Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/44E2CCAEBA9811EFBA471E62C4F9AE02.roa
File: 44E2CCAEBA9811EFBA471E62C4F9AE02.roa (raw, json)
Hash identifier: 1oolI04ZrhXaYmXgZvqSiMymHhXrDoJjC9cjKEp6I10=
Subject key identifier: 35:24:D2:BE:6E:69:66:3E:DF:84:CF:E6:B0:E6:63:E1:91:92:EE:33
Certificate issuer: /CN=A91A1EE0/serialNumber=860C0904CED7BB0D1D97B292FDB662E8B9A8AFF0
Certificate serial: 3494
Authority key identifier: 86:0C:09:04:CE:D7:BB:0D:1D:97:B2:92:FD:B6:62:E8:B9:A8:AF:F0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/44E2CCAEBA9811EFBA471E62C4F9AE02.roa
Signing time: Tue 07 Jan 2025 11:55:36 +0000
ROA not before: Tue 07 Jan 2025 11:55:36 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 24122
IP address blocks: 43.243.204.0/23 maxlen: 23
43.243.204.0/24 maxlen: 24
43.243.205.0/24 maxlen: 24
43.243.206.0/23 maxlen: 23
43.243.206.0/24 maxlen: 24
43.243.207.0/24 maxlen: 24
103.16.72.0/22 maxlen: 22
103.16.72.0/23 maxlen: 23
103.16.72.0/24 maxlen: 24
103.16.73.0/24 maxlen: 24
103.16.74.0/23 maxlen: 23
103.16.74.0/24 maxlen: 24
103.16.75.0/24 maxlen: 24
119.40.80.0/20 maxlen: 20
119.40.80.0/20 maxlen: 24
119.40.80.0/21 maxlen: 21
119.40.80.0/23 maxlen: 23
119.40.80.0/24 maxlen: 24
119.40.81.0/24 maxlen: 24
119.40.82.0/24 maxlen: 24
119.40.83.0/24 maxlen: 24
119.40.84.0/23 maxlen: 23
119.40.84.0/24 maxlen: 24
119.40.85.0/24 maxlen: 24
119.40.86.0/24 maxlen: 24
119.40.87.0/24 maxlen: 24
119.40.88.0/21 maxlen: 21
119.40.88.0/22 maxlen: 22
119.40.88.0/24 maxlen: 24
119.40.89.0/24 maxlen: 24
119.40.90.0/24 maxlen: 24
119.40.91.0/24 maxlen: 24
119.40.92.0/22 maxlen: 22
119.40.92.0/24 maxlen: 24
119.40.93.0/24 maxlen: 24
119.40.94.0/24 maxlen: 24
119.40.95.0/24 maxlen: 24
210.4.64.0/20 maxlen: 20
210.4.64.0/20 maxlen: 24
210.4.64.0/21 maxlen: 21
210.4.64.0/24 maxlen: 24
210.4.65.0/24 maxlen: 24
210.4.66.0/23 maxlen: 23
210.4.66.0/24 maxlen: 24
210.4.67.0/24 maxlen: 24
210.4.68.0/24 maxlen: 24
210.4.69.0/24 maxlen: 24
210.4.70.0/23 maxlen: 23
210.4.70.0/24 maxlen: 24
210.4.71.0/24 maxlen: 24
210.4.72.0/21 maxlen: 21
210.4.72.0/24 maxlen: 24
210.4.73.0/24 maxlen: 24
210.4.74.0/23 maxlen: 23
210.4.74.0/24 maxlen: 24
210.4.75.0/24 maxlen: 24
210.4.76.0/24 maxlen: 24
210.4.77.0/24 maxlen: 24
210.4.78.0/24 maxlen: 24
210.4.79.0/24 maxlen: 24
2403:4000::/32 maxlen: 32
2403:4000:17::/48 maxlen: 48
2403:4000:18::/48 maxlen: 48
2403:4000:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.crl
rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 23 Apr 2025 14:34:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13460 (0x3494)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1EE0, serialNumber=860C0904CED7BB0D1D97B292FDB662E8B9A8AFF0
Validity
Not Before: Jan 7 11:55:36 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=677d1638-f5e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:87:7d:5f:a4:1b:73:3b:a8:82:3b:ea:f8:83:
03:49:bf:d4:13:62:65:1f:c7:0d:bc:f9:8b:70:ca:
b7:c9:41:ca:2c:89:29:3c:fb:00:59:93:98:6b:8d:
8e:3d:a3:64:2a:3f:4c:c4:f7:12:f3:c9:aa:a7:f2:
1d:be:7a:58:c9:b6:9b:74:73:62:45:db:03:a5:9d:
fb:87:64:cd:c6:d8:5a:1c:50:2b:7e:3f:fd:de:df:
8e:82:4c:e9:0c:59:b8:2b:3a:90:8f:57:57:78:d8:
ca:8a:9a:e8:8d:27:0f:1c:55:b7:02:2d:03:95:d6:
99:ba:e5:55:3f:fb:f8:02:1d:fb:f8:67:8a:d1:11:
24:2c:84:07:93:bd:fa:ad:ac:d1:77:1c:95:8f:86:
bd:90:dc:e8:a7:51:f6:58:f3:1b:c6:d0:60:8a:2c:
71:72:39:32:91:b1:92:f4:5d:54:ca:3c:da:37:1d:
c7:3c:f1:63:44:5d:a5:28:e2:e8:e6:d0:6c:65:4d:
48:9f:e0:8b:74:07:44:8d:0d:e8:a1:7e:ca:b0:fa:
6b:ac:09:96:3f:f9:17:03:5c:e0:1a:15:b7:b8:45:
99:70:46:20:9c:cc:26:d7:bd:91:2b:87:06:b1:b0:
79:8b:58:6c:f9:51:07:5c:46:71:80:9f:ef:1c:ce:
74:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:24:D2:BE:6E:69:66:3E:DF:84:CF:E6:B0:E6:63:E1:91:92:EE:33
X509v3 Authority Key Identifier:
keyid:86:0C:09:04:CE:D7:BB:0D:1D:97:B2:92:FD:B6:62:E8:B9:A8:AF:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/44E2CCAEBA9811EFBA471E62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.204.0/22
103.16.72.0/22
119.40.80.0/20
210.4.64.0/20
IPv6:
2403:4000::/32
Signature Algorithm: sha256WithRSAEncryption
3c:af:03:e7:7f:f0:3c:05:ab:5f:e1:2c:bd:15:f7:76:17:69:
f4:66:71:20:2a:61:db:c7:da:9f:d5:b6:0d:be:4f:95:2d:b8:
04:cf:ee:f8:f1:34:73:ca:33:d1:a1:bd:64:57:a6:e4:00:ba:
ca:ca:02:09:dc:8c:cc:2b:78:99:f6:11:b2:71:f8:d4:b0:5d:
18:73:14:d8:79:e1:4c:a2:e3:bc:47:e1:59:30:13:29:0d:c8:
dc:f9:67:56:d1:ee:a9:2f:85:6a:f2:66:66:64:03:2a:63:4a:
5c:19:c8:03:1a:d0:0d:a2:6f:3b:a6:7a:8c:f2:92:6d:49:86:
18:b6:87:d6:23:bb:14:39:1b:14:3f:e2:00:d3:ea:2d:3a:a1:
6c:72:30:c9:77:34:33:10:cf:93:f3:3b:4e:f8:34:f1:5b:f8:
3e:6e:a4:6d:78:81:6b:75:33:2f:0d:9a:05:f9:b8:ec:0a:f7:
84:06:ff:4f:46:5b:8e:41:45:9d:b8:99:7e:81:1f:39:97:95:
dc:51:db:8e:e3:80:2e:cb:ec:a4:7b:ce:cb:ec:71:9b:b9:9b:
f8:06:7b:8c:a8:69:8c:43:17:a5:20:19:12:42:3f:47:34:40:
3d:db:d0:e1:b6:93:61:9e:f7:ce:ac:ac:6c:d0:ca:21:00:b3:
1f:0c:01:68
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICNJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTFFRTAxMTAvBgNVBAUTKDg2MEMwOTA0Q0VEN0JCMEQxRDk3QjI5MkZEQjY2MkU4
QjlBOEFGRjAwHhcNMjUwMTA3MTE1NTM2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdkMTYzOC1mNWUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvYd9X6Qbczuogjvq+IMDSb/UE2JlH8cNvPmLcMq3yUHKLIkpPPsAWZOYa42O
PaNkKj9MxPcS88mqp/IdvnpYybabdHNiRdsDpZ37h2TNxthaHFArfj/93t+Ogkzp
DFm4KzqQj1dXeNjKiprojScPHFW3Ai0DldaZuuVVP/v4Ah37+GeK0REkLIQHk736
razRdxyVj4a9kNzop1H2WPMbxtBgiixxcjkykbGS9F1UyjzaNx3HPPFjRF2lKOLo
5tBsZU1In+CLdAdEjQ3ooX7KsPprrAmWP/kXA1zgGhW3uEWZcEYgnMwm172RK4cG
sbB5i1hs+VEHXEZxgJ/vHM50NwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFDUk0r5u
aWY+34TP5rDmY+GRku4zMB8GA1UdIwQYMBaAFIYMCQTO17sNHZeykv22Yui5qK/w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUVFMC9EMjM2MzQ0NjFE
OEExMUUyODIwRjA0RTUwOEIwMkNEMi9oZ3dKQk03WHV3MGRsN0tTX2JaaTZMbW9y
X0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hnd0pCTTdYdXcwZGw3S1NfYlppNkxtb3JfQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFFRTAvRDIzNjM0NDYxRDhBMTFFMjgyMEYwNEU1MDhCMDJDRDIvNDRFMkNDQUVC
QTk4MTFFRkJBNDcxRTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr88wDBAJnEEgDBAR3KFADBATSBEAwDQQCAAIwBwMFACQD
QAAwDQYJKoZIhvcNAQELBQADggEBADyvA+d/8DwFq1/hLL0V93YXafRmcSAqYdvH
2p/Vtg2+T5UtuATP7vjxNHPKM9GhvWRXpuQAusrKAgncjMwreJn2EbJx+NSwXRhz
FNh54Uyi47xH4VkwEykNyNz5Z1bR7qkvhWryZmZkAypjSlwZyAMa0A2ibzumeozy
km1Jhhi2h9YjuxQ5GxQ/4gDT6i06oWxyMMl3NDMQz5PzO074NPFb+D5upG14gWt1
My8NmgX5uOwK94QG/09GW45BRZ24mX6BHzmXldxR247jgC7L7KR7zsvscZu5m/gG
e4yoaYxDF6UgGRJCP0c0QD3b0OG2k2Ge986srGzQyiEAsx8MAWg=
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:20:58 2025 by rpki-client