Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DE327DF202F911EF95660F26C4F9AE02.roa
File: DE327DF202F911EF95660F26C4F9AE02.roa (raw, json)
Hash identifier: kSpOtvsaMKXIHbcHtT/SRqkGxWKog158TDfQ4sGr/jA=
Subject key identifier: 64:4E:F7:50:8D:DB:7C:48:8D:1E:E9:78:05:2F:C0:CA:8D:72:0A:9B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8750
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DE327DF202F911EF95660F26C4F9AE02.roa
Signing time: Tue 14 May 2024 08:57:02 +0000
ROA not before: Tue 14 May 2024 08:57:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137085
IP address blocks: 27.123.240.0/23 maxlen: 24
43.225.248.0/22 maxlen: 24
43.228.164.0/23 maxlen: 24
103.37.98.0/23 maxlen: 24
103.49.56.0/22 maxlen: 24
103.52.32.0/24 maxlen: 24
103.68.140.0/23 maxlen: 24
103.69.239.0/24 maxlen: 24
103.72.196.0/24 maxlen: 24
103.91.72.0/24 maxlen: 24
103.91.73.0/24 maxlen: 24
103.91.74.0/24 maxlen: 24
103.91.75.0/24 maxlen: 24
103.91.76.0/22 maxlen: 24
103.92.107.0/24 maxlen: 24
103.93.39.0/24 maxlen: 24
103.101.112.0/22 maxlen: 24
103.113.110.0/23 maxlen: 24
103.115.128.0/24 maxlen: 24
103.115.129.0/24 maxlen: 24
103.115.130.0/24 maxlen: 24
103.115.131.0/24 maxlen: 24
103.120.152.0/24 maxlen: 24
103.120.153.0/24 maxlen: 24
103.124.174.0/24 maxlen: 24
103.138.9.0/24 maxlen: 24
103.146.232.0/24 maxlen: 24
103.154.8.0/23 maxlen: 24
103.158.41.0/24 maxlen: 24
103.159.104.0/23 maxlen: 24
103.160.25.0/24 maxlen: 24
103.160.222.0/24 maxlen: 24
103.163.14.0/24 maxlen: 24
103.163.15.0/24 maxlen: 24
103.170.48.0/23 maxlen: 24
103.173.238.0/23 maxlen: 24
103.174.28.0/24 maxlen: 24
103.174.29.0/24 maxlen: 24
103.178.117.0/24 maxlen: 24
103.181.119.0/24 maxlen: 24
103.184.41.0/24 maxlen: 24
103.184.205.0/24 maxlen: 24
103.204.70.0/24 maxlen: 24
103.206.51.0/24 maxlen: 24
103.206.96.0/23 maxlen: 24
103.216.141.0/24 maxlen: 24
103.225.70.0/24 maxlen: 24
103.232.232.0/22 maxlen: 24
202.4.169.0/24 maxlen: 24
2001:df1:d240::/48 maxlen: 48
2001:df1:ed40::/48 maxlen: 48
2001:df2:3ac0::/48 maxlen: 48
2001:df2:3f40::/48 maxlen: 48
2001:df2:9640::/48 maxlen: 48
2001:df3:1340::/48 maxlen: 48
2400:d660::/32 maxlen: 32
2405:e100:1d::/48 maxlen: 48
2405:e100:1e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 15:40:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34640 (0x8750)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 14 08:57:02 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6643275d-facd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f7:45:d4:a7:ca:10:14:b1:9a:33:c7:c2:aa:
71:f4:46:3f:83:c4:1f:a3:a5:af:5d:8c:09:69:58:
d1:ef:4f:bf:f6:19:3f:0d:e0:b7:f3:d8:94:65:90:
8d:cd:c7:54:90:1d:04:f4:3f:69:43:2c:7c:2c:db:
ec:71:fb:42:1c:2d:f4:8b:e7:59:f1:2a:a8:e3:29:
44:ca:3a:2a:47:b6:a9:46:64:10:17:ca:b4:75:2c:
45:cd:40:9e:60:8b:12:8a:fb:30:01:c3:91:74:f6:
f5:7e:15:ec:83:99:3d:38:68:7a:0f:22:03:6a:bc:
3d:9a:44:f1:ac:46:c2:cb:fb:bd:be:45:83:ed:fc:
e8:7a:be:13:1d:81:7e:11:24:13:90:02:63:b0:0b:
52:75:73:32:c8:27:32:01:34:e0:75:77:b7:16:64:
20:57:3e:80:be:27:fb:72:8a:57:9a:fd:37:ad:e2:
3f:b9:64:e3:b3:04:d9:fc:ec:70:b8:bb:42:c9:8f:
0c:e2:34:ea:a9:7d:78:70:5f:62:b9:0a:27:8b:36:
72:27:ae:9a:13:52:b2:7e:a3:4e:17:64:bd:2f:35:
ea:85:c0:ae:d5:b7:28:d7:92:21:e7:7b:ef:80:89:
76:2d:37:5c:60:e2:c6:0a:cb:ed:29:04:57:ad:c7:
9a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:4E:F7:50:8D:DB:7C:48:8D:1E:E9:78:05:2F:C0:CA:8D:72:0A:9B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DE327DF202F911EF95660F26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.240.0/23
43.225.248.0/22
43.228.164.0/23
103.37.98.0/23
103.49.56.0/22
103.52.32.0/24
103.68.140.0/23
103.69.239.0/24
103.72.196.0/24
103.91.72.0/21
103.92.107.0/24
103.93.39.0/24
103.101.112.0/22
103.113.110.0/23
103.115.128.0/22
103.120.152.0/23
103.124.174.0/24
103.138.9.0/24
103.146.232.0/24
103.154.8.0/23
103.158.41.0/24
103.159.104.0/23
103.160.25.0/24
103.160.222.0/24
103.163.14.0/23
103.170.48.0/23
103.173.238.0/23
103.174.28.0/23
103.178.117.0/24
103.181.119.0/24
103.184.41.0/24
103.184.205.0/24
103.204.70.0/24
103.206.51.0/24
103.206.96.0/23
103.216.141.0/24
103.225.70.0/24
103.232.232.0/22
202.4.169.0/24
IPv6:
2001:df1:d240::/48
2001:df1:ed40::/48
2001:df2:3ac0::/48
2001:df2:3f40::/48
2001:df2:9640::/48
2001:df3:1340::/48
2400:d660::/32
2405:e100:1d::-2405:e100:1e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9e:79:47:aa:8b:23:12:29:cd:6d:75:e9:1e:78:3d:40:41:7b:
c6:67:b4:20:ea:7f:fa:56:88:a4:cc:91:67:05:16:9c:8a:c4:
2b:78:6d:d1:de:24:39:99:14:fd:cd:fa:6d:44:6e:9c:8f:4a:
cd:55:fa:44:59:44:d7:55:ad:f7:ba:f8:dd:16:ef:ec:cb:34:
ec:d3:fd:15:48:57:8f:72:f6:4e:a3:60:3d:84:75:f0:5e:4f:
f1:c5:9b:3c:1b:17:d0:78:7d:51:8c:bb:b4:67:c2:73:94:26:
8c:e1:fc:79:84:b5:00:4c:34:fd:67:8c:88:da:8a:ec:9b:7a:
e4:e5:30:86:98:a0:5a:6a:0b:9d:93:c6:f7:19:dd:db:23:a6:
93:a6:c9:38:13:1a:c8:42:74:e0:37:91:be:6e:73:28:5a:b4:
c5:f3:2f:60:1d:5e:9d:b8:1e:d0:2d:79:6e:b3:9a:e1:d7:58:
c0:e8:7f:f3:1d:7d:5d:f0:32:a8:68:46:bd:0d:0f:18:e0:db:
6f:62:0b:c8:87:b9:62:e3:0b:50:60:cf:29:f7:6d:ce:63:f4:
41:8c:55:82:87:56:9c:4d:6c:6f:76:d2:0f:bf:40:ae:bc:51:
d4:4c:ed:d7:23:db:ff:34:b1:ac:55:ce:96:c8:75:99:63:9f:
9b:e2:0d:44
-----BEGIN CERTIFICATE-----
MIIGtzCCBZ+gAwIBAgIDAIdQMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUxNDA4NTcwMloXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY0MzI3NWQtZmFjZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/3RdSnyhAUsZozx8KqcfRGP4PEH6Olr12MCWlY0e9Pv/YZPw3gt/PYlGWQ
jc3HVJAdBPQ/aUMsfCzb7HH7Qhwt9IvnWfEqqOMpRMo6Kke2qUZkEBfKtHUsRc1A
nmCLEor7MAHDkXT29X4V7IOZPThoeg8iA2q8PZpE8axGwsv7vb5Fg+386Hq+Ex2B
fhEkE5ACY7ALUnVzMsgnMgE04HV3txZkIFc+gL4n+3KKV5r9N63iP7lk47ME2fzs
cLi7QsmPDOI06ql9eHBfYrkKJ4s2cieumhNSsn6jThdkvS816oXArtW3KNeSIed7
74CJdi03XGDixgrL7SkEV63HmiECAwEAAaOCA9owggPWMB0GA1UdDgQWBBRkTvdQ
jdt8SI0e6XgFL8DKjXIKmzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0RFMzI3REYy
MDJGOTExRUY5NTY2MEYyNkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBYgYIKwYBBQUHAQcB
Af8EggFRMIIBTTCB8QQCAAEwgeoDBAEbe/ADBAIr4fgDBAEr5KQDBAFnJWIDBAJn
MTgDBABnNCADBAFnRIwDBABnRe8DBABnSMQDBANnW0gDBABnXGsDBABnXScDBAJn
ZXADBAFncW4DBAJnc4ADBAFneJgDBABnfK4DBABnigkDBABnkugDBAFnmggDBABn
nikDBAFnn2gDBABnoBkDBABnoN4DBAFnow4DBAFnqjADBAFnre4DBAFnrhwDBABn
snUDBABntXcDBABnuCkDBABnuM0DBABnzEYDBABnzjMDBAFnzmADBABn2I0DBABn
4UYDBAJn6OgDBADKBKkwVwQCAAIwUQMHACABDfHSQAMHACABDfHtQAMHACABDfI6
wAMHACABDfI/QAMHACABDfKWQAMHACABDfMTQAMFACQA1mAwEgMHACQF4QAAHQMH
ACQF4QAAHjANBgkqhkiG9w0BAQsFAAOCAQEAnnlHqosjEinNbXXpHng9QEF7xme0
IOp/+laIpMyRZwUWnIrEK3ht0d4kOZkU/c36bURunI9KzVX6RFlE11Wt97r43Rbv
7Ms07NP9FUhXj3L2TqNgPYR18F5P8cWbPBsX0Hh9UYy7tGfCc5QmjOH8eYS1AEw0
/WeMiNqK7Jt65OUwhpigWmoLnZPG9xnd2yOmk6bJOBMayEJ04DeRvm5zKFq0xfMv
YB1enbge0C15brOa4ddYwOh/8x19XfAyqGhGvQ0PGODbb2ILyIe5YuMLUGDPKfdt
zmP0QYxVgodWnE1sb3bSD79ArrxR1Ezt1yPb/zSxrFXOlsh1mWOfm+INRA==
-----END CERTIFICATE-----
Generated at Thu May 16 17:51:44 2024 by rpki-client on console-ams.rpki-client.org