8a:ca:fc:80:67:04:c0:57:70:3d:78:36:
83:1d:f2:48:2c:a6:ac:fd:7e:66:8b:4c:33:dd:08:ed:c6:a1:
f3:f6:08:ce:1b:41:21:5a:78:7f:65:d7:03:c0:bf:d3:bb:43:
b3:63:63:ce:66:a0:da:9f:1e:c3:fc:7f:84:cd:25:76:76:1c:
04:b8:f6:9f:00:c6:e4:0d:2d:41:06:8d:18:28:76:ab:8e:ac:
da:0b:a0:05:70:68:04:f9:b4:f4:07:59:85:98:ff:3f:69:b2:
cb:39:a0:ee
-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgICAj0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUIyQjgxMTAvBgNVBAUTKEE2OTcwMEU3OEQwQzgxMkFEMkUyQzExNEM4MkM2NTVB
MEFDRDQ0N0YwHhcNMjUwMTExMDM0NDI1WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzgxZTkxOS1hNDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr/vA2PsEV3VmZlaFmjcYZrFQPM9PQV/2pREgJ/qxAm3XGMyqN5VB+P8bSctH
gs9KSW4n0vkDL9foAdqvPOlYZuP18tbw94BkXTamfr8alpeLuBpaW5Jp+5waro1d
waCGzaTW8IADes3O/OOYHdGCw/639zEv8wsnyXPFStwKp2mvEBCKT0osSjBDkVmQ
0ToL4baYM+6GiJ8EQmjAeDnmy9O8cY8gIvcG0Ac/Q2TAaDBB7Exd7LGBiciZ26Qh
D3PqCXRhMln23BJ3Nq2Hj+0k6wMCCNIuW9ZCnKDChwYoxtfzVvziEgT7QKtWdMA3
5tqla52DOf8yBPAudTwI/Iq7zwIDAQABo4IDNjCCAzIwHQYDVR0OBBYEFM8G0HJR
BPBu1ZZlDMELec37149PMB8GA1UdIwQYMBaAFKaXAOeNDIEq0uLBFMgsZVoKzUR/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjJCOC8zRjQ0Q0JBRTJG
NEQxMUVEOEY1QTZBNjRDNEY5QUUwMi9wcGNBNTQwTWdTclM0c0VVeUN4bFdnck5S
SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BwY0E1NDBNZ1NyUzRzRVV5Q3hsV2dyTlJIOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUIyQjgvM0Y0NENCQUUyRjREMTFFRDhGNUE2QTY0QzRGOUFFMDIvMzg1NjQyNDZB
QkZCMTFFRkFDNUFBMjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgb8GCCsGAQUFBwEHAQH/
BIGvMIGsMBgEAgABMBIDBABnivcDBAJn81wDBAF7bEgwgY8EAgACMIGIMBIDBwAk
ByRAAAEDBwEkByRAABgwEgMHASQHJEAAHgMHACQHJEAAIAMHASQHJEAAIgMHACQH
JEAAJQMHACQHJEAAKDASAwcBJAckQAAqAwcBJAckQAAsMBIDBwAkByRAoAEDBwAk
ByRAoAIwEgMHACQHJEDgAQMHAiQHJEDgAAMHACQHJEDwATANBgkqhkiG9w0BAQsF
AAOCAQEAUD5QFkq2gmbS2Lfi6WE/mkxzAHIwqVGqzNTXrk5sJZcwZ8u7LLvTJiWR
0KKu7BbVUzma/iQZBa+hK77Zn8ZZDd0mjW0l6+YEeX1WGx5UStDeIn0BEm9cQHb/
vUty/wCzx9lFuHSKKM78q9eEApe9i2S7lCYljMi7VebqH9HQQdN0aY0Wh9sG3Plc
WJunZcf/WvrH7ohwisr8gGcEwFdwPXg2gx3ySCymrP1+ZotMM90I7cah8/YIzhtB
IVp4f2XXA8C/07tDs2Njzmag2p8ew/x/hM0ldnYcBLj2nwDG5A0tQQaNGCh2q46s
2gugBXBoBPm09AdZhZj/P2myyzmg7g==
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:48:16 2025 by rpki-client