Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
File: B902532EFEA211EDB9013076C4F9AE02.roa (raw, json)
Hash identifier: v1+bWRZ20GSI8TcJiPEtB7/3+1LGeoT9z5E9Mj8EHIU=
Subject key identifier: 39:C1:D3:F5:74:21:DC:4A:3D:0A:F0:25:E9:F9:5E:88:37:60:09:D7
Certificate issuer: /CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Certificate serial: 0517
Authority key identifier: 31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
Signing time: Mon 24 Jun 2024 22:07:13 +0000
ROA not before: Mon 24 Jun 2024 22:07:13 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 63956
IP address blocks: 45.112.244.0/22 maxlen: 24
103.20.17.0/24 maxlen: 24
103.21.108.0/24 maxlen: 24
103.52.116.0/22 maxlen: 24
103.97.52.0/22 maxlen: 22
103.97.52.0/24 maxlen: 24
103.97.53.0/24 maxlen: 24
103.97.54.0/24 maxlen: 24
103.97.55.0/24 maxlen: 24
103.225.96.0/24 maxlen: 24
203.12.129.0/24 maxlen: 24
203.18.194.0/24 maxlen: 24
2402:1b80::/40 maxlen: 40
2402:1b80:10::/48 maxlen: 48
2402:1b80:11::/48 maxlen: 48
2402:1b80:14::/48 maxlen: 48
2402:1b80:103::/48 maxlen: 48
2402:1b80:104::/48 maxlen: 48
2402:1b80:106::/48 maxlen: 48
2402:1b80:203::/48 maxlen: 48
2402:1b80:204::/48 maxlen: 48
2402:1b80:206::/48 maxlen: 48
2402:1b80:300::/40 maxlen: 40
2402:1b80:304::/48 maxlen: 48
2402:1b80:306::/48 maxlen: 48
2402:1b80:403::/48 maxlen: 48
2402:1b80:3000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 05 Jul 2024 22:18:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1303 (0x517)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Validity
Not Before: Jun 24 22:07:13 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=6679ee11-9b44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ca:3d:a7:90:ce:dd:d2:c0:90:97:c3:1e:7a:
a6:13:a7:e4:36:f3:ae:8c:9b:0a:ec:7b:d2:5f:b7:
5b:c5:08:2e:70:b9:b5:00:aa:e3:e4:31:13:d7:a7:
44:ac:50:a2:81:c9:be:d6:a1:91:b3:02:88:5c:d1:
bb:cb:fc:90:bf:03:8e:af:db:1a:29:58:97:3c:f9:
ec:52:ef:b8:f9:8f:fd:a7:4f:57:61:1e:17:f1:0a:
a9:0b:93:f8:01:55:7e:f4:23:ea:51:2f:4e:33:66:
90:59:e0:f7:66:c3:57:f4:3a:2f:ce:c5:73:37:32:
3e:f5:c9:2c:80:51:02:73:b9:18:3a:3d:03:18:26:
5f:5b:61:41:bd:86:90:c8:71:64:b7:08:fb:65:a6:
68:63:58:fc:d3:19:36:2d:4d:46:9e:7d:7f:33:78:
4e:ce:45:e2:ce:e1:a6:5a:d8:83:06:3c:73:9c:bf:
11:c7:ec:50:15:a0:37:c8:dc:48:ef:33:10:8c:23:
cc:d0:c1:3b:89:12:24:55:57:ea:a6:b5:ea:68:59:
37:05:17:6b:b4:17:83:ac:e8:8c:0f:7d:65:6f:e9:
da:d2:49:ba:53:04:b8:be:2d:6f:fb:fb:87:dc:55:
d2:f5:e0:80:f6:f7:00:22:9c:f5:31:95:e3:ad:00:
d0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C1:D3:F5:74:21:DC:4A:3D:0A:F0:25:E9:F9:5E:88:37:60:09:D7
X509v3 Authority Key Identifier:
keyid:31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.244.0/22
103.20.17.0/24
103.21.108.0/24
103.52.116.0/22
103.97.52.0/22
103.225.96.0/24
203.12.129.0/24
203.18.194.0/24
IPv6:
2402:1b80::/40
2402:1b80:103::-2402:1b80:104:ffff:ffff:ffff:ffff:ffff
2402:1b80:106::/48
2402:1b80:203::-2402:1b80:204:ffff:ffff:ffff:ffff:ffff
2402:1b80:206::/48
2402:1b80:300::/40
2402:1b80:403::/48
2402:1b80:3000::/40
Signature Algorithm: sha256WithRSAEncryption
c8:1e:d8:65:ea:5f:a9:94:f6:ab:91:a0:b6:d8:1f:e6:03:ee:
15:23:84:4d:b7:c5:e0:c6:ef:3d:f3:32:66:96:fe:ff:ea:ff:
d0:1a:df:71:20:9c:e6:85:c8:23:6a:bc:0a:cf:d4:54:ad:94:
53:bf:ed:cd:86:0a:25:55:12:ba:d4:5d:eb:b1:16:ca:31:0f:
0a:a7:b3:46:ef:fb:43:e8:de:64:b0:be:23:61:94:f4:b7:e2:
b7:d4:85:75:d9:b4:dd:e8:d6:6e:c1:c6:f1:3e:94:54:63:e2:
fe:65:e2:38:f7:5e:4c:72:2b:33:5e:9e:ad:a2:a6:46:c6:1c:
a2:50:22:a1:2f:2a:f1:64:08:a4:49:99:6d:25:0f:7d:9b:fe:
12:78:95:05:62:88:8e:57:c0:01:33:be:b3:c0:7f:27:b5:0a:
11:0d:36:1d:47:34:c2:fb:9a:ad:f7:be:90:df:f1:61:f2:ad:
13:51:13:a8:90:ec:7e:34:a3:a4:e9:44:35:73:31:16:70:f8:
d8:f8:6e:33:43:64:b4:f4:67:a3:43:8f:cb:9c:2c:39:0c:12:
f8:ea:c0:38:0b:63:e5:0b:63:cd:30:8f:d9:bd:40:89:a3:73:
ce:cd:2f:67:b2:84:79:be:b5:2e:62:a3:e7:b3:d1:7e:a3:91:
46:ea:38:18
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgICBRcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQzRjMxMTAvBgNVBAUTKDMxN0MzMDdGRkM2RUNCNkNGNjU2RjI2QjgyODJGRkI5
RTYyRjkzNjUwHhcNMjQwNjI0MjIwNzEzWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc5ZWUxMS05YjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Mo9p5DO3dLAkJfDHnqmE6fkNvOujJsK7HvSX7dbxQgucLm1AKrj5DET16dE
rFCigcm+1qGRswKIXNG7y/yQvwOOr9saKViXPPnsUu+4+Y/9p09XYR4X8QqpC5P4
AVV+9CPqUS9OM2aQWeD3ZsNX9DovzsVzNzI+9cksgFECc7kYOj0DGCZfW2FBvYaQ
yHFktwj7ZaZoY1j80xk2LU1Gnn1/M3hOzkXizuGmWtiDBjxznL8Rx+xQFaA3yNxI
7zMQjCPM0ME7iRIkVVfqprXqaFk3BRdrtBeDrOiMD31lb+na0km6UwS4vi1v+/uH
3FXS9eCA9vcAIpz1MZXjrQDQwQIDAQABo4IDJTCCAyEwHQYDVR0OBBYEFDnB0/V0
IdxKPQrwJen5Xog3YAnXMB8GA1UdIwQYMBaAFDF8MH/8bsts9lbya4KC/7nmL5Nl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDNGMy9CMjU0NDgxQUNB
MzQxMUVCOEM5MEQ5NDFDNEY5QUUwMi9NWHd3Zl94dXkyejJWdkpyZ29MX3VlWXZr
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01Yd3dmX3h1eTJ6MlZ2SnJnb0xfdWVZdmsyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQzRjMvQjI1NDQ4MUFDQTM0MTFFQjhDOTBEOTQxQzRGOUFFMDIvQjkwMjUzMkVG
RUEyMTFFREI5MDEzMDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga4GCCsGAQUFBwEHAQH/
BIGeMIGbMDYEAgABMDADBAItcPQDBABnFBEDBABnFWwDBAJnNHQDBAJnYTQDBABn
4WADBADLDIEDBADLEsIwYQQCAAIwWwMGACQCG4AAMBIDBwAkAhuAAQMDBwAkAhuA
AQQDBwAkAhuAAQYwEgMHACQCG4ACAwMHACQCG4ACBAMHACQCG4ACBgMGACQCG4AD
AwcAJAIbgAQDAwYAJAIbgDAwDQYJKoZIhvcNAQELBQADggEBAMge2GXqX6mU9quR
oLbYH+YD7hUjhE23xeDG7z3zMmaW/v/q/9Aa33EgnOaFyCNqvArP1FStlFO/7c2G
CiVVErrUXeuxFsoxDwqns0bv+0Po3mSwviNhlPS34rfUhXXZtN3o1m7BxvE+lFRj
4v5l4jj3XkxyKzNenq2ipkbGHKJQIqEvKvFkCKRJmW0lD32b/hJ4lQViiI5XwAEz
vrPAfye1ChENNh1HNML7mq33vpDf8WHyrRNRE6iQ7H40o6TpRDVzMRZw+Nj4bjND
ZLT0Z6NDj8ucLDkMEvjqwDgLY+ULY80wj9m9QImjc87NL2eyhHm+tS5io+ez0X6j
kUbqOBg=
-----END CERTIFICATE-----
Generated at Sat Jun 29 03:32:21 2024 by rpki-client on console-ams.rpki-client.org