Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2230/ADFA554C708211E9B7BC390AC4F9AE02/09CEF4D0708411E9AC9EA90EC4F9AE02.roa
File: 09CEF4D0708411E9AC9EA90EC4F9AE02.roa (raw, json)
Hash identifier: e6+7qu7EadcH2IZ/urcCvzozlBAhJqsvI1fPogc1Gmg=
Subject key identifier: 82:AB:42:0B:5C:5B:A5:C4:9F:A2:32:1D:57:B1:5A:C7:FF:BE:51:AC
Certificate issuer: /CN=A91F2230/serialNumber=176A4E03B540AF2514A8BC719C2BA0F9F76FFB2F
Certificate serial: 0E6A
Authority key identifier: 17:6A:4E:03:B5:40:AF:25:14:A8:BC:71:9C:2B:A0:F9:F7:6F:FB:2F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F2pOA7VAryUUqLxxnCug-fdv-y8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2230/ADFA554C708211E9B7BC390AC4F9AE02/09CEF4D0708411E9AC9EA90EC4F9AE02.roa
Signing time: Fri 12 Apr 2024 18:26:40 +0000
ROA not before: Fri 12 Apr 2024 18:26:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136480
IP address blocks: 43.227.12.0/22 maxlen: 22
43.227.12.0/24 maxlen: 24
43.227.13.0/24 maxlen: 24
43.227.14.0/24 maxlen: 24
43.227.15.0/24 maxlen: 24
103.89.176.0/22 maxlen: 22
103.89.176.0/24 maxlen: 24
103.89.177.0/24 maxlen: 24
103.89.178.0/24 maxlen: 24
103.89.179.0/24 maxlen: 24
2400:f1c0::/32 maxlen: 32
2400:f1c0::/48 maxlen: 48
2400:f1c0:1::/48 maxlen: 48
2400:f1c0:2::/48 maxlen: 48
2400:f1c0:3::/48 maxlen: 48
2400:f1c0:4::/48 maxlen: 48
2400:f1c0:5::/48 maxlen: 48
2400:f1c0:6::/48 maxlen: 48
2400:f1c0:7::/48 maxlen: 48
2400:f1c0:8::/48 maxlen: 48
2400:f1c0:9::/48 maxlen: 48
2400:f1c0:a::/48 maxlen: 48
2400:f1c0:b::/48 maxlen: 48
2400:f1c0:c::/48 maxlen: 48
2400:f1c0:d::/48 maxlen: 48
2400:f1c0:e::/48 maxlen: 48
2400:f1c0:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F2230/ADFA554C708211E9B7BC390AC4F9AE02/F2pOA7VAryUUqLxxnCug-fdv-y8.crl
rsync://rpki.apnic.net/member_repository/A91F2230/ADFA554C708211E9B7BC390AC4F9AE02/F2pOA7VAryUUqLxxnCug-fdv-y8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F2pOA7VAryUUqLxxnCug-fdv-y8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 17:38:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3690 (0xe6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2230/serialNumber=176A4E03B540AF2514A8BC719C2BA0F9F76FFB2F
Validity
Not Before: Apr 12 18:26:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66197cdf-3bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9a:02:16:65:73:f7:86:06:03:48:64:b4:24:
5c:8c:07:88:30:e3:8a:a5:c4:cc:27:8d:8d:36:e1:
ef:95:9b:ee:4b:43:9d:ab:b4:59:ed:01:06:82:91:
68:ab:eb:71:1c:71:9e:e4:35:93:23:eb:26:a6:f0:
23:3c:03:13:c6:b3:6a:dd:b6:cc:b6:22:7b:52:13:
7e:e5:b7:04:aa:e4:d1:a8:5b:89:87:79:a8:89:79:
53:b0:40:10:dd:a9:d1:73:2a:d8:e6:51:39:9c:65:
75:a1:49:fe:70:f3:a0:33:df:ff:47:02:7c:e2:93:
79:c9:c7:40:28:01:5b:e0:b6:02:35:9b:55:67:28:
5a:af:31:8e:ee:d2:cb:3e:2b:75:ea:ba:a0:e5:8d:
be:e6:7e:18:29:ef:c5:be:7a:8c:2b:36:0a:57:0c:
f9:f3:dd:1e:f5:53:87:30:91:70:b2:aa:50:f4:e1:
71:94:af:fa:49:71:5f:2b:58:9f:80:6b:0a:0a:2a:
c1:24:64:52:18:2d:f4:b3:1a:44:2c:cb:5a:3e:43:
ac:77:c0:b7:84:50:a4:61:f4:f0:1c:fc:74:7a:80:
44:74:01:7b:92:b8:58:d5:a3:c9:2a:17:b3:a0:a9:
d3:07:2a:2d:7c:61:0c:fc:33:fa:62:d4:ff:29:48:
fb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:AB:42:0B:5C:5B:A5:C4:9F:A2:32:1D:57:B1:5A:C7:FF:BE:51:AC
X509v3 Authority Key Identifier:
keyid:17:6A:4E:03:B5:40:AF:25:14:A8:BC:71:9C:2B:A0:F9:F7:6F:FB:2F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2230/ADFA554C708211E9B7BC390AC4F9AE02/F2pOA7VAryUUqLxxnCug-fdv-y8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F2pOA7VAryUUqLxxnCug-fdv-y8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2230/ADFA554C708211E9B7BC390AC4F9AE02/09CEF4D0708411E9AC9EA90EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.12.0/22
103.89.176.0/22
IPv6:
2400:f1c0::/32
Signature Algorithm: sha256WithRSAEncryption
74:b0:08:98:9d:b5:85:66:2c:93:06:33:51:8c:5f:c1:25:d1:
91:0b:5a:1f:99:9b:7d:9c:ad:9a:02:0c:9d:81:40:2d:98:3f:
05:d3:b5:de:a9:ee:31:f5:ff:3d:5b:51:1e:30:b6:bb:32:06:
4f:bd:42:c6:32:58:d2:a6:66:ef:45:52:6c:b5:e1:b8:3e:ca:
fe:de:40:f2:aa:2c:1c:d5:1b:19:ad:0e:3a:ad:48:33:ea:1a:
11:65:08:c6:4f:df:66:0f:dd:ec:f0:a6:6f:74:12:e8:de:cd:
51:62:1a:75:29:b4:01:03:41:9f:f8:97:a8:79:ef:72:7a:98:
6a:bb:9f:6e:c6:34:9e:f1:ae:5b:04:09:33:45:07:79:d4:f5:
9c:1e:ae:2e:e0:2d:9e:8e:6b:49:26:86:fb:37:60:64:42:71:
b7:52:6c:15:9a:e9:9e:b2:6c:4f:b2:d0:37:d0:d8:4a:8a:a0:
cf:99:7f:8f:46:ac:17:41:3b:8a:cf:f7:10:02:98:9b:5a:5b:
58:0a:c2:9a:5b:00:5f:9d:ae:eb:ad:75:4e:42:b5:3a:88:0a:
75:b3:4d:d3:07:c1:c4:9f:93:6f:b2:79:c5:1e:4c:4b:a2:ad:
d6:b2:83:82:c1:63:98:cb:2a:d2:02:1d:c2:2b:60:76:fb:77:
c3:f0:6a:2b
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDmowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjIyMzAxMTAvBgNVBAUTKDE3NkE0RTAzQjU0MEFGMjUxNEE4QkM3MTlDMkJBMEY5
Rjc2RkZCMkYwHhcNMjQwNDEyMTgyNjQwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE5N2NkZi0zYmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ZoCFmVz94YGA0hktCRcjAeIMOOKpcTMJ42NNuHvlZvuS0Odq7RZ7QEGgpFo
q+txHHGe5DWTI+smpvAjPAMTxrNq3bbMtiJ7UhN+5bcEquTRqFuJh3moiXlTsEAQ
3anRcyrY5lE5nGV1oUn+cPOgM9//RwJ84pN5ycdAKAFb4LYCNZtVZyharzGO7tLL
Pit16rqg5Y2+5n4YKe/FvnqMKzYKVwz5890e9VOHMJFwsqpQ9OFxlK/6SXFfK1if
gGsKCirBJGRSGC30sxpELMtaPkOsd8C3hFCkYfTwHPx0eoBEdAF7krhY1aPJKhez
oKnTByotfGEM/DP6YtT/KUj77QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIKrQgtc
W6XEn6IyHVexWsf/vlGsMB8GA1UdIwQYMBaAFBdqTgO1QK8lFKi8cZwroPn3b/sv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjIzMC9BREZBNTU0Qzcw
ODIxMUU5QjdCQzM5MEFDNEY5QUUwMi9GMnBPQTdWQXJ5VVVxTHh4bkN1Zy1mZHYt
eTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0YycE9BN1ZBcnlVVXFMeHhuQ3VnLWZkdi15OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjIyMzAvQURGQTU1NEM3MDgyMTFFOUI3QkMzOTBBQzRGOUFFMDIvMDlDRUY0RDA3
MDg0MTFFOUFDOUVBOTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIr4wwDBAJnWbAwDQQCAAIwBwMFACQA8cAwDQYJKoZIhvcN
AQELBQADggEBAHSwCJidtYVmLJMGM1GMX8El0ZELWh+Zm32crZoCDJ2BQC2YPwXT
td6p7jH1/z1bUR4wtrsyBk+9QsYyWNKmZu9FUmy14bg+yv7eQPKqLBzVGxmtDjqt
SDPqGhFlCMZP32YP3ezwpm90EujezVFiGnUptAEDQZ/4l6h573J6mGq7n27GNJ7x
rlsECTNFB3nU9Zweri7gLZ6Oa0kmhvs3YGRCcbdSbBWa6Z6ybE+y0DfQ2EqKoM+Z
f49GrBdBO4rP9xACmJtaW1gKwppbAF+druutdU5CtTqICnWzTdMHwcSfk2+yecUe
TEuirdayg4LBY5jLKtICHcIrYHb7d8Pwais=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:22 2024 by rpki-client on console-ams.rpki-client.org