Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/CB304C36307111EDB0CBD946C4F9AE02.roa
File: CB304C36307111EDB0CBD946C4F9AE02.roa (raw, json)
Hash identifier: uxXFko4v1AL31DsxVShIW21OhPh6hu+4O3UHY6p5BM0=
Subject key identifier: 1A:C3:7B:F3:19:9B:C9:0E:D3:3E:3D:A2:D1:E3:E3:6A:06:FB:F1:1C
Certificate issuer: /CN=A911CA82/serialNumber=D2A0871BCD8376C11A8F049A39855AFCDB183064
Certificate serial: 054A
Authority key identifier: D2:A0:87:1B:CD:83:76:C1:1A:8F:04:9A:39:85:5A:FC:DB:18:30:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/CB304C36307111EDB0CBD946C4F9AE02.roa
Signing time: Wed 08 May 2024 20:55:19 +0000
ROA not before: Wed 08 May 2024 20:55:19 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 139628
IP address blocks: 103.20.80.0/22 maxlen: 22
103.20.80.0/24 maxlen: 24
103.20.81.0/24 maxlen: 24
103.20.82.0/24 maxlen: 24
103.20.83.0/24 maxlen: 24
103.106.204.0/22 maxlen: 22
103.106.204.0/24 maxlen: 24
103.106.205.0/24 maxlen: 24
103.106.206.0/24 maxlen: 24
103.106.207.0/24 maxlen: 24
103.119.96.0/22 maxlen: 22
103.119.96.0/24 maxlen: 24
103.119.97.0/24 maxlen: 24
103.119.98.0/24 maxlen: 24
103.119.99.0/24 maxlen: 24
103.136.176.0/22 maxlen: 22
103.136.176.0/24 maxlen: 24
103.136.177.0/24 maxlen: 24
103.136.178.0/24 maxlen: 24
103.136.179.0/24 maxlen: 24
103.142.208.0/23 maxlen: 23
103.142.208.0/24 maxlen: 24
103.142.209.0/24 maxlen: 24
111.67.96.0/22 maxlen: 22
111.67.96.0/24 maxlen: 24
111.67.97.0/24 maxlen: 24
111.67.98.0/24 maxlen: 24
111.67.99.0/24 maxlen: 24
111.67.100.0/22 maxlen: 22
111.67.100.0/24 maxlen: 24
111.67.101.0/24 maxlen: 24
111.67.102.0/24 maxlen: 24
111.67.103.0/24 maxlen: 24
115.178.24.0/23 maxlen: 23
115.178.24.0/24 maxlen: 24
115.178.25.0/24 maxlen: 24
124.108.4.0/22 maxlen: 22
124.108.4.0/24 maxlen: 24
124.108.5.0/24 maxlen: 24
124.108.6.0/24 maxlen: 24
124.108.7.0/24 maxlen: 24
150.129.20.0/22 maxlen: 22
150.129.20.0/24 maxlen: 24
150.129.21.0/24 maxlen: 24
150.129.22.0/24 maxlen: 24
150.129.23.0/24 maxlen: 24
202.58.16.0/23 maxlen: 23
202.58.16.0/24 maxlen: 24
202.58.17.0/24 maxlen: 24
202.58.18.0/23 maxlen: 23
202.58.18.0/24 maxlen: 24
202.58.19.0/24 maxlen: 24
203.80.170.0/23 maxlen: 23
203.80.170.0/24 maxlen: 24
203.80.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/0qCHG82DdsEajwSaOYVa_NsYMGQ.crl
rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/0qCHG82DdsEajwSaOYVa_NsYMGQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 02 Jul 2024 00:20:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1354 (0x54a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA82/serialNumber=D2A0871BCD8376C11A8F049A39855AFCDB183064
Validity
Not Before: May 8 20:55:19 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=663be6b7-a6ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:95:d5:d3:35:a1:3e:ca:8e:7b:78:08:d8:81:
11:f8:1e:a2:eb:79:2b:42:10:4e:ca:43:f6:df:b6:
57:4f:94:cc:9b:eb:53:06:99:a5:b0:29:30:5b:25:
dc:34:94:6f:ed:79:fb:5f:75:9a:f0:21:7e:f0:46:
73:0b:eb:40:2a:a8:77:12:9c:75:b5:55:3e:1b:d1:
21:f7:af:5a:56:56:a4:5d:36:c0:f8:47:66:90:ad:
a1:25:7e:92:04:6b:64:3a:a2:81:1b:fd:4c:eb:aa:
14:d2:d3:f1:b8:d3:9a:07:16:04:94:17:fd:75:de:
fc:4c:24:9b:15:9d:fe:b7:1d:b8:d8:bd:68:6f:57:
dd:74:a0:cb:a7:4d:78:3e:be:9f:3f:b5:a5:bb:79:
8d:f3:48:aa:e4:0b:d9:20:7d:f7:5b:a4:f7:32:74:
12:19:66:77:9d:60:b6:3f:d1:ef:d2:1b:9d:c9:67:
e3:52:82:c5:19:36:e8:83:e9:59:e5:81:e3:65:2f:
b4:28:ac:67:11:9d:cd:cf:5d:52:b7:16:d8:fd:19:
2a:1f:8b:37:f4:56:39:d1:04:fd:e0:ec:5c:ba:18:
21:c7:a6:b0:ef:0e:dc:b4:c7:11:de:30:55:33:e9:
e9:da:c5:5a:37:bc:81:a5:6b:b5:59:30:0f:9d:b9:
99:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C3:7B:F3:19:9B:C9:0E:D3:3E:3D:A2:D1:E3:E3:6A:06:FB:F1:1C
X509v3 Authority Key Identifier:
keyid:D2:A0:87:1B:CD:83:76:C1:1A:8F:04:9A:39:85:5A:FC:DB:18:30:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/0qCHG82DdsEajwSaOYVa_NsYMGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0qCHG82DdsEajwSaOYVa_NsYMGQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA82/0BEB375ABE4411EBAE3D4348C4F9AE02/CB304C36307111EDB0CBD946C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.80.0/22
103.106.204.0/22
103.119.96.0/22
103.136.176.0/22
103.142.208.0/23
111.67.96.0/21
115.178.24.0/23
124.108.4.0/22
150.129.20.0/22
202.58.16.0/22
203.80.170.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:ec:59:ea:2b:9b:f0:8b:54:0a:53:17:43:a2:f9:f2:b4:55:
01:2f:c0:d1:b8:1c:d5:6e:ba:ca:8a:46:07:f5:1c:63:39:5b:
c8:32:0e:13:1b:9b:be:49:0a:32:af:1f:da:d1:b2:b1:e1:a0:
2d:70:60:4f:49:35:98:a1:74:8d:9a:ce:21:8d:8c:58:8c:c7:
96:c4:15:7a:00:7c:57:e8:37:68:33:d1:0e:04:61:27:a3:df:
47:17:9b:9f:5a:36:3a:9e:6a:33:2d:24:56:e6:56:dd:54:79:
9b:96:94:c7:bb:31:2f:b8:9e:c6:e5:c2:32:0c:69:93:c9:bf:
d4:f1:76:30:63:9d:f9:2c:3c:56:25:32:28:31:3f:1a:c4:87:
d2:5a:56:b2:af:db:8c:37:04:8f:68:59:98:d2:b2:2c:26:ee:
48:5b:2d:f4:fc:63:fb:60:f1:40:a2:db:53:bc:34:7c:45:63:
4c:40:e7:84:80:9e:7a:08:ab:75:7e:a0:b9:1a:e6:ae:17:f8:
6a:b2:1b:78:1c:12:47:7d:38:b1:8d:11:86:fc:4e:bb:ea:15:
c4:54:9f:e3:b5:7c:0b:44:ea:80:6c:a3:be:37:58:c8:b6:3b:
0e:f7:c8:85:15:f4:a6:f3:6a:7d:87:76:77:76:bf:1c:6d:bc:
e6:6a:25:4b
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgICBUowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBODIxMTAvBgNVBAUTKEQyQTA4NzFCQ0Q4Mzc2QzExQThGMDQ5QTM5ODU1QUZD
REIxODMwNjQwHhcNMjQwNTA4MjA1NTE5WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNiZTZiNy1hNmVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqpXV0zWhPsqOe3gI2IER+B6i63krQhBOykP237ZXT5TMm+tTBpmlsCkwWyXc
NJRv7Xn7X3Wa8CF+8EZzC+tAKqh3Epx1tVU+G9Eh969aVlakXTbA+EdmkK2hJX6S
BGtkOqKBG/1M66oU0tPxuNOaBxYElBf9dd78TCSbFZ3+tx242L1ob1fddKDLp014
Pr6fP7Wlu3mN80iq5AvZIH33W6T3MnQSGWZ3nWC2P9Hv0hudyWfjUoLFGTbog+lZ
5YHjZS+0KKxnEZ3Nz11StxbY/RkqH4s39FY50QT94Oxcuhghx6aw7w7ctMcR3jBV
M+np2sVaN7yBpWu1WTAPnbmZdwIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFBrDe/MZ
m8kO0z49otHj42oG+/EcMB8GA1UdIwQYMBaAFNKghxvNg3bBGo8EmjmFWvzbGDBk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E4Mi8wQkVCMzc1QUJF
NDQxMUVCQUUzRDQzNDhDNEY5QUUwMi8wcUNIRzgyRGRzRWFqd1NhT1lWYV9Oc1lN
R1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBxQ0hHODJEZHNFYWp3U2FPWVZhX05zWU1HUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBODIvMEJFQjM3NUFCRTQ0MTFFQkFFM0Q0MzQ4QzRGOUFFMDIvQ0IzMDRDMzYz
MDcxMTFFREIwQ0JEOTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E
TDBKMEgEAgABMEIDBAJnFFADBAJnaswDBAJnd2ADBAJniLADBAFnjtADBANvQ2AD
BAFzshgDBAJ8bAQDBAKWgRQDBALKOhADBAHLUKowDQYJKoZIhvcNAQELBQADggEB
AI/sWeorm/CLVApTF0Oi+fK0VQEvwNG4HNVuusqKRgf1HGM5W8gyDhMbm75JCjKv
H9rRsrHhoC1wYE9JNZihdI2aziGNjFiMx5bEFXoAfFfoN2gz0Q4EYSej30cXm59a
NjqeajMtJFbmVt1UeZuWlMe7MS+4nsblwjIMaZPJv9TxdjBjnfksPFYlMigxPxrE
h9JaVrKv24w3BI9oWZjSsiwm7khbLfT8Y/tg8UCi21O8NHxFY0xA54SAnnoIq3V+
oLka5q4X+GqyG3gcEkd9OLGNEYb8TrvqFcRUn+O1fAtE6oBso743WMi2Ow73yIUV
9Kbzan2Hdnd2vxxtvOZqJUs=
-----END CERTIFICATE-----
Generated at Tue Jun 25 02:52:57 2024 by rpki-client on console-fra.rpki-client.org