Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/94688318A57B11EA964E0C3DC4F9AE02.roa
File: 94688318A57B11EA964E0C3DC4F9AE02.roa (raw, json)
Hash identifier: 50fdGVAPKXpEsQtMRlmNaJJbO594br4a4E+HZ7rtPVE=
Subject key identifier: D2:19:11:8B:47:F3:56:56:57:03:34:5C:79:B6:73:7E:0B:AF:72:40
Certificate issuer: /CN=A91FBD28/serialNumber=B95D954AAEB959D3427C1076A9F57DF21C38BFCC
Certificate serial: 2644
Authority key identifier: B9:5D:95:4A:AE:B9:59:D3:42:7C:10:76:A9:F5:7D:F2:1C:38:BF:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uV2VSq65WdNCfBB2qfV98hw4v8w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/94688318A57B11EA964E0C3DC4F9AE02.roa
Signing time: Thu 24 Oct 2024 15:52:51 +0000
ROA not before: Thu 24 Oct 2024 15:52:51 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 24499
IP address blocks: 43.224.236.0/22 maxlen: 22
43.224.236.0/24 maxlen: 24
43.224.237.0/24 maxlen: 24
43.224.238.0/24 maxlen: 24
43.224.239.0/24 maxlen: 24
103.7.76.0/22 maxlen: 22
103.7.76.0/24 maxlen: 24
103.7.77.0/24 maxlen: 24
103.7.78.0/24 maxlen: 24
103.7.79.0/24 maxlen: 24
202.69.8.0/21 maxlen: 22
202.69.8.0/24 maxlen: 24
202.69.9.0/24 maxlen: 24
202.69.10.0/24 maxlen: 24
202.69.11.0/24 maxlen: 24
202.69.12.0/22 maxlen: 24
202.69.12.0/24 maxlen: 24
202.69.13.0/24 maxlen: 24
202.69.15.0/24 maxlen: 24
2402:e000::/32 maxlen: 32
2402:e000:1::/48 maxlen: 48
2402:e000:2::/48 maxlen: 48
2402:e000:3::/48 maxlen: 48
2402:e000:a::/48 maxlen: 48
2402:e000:b::/48 maxlen: 48
2402:e000:c::/48 maxlen: 48
2402:e000:100::/41 maxlen: 41
2402:e000:180::/41 maxlen: 41
2402:e000:200::/41 maxlen: 41
2402:e000:400::/40 maxlen: 48
2402:e000:500::/40 maxlen: 48
2402:e000:600::/40 maxlen: 48
2402:e000:5300::/41 maxlen: 41
2402:e000:5380::/41 maxlen: 41
2402:e000:5400::/41 maxlen: 41
2402:e000:a100::/41 maxlen: 41
2402:e000:a180::/41 maxlen: 41
2402:e000:a200::/41 maxlen: 41
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/uV2VSq65WdNCfBB2qfV98hw4v8w.crl
rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/uV2VSq65WdNCfBB2qfV98hw4v8w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uV2VSq65WdNCfBB2qfV98hw4v8w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 15:22:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9796 (0x2644)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FBD28/serialNumber=B95D954AAEB959D3427C1076A9F57DF21C38BFCC
Validity
Not Before: Oct 24 15:52:51 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=671a6d53-83aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:6d:e7:eb:ce:c8:c2:94:16:3b:4a:2c:d1:aa:
03:3f:30:d8:99:6e:53:b4:8b:2e:e3:46:d3:76:ba:
03:37:05:af:ac:cc:7d:28:33:df:71:63:20:a5:53:
98:45:5b:e8:89:46:e4:73:d3:7a:0a:cb:3d:51:0b:
be:da:9a:ca:0d:6f:da:97:6e:a3:78:47:e9:81:8a:
76:b1:30:14:da:1b:52:b7:44:5b:6a:54:e9:03:f2:
99:7f:bb:0b:e7:d5:c8:b9:86:fc:38:52:49:78:91:
b9:50:e9:10:80:34:6a:35:e7:a6:e9:3a:48:4f:af:
c7:82:e3:ba:d5:87:97:5a:2f:14:be:99:a8:5b:dd:
95:1b:83:a1:54:36:71:ba:7c:54:c2:36:a5:8d:12:
8e:0b:55:4b:b6:90:e6:02:98:56:49:61:57:8d:83:
79:71:0c:3f:f4:4c:9d:17:d0:e4:4c:63:17:89:f0:
e3:6b:54:70:4d:dd:4d:83:44:33:76:3c:7b:e2:54:
e7:7f:14:e8:85:94:14:18:87:01:ff:64:76:c8:6d:
62:a4:20:67:bc:33:d4:67:9e:df:6f:15:83:ba:ad:
ab:cc:17:0a:bd:c5:11:97:c6:e9:4f:4b:b2:38:fa:
92:60:76:62:2d:3a:bb:12:75:26:af:ef:af:16:7c:
2b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:19:11:8B:47:F3:56:56:57:03:34:5C:79:B6:73:7E:0B:AF:72:40
X509v3 Authority Key Identifier:
keyid:B9:5D:95:4A:AE:B9:59:D3:42:7C:10:76:A9:F5:7D:F2:1C:38:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/uV2VSq65WdNCfBB2qfV98hw4v8w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uV2VSq65WdNCfBB2qfV98hw4v8w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/E6CED722E1B011E48C2DDE16C4F9AE02/94688318A57B11EA964E0C3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.236.0/22
103.7.76.0/22
202.69.8.0/21
IPv6:
2402:e000::/32
Signature Algorithm: sha256WithRSAEncryption
90:3e:62:63:ab:56:b7:0f:6a:85:a7:f2:4d:96:2b:b5:24:2d:
39:e1:e2:02:75:8d:12:52:0e:0c:3d:c4:bc:cf:f4:3f:6f:df:
1a:a3:76:17:a7:ec:1b:62:fe:29:06:6b:4d:c3:e4:e6:09:db:
66:51:1b:07:90:53:a1:b6:25:60:24:d4:d6:0f:f7:77:75:1d:
16:2d:47:ba:10:8d:51:29:ae:94:23:b4:68:b6:68:7a:49:97:
a1:58:e0:79:2a:42:20:b8:77:a3:06:65:19:6d:94:95:71:36:
6b:ad:e9:bf:b8:b0:da:d3:1a:bd:0c:18:be:cd:c9:45:c5:b2:
ae:a9:7f:b7:81:dd:ea:b0:70:fe:e8:08:fd:bc:4b:e5:0d:7c:
cc:db:6c:8a:6f:21:00:87:31:50:bb:f3:12:8c:a8:05:da:60:
f5:83:3d:ff:88:34:12:06:92:fd:53:03:63:ad:cb:52:f4:f8:
31:df:0b:85:cd:51:d0:01:0e:6c:31:66:cb:04:e8:82:5c:a7:
1e:e0:46:cc:d3:7d:d8:27:ad:95:2b:66:36:b1:93:dd:c3:c9:
0f:8d:26:b2:aa:94:51:46:75:02:64:dd:30:b8:75:41:2a:1a:
d2:bf:28:fb:fb:71:e9:c1:6b:cf:05:7d:bd:c0:62:1a:7b:28:
21:7f:7e:a5
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICJkQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkJEMjgxMTAvBgNVBAUTKEI5NUQ5NTRBQUVCOTU5RDM0MjdDMTA3NkE5RjU3REYy
MUMzOEJGQ0MwHhcNMjQxMDI0MTU1MjUxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzFhNmQ1My04M2FhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6m3n687IwpQWO0os0aoDPzDYmW5TtIsu40bTdroDNwWvrMx9KDPfcWMgpVOY
RVvoiUbkc9N6Css9UQu+2prKDW/al26jeEfpgYp2sTAU2htSt0RbalTpA/KZf7sL
59XIuYb8OFJJeJG5UOkQgDRqNeem6TpIT6/HguO61YeXWi8UvpmoW92VG4OhVDZx
unxUwjaljRKOC1VLtpDmAphWSWFXjYN5cQw/9EydF9DkTGMXifDja1RwTd1Ng0Qz
djx74lTnfxTohZQUGIcB/2R2yG1ipCBnvDPUZ57fbxWDuq2rzBcKvcURl8bpT0uy
OPqSYHZiLTq7EnUmr++vFnwrlwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFNIZEYtH
81ZWVwM0XHm2c34Lr3JAMB8GA1UdIwQYMBaAFLldlUquuVnTQnwQdqn1ffIcOL/M
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC9FNkNFRDcyMkUx
QjAxMUU0OEMyRERFMTZDNEY5QUUwMi91VjJWU3E2NVdkTkNmQkIycWZWOThodzR2
OHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VWMlZTcTY1V2ROQ2ZCQjJxZlY5OGh3NHY4dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkJEMjgvRTZDRUQ3MjJFMUIwMTFFNDhDMkRERTE2QzRGOUFFMDIvOTQ2ODgzMThB
NTdCMTFFQTk2NEUwQzNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIr4OwDBAJnB0wDBAPKRQgwDQQCAAIwBwMFACQC4AAwDQYJ
KoZIhvcNAQELBQADggEBAJA+YmOrVrcPaoWn8k2WK7UkLTnh4gJ1jRJSDgw9xLzP
9D9v3xqjdhen7Bti/ikGa03D5OYJ22ZRGweQU6G2JWAk1NYP93d1HRYtR7oQjVEp
rpQjtGi2aHpJl6FY4HkqQiC4d6MGZRltlJVxNmut6b+4sNrTGr0MGL7NyUXFsq6p
f7eB3eqwcP7oCP28S+UNfMzbbIpvIQCHMVC78xKMqAXaYPWDPf+INBIGkv1TA2Ot
y1L0+DHfC4XNUdABDmwxZssE6IJcpx7gRszTfdgnrZUrZjaxk93DyQ+NJrKqlFFG
dQJk3TC4dUEqGtK/KPv7cenBa88Ffb3AYhp7KCF/fqU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:50:06 2024 by rpki-client on console-ams.rpki-client.org