Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158EC4/45064790E5B111EE9E35C333C4F9AE02/2805F2D6E5B511EEB34EF35AC4F9AE02.roa
File: 2805F2D6E5B511EEB34EF35AC4F9AE02.roa (raw, json)
Hash identifier: zp7wo3Fj7A9LYP7fJX6ClUApusAEuTaZ5MvWnQx4l4w=
Subject key identifier: 66:40:E1:81:90:F4:CE:59:98:0E:31:38:EA:4D:90:47:B9:F8:76:B3
Certificate issuer: /CN=A9158EC4/serialNumber=5324065A613D2D1078179C6216371CCC6A77507A
Certificate serial: 2F
Authority key identifier: 53:24:06:5A:61:3D:2D:10:78:17:9C:62:16:37:1C:CC:6A:77:50:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UyQGWmE9LRB4F5xiFjcczGp3UHo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158EC4/45064790E5B111EE9E35C333C4F9AE02/2805F2D6E5B511EEB34EF35AC4F9AE02.roa
Signing time: Mon 03 Jun 2024 09:33:52 +0000
ROA not before: Mon 03 Jun 2024 09:33:52 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 7131
IP address blocks: 43.247.60.0/22 maxlen: 22
43.247.60.0/24 maxlen: 24
43.247.61.0/24 maxlen: 24
43.247.62.0/24 maxlen: 24
43.247.63.0/24 maxlen: 24
103.3.240.0/22 maxlen: 22
103.3.240.0/24 maxlen: 24
103.3.241.0/24 maxlen: 24
103.3.242.0/24 maxlen: 24
103.3.243.0/24 maxlen: 24
202.123.128.0/19 maxlen: 19
202.123.128.0/24 maxlen: 24
202.123.129.0/24 maxlen: 24
202.123.130.0/24 maxlen: 24
202.123.131.0/24 maxlen: 24
202.123.132.0/24 maxlen: 24
202.123.133.0/24 maxlen: 24
202.123.134.0/24 maxlen: 24
202.123.135.0/24 maxlen: 24
202.123.136.0/24 maxlen: 24
202.123.137.0/24 maxlen: 24
202.123.138.0/24 maxlen: 24
202.123.139.0/24 maxlen: 24
202.123.140.0/24 maxlen: 24
202.123.141.0/24 maxlen: 24
202.123.142.0/24 maxlen: 24
202.123.143.0/24 maxlen: 24
202.123.144.0/24 maxlen: 24
202.123.145.0/24 maxlen: 24
202.123.146.0/24 maxlen: 24
202.123.147.0/24 maxlen: 24
202.123.148.0/24 maxlen: 24
202.123.149.0/24 maxlen: 24
202.123.150.0/24 maxlen: 24
202.123.151.0/24 maxlen: 24
202.123.152.0/24 maxlen: 24
202.123.153.0/24 maxlen: 24
202.123.154.0/24 maxlen: 24
202.123.155.0/24 maxlen: 24
202.123.156.0/24 maxlen: 24
202.123.157.0/24 maxlen: 24
202.123.158.0/24 maxlen: 24
202.123.159.0/24 maxlen: 24
2401:58c0::/32 maxlen: 32
2401:58c0::/36 maxlen: 36
2401:58c0:1000::/36 maxlen: 36
2401:58c0:2000::/36 maxlen: 36
2401:58c0:3000::/36 maxlen: 36
2401:58c0:4000::/36 maxlen: 36
2401:58c0:5000::/36 maxlen: 36
2401:58c0:6000::/36 maxlen: 36
2401:58c0:7000::/36 maxlen: 36
2401:58c0:8000::/36 maxlen: 36
2401:58c0:9000::/36 maxlen: 36
2401:58c0:a000::/36 maxlen: 36
2401:58c0:b000::/36 maxlen: 36
2401:58c0:c000::/36 maxlen: 36
2401:58c0:d000::/36 maxlen: 36
2401:58c0:e000::/36 maxlen: 36
2401:58c0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9158EC4/45064790E5B111EE9E35C333C4F9AE02/UyQGWmE9LRB4F5xiFjcczGp3UHo.crl
rsync://rpki.apnic.net/member_repository/A9158EC4/45064790E5B111EE9E35C333C4F9AE02/UyQGWmE9LRB4F5xiFjcczGp3UHo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UyQGWmE9LRB4F5xiFjcczGp3UHo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 02 Jul 2024 07:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47 (0x2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158EC4/serialNumber=5324065A613D2D1078179C6216371CCC6A77507A
Validity
Not Before: Jun 3 09:33:52 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=665d8e00-159e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:64:2e:8b:97:3e:98:eb:ea:8e:5d:7e:65:de:
82:38:7e:f1:15:cf:2e:d7:b3:9c:5b:00:dd:6a:c9:
50:9e:9b:2b:ce:10:4c:9e:07:a4:cf:37:a6:ff:0c:
e9:80:ec:41:a6:89:d9:9c:b5:5a:58:a8:98:76:8f:
13:69:78:bc:1d:72:a1:32:1b:de:d1:cf:98:0e:21:
fd:2d:78:69:b2:10:58:a3:03:4e:1d:35:f6:4e:88:
37:d0:0d:aa:e0:f5:8f:0c:7f:46:ed:ee:88:27:d7:
2c:5b:75:7b:c4:5a:99:c5:f3:51:31:40:bf:e2:c6:
d3:2f:ec:94:34:8d:ec:ac:30:94:38:88:c5:82:da:
5b:af:81:90:f6:55:d5:4f:24:79:19:4e:bc:cb:70:
1c:1a:a2:f6:5d:c6:dc:74:56:34:28:1e:ec:e0:f1:
7e:9e:00:c0:0f:31:f3:38:f4:76:f6:12:60:0c:2c:
9e:f4:0b:16:70:77:0b:9c:d9:33:2f:07:58:5a:26:
26:db:5b:72:84:00:c6:ee:bc:af:2c:eb:5c:ac:d6:
b7:27:17:be:35:50:51:88:d8:c9:c3:4d:c3:66:dd:
20:3c:26:95:6e:1e:68:a2:ec:fa:e1:f1:89:7b:11:
37:79:c5:77:27:4b:4d:72:da:d8:f9:b4:b2:f2:0d:
8d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:40:E1:81:90:F4:CE:59:98:0E:31:38:EA:4D:90:47:B9:F8:76:B3
X509v3 Authority Key Identifier:
keyid:53:24:06:5A:61:3D:2D:10:78:17:9C:62:16:37:1C:CC:6A:77:50:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158EC4/45064790E5B111EE9E35C333C4F9AE02/UyQGWmE9LRB4F5xiFjcczGp3UHo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UyQGWmE9LRB4F5xiFjcczGp3UHo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158EC4/45064790E5B111EE9E35C333C4F9AE02/2805F2D6E5B511EEB34EF35AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.60.0/22
103.3.240.0/22
202.123.128.0/19
IPv6:
2401:58c0::/32
Signature Algorithm: sha256WithRSAEncryption
7c:da:43:25:76:9e:b0:9a:18:f8:1c:52:73:52:de:b4:dc:b7:
7f:51:b4:9b:3a:82:92:08:0a:1c:8d:da:7b:f8:9c:b6:82:6d:
4c:98:7a:4f:ac:92:3c:27:c3:c0:4e:f4:a2:91:5c:06:ad:ce:
e4:45:e7:9f:55:39:80:bc:17:79:41:a2:78:f4:d4:1d:c4:39:
c2:57:5b:6b:5b:49:47:db:66:ac:d0:cd:1c:e2:f1:36:d8:2e:
fb:91:e2:3b:f8:55:a6:ef:cb:82:1f:9a:88:40:c5:52:8b:b0:
d0:db:18:fb:8b:91:41:95:63:e6:b2:1b:4a:00:fe:bb:18:6f:
5f:c6:f8:9b:11:4b:cc:04:e0:51:af:44:5e:38:ec:d7:af:b1:
62:4e:39:4e:6d:4b:f4:4d:13:f2:83:ee:d4:e8:e2:ac:ee:f0:
27:6e:d1:5f:26:cc:81:df:bc:77:42:81:27:ed:58:e7:80:cc:
a4:3d:19:82:1f:d6:5a:2f:eb:9b:0a:cb:ef:05:ee:8b:f7:16:
38:d3:26:d2:f0:b5:f0:da:e8:38:1f:cb:f1:a8:a1:82:85:fa:
21:c3:e9:ad:1f:0a:84:f6:31:60:14:ab:2c:44:e6:dd:64:53:
ca:b4:f4:fb:06:0b:63:f4:ae:da:bc:1f:f5:f3:4f:7b:6a:dc:
e8:f4:94:9d
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIBLzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
OEVDNDExMC8GA1UEBRMoNTMyNDA2NUE2MTNEMkQxMDc4MTc5QzYyMTYzNzFDQ0M2
QTc3NTA3QTAeFw0yNDA2MDMwOTMzNTJaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NWQ4ZTAwLTE1OWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBZC6Llz6Y6+qOXX5l3oI4fvEVzy7Xs5xbAN1qyVCemyvOEEyeB6TPN6b/DOmA
7EGmidmctVpYqJh2jxNpeLwdcqEyG97Rz5gOIf0teGmyEFijA04dNfZOiDfQDarg
9Y8Mf0bt7ogn1yxbdXvEWpnF81ExQL/ixtMv7JQ0jeysMJQ4iMWC2luvgZD2VdVP
JHkZTrzLcBwaovZdxtx0VjQoHuzg8X6eAMAPMfM49Hb2EmAMLJ70CxZwdwuc2TMv
B1haJibbW3KEAMbuvK8s61ys1rcnF741UFGI2MnDTcNm3SA8JpVuHmii7Prh8Yl7
ETd5xXcnS01y2tj5tLLyDY2RAgMBAAGjggKwMIICrDAdBgNVHQ4EFgQUZkDhgZD0
zlmYDjE46k2QR7n4drMwHwYDVR0jBBgwFoAUUyQGWmE9LRB4F5xiFjcczGp3UHow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4RUM0LzQ1MDY0NzkwRTVC
MTExRUU5RTM1QzMzM0M0RjlBRTAyL1V5UUdXbUU5TFJCNEY1eGlGamNjekdwM1VI
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVXlRR1dtRTlMUkI0RjV4aUZqY2N6R3AzVUhvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
OEVDNC80NTA2NDc5MEU1QjExMUVFOUUzNUMzMzNDNEY5QUUwMi8yODA1RjJENkU1
QjUxMUVFQjM0RUYzNUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA6BggrBgEFBQcBBwEB/wQr
MCkwGAQCAAEwEgMEAiv3PAMEAmcD8AMEBcp7gDANBAIAAjAHAwUAJAFYwDANBgkq
hkiG9w0BAQsFAAOCAQEAfNpDJXaesJoY+BxSc1LetNy3f1G0mzqCkggKHI3ae/ic
toJtTJh6T6ySPCfDwE70opFcBq3O5EXnn1U5gLwXeUGiePTUHcQ5wldba1tJR9tm
rNDNHOLxNtgu+5HiO/hVpu/Lgh+aiEDFUouw0NsY+4uRQZVj5rIbSgD+uxhvX8b4
mxFLzATgUa9EXjjs16+xYk45Tm1L9E0T8oPu1OjirO7wJ27RXybMgd+8d0KBJ+1Y
54DMpD0Zgh/WWi/rmwrL7wXui/cWONMm0vC18NroOB/L8aihgoX6IcPprR8KhPYx
YBSrLETm3WRTyrT0+wYLY/Su2rwf9fNPe2rc6PSUnQ==
-----END CERTIFICATE-----
Generated at Tue Jun 25 10:52:13 2024 by rpki-client on console-ams.rpki-client.org