Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/77F054DE682F11EEBE5A2B3CC4F9AE02.roa
File: 77F054DE682F11EEBE5A2B3CC4F9AE02.roa (raw, json)
Hash identifier: 8BlGUkA9RyVIaKC7E9ndFMdqdONr2S2vHpyM44ciyjs=
Subject key identifier: 3F:81:BA:59:22:F7:BA:18:92:72:CC:35:78:8F:6D:35:95:75:8F:47
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9BFC
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/77F054DE682F11EEBE5A2B3CC4F9AE02.roa
Signing time: Tue 22 Oct 2024 09:14:17 +0000
ROA not before: Tue 22 Oct 2024 09:14:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139490
IP address blocks: 103.88.236.0/22 maxlen: 24
103.143.168.0/23 maxlen: 24
103.164.70.0/23 maxlen: 24
103.171.76.0/24 maxlen: 24
103.175.246.0/23 maxlen: 24
103.186.128.0/23 maxlen: 24
103.203.172.0/22 maxlen: 22
103.203.172.0/24 maxlen: 24
103.203.173.0/24 maxlen: 24
103.203.174.0/24 maxlen: 24
103.203.175.0/24 maxlen: 24
103.220.224.0/24 maxlen: 24
2001:df6:4180::/48 maxlen: 48
2400:7120::/32 maxlen: 32
2400:7120::/48 maxlen: 48
2400:7120:1::/48 maxlen: 48
2400:7120:2::/48 maxlen: 48
2400:7120:3::/48 maxlen: 48
2400:7120:4::/48 maxlen: 48
2400:7120:5::/48 maxlen: 48
2400:7120:6::/48 maxlen: 48
2400:7120:7::/48 maxlen: 48
2400:7120:8::/48 maxlen: 48
2400:7120:9::/48 maxlen: 48
2400:7120:a::/48 maxlen: 48
2400:7120:b::/48 maxlen: 48
2400:7120:c::/48 maxlen: 48
2400:7120:d::/48 maxlen: 48
2400:7120:e::/48 maxlen: 48
2400:7120:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 06:14:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39932 (0x9bfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 22 09:14:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67176ce9-8118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7c:3c:51:3c:29:af:2e:5f:4e:4b:1a:db:ec:
63:d0:62:da:a9:b0:a4:d7:14:26:dc:f4:92:77:69:
31:e9:c9:33:b5:47:ba:73:53:e6:66:9e:c9:f6:69:
c1:12:d9:3f:fe:66:ac:7a:9d:da:1e:20:ba:1e:fb:
e5:a7:75:e7:e8:4e:47:df:1b:f1:14:1d:9a:55:d8:
a3:76:86:af:6a:28:a8:00:71:20:23:7a:75:4d:2c:
fd:47:e3:c7:4b:41:db:af:9e:68:a0:b4:80:58:06:
7d:46:3e:b2:0d:23:26:f5:1a:e4:f4:b9:c4:c5:ab:
bc:37:f0:f1:4f:80:76:dc:a7:18:3a:49:4d:c6:e9:
1e:60:8b:97:94:81:dd:8b:1d:0c:fc:c6:08:47:70:
30:3d:64:15:f2:54:10:90:da:5f:22:08:6f:31:9e:
d0:ee:b6:a1:81:c7:4c:32:24:6a:81:b5:58:ed:e1:
7c:86:6f:45:ee:6f:a4:e8:c4:14:6f:8b:16:2c:ff:
09:03:de:da:08:0b:22:b8:a1:2b:6e:42:74:c3:44:
3b:e0:be:62:0b:8f:e8:68:2f:6a:20:cc:77:5c:f8:
6f:79:b8:53:8c:be:61:a8:85:0a:13:20:7c:ac:37:
14:ee:ea:03:c9:ba:7b:e4:09:71:3b:cc:2b:35:8f:
d4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:81:BA:59:22:F7:BA:18:92:72:CC:35:78:8F:6D:35:95:75:8F:47
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/77F054DE682F11EEBE5A2B3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.236.0/22
103.143.168.0/23
103.164.70.0/23
103.171.76.0/24
103.175.246.0/23
103.186.128.0/23
103.203.172.0/22
103.220.224.0/24
IPv6:
2001:df6:4180::/48
2400:7120::/32
Signature Algorithm: sha256WithRSAEncryption
39:92:04:0d:df:18:98:e4:e7:a9:5b:28:39:63:e5:ac:e5:c0:
c5:ea:ef:64:b2:a8:83:3f:49:fb:8e:24:da:65:87:00:5d:3f:
de:1d:22:04:e7:b8:b2:03:dd:2e:23:c1:09:36:71:b5:34:9b:
45:c1:82:57:f2:82:fb:93:16:e8:0b:e2:d3:ff:30:5d:f4:5b:
b7:83:1e:f6:63:d8:8d:08:59:46:58:cb:2f:21:af:92:7e:aa:
64:81:5a:61:95:60:66:26:1a:2e:3b:dc:f0:f7:6d:f4:9a:10:
23:3b:e9:c9:70:4a:03:3b:57:94:d3:98:13:d5:a3:73:e6:9c:
3c:e1:d0:5d:26:22:48:ab:49:23:16:c0:0b:57:66:13:cc:a1:
24:cb:88:6d:ad:9d:cb:57:01:12:3d:9a:9b:81:85:66:56:84:
33:26:5b:9b:14:9e:2b:84:d8:ad:b6:45:da:f0:9a:b9:43:47:
8c:a2:c5:6f:50:0d:0f:17:07:e4:01:73:ab:63:17:66:1f:cc:
28:3b:d4:d6:7a:74:31:47:3b:94:2e:b6:ad:b9:4c:2d:d5:7e:
15:3c:01:4c:68:4a:2f:9d:31:2f:a8:76:64:ec:29:8a:24:f9:
80:af:3e:a1:3a:eb:e8:8e:fd:63:d2:cb:b3:5f:bb:19:94:45:
85:08:c4:fb
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIDAJv8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTAyMjA5MTQxN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjcxNzZjZTktODExODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMp8PFE8Ka8uX05LGtvsY9Bi2qmwpNcUJtz0kndpMenJM7VHunNT5maeyfZp
wRLZP/5mrHqd2h4guh775ad15+hOR98b8RQdmlXYo3aGr2ooqABxICN6dU0s/Ufj
x0tB26+eaKC0gFgGfUY+sg0jJvUa5PS5xMWrvDfw8U+AdtynGDpJTcbpHmCLl5SB
3YsdDPzGCEdwMD1kFfJUEJDaXyIIbzGe0O62oYHHTDIkaoG1WO3hfIZvRe5vpOjE
FG+LFiz/CQPe2ggLIrihK25CdMNEO+C+YguP6GgvaiDMd1z4b3m4U4y+YaiFChMg
fKw3FO7qA8m6e+QJcTvMKzWP1HkCAwEAAaOCAtcwggLTMB0GA1UdDgQWBBQ/gbpZ
Ive6GJJyzDV4j201lXWPRzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzc3RjA1NERF
NjgyRjExRUVCRTVBMkIzQ0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGEGCCsGAQUFBwEHAQH/
BFIwUDA2BAIAATAwAwQCZ1jsAwQBZ4+oAwQBZ6RGAwQAZ6tMAwQBZ6/2AwQBZ7qA
AwQCZ8usAwQAZ9zgMBYEAgACMBADBwAgAQ32QYADBQAkAHEgMA0GCSqGSIb3DQEB
CwUAA4IBAQA5kgQN3xiY5OepWyg5Y+Ws5cDF6u9ksqiDP0n7jiTaZYcAXT/eHSIE
57iyA90uI8EJNnG1NJtFwYJX8oL7kxboC+LT/zBd9Fu3gx72Y9iNCFlGWMsvIa+S
fqpkgVphlWBmJhouO9zw9230mhAjO+nJcEoDO1eU05gT1aNz5pw84dBdJiJIq0kj
FsALV2YTzKEky4htrZ3LVwESPZqbgYVmVoQzJlubFJ4rhNittkXa8Jq5Q0eMosVv
UA0PFwfkAXOrYxdmH8woO9TWenQxRzuULratuUwt1X4VPAFMaEovnTEvqHZk7CmK
JPmArz6hOuvojv1j0suzX7sZlEWFCMT7
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:47:51 2024 by rpki-client on console-ams.rpki-client.org