Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C7DDC774650E11EFAECF9A74C4F9AE02.roa
File: C7DDC774650E11EFAECF9A74C4F9AE02.roa (raw, json)
Hash identifier: voc8UMfY9146NOos/yEd6rEpnAwcl9Xkn/0nLqnG3oo=
Subject key identifier: 0F:4B:E8:8C:3D:80:F4:22:42:4C:8B:18:B3:AB:64:EB:B1:1D:8D:61
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 97AF
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C7DDC774650E11EFAECF9A74C4F9AE02.roa
Signing time: Wed 28 Aug 2024 07:26:03 +0000
ROA not before: Wed 28 Aug 2024 07:26:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133275
IP address blocks: 43.228.220.0/22 maxlen: 24
43.248.236.0/22 maxlen: 24
43.249.52.0/22 maxlen: 24
45.115.4.0/22 maxlen: 24
45.119.136.0/22 maxlen: 24
45.119.140.0/22 maxlen: 24
45.125.60.0/22 maxlen: 24
103.13.104.0/22 maxlen: 24
103.36.124.0/22 maxlen: 24
103.46.192.0/23 maxlen: 24
103.46.194.0/23 maxlen: 24
103.47.168.0/22 maxlen: 24
103.47.236.0/22 maxlen: 24
103.59.192.0/22 maxlen: 24
103.59.196.0/22 maxlen: 24
103.73.92.0/22 maxlen: 24
103.86.40.0/22 maxlen: 24
103.95.120.0/22 maxlen: 24
103.124.12.0/22 maxlen: 24
103.176.162.0/23 maxlen: 24
103.193.196.0/22 maxlen: 24
103.196.52.0/22 maxlen: 24
103.197.116.0/22 maxlen: 24
103.206.248.0/22 maxlen: 24
103.208.200.0/22 maxlen: 24
103.216.88.0/22 maxlen: 24
103.243.4.0/24 maxlen: 24
103.248.116.0/22 maxlen: 24
116.204.188.0/22 maxlen: 24
137.59.240.0/22 maxlen: 24
157.119.124.0/22 maxlen: 24
157.119.216.0/24 maxlen: 24
157.119.217.0/24 maxlen: 24
157.119.218.0/24 maxlen: 24
157.119.219.0/24 maxlen: 24
175.111.132.0/22 maxlen: 24
210.16.80.0/22 maxlen: 24
220.158.160.0/22 maxlen: 24
2404:4340::/32 maxlen: 32
2404:4340::/33 maxlen: 33
2404:4340::/48 maxlen: 48
2404:4340:1::/48 maxlen: 48
2404:4340:2::/48 maxlen: 48
2404:4340:3::/48 maxlen: 48
2404:4340:4::/48 maxlen: 48
2404:4340:5::/48 maxlen: 48
2404:4340:6::/48 maxlen: 48
2404:4340:7::/48 maxlen: 48
2404:4340:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Dec 2024 10:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38831 (0x97af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 28 07:26:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66ced10b-6d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c2:09:c2:76:7a:df:52:27:07:8c:31:70:d1:
43:1f:07:0a:aa:39:c8:84:e5:f7:c8:27:6c:28:de:
04:90:6d:65:51:4b:66:59:2b:af:8e:5d:42:c1:c1:
06:3e:04:58:fa:62:88:1c:fa:98:60:8c:9c:0a:11:
f4:bf:6e:68:0a:cf:ac:52:e4:96:04:39:09:31:7d:
6c:b0:ba:d4:68:a5:28:a2:cd:34:e4:30:0c:0f:5b:
5e:a3:02:ed:e1:97:da:e2:86:85:85:15:05:ce:91:
e6:3e:c5:71:dd:6d:76:1a:2f:68:b0:ca:b6:e6:43:
0f:66:5b:07:17:21:82:f4:ea:f7:3a:31:dc:35:dd:
83:81:3e:38:54:80:86:a8:eb:8b:27:6e:39:19:79:
b4:7c:ae:b3:96:21:5a:15:be:3d:37:af:41:c7:a7:
74:2a:6d:4d:ad:eb:e8:12:79:db:7c:07:60:68:1b:
92:ec:6e:fc:40:b6:32:18:98:0a:02:73:1d:4a:ce:
20:82:2e:5c:2a:a3:ec:7a:e5:b1:8c:94:fc:13:7e:
0a:c5:5f:ee:f3:71:9e:61:e7:78:6a:28:3b:8e:e4:
b7:7f:8c:42:66:9a:58:62:ac:3b:a0:bd:fd:d1:59:
35:d1:1e:cd:33:4b:3e:28:29:4e:ff:51:58:85:d2:
41:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:4B:E8:8C:3D:80:F4:22:42:4C:8B:18:B3:AB:64:EB:B1:1D:8D:61
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C7DDC774650E11EFAECF9A74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.228.220.0/22
43.248.236.0/22
43.249.52.0/22
45.115.4.0/22
45.119.136.0/21
45.125.60.0/22
103.13.104.0/22
103.36.124.0/22
103.46.192.0/22
103.47.168.0/22
103.47.236.0/22
103.59.192.0/21
103.73.92.0/22
103.86.40.0/22
103.95.120.0/22
103.124.12.0/22
103.176.162.0/23
103.193.196.0/22
103.196.52.0/22
103.197.116.0/22
103.206.248.0/22
103.208.200.0/22
103.216.88.0/22
103.243.4.0/24
103.248.116.0/22
116.204.188.0/22
137.59.240.0/22
157.119.124.0/22
157.119.216.0/22
175.111.132.0/22
210.16.80.0/22
220.158.160.0/22
IPv6:
2404:4340::/32
Signature Algorithm: sha256WithRSAEncryption
6b:b8:f0:77:6d:14:08:97:1e:a4:a9:e7:03:ab:ec:8f:9c:a8:
50:8b:1c:72:f6:c0:45:b6:a5:ab:dd:b2:d0:b2:9f:08:7a:b5:
96:28:53:eb:a8:ab:bc:c5:2f:e6:b3:8b:2d:11:b4:73:59:0f:
f2:72:91:1d:f6:d2:dc:a0:7d:bf:a0:a6:80:b1:75:3d:6c:eb:
fa:55:61:21:7f:6e:eb:0b:4d:3c:0c:93:32:aa:a7:0b:ce:a9:
71:86:e9:f0:97:26:c9:11:17:7e:0a:2d:18:64:e5:6a:4b:42:
db:a0:35:76:93:ff:34:9a:f9:bd:f2:1a:44:33:4c:15:34:f5:
f2:6d:e4:a9:61:9c:7a:f3:e5:95:3b:5e:37:d7:a0:22:af:9c:
02:37:9b:f3:ee:61:de:b5:92:c0:31:01:5e:84:12:7a:19:fd:
4f:47:db:16:19:96:ce:7c:29:18:40:5e:9e:f5:9a:02:4b:4a:
c1:ac:0e:e8:fc:bb:e1:20:1a:73:40:6c:1e:c7:30:18:ff:f3:
cc:ec:53:01:d1:6d:b9:a9:b4:9e:22:5f:ed:0b:a3:9a:43:f8:
ce:37:0a:e9:9f:03:12:4b:c7:d4:aa:1f:7d:95:fd:51:8b:6b:
7e:b7:d7:b1:b7:ef:24:47:d8:77:c0:35:71:75:62:44:25:05:
66:78:39:66
-----BEGIN CERTIFICATE-----
MIIGQDCCBSigAwIBAgIDAJevMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDgyODA3MjYwM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZjZWQxMGItNmQ1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzCCcJ2et9SJweMMXDRQx8HCqo5yITl98gnbCjeBJBtZVFLZlkrr45dQsHB
Bj4EWPpiiBz6mGCMnAoR9L9uaArPrFLklgQ5CTF9bLC61GilKKLNNOQwDA9bXqMC
7eGX2uKGhYUVBc6R5j7Fcd1tdhovaLDKtuZDD2ZbBxchgvTq9zox3DXdg4E+OFSA
hqjriyduORl5tHyus5YhWhW+PTevQcendCptTa3r6BJ523wHYGgbkuxu/EC2MhiY
CgJzHUrOIIIuXCqj7HrlsYyU/BN+CsVf7vNxnmHneGooO47kt3+MQmaaWGKsO6C9
/dFZNdEezTNLPigpTv9RWIXSQSsCAwEAAaOCA2MwggNfMB0GA1UdDgQWBBQPS+iM
PYD0IkJMixizq2TrsR2NYTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0M3RERDNzc0
NjUwRTExRUZBRUNGOUE3NEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIHsBggrBgEFBQcBBwEB
/wSB3DCB2TCBxwQCAAEwgcADBAIr5NwDBAIr+OwDBAIr+TQDBAItcwQDBAMtd4gD
BAItfTwDBAJnDWgDBAJnJHwDBAJnLsADBAJnL6gDBAJnL+wDBANnO8ADBAJnSVwD
BAJnVigDBAJnX3gDBAJnfAwDBAFnsKIDBAJnwcQDBAJnxDQDBAJnxXQDBAJnzvgD
BAJn0MgDBAJn2FgDBABn8wQDBAJn+HQDBAJ0zLwDBAKJO/ADBAKdd3wDBAKdd9gD
BAKvb4QDBALSEFADBALcnqAwDQQCAAIwBwMFACQEQ0AwDQYJKoZIhvcNAQELBQAD
ggEBAGu48HdtFAiXHqSp5wOr7I+cqFCLHHL2wEW2pavdstCynwh6tZYoU+uoq7zF
L+aziy0RtHNZD/JykR320tygfb+gpoCxdT1s6/pVYSF/busLTTwMkzKqpwvOqXGG
6fCXJskRF34KLRhk5WpLQtugNXaT/zSa+b3yGkQzTBU09fJt5KlhnHrz5ZU7XjfX
oCKvnAI3m/PuYd61ksAxAV6EEnoZ/U9H2xYZls58KRhAXp71mgJLSsGsDuj8u+Eg
GnNAbB7HMBj/88zsUwHRbbmptJ4iX+0Lo5pD+M43CumfAxJLx9SqH32V/VGLa363
17G37yRH2HfANXF1YkQlBWZ4OWY=
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:05:08 2024 by rpki-client on console-fra.rpki-client.org