Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa
File: 92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa (raw, json)
Hash identifier: hNUhtMFFioovpwZxW+I0yDn126ayLjmbJ+LjHHKnabM=
Subject key identifier: 45:6E:B8:A4:35:A2:31:CB:4E:14:D8:B9:FF:08:92:E9:D4:C4:4B:80
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8853
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa
Signing time: Thu 30 May 2024 15:54:02 +0000
ROA not before: Thu 30 May 2024 15:54:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132137
IP address blocks: 45.112.0.0/22 maxlen: 24
45.123.92.0/22 maxlen: 24
45.252.68.0/22 maxlen: 24
103.1.48.0/23 maxlen: 24
103.36.44.0/22 maxlen: 24
103.51.72.0/22 maxlen: 24
103.74.196.0/22 maxlen: 24
103.75.28.0/22 maxlen: 24
103.135.200.0/24 maxlen: 24
103.135.201.0/24 maxlen: 24
103.135.202.0/24 maxlen: 24
103.135.203.0/24 maxlen: 24
103.162.162.0/23 maxlen: 24
103.221.68.0/22 maxlen: 24
103.246.240.0/22 maxlen: 24
110.44.100.0/22 maxlen: 24
111.125.244.0/24 maxlen: 24
113.30.216.0/22 maxlen: 24
183.87.192.0/24 maxlen: 24
183.87.240.0/21 maxlen: 24
183.87.248.0/23 maxlen: 24
2401:e500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34899 (0x8853)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:54:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a11a-fc74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:34:0f:35:e6:d8:f9:82:e9:8a:50:5c:46:cf:
97:d6:69:54:bc:0a:5b:73:0b:6a:d5:3a:8c:e7:ec:
8c:3b:7c:b8:d1:8b:cb:98:44:b8:e4:3a:0c:9e:3d:
5d:d0:79:58:cb:44:4d:55:a8:f8:3f:7a:24:0e:e3:
c2:55:dd:a6:57:54:0e:e7:0d:e6:1d:c6:d9:62:85:
f0:9c:a0:1b:c1:76:55:9a:c9:0c:58:29:6e:7b:d4:
43:bc:c2:9a:65:4a:46:cb:76:b4:e0:0a:c4:5a:75:
76:d4:3a:54:2a:87:e6:36:e3:3c:5f:41:9b:6a:6d:
80:fa:cc:4d:3b:53:e9:fd:e8:06:d8:68:91:28:d4:
d9:e0:ae:0a:bb:15:d6:70:54:77:87:44:fd:b9:54:
5d:15:a8:db:f2:01:a4:2f:da:10:62:48:18:e7:38:
ca:9f:85:b4:5d:4a:52:7b:63:e1:d7:50:2c:c6:e7:
d9:0c:76:fb:80:93:ef:f4:17:17:a2:4a:f3:14:91:
97:8d:d7:3c:b6:09:dc:17:b2:51:12:fe:ac:c5:71:
f0:a7:ee:0f:59:70:82:93:a4:31:d5:43:59:ae:5a:
7b:af:c8:06:9b:cf:5a:af:b7:ce:e1:ea:25:8b:e9:
3e:87:4c:d9:fa:49:0d:a3:c0:6b:4f:fa:e9:c9:0e:
5a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:6E:B8:A4:35:A2:31:CB:4E:14:D8:B9:FF:08:92:E9:D4:C4:4B:80
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92E79D5C03DC11EBBC0DBC0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.0.0/22
45.123.92.0/22
45.252.68.0/22
103.1.48.0/23
103.36.44.0/22
103.51.72.0/22
103.74.196.0/22
103.75.28.0/22
103.135.200.0/22
103.162.162.0/23
103.221.68.0/22
103.246.240.0/22
110.44.100.0/22
111.125.244.0/24
113.30.216.0/22
183.87.192.0/24
183.87.240.0-183.87.249.255
IPv6:
2401:e500::/32
Signature Algorithm: sha256WithRSAEncryption
0c:6f:67:7f:58:44:4a:5a:5c:56:45:39:c5:e9:76:51:1a:a8:
11:a0:b4:34:1a:e0:64:ee:84:16:9f:b3:0b:aa:d7:2e:0c:34:
17:00:66:36:53:a6:35:b9:a4:68:7d:0f:cc:e1:fb:43:68:86:
a3:a2:5b:23:21:a7:16:26:14:7b:12:30:c9:b2:5f:e1:d5:b6:
dd:64:43:50:8b:6b:b6:4b:59:97:21:0f:a3:87:11:25:97:50:
c3:68:19:ce:44:ce:71:48:12:72:c6:ba:2d:ca:47:b1:e3:7e:
4f:6a:f3:06:51:72:5e:95:26:ab:34:f8:ba:8c:db:a2:b9:f0:
57:91:37:5b:0d:30:fb:68:6e:6a:1a:bb:52:41:46:bd:47:2f:
e3:65:81:d3:4e:51:45:b2:f4:0a:21:82:d9:f2:02:8a:d1:56:
22:5b:16:37:a4:60:3d:0c:18:8d:f6:76:2a:6e:46:40:ab:60:
90:db:3c:83:c5:b2:5f:b7:65:06:35:cc:7b:5b:74:39:31:56:
18:2b:ab:72:b6:5d:09:6b:6c:a0:85:d1:13:1d:97:10:c9:27:
a9:f4:08:0d:5a:ec:44:38:0e:6b:54:6e:2d:42:97:e4:59:71:
35:73:a4:ce:bd:37:73:13:09:8d:3f:01:c1:88:32:49:86:ce:
d7:ff:39:40
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgIDAIhTMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE1NTQwMloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGExMWEtZmM3NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ00DzXm2PmC6YpQXEbPl9ZpVLwKW3MLatU6jOfsjDt8uNGLy5hEuOQ6DJ49
XdB5WMtETVWo+D96JA7jwlXdpldUDucN5h3G2WKF8JygG8F2VZrJDFgpbnvUQ7zC
mmVKRst2tOAKxFp1dtQ6VCqH5jbjPF9Bm2ptgPrMTTtT6f3oBthokSjU2eCuCrsV
1nBUd4dE/blUXRWo2/IBpC/aEGJIGOc4yp+FtF1KUntj4ddQLMbn2Qx2+4CT7/QX
F6JK8xSRl43XPLYJ3BeyURL+rMVx8KfuD1lwgpOkMdVDWa5ae6/IBpvPWq+3zuHq
JYvpPodM2fpJDaPAa0/66ckOWncCAwEAAaOCAw8wggMLMB0GA1UdDgQWBBRFbrik
NaIxy04U2Ln/CJLp1MRLgDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzkyRTc5RDVD
MDNEQzExRUJCQzBEQkMwQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGYBggrBgEFBQcBBwEB
/wSBiDCBhTB0BAIAATBuAwQCLXAAAwQCLXtcAwQCLfxEAwQBZwEwAwQCZyQsAwQC
ZzNIAwQCZ0rEAwQCZ0scAwQCZ4fIAwQBZ6KiAwQCZ91EAwQCZ/bwAwQCbixkAwQA
b330AwQCcR7YAwQAt1fAMAwDBAS3V/ADBAG3V/gwDQQCAAIwBwMFACQB5QAwDQYJ
KoZIhvcNAQELBQADggEBAAxvZ39YREpaXFZFOcXpdlEaqBGgtDQa4GTuhBafswuq
1y4MNBcAZjZTpjW5pGh9D8zh+0NohqOiWyMhpxYmFHsSMMmyX+HVtt1kQ1CLa7ZL
WZchD6OHESWXUMNoGc5EznFIEnLGui3KR7Hjfk9q8wZRcl6VJqs0+LqM26K58FeR
N1sNMPtobmoau1JBRr1HL+NlgdNOUUWy9AohgtnyAorRViJbFjekYD0MGI32dipu
RkCrYJDbPIPFsl+3ZQY1zHtbdDkxVhgrq3K2XQlrbKCF0RMdlxDJJ6n0CA1a7EQ4
DmtUbi1Cl+RZcTVzpM69N3MTCY0/AcGIMkmGztf/OUA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:37:25 2025 by rpki-client