Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
File: F0C8DB1CA54E11EF8592FD66C4F9AE02.roa (raw, json)
Hash identifier: kWJ+IsPwJ/Oow1IdFhgFWCC31M0VCoce/yV/fhdSoaA=
Subject key identifier: 0A:64:5B:B6:78:7C:AD:53:28:0B:A4:F0:40:5C:48:85:AC:7C:7F:DF
Certificate issuer: /CN=A911D848/serialNumber=1DD1B8687886924C4613116050EE90E9D494269E
Certificate serial: 10
Authority key identifier: 1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
Signing time: Mon 18 Nov 2024 01:47:07 +0000
ROA not before: Mon 18 Nov 2024 01:47:07 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 9266
IP address blocks: 103.36.152.0/22 maxlen: 22
103.65.216.0/22 maxlen: 22
103.225.108.0/22 maxlen: 22
202.1.116.0/22 maxlen: 22
202.1.116.0/24 maxlen: 24
202.1.117.0/24 maxlen: 24
202.1.118.0/24 maxlen: 24
202.1.119.0/24 maxlen: 24
203.5.244.0/24 maxlen: 24
203.10.124.0/24 maxlen: 24
203.12.116.0/24 maxlen: 24
203.14.106.0/24 maxlen: 24
203.14.193.0/24 maxlen: 24
203.18.151.0/24 maxlen: 24
203.19.52.0/24 maxlen: 24
203.19.220.0/24 maxlen: 24
203.20.110.0/24 maxlen: 24
203.20.111.0/24 maxlen: 24
203.21.22.0/24 maxlen: 24
203.22.169.0/24 maxlen: 24
203.23.50.0/24 maxlen: 24
203.23.71.0/24 maxlen: 24
203.24.174.0/23 maxlen: 24
203.25.68.0/22 maxlen: 22
203.25.69.0/24 maxlen: 24
203.25.70.0/24 maxlen: 24
203.25.71.0/24 maxlen: 24
203.25.123.0/24 maxlen: 24
203.25.158.0/24 maxlen: 24
203.26.171.0/24 maxlen: 24
203.26.226.0/23 maxlen: 23
203.29.21.0/24 maxlen: 24
203.29.127.0/24 maxlen: 24
203.30.78.0/24 maxlen: 24
203.31.214.0/24 maxlen: 24
203.32.44.0/23 maxlen: 24
203.32.47.0/24 maxlen: 24
203.33.28.0/24 maxlen: 24
203.33.58.0/23 maxlen: 24
203.33.108.0/23 maxlen: 24
203.34.167.0/24 maxlen: 24
203.55.194.0/23 maxlen: 24
203.62.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl
rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16 (0x10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D848/serialNumber=1DD1B8687886924C4613116050EE90E9D494269E
Validity
Not Before: Nov 18 01:47:07 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=673a9c9b-26ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8a:e8:0f:61:ef:b6:83:b4:d5:dd:b9:8b:ef:
a0:69:d1:94:14:90:03:f3:02:2f:6b:0e:d2:6d:2e:
34:93:b0:e2:ac:c6:fb:5b:6c:61:f8:18:ec:85:45:
44:4b:eb:30:e7:42:8a:d6:6c:ba:fd:09:bd:5f:e0:
1f:c5:b7:33:a3:af:4e:d6:97:06:bf:97:a8:3d:ea:
c6:9c:b2:1f:00:ee:5a:8e:f0:f9:ea:6a:f7:0b:da:
ee:ff:2f:3f:11:9a:a1:49:44:b6:0f:c9:f0:43:69:
27:f1:e7:3b:b8:cf:42:2c:18:46:a3:05:90:fc:e2:
86:c0:86:90:69:74:9e:ac:85:c3:47:7f:fe:19:0a:
b6:0c:75:4f:b8:34:75:ef:55:b5:40:37:09:c6:eb:
ec:da:83:35:4e:50:6b:9d:b9:12:af:cf:f6:7c:e0:
84:a5:68:c0:44:00:80:63:d5:99:d2:d4:7d:ae:cf:
4b:3f:92:00:11:b1:11:68:46:1e:51:aa:20:6c:4b:
9a:de:0e:17:33:91:50:6f:80:cc:6d:a1:9b:4f:eb:
56:27:f6:59:8f:8f:34:cb:ac:77:3b:43:e4:53:55:
fa:30:ae:f2:e5:9c:b7:48:70:1d:1e:e8:5d:5e:5d:
f3:cd:8d:07:6b:89:c7:87:bb:74:0d:8d:4f:0c:2a:
d3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:64:5B:B6:78:7C:AD:53:28:0B:A4:F0:40:5C:48:85:AC:7C:7F:DF
X509v3 Authority Key Identifier:
keyid:1D:D1:B8:68:78:86:92:4C:46:13:11:60:50:EE:90:E9:D4:94:26:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/HdG4aHiGkkxGExFgUO6Q6dSUJp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdG4aHiGkkxGExFgUO6Q6dSUJp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D848/C251B5B29B1011EFA72BA020C4F9AE02/F0C8DB1CA54E11EF8592FD66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.36.152.0/22
103.65.216.0/22
103.225.108.0/22
202.1.116.0/22
203.5.244.0/24
203.10.124.0/24
203.12.116.0/24
203.14.106.0/24
203.14.193.0/24
203.18.151.0/24
203.19.52.0/24
203.19.220.0/24
203.20.110.0/23
203.21.22.0/24
203.22.169.0/24
203.23.50.0/24
203.23.71.0/24
203.24.174.0/23
203.25.68.0/22
203.25.123.0/24
203.25.158.0/24
203.26.171.0/24
203.26.226.0/23
203.29.21.0/24
203.29.127.0/24
203.30.78.0/24
203.31.214.0/24
203.32.44.0/23
203.32.47.0/24
203.33.28.0/24
203.33.58.0/23
203.33.108.0/23
203.34.167.0/24
203.55.194.0/23
203.62.147.0/24
Signature Algorithm: sha256WithRSAEncryption
93:c9:b6:64:5f:aa:78:08:14:b4:93:a5:f9:56:b7:f6:7b:ca:
24:00:af:05:32:d4:74:46:61:07:99:0d:d3:c7:3e:fc:69:43:
56:e4:da:dc:4e:fb:13:94:c2:9a:e7:06:cc:48:b4:b8:73:cd:
bb:8c:5c:f7:ff:29:f2:f6:d2:fb:cd:b6:38:22:24:de:d0:e0:
b4:79:73:82:39:2c:c7:17:d6:4a:20:b7:3d:61:26:04:4c:8c:
35:e2:fc:c8:96:61:7d:1c:b7:8e:b2:01:9b:d5:65:93:e4:c8:
06:3e:e9:44:6d:a9:b0:db:86:99:2b:66:d5:a3:fe:fd:06:dd:
0f:42:3c:7c:90:4d:c9:e6:af:34:e9:1f:e1:6d:b5:89:d0:7e:
c2:0e:67:86:ab:2c:9d:34:dc:01:04:ce:9d:98:75:ea:97:b1:
0a:24:bb:6a:d4:c1:3f:b5:a2:cf:3e:8b:85:0f:19:ae:63:c9:
73:b6:f1:4d:a3:6e:f2:e0:e9:30:a1:18:2c:ba:67:18:b3:13:
05:5d:6a:56:0a:88:a8:7b:6f:a9:0f:40:45:b9:11:b0:cf:0a:
ab:11:1b:df:8f:1b:7a:5c:ef:d5:13:71:4e:87:b1:de:4a:4d:
ab:ee:44:e1:79:e7:14:9e:84:92:97:d9:e6:43:21:e0:94:a0:
fd:8f:b3:80
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
RDg0ODExMC8GA1UEBRMoMUREMUI4Njg3ODg2OTI0QzQ2MTMxMTYwNTBFRTkwRTlE
NDk0MjY5RTAeFw0yNDExMTgwMTQ3MDdaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3M2E5YzliLTI2YWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4iugPYe+2g7TV3bmL76Bp0ZQUkAPzAi9rDtJtLjSTsOKsxvtbbGH4GOyFRURL
6zDnQorWbLr9Cb1f4B/FtzOjr07Wlwa/l6g96sacsh8A7lqO8PnqavcL2u7/Lz8R
mqFJRLYPyfBDaSfx5zu4z0IsGEajBZD84obAhpBpdJ6shcNHf/4ZCrYMdU+4NHXv
VbVANwnG6+zagzVOUGuduRKvz/Z84ISlaMBEAIBj1ZnS1H2uz0s/kgARsRFoRh5R
qiBsS5reDhczkVBvgMxtoZtP61Yn9lmPjzTLrHc7Q+RTVfowrvLlnLdIcB0e6F1e
XfPNjQdriceHu3QNjU8MKtPHAgMBAAGjggNmMIIDYjAdBgNVHQ4EFgQUCmRbtnh8
rVMoC6TwQFxIhax8f98wHwYDVR0jBBgwFoAUHdG4aHiGkkxGExFgUO6Q6dSUJp4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFEODQ4L0MyNTFCNUIyOUIx
MDExRUZBNzJCQTAyMEM0RjlBRTAyL0hkRzRhSGlHa2t4R0V4RmdVTzZRNmRTVUpw
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSGRHNGFIaUdra3hHRXhGZ1VPNlE2ZFNVSnA0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RDg0OC9DMjUxQjVCMjlCMTAxMUVGQTcyQkEwMjBDNEY5QUUwMi9GMEM4REIxQ0E1
NEUxMUVGODU5MkZENjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCB7wYIKwYBBQUHAQcBAf8E
gd8wgdwwgdkEAgABMIHSAwQCZySYAwQCZ0HYAwQCZ+FsAwQCygF0AwQAywX0AwQA
ywp8AwQAywx0AwQAyw5qAwQAyw7BAwQAyxKXAwQAyxM0AwQAyxPcAwQByxRuAwQA
yxUWAwQAyxapAwQAyxcyAwQAyxdHAwQByxiuAwQCyxlEAwQAyxl7AwQAyxmeAwQA
yxqrAwQByxriAwQAyx0VAwQAyx1/AwQAyx5OAwQAyx/WAwQByyAsAwQAyyAvAwQA
yyEcAwQByyE6AwQByyFsAwQAyyKnAwQByzfCAwQAyz6TMA0GCSqGSIb3DQEBCwUA
A4IBAQCTybZkX6p4CBS0k6X5Vrf2e8okAK8FMtR0RmEHmQ3Txz78aUNW5NrcTvsT
lMKa5wbMSLS4c827jFz3/yny9tL7zbY4IiTe0OC0eXOCOSzHF9ZKILc9YSYETIw1
4vzIlmF9HLeOsgGb1WWT5MgGPulEbamw24aZK2bVo/79Bt0PQjx8kE3J5q806R/h
bbWJ0H7CDmeGqyydNNwBBM6dmHXql7EKJLtq1ME/taLPPouFDxmuY8lztvFNo27y
4OkwoRgsumcYsxMFXWpWCoioe2+pD0BFuRGwzwqrERvfjxt6XO/VE3FOh7HeSk2r
7kTheecUnoSSl9nmQyHglKD9j7OA
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:45:02 2024 by rpki-client on console-ams.rpki-client.org