Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/3CD678D6104311EE899B815AC4F9AE02.roa
File: 3CD678D6104311EE899B815AC4F9AE02.roa (raw, json)
Hash identifier: il5RXZBdTgJ65vM8vpH1Itd4MrOA07wR8q4WavIOuUM=
Subject key identifier: 1D:00:62:56:4E:FF:E9:BD:E7:16:1D:4D:67:08:A9:88:CC:40:0B:C8
Certificate issuer: /CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Certificate serial: 2FCE
Authority key identifier: C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/3CD678D6104311EE899B815AC4F9AE02.roa
Signing time: Tue 30 Apr 2024 15:53:04 +0000
ROA not before: Tue 30 Apr 2024 15:53:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6421
IP address blocks: 43.241.40.0/24 maxlen: 24
103.16.252.0/23 maxlen: 23
103.16.254.0/23 maxlen: 23
116.0.66.0/24 maxlen: 24
180.87.13.0/24 maxlen: 24
180.87.27.0/24 maxlen: 24
180.87.29.0/24 maxlen: 24
180.87.68.0/24 maxlen: 24
180.87.76.0/24 maxlen: 24
180.87.91.0/24 maxlen: 24
180.87.92.0/24 maxlen: 24
180.87.115.0/24 maxlen: 24
180.87.117.0/24 maxlen: 24
180.87.119.0/24 maxlen: 24
180.87.120.0/24 maxlen: 24
180.87.121.0/24 maxlen: 24
180.87.122.0/24 maxlen: 24
180.87.124.0/24 maxlen: 24
180.87.126.0/24 maxlen: 24
180.87.127.0/24 maxlen: 24
180.87.129.0/24 maxlen: 24
180.87.138.0/24 maxlen: 24
180.87.139.0/24 maxlen: 24
180.87.140.0/24 maxlen: 24
180.87.141.0/24 maxlen: 24
180.87.152.0/24 maxlen: 24
180.87.153.0/24 maxlen: 24
180.87.182.0/24 maxlen: 24
180.87.190.0/24 maxlen: 24
180.87.191.0/24 maxlen: 24
202.183.64.0/24 maxlen: 24
202.183.65.0/24 maxlen: 24
202.183.66.0/24 maxlen: 24
202.183.69.0/24 maxlen: 24
202.183.70.0/24 maxlen: 24
202.183.72.0/24 maxlen: 24
202.183.73.0/24 maxlen: 24
202.183.74.0/24 maxlen: 24
202.183.75.0/24 maxlen: 24
202.183.76.0/24 maxlen: 24
202.183.77.0/24 maxlen: 24
202.183.79.0/24 maxlen: 24
2405:2001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Oct 2024 15:27:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12238 (0x2fce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Validity
Not Before: Apr 30 15:53:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=663113e0-3828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:6f:4a:a5:af:e3:62:d0:9f:a6:f9:61:21:20:
fc:a5:9f:eb:d4:42:b4:f6:54:8f:c4:35:ff:ed:a1:
50:9c:aa:4b:9b:1a:09:69:57:0e:74:7d:9a:26:25:
1e:14:6b:b2:66:14:cb:6c:00:3f:4b:aa:3d:1c:20:
6e:0c:56:5e:17:28:f8:6e:50:b1:d1:ba:54:4e:41:
da:1d:9e:fd:71:9e:38:1c:f4:48:27:6e:0a:39:49:
09:23:0e:c8:83:fe:33:cd:ad:58:27:f2:89:d2:6a:
bf:e8:5d:d6:fb:ed:b1:96:7e:bd:2a:78:dc:99:73:
56:f7:36:23:4c:11:a8:14:76:13:25:5b:36:ca:94:
c3:79:d3:a6:b8:88:dd:cf:a7:ea:92:b1:7b:e2:09:
7f:48:ef:6e:d6:92:4e:ea:37:2b:c8:5e:7c:8b:51:
ee:7e:7b:8c:d4:95:3f:8c:24:f5:b3:03:76:c0:7a:
ab:16:dc:08:05:0f:be:8b:8f:46:35:54:77:ea:21:
7b:cc:ed:e2:40:20:a8:8b:b6:10:f8:32:81:4b:5a:
54:ed:f0:77:0b:3c:5b:11:35:b8:46:89:96:7c:ac:
6a:14:b4:5e:cc:a5:c0:0d:9a:d4:f8:29:49:40:5c:
fa:33:9e:c4:06:15:60:9b:02:6e:30:85:2c:b9:8e:
54:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:00:62:56:4E:FF:E9:BD:E7:16:1D:4D:67:08:A9:88:CC:40:0B:C8
X509v3 Authority Key Identifier:
keyid:C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/3CD678D6104311EE899B815AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.40.0/24
103.16.252.0/22
116.0.66.0/24
180.87.13.0/24
180.87.27.0/24
180.87.29.0/24
180.87.68.0/24
180.87.76.0/24
180.87.91.0-180.87.92.255
180.87.115.0/24
180.87.117.0/24
180.87.119.0-180.87.122.255
180.87.124.0/24
180.87.126.0/23
180.87.129.0/24
180.87.138.0-180.87.141.255
180.87.152.0/23
180.87.182.0/24
180.87.190.0/23
202.183.64.0-202.183.66.255
202.183.69.0-202.183.70.255
202.183.72.0-202.183.77.255
202.183.79.0/24
IPv6:
2405:2001::/48
Signature Algorithm: sha256WithRSAEncryption
a2:d1:df:5e:a0:fe:52:96:01:7b:9a:71:96:7d:9a:8a:11:63:
21:6d:f7:e7:64:3f:ce:a9:b1:95:f0:8b:1c:e9:9e:a1:8a:5d:
89:a1:30:99:c3:dd:2d:95:fa:c3:e9:f1:d0:57:2b:cb:6d:2d:
b7:9a:7f:c9:62:e4:7e:59:ba:ef:76:32:ae:b7:dc:cd:19:0f:
88:1a:bc:55:61:12:f5:1f:13:7a:01:9e:75:ba:42:54:5a:5f:
08:8a:bf:1b:2b:45:3c:cc:c6:0d:b4:c8:a4:59:fb:90:45:d0:
4e:33:07:53:cd:5b:69:5c:94:65:53:b5:92:2e:66:85:ed:ab:
9a:f4:6e:32:f6:44:da:6a:5b:d1:f0:bd:a2:b1:9c:5c:3f:53:
6a:84:49:3b:80:8f:82:35:c0:28:eb:24:bf:dd:5d:00:94:6d:
6f:fd:2d:38:c7:0b:6a:7a:84:16:81:ca:68:52:b4:75:69:dc:
29:63:f9:d9:da:04:e9:24:67:13:f9:4d:19:2e:ce:2f:be:e5:
50:7f:29:99:f5:12:1b:7e:2c:9a:ae:0f:00:0c:1a:c9:66:ce:
5f:ad:aa:41:6f:57:39:0d:3a:be:0f:15:50:77:d4:97:a1:c3:
5b:e2:6d:1a:02:87:36:e4:56:5e:48:f6:1c:cb:13:8d:92:a1:
63:85:8b:6d
-----BEGIN CERTIFICATE-----
MIIGOzCCBSOgAwIBAgICL84wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTU1QzgxMTAvBgNVBAUTKEM2NjczRDM2NDhGNDNGNDY3NEY1RjVFQkZDQkZBMzFC
Qjk2NEY2NEIwHhcNMjQwNDMwMTU1MzA0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxMTNlMC0zODI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5G9Kpa/jYtCfpvlhISD8pZ/r1EK09lSPxDX/7aFQnKpLmxoJaVcOdH2aJiUe
FGuyZhTLbAA/S6o9HCBuDFZeFyj4blCx0bpUTkHaHZ79cZ44HPRIJ24KOUkJIw7I
g/4zza1YJ/KJ0mq/6F3W++2xln69KnjcmXNW9zYjTBGoFHYTJVs2ypTDedOmuIjd
z6fqkrF74gl/SO9u1pJO6jcryF58i1HufnuM1JU/jCT1swN2wHqrFtwIBQ++i49G
NVR36iF7zO3iQCCoi7YQ+DKBS1pU7fB3CzxbETW4RomWfKxqFLRezKXADZrU+ClJ
QFz6M57EBhVgmwJuMIUsuY5UxwIDAQABo4IDXzCCA1swHQYDVR0OBBYEFB0AYlZO
/+m95xYdTWcIqYjMQAvIMB8GA1UdIwQYMBaAFMZnPTZI9D9GdPX16/y/oxu5ZPZL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTVDOC85Q0QzRThGNkZG
NTgxMUUyQkI0QjJFM0Y1OTExRUEzMi94bWM5TmtqMFAwWjA5ZlhyX0wtakc3bGs5
a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3htYzlOa2owUDBaMDlmWHJfTC1qRzdsazlrcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTU1QzgvOUNEM0U4RjZGRjU4MTFFMkJCNEIyRTNGNTkxMUVBMzIvM0NENjc4RDYx
MDQzMTFFRTg5OUI4MTVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgegGCCsGAQUFBwEHAQH/
BIHYMIHVMIHBBAIAATCBugMEACvxKAMEAmcQ/AMEAHQAQgMEALRXDQMEALRXGwME
ALRXHQMEALRXRAMEALRXTDAMAwQAtFdbAwQAtFdcAwQAtFdzAwQAtFd1MAwDBAC0
V3cDBAC0V3oDBAC0V3wDBAG0V34DBAC0V4EwDAMEAbRXigMEAbRXjAMEAbRXmAME
ALRXtgMEAbRXvjAMAwQGyrdAAwQAyrdCMAwDBADKt0UDBADKt0YwDAMEA8q3SAME
Acq3TAMEAMq3TzAPBAIAAjAJAwcAJAUgAQAAMA0GCSqGSIb3DQEBCwUAA4IBAQCi
0d9eoP5SlgF7mnGWfZqKEWMhbffnZD/OqbGV8Isc6Z6hil2JoTCZw90tlfrD6fHQ
VyvLbS23mn/JYuR+WbrvdjKut9zNGQ+IGrxVYRL1HxN6AZ51ukJUWl8Iir8bK0U8
zMYNtMikWfuQRdBOMwdTzVtpXJRlU7WSLmaF7aua9G4y9kTaalvR8L2isZxcP1Nq
hEk7gI+CNcAo6yS/3V0AlG1v/S04xwtqeoQWgcpoUrR1adwpY/nZ2gTpJGcT+U0Z
Ls4vvuVQfymZ9RIbfiyarg8ADBrJZs5frapBb1c5DTq+DxVQd9SXocNb4m0aAoc2
5FZeSPYcyxONkqFjhYtt
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:29:25 2024 by rpki-client on console-fra.rpki-client.org