Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2293079AA5A311EF898D1A65C4F9AE02.roa
File: 2293079AA5A311EF898D1A65C4F9AE02.roa (raw, json)
Hash identifier: leA47CkHKvzk71YPFyDUXjiL7JJ/emlzKgsm5nNzLy8=
Subject key identifier: DA:F7:37:56:21:59:A3:5A:6C:8A:C9:B6:C3:E3:21:96:D5:E8:41:A3
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9D64
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2293079AA5A311EF898D1A65C4F9AE02.roa
Signing time: Mon 18 Nov 2024 11:52:50 +0000
ROA not before: Mon 18 Nov 2024 11:52:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138296
IP address blocks: 103.2.190.0/23 maxlen: 24
103.31.140.0/23 maxlen: 24
103.31.142.0/23 maxlen: 24
103.31.220.0/23 maxlen: 24
103.41.32.0/22 maxlen: 24
103.93.192.0/22 maxlen: 24
103.111.69.0/24 maxlen: 24
103.111.70.0/24 maxlen: 24
103.111.71.0/24 maxlen: 24
103.115.154.0/23 maxlen: 24
103.119.82.0/23 maxlen: 24
103.119.172.0/23 maxlen: 24
103.123.154.0/23 maxlen: 24
103.123.224.0/22 maxlen: 24
103.124.22.0/23 maxlen: 24
103.124.122.0/23 maxlen: 24
103.127.116.0/23 maxlen: 24
103.127.252.0/24 maxlen: 24
103.132.100.0/23 maxlen: 24
103.134.4.0/22 maxlen: 24
103.143.8.0/23 maxlen: 23
103.143.8.0/24 maxlen: 24
103.143.9.0/24 maxlen: 24
103.157.178.0/23 maxlen: 24
103.157.222.0/23 maxlen: 24
103.158.48.0/23 maxlen: 24
103.163.190.0/23 maxlen: 24
103.167.176.0/23 maxlen: 24
103.171.210.0/23 maxlen: 24
103.172.86.0/23 maxlen: 24
103.172.156.0/23 maxlen: 24
103.173.120.0/23 maxlen: 24
103.173.205.0/24 maxlen: 24
103.173.244.0/24 maxlen: 24
103.173.245.0/24 maxlen: 24
103.174.244.0/23 maxlen: 24
103.175.60.0/23 maxlen: 24
103.179.46.0/23 maxlen: 24
103.179.232.0/24 maxlen: 24
103.179.236.0/23 maxlen: 24
103.181.54.0/23 maxlen: 24
103.195.80.0/23 maxlen: 24
103.204.132.0/22 maxlen: 24
103.206.26.0/23 maxlen: 24
103.207.90.0/23 maxlen: 24
103.208.90.0/23 maxlen: 24
103.209.72.0/23 maxlen: 24
103.212.172.0/23 maxlen: 24
103.215.184.0/23 maxlen: 24
103.217.138.0/23 maxlen: 24
103.218.106.0/23 maxlen: 24
103.218.180.0/23 maxlen: 24
103.218.184.0/23 maxlen: 24
103.218.186.0/23 maxlen: 24
103.220.232.0/23 maxlen: 24
103.225.30.0/23 maxlen: 24
103.225.116.0/23 maxlen: 24
103.227.104.0/23 maxlen: 24
103.228.72.0/23 maxlen: 24
103.229.90.0/23 maxlen: 24
103.244.24.0/23 maxlen: 24
103.244.94.0/23 maxlen: 24
110.44.10.0/24 maxlen: 24
110.44.11.0/24 maxlen: 24
2001:df2:380::/48 maxlen: 48
2400:4fe0::/32 maxlen: 32
2404:58c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Dec 2024 10:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40292 (0x9d64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 18 11:52:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=673b2a92-36f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2d:c0:a0:08:20:01:01:c4:20:9d:77:8d:66:
cd:56:7f:c8:70:82:16:61:39:9d:3f:76:27:09:a6:
58:91:0f:f9:76:42:ff:72:95:fd:85:40:e2:d3:ec:
30:a7:6f:c3:9f:0d:8e:21:d8:dc:2c:cd:f5:61:9e:
18:2e:99:ef:11:4a:d7:13:0c:7b:3a:ef:1c:18:06:
5d:b3:0b:5b:8d:73:ab:41:f1:3e:51:bb:dd:49:4a:
fe:6b:25:bd:2b:a0:65:6b:6a:17:8e:b5:24:10:bd:
89:71:25:33:59:2b:4e:51:8e:9b:0a:52:e0:eb:e9:
50:68:79:73:a9:6f:ee:4d:85:79:c4:ac:8a:6f:13:
21:b0:f1:a5:48:c6:a7:c9:9d:f7:de:04:3e:0a:ff:
00:01:95:6c:2c:9c:ce:d4:76:3c:a9:76:b1:2b:60:
10:9d:8d:22:50:37:95:55:08:57:c5:3e:a6:4e:e6:
15:24:b8:99:27:e1:59:1d:f0:6a:76:17:2d:f2:6a:
84:ef:2a:0f:84:a1:be:16:20:cf:cc:b6:d2:71:70:
1f:c0:e8:d9:52:16:f3:5d:fd:24:e3:53:b3:8c:3f:
20:5d:9a:fa:ef:b7:3f:b6:94:e6:db:7b:06:7c:c5:
df:e9:23:17:86:2b:48:23:5d:60:ce:58:33:51:97:
c4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F7:37:56:21:59:A3:5A:6C:8A:C9:B6:C3:E3:21:96:D5:E8:41:A3
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2293079AA5A311EF898D1A65C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.2.190.0/23
103.31.140.0/22
103.31.220.0/23
103.41.32.0/22
103.93.192.0/22
103.111.69.0-103.111.71.255
103.115.154.0/23
103.119.82.0/23
103.119.172.0/23
103.123.154.0/23
103.123.224.0/22
103.124.22.0/23
103.124.122.0/23
103.127.116.0/23
103.127.252.0/24
103.132.100.0/23
103.134.4.0/22
103.143.8.0/23
103.157.178.0/23
103.157.222.0/23
103.158.48.0/23
103.163.190.0/23
103.167.176.0/23
103.171.210.0/23
103.172.86.0/23
103.172.156.0/23
103.173.120.0/23
103.173.205.0/24
103.173.244.0/23
103.174.244.0/23
103.175.60.0/23
103.179.46.0/23
103.179.232.0/24
103.179.236.0/23
103.181.54.0/23
103.195.80.0/23
103.204.132.0/22
103.206.26.0/23
103.207.90.0/23
103.208.90.0/23
103.209.72.0/23
103.212.172.0/23
103.215.184.0/23
103.217.138.0/23
103.218.106.0/23
103.218.180.0/23
103.218.184.0/22
103.220.232.0/23
103.225.30.0/23
103.225.116.0/23
103.227.104.0/23
103.228.72.0/23
103.229.90.0/23
103.244.24.0/23
103.244.94.0/23
110.44.10.0/23
IPv6:
2001:df2:380::/48
2400:4fe0::/32
2404:58c0::/48
Signature Algorithm: sha256WithRSAEncryption
28:95:0d:43:4c:39:d1:2d:65:90:4b:98:1c:1b:68:f5:a5:eb:
03:e3:1c:52:ce:06:91:63:90:d1:e6:50:61:f4:14:63:b2:d9:
07:80:73:a2:63:12:7f:b1:8d:d9:be:90:60:ee:34:79:7f:12:
1e:45:7a:d3:1c:3c:03:58:67:a3:0c:20:69:23:69:c8:72:e4:
30:f7:d1:aa:40:eb:60:48:e7:a9:a5:1a:a4:c4:c5:64:42:67:
3d:5a:58:12:fb:55:7a:9c:ed:1e:bd:6d:bd:0d:41:c9:6f:c1:
b4:15:31:f6:72:c3:f5:73:05:12:cf:d0:23:74:a1:b6:7b:a9:
c9:ff:49:2b:99:f8:aa:57:b3:a1:77:c3:db:83:87:27:92:52:
fc:b6:f1:b1:b9:f6:97:27:75:ee:cc:58:3d:43:e3:86:41:da:
a1:aa:0b:12:47:22:de:30:64:3e:0a:3e:d3:78:d5:c1:70:fc:
a4:a2:aa:fd:c9:86:29:9c:06:dd:b3:51:70:5b:f7:c5:fe:73:
f2:b0:50:10:b1:73:dc:7d:4d:33:c4:c3:60:a6:76:c6:4a:ea:
a0:5a:21:20:87:92:eb:eb:5c:61:aa:de:36:42:e3:da:9c:3d:
98:88:42:32:ef:f2:bb:d1:8a:da:54:18:66:25:b7:3b:34:52:
49:49:53:a6
-----BEGIN CERTIFICATE-----
MIIG7zCCBdegAwIBAgIDAJ1kMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTExODExNTI1MFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjczYjJhOTItMzZmNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0twKAIIAEBxCCdd41mzVZ/yHCCFmE5nT92JwmmWJEP+XZC/3KV/YVA4tPs
MKdvw58NjiHY3CzN9WGeGC6Z7xFK1xMMezrvHBgGXbMLW41zq0HxPlG73UlK/msl
vSugZWtqF461JBC9iXElM1krTlGOmwpS4OvpUGh5c6lv7k2FecSsim8TIbDxpUjG
p8md994EPgr/AAGVbCycztR2PKl2sStgEJ2NIlA3lVUIV8U+pk7mFSS4mSfhWR3w
anYXLfJqhO8qD4ShvhYgz8y20nFwH8Do2VIW8139JONTs4w/IF2a+u+3P7aU5tt7
BnzF3+kjF4YrSCNdYM5YM1GXxP8CAwEAAaOCBBIwggQOMB0GA1UdDgQWBBTa9zdW
IVmjWmyKybbD4yGW1ehBozAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIyOTMwNzlB
QTVBMzExRUY4OThEMUE2NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBmgYIKwYBBQUHAQcB
Af8EggGJMIIBhTCCAWAEAgABMIIBWAMEAWcCvgMEAmcfjAMEAWcf3AMEAmcpIAME
AmddwDAMAwQAZ29FAwQDZ29AAwQBZ3OaAwQBZ3dSAwQBZ3esAwQBZ3uaAwQCZ3vg
AwQBZ3wWAwQBZ3x6AwQBZ390AwQAZ3/8AwQBZ4RkAwQCZ4YEAwQBZ48IAwQBZ52y
AwQBZ53eAwQBZ54wAwQBZ6O+AwQBZ6ewAwQBZ6vSAwQBZ6xWAwQBZ6ycAwQBZ614
AwQAZ63NAwQBZ630AwQBZ670AwQBZ688AwQBZ7MuAwQAZ7PoAwQBZ7PsAwQBZ7U2
AwQBZ8NQAwQCZ8yEAwQBZ84aAwQBZ89aAwQBZ9BaAwQBZ9FIAwQBZ9SsAwQBZ9e4
AwQBZ9mKAwQBZ9pqAwQBZ9q0AwQCZ9q4AwQBZ9zoAwQBZ+EeAwQBZ+F0AwQBZ+No
AwQBZ+RIAwQBZ+VaAwQBZ/QYAwQBZ/ReAwQBbiwKMB8EAgACMBkDBwAgAQ3yA4AD
BQAkAE/gAwcAJARYwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAolQ1DTDnRLWWQS5gc
G2j1pesD4xxSzgaRY5DR5lBh9BRjstkHgHOiYxJ/sY3ZvpBg7jR5fxIeRXrTHDwD
WGejDCBpI2nIcuQw99GqQOtgSOeppRqkxMVkQmc9WlgS+1V6nO0evW29DUHJb8G0
FTH2csP1cwUSz9AjdKG2e6nJ/0krmfiqV7Ohd8Pbg4cnklL8tvGxufaXJ3XuzFg9
Q+OGQdqhqgsSRyLeMGQ+Cj7TeNXBcPykoqr9yYYpnAbds1FwW/fF/nPysFAQsXPc
fU0zxMNgpnbGSuqgWiEgh5Lr61xhqt42QuPanD2YiEIy7/K70YraVBhmJbc7NFJJ
SVOm
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:17:06 2024 by rpki-client on console-ams.rpki-client.org