Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/8C1F014E911411EF84279055C4F9AE02.roa
File: 8C1F014E911411EF84279055C4F9AE02.roa (raw, json)
Hash identifier: D2p6aApYT8eTskHJ6USNYC6PGfVKL5npiA4MObrf+M8=
Subject key identifier: 8D:EA:E3:A4:6C:CA:2F:B5:A4:74:3A:69:1D:A4:8A:3F:90:21:51:F6
Certificate issuer: /CN=A913F6DE/serialNumber=5D428682E89E9FED962BE9C4432B34C45E2E09C9
Certificate serial: 0BD0
Authority key identifier: 5D:42:86:82:E8:9E:9F:ED:96:2B:E9:C4:43:2B:34:C4:5E:2E:09:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUKGguien-2WK-nEQys0xF4uCck.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/8C1F014E911411EF84279055C4F9AE02.roa
Signing time: Sun 02 Feb 2025 13:47:06 +0000
ROA not before: Sun 02 Feb 2025 13:47:06 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 131464
IP address blocks: 103.69.148.0/22 maxlen: 22
103.69.148.0/23 maxlen: 23
103.69.148.0/24 maxlen: 24
103.69.149.0/24 maxlen: 24
103.69.150.0/23 maxlen: 23
103.69.150.0/24 maxlen: 24
103.69.151.0/24 maxlen: 24
180.149.232.0/22 maxlen: 22
180.149.232.0/23 maxlen: 23
180.149.232.0/24 maxlen: 24
180.149.233.0/24 maxlen: 24
180.149.234.0/23 maxlen: 23
180.149.234.0/24 maxlen: 24
180.149.235.0/24 maxlen: 24
2405:f280::/32 maxlen: 32
2405:f280::/33 maxlen: 33
2405:f280::/34 maxlen: 34
2405:f280::/35 maxlen: 35
2405:f280::/36 maxlen: 36
2405:f280:1::/48 maxlen: 48
2405:f280:3::/48 maxlen: 48
2405:f280:14::/48 maxlen: 48
2405:f280:34::/48 maxlen: 48
2405:f280:5c::/48 maxlen: 48
2405:f280:1000::/36 maxlen: 36
2405:f280:1000::/48 maxlen: 48
2405:f280:1001::/48 maxlen: 48
2405:f280:1038::/48 maxlen: 48
2405:f280:1039::/48 maxlen: 48
2405:f280:2000::/35 maxlen: 35
2405:f280:2000::/36 maxlen: 36
2405:f280:3000::/36 maxlen: 36
2405:f280:4000::/34 maxlen: 34
2405:f280:4000::/35 maxlen: 35
2405:f280:4000::/36 maxlen: 36
2405:f280:5000::/36 maxlen: 36
2405:f280:6000::/35 maxlen: 35
2405:f280:6000::/36 maxlen: 36
2405:f280:7000::/36 maxlen: 36
2405:f280:8000::/33 maxlen: 33
2405:f280:8000::/34 maxlen: 34
2405:f280:8000::/35 maxlen: 35
2405:f280:8000::/36 maxlen: 36
2405:f280:9000::/36 maxlen: 36
2405:f280:9000::/48 maxlen: 48
2405:f280:9001::/48 maxlen: 48
2405:f280:a000::/35 maxlen: 35
2405:f280:a000::/36 maxlen: 36
2405:f280:b000::/36 maxlen: 36
2405:f280:c000::/34 maxlen: 34
2405:f280:c000::/35 maxlen: 35
2405:f280:c000::/36 maxlen: 36
2405:f280:c000::/48 maxlen: 48
2405:f280:d000::/36 maxlen: 36
2405:f280:e000::/35 maxlen: 35
2405:f280:e000::/36 maxlen: 36
2405:f280:e000::/48 maxlen: 48
2405:f280:e004::/48 maxlen: 48
2405:f280:e005::/48 maxlen: 48
2405:f280:e006::/48 maxlen: 48
2405:f280:e007::/48 maxlen: 48
2405:f280:e008::/48 maxlen: 48
2405:f280:e009::/48 maxlen: 48
2405:f280:e00a::/48 maxlen: 48
2405:f280:e00b::/48 maxlen: 48
2405:f280:e00c::/48 maxlen: 48
2405:f280:e00d::/48 maxlen: 48
2405:f280:e034::/48 maxlen: 48
2405:f280:ef00::/48 maxlen: 48
2405:f280:f000::/36 maxlen: 36
2405:f280:ff00::/40 maxlen: 40
2405:f280:ff00::/48 maxlen: 48
2405:f280:ff01::/48 maxlen: 48
2405:f280:ff02::/48 maxlen: 48
2405:f280:ff03::/48 maxlen: 48
2405:f280:ff04::/48 maxlen: 48
2405:f280:ff05::/48 maxlen: 48
2405:f280:ff06::/48 maxlen: 48
2405:f280:ff07::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/XUKGguien-2WK-nEQys0xF4uCck.crl
rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/XUKGguien-2WK-nEQys0xF4uCck.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUKGguien-2WK-nEQys0xF4uCck.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 18:59:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3024 (0xbd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913F6DE
Validity
Not Before: Feb 2 13:47:06 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=679f775a-d080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:da:ae:07:4f:d3:4f:8a:af:b1:1a:ff:9b:de:
da:b5:e2:4b:8f:7f:e8:64:b9:f8:6b:0a:57:77:b8:
c9:2f:19:af:52:27:2c:52:27:03:1f:69:7e:06:3c:
f1:ee:6a:4f:28:73:6c:c2:49:77:a1:f1:09:37:ea:
5d:31:35:77:fc:08:0f:fb:18:e1:62:b4:df:26:25:
ee:c7:04:5b:4e:2f:30:26:f7:39:ea:3f:ac:b4:5c:
0d:fb:75:d2:c9:59:80:02:4b:37:8c:bf:be:5d:01:
07:a2:93:09:fe:0b:15:bd:80:cb:ef:8b:6e:50:76:
6a:09:49:82:07:a6:84:be:71:0e:3e:24:2f:64:76:
e3:7d:dc:30:03:5f:df:b6:c0:73:dd:be:af:3e:17:
24:40:ad:83:d1:d6:ad:78:f5:46:14:aa:75:e1:4b:
28:7c:6d:0c:29:52:72:16:96:58:49:13:d9:9e:d1:
40:93:74:4c:1b:fe:af:d8:fc:6c:97:ff:77:37:12:
1b:29:15:ed:49:a4:1e:96:b7:71:70:3b:a8:ec:06:
25:0a:30:f7:29:6c:ba:80:ba:cd:6f:6c:ba:b5:4c:
f5:d6:f4:1f:e2:85:20:b8:56:40:78:b8:a8:30:f9:
4d:e2:1a:d2:af:46:7f:4b:80:fa:09:b2:9e:76:ce:
ba:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:EA:E3:A4:6C:CA:2F:B5:A4:74:3A:69:1D:A4:8A:3F:90:21:51:F6
X509v3 Authority Key Identifier:
keyid:5D:42:86:82:E8:9E:9F:ED:96:2B:E9:C4:43:2B:34:C4:5E:2E:09:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/XUKGguien-2WK-nEQys0xF4uCck.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XUKGguien-2WK-nEQys0xF4uCck.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913F6DE/87AAE74A1B3A11EAB4CDC659C4F9AE02/8C1F014E911411EF84279055C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.69.148.0/22
180.149.232.0/22
IPv6:
2405:f280::/32
Signature Algorithm: sha256WithRSAEncryption
26:1a:ce:b8:99:98:26:01:42:6a:be:f0:2d:02:e7:8f:72:a4:
00:5c:0d:17:6a:6b:fa:92:e4:9e:bf:76:8a:7c:4a:b2:00:27:
82:2b:f9:d2:2f:4d:bf:3b:eb:f6:58:7e:fd:f7:1d:92:80:eb:
16:75:80:69:60:59:ce:6e:ac:2c:d1:94:68:e7:7e:d8:07:a5:
0a:3b:be:3e:e3:b7:60:e8:55:2b:4f:48:40:92:aa:75:db:2e:
0b:40:30:bc:34:1a:5e:06:c3:57:6a:e3:59:f0:79:56:79:25:
c5:40:46:7b:68:86:71:32:b1:23:f0:12:d8:28:c0:ea:b1:2e:
d1:dc:65:20:e5:26:5d:4a:00:18:17:f8:a7:6f:f8:02:21:be:
a9:32:58:e9:c9:8f:da:53:a3:cc:cf:a0:a7:43:17:39:1f:6c:
36:d2:ff:5f:35:a4:6d:2a:da:03:1b:69:62:97:fb:01:2b:6b:
df:01:cc:93:c0:bc:33:10:38:d7:02:4a:3b:98:75:eb:93:2e:
a9:9f:6f:1a:6b:65:36:96:e4:6c:49:b0:48:2c:b3:54:10:c2:
77:53:1f:68:d8:4e:76:c1:d9:bd:ad:d5:b2:41:a9:12:6f:2c:
0b:c9:48:fc:a3:d9:75:1a:9d:df:04:14:d1:eb:80:95:42:75:
9f:c1:94:77
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICC9AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0Y2REUxMTAvBgNVBAUTKDVENDI4NjgyRTg5RTlGRUQ5NjJCRTlDNDQzMkIzNEM0
NUUyRTA5QzkwHhcNMjUwMjAyMTM0NzA2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzlmNzc1YS1kMDgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxdquB0/TT4qvsRr/m97ateJLj3/oZLn4awpXd7jJLxmvUicsUicDH2l+Bjzx
7mpPKHNswkl3ofEJN+pdMTV3/AgP+xjhYrTfJiXuxwRbTi8wJvc56j+stFwN+3XS
yVmAAks3jL++XQEHopMJ/gsVvYDL74tuUHZqCUmCB6aEvnEOPiQvZHbjfdwwA1/f
tsBz3b6vPhckQK2D0datePVGFKp14UsofG0MKVJyFpZYSRPZntFAk3RMG/6v2Pxs
l/93NxIbKRXtSaQelrdxcDuo7AYlCjD3KWy6gLrNb2y6tUz11vQf4oUguFZAeLio
MPlN4hrSr0Z/S4D6CbKeds66VwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFI3q46Rs
yi+1pHQ6aR2kij+QIVH2MB8GA1UdIwQYMBaAFF1ChoLonp/tlivpxEMrNMReLgnJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRjZERS84N0FBRTc0QTFC
M0ExMUVBQjRDREM2NTlDNEY5QUUwMi9YVUtHZ3VpZW4tMldLLW5FUXlzMHhGNHVD
Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hVS0dndWllbi0yV0stbkVReXMweEY0dUNjay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0Y2REUvODdBQUU3NEExQjNBMTFFQUI0Q0RDNjU5QzRGOUFFMDIvOEMxRjAxNEU5
MTE0MTFFRjg0Mjc5MDU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJnRZQDBAK0legwDQQCAAIwBwMFACQF8oAwDQYJKoZIhvcN
AQELBQADggEBACYazriZmCYBQmq+8C0C549ypABcDRdqa/qS5J6/dop8SrIAJ4Ir
+dIvTb876/ZYfv33HZKA6xZ1gGlgWc5urCzRlGjnftgHpQo7vj7jt2DoVStPSECS
qnXbLgtAMLw0Gl4Gw1dq41nweVZ5JcVARntohnEysSPwEtgowOqxLtHcZSDlJl1K
ABgX+Kdv+AIhvqkyWOnJj9pTo8zPoKdDFzkfbDbS/181pG0q2gMbaWKX+wEra98B
zJPAvDMQONcCSjuYdeuTLqmfbxprZTaW5GxJsEgss1QQwndTH2jYTnbB2b2t1bJB
qRJvLAvJSPyj2XUand8EFNHrgJVCdZ/BlHc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:22:22 2025 by rpki-client