Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1551AC80BE6811EEA3F1816EC4F9AE02.roa
File: 1551AC80BE6811EEA3F1816EC4F9AE02.roa (raw, json)
Hash identifier: rzZQ4nLj+3tmUbbC/Cg3k+PclxozqAXATyVe0td9bmA=
Subject key identifier: 14:31:94:C7:B2:92:CC:5F:78:70:50:65:2A:AB:DC:ED:B5:D8:14:D0
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 90FD
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1551AC80BE6811EEA3F1816EC4F9AE02.roa
Signing time: Thu 30 May 2024 16:30:19 +0000
ROA not before: Thu 30 May 2024 16:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55353
IP address blocks: 103.15.64.0/22 maxlen: 22
103.15.64.0/24 maxlen: 24
103.15.65.0/24 maxlen: 24
103.15.66.0/24 maxlen: 24
103.15.67.0/24 maxlen: 24
111.118.240.0/20 maxlen: 20
111.118.240.0/24 maxlen: 24
111.118.241.0/24 maxlen: 24
111.118.242.0/24 maxlen: 24
111.118.243.0/24 maxlen: 24
111.118.244.0/24 maxlen: 24
111.118.245.0/24 maxlen: 24
111.118.246.0/24 maxlen: 24
111.118.247.0/24 maxlen: 24
111.118.248.0/24 maxlen: 24
111.118.249.0/24 maxlen: 24
111.118.250.0/24 maxlen: 24
111.118.251.0/24 maxlen: 24
111.118.252.0/24 maxlen: 24
111.118.253.0/24 maxlen: 24
111.118.254.0/24 maxlen: 24
111.118.255.0/24 maxlen: 24
150.129.144.0/22 maxlen: 22
150.129.144.0/24 maxlen: 24
150.129.145.0/24 maxlen: 24
150.129.146.0/24 maxlen: 24
150.129.147.0/24 maxlen: 24
183.182.84.0/22 maxlen: 22
183.182.84.0/24 maxlen: 24
183.182.85.0/24 maxlen: 24
183.182.86.0/24 maxlen: 24
183.182.87.0/24 maxlen: 24
2401:c300::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Dec 2024 10:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37117 (0x90fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 30 16:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a99a-b6a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5d:df:bc:3a:bc:97:15:40:e9:70:af:73:76:
f4:01:3a:f9:99:de:fc:99:9d:2f:d3:e1:6e:09:41:
3a:b5:8b:fc:c4:cb:91:83:ca:ec:36:b9:cd:6f:b5:
4f:15:89:0d:2c:5f:e6:4b:ee:5c:31:25:81:cd:83:
94:02:e8:fc:e7:93:fd:e9:ce:18:25:57:89:7c:aa:
f7:ba:c7:b1:86:f0:54:5e:24:31:1d:72:be:77:f2:
a7:5c:08:19:b5:32:ef:03:48:2e:26:d0:68:2c:8a:
65:bc:77:5c:6c:68:6e:03:af:fe:33:a1:2d:9f:36:
63:02:f9:f3:34:44:4e:7a:79:09:71:c5:d5:be:47:
4b:f0:6d:33:e9:85:b3:5a:3f:2d:1f:37:88:6f:33:
a3:75:0c:85:b4:32:fe:92:0e:b3:dc:a6:3b:4d:b8:
b8:b5:d2:2f:93:cf:24:18:ce:02:6b:4c:fb:e2:bc:
b1:e4:80:81:20:5a:d0:ba:cc:e3:67:6f:e2:16:06:
4d:e9:ca:14:f2:26:83:4c:40:df:07:7c:01:92:83:
8b:00:2c:ad:73:b3:60:07:2b:56:bf:03:a9:0e:7e:
a9:83:1d:a8:ab:d3:48:4a:67:d1:c8:21:23:a1:03:
ff:59:d5:70:f4:73:82:3b:70:29:01:26:b5:e9:fe:
7f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:31:94:C7:B2:92:CC:5F:78:70:50:65:2A:AB:DC:ED:B5:D8:14:D0
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1551AC80BE6811EEA3F1816EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.15.64.0/22
111.118.240.0/20
150.129.144.0/22
183.182.84.0/22
IPv6:
2401:c300::/32
Signature Algorithm: sha256WithRSAEncryption
2d:a6:b7:8d:c3:72:32:87:7a:dc:3c:12:7a:5c:e7:e3:d2:08:
8a:1c:68:81:7c:68:5b:da:77:76:77:ff:05:1d:9d:e3:a7:e3:
34:0e:bb:c4:ae:f3:61:7f:79:2b:a9:a9:0f:33:4f:7c:0d:99:
06:6c:9a:aa:9e:d5:8a:90:89:7a:3a:5a:fc:48:1d:50:4e:5f:
4c:cb:83:60:b2:8e:3f:21:12:03:be:07:58:d1:98:c6:b7:a9:
e5:b5:56:ff:50:0a:60:3a:20:dd:66:81:17:be:97:b2:26:5f:
26:33:60:01:28:8d:58:0f:3f:30:52:80:0b:91:4a:f3:0a:91:
f8:a8:27:0f:b7:4b:98:af:ec:7e:d6:3e:57:7e:da:67:c0:92:
a9:59:02:57:1f:39:6f:f3:c5:56:66:66:ec:2f:04:c5:68:53:
45:a3:dc:f7:9d:b4:10:5f:0e:fb:56:3f:e8:1d:da:d2:0e:74:
43:82:66:f7:ee:c6:59:54:32:b1:a6:14:87:48:8f:cd:87:c8:
e5:15:86:b9:06:56:14:36:fe:ee:16:1b:ee:f8:ab:50:15:8b:
68:ff:91:2a:f3:c6:56:87:71:8d:81:2c:7c:b5:bc:4c:f5:58:
1e:8a:a5:d4:3c:c9:83:67:50:d4:0f:a9:49:da:1b:88:c7:34:
f8:f0:a1:91
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAJD9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MzAxOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE5OWEtYjZhMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN1d37w6vJcVQOlwr3N29AE6+Zne/JmdL9PhbglBOrWL/MTLkYPK7Da5zW+1
TxWJDSxf5kvuXDElgc2DlALo/OeT/enOGCVXiXyq97rHsYbwVF4kMR1yvnfyp1wI
GbUy7wNILibQaCyKZbx3XGxobgOv/jOhLZ82YwL58zRETnp5CXHF1b5HS/BtM+mF
s1o/LR83iG8zo3UMhbQy/pIOs9ymO024uLXSL5PPJBjOAmtM++K8seSAgSBa0LrM
42dv4hYGTenKFPImg0xA3wd8AZKDiwAsrXOzYAcrVr8DqQ5+qYMdqKvTSEpn0cgh
I6ED/1nVcPRzgjtwKQEmten+f5UCAwEAAaOCArYwggKyMB0GA1UdDgQWBBQUMZTH
spLMX3hwUGUqq9zttdgU0DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzE1NTFBQzgw
QkU2ODExRUVBM0YxODE2RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEAGCCsGAQUFBwEHAQH/
BDEwLzAeBAIAATAYAwQCZw9AAwQEb3bwAwQCloGQAwQCt7ZUMA0EAgACMAcDBQAk
AcMAMA0GCSqGSIb3DQEBCwUAA4IBAQAtpreNw3Iyh3rcPBJ6XOfj0giKHGiBfGhb
2nd2d/8FHZ3jp+M0DrvErvNhf3krqakPM098DZkGbJqqntWKkIl6Olr8SB1QTl9M
y4Ngso4/IRIDvgdY0ZjGt6nltVb/UApgOiDdZoEXvpeyJl8mM2ABKI1YDz8wUoAL
kUrzCpH4qCcPt0uYr+x+1j5XftpnwJKpWQJXHzlv88VWZmbsLwTFaFNFo9z3nbQQ
Xw77Vj/oHdrSDnRDgmb37sZZVDKxphSHSI/Nh8jlFYa5BlYUNv7uFhvu+KtQFYto
/5Eq88ZWh3GNgSx8tbxM9VgeiqXUPMmDZ1DUD6lJ2huIxzT48KGR
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:17:04 2024 by rpki-client on console-ams.rpki-client.org