Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
File: 5A318E06F6A111EBB6318B7EC4F9AE02.roa (raw, json)
Hash identifier: VKqO6rf4s4pSFyfrGnTR87o9xy4m/ObtM6kQrJ3USOc=
Subject key identifier: B1:D0:8F:1B:E1:31:9E:69:C7:C6:DD:CD:E9:FC:9C:D4:32:17:12:DA
Certificate issuer: /CN=A91C4F06/serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
Certificate serial: 34E2
Authority key identifier: 3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
Signing time: Mon 30 Sep 2024 14:51:07 +0000
ROA not before: Mon 30 Sep 2024 14:51:07 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 23955
IP address blocks: 43.241.136.0/22 maxlen: 23
43.241.136.0/23 maxlen: 24
43.241.138.0/24 maxlen: 24
103.29.224.0/22 maxlen: 24
103.71.40.0/22 maxlen: 24
118.103.136.0/21 maxlen: 23
118.103.136.0/23 maxlen: 24
118.103.139.0/24 maxlen: 24
118.103.140.0/22 maxlen: 24
2405:ec00::/32 maxlen: 32
2405:ec00:2::/48 maxlen: 48
2405:ec00:3::/48 maxlen: 48
2405:ec00:4::/48 maxlen: 48
2405:ec00:5::/48 maxlen: 48
2405:ec00:6::/48 maxlen: 48
2405:ec00:10a::/48 maxlen: 48
2405:ec00:10b::/48 maxlen: 48
2405:ec00:10c::/48 maxlen: 48
2405:ec00:10d::/48 maxlen: 48
2405:ec00:10e::/48 maxlen: 48
2405:ec00:10f::/48 maxlen: 48
2405:ec00:110::/48 maxlen: 48
2405:ec00:1000::/48 maxlen: 48
2405:ec00:1001::/48 maxlen: 48
2405:ec00:1002::/48 maxlen: 48
2405:ec00:1003::/48 maxlen: 48
2405:ec00:1004::/48 maxlen: 48
2405:ec00:1005::/48 maxlen: 48
2405:ec00:1100::/48 maxlen: 48
2405:ec00:1101::/48 maxlen: 48
2405:ec00:1201::/48 maxlen: 48
2405:ec00:1202::/48 maxlen: 48
2405:ec00:1203::/48 maxlen: 48
2405:ec00:1204::/48 maxlen: 48
2405:ec00:1205::/48 maxlen: 48
2405:ec00:1206::/48 maxlen: 48
2405:ec00:1208::/48 maxlen: 48
2405:ec00:1209::/48 maxlen: 48
2405:ec00:1300::/48 maxlen: 48
2405:ec00:1301::/48 maxlen: 48
2405:ec00:7000::/40 maxlen: 40
2405:ec00:7100::/40 maxlen: 40
2405:ec00:9011::/48 maxlen: 48
2405:ec00:9012::/48 maxlen: 48
2405:ec00:9013::/48 maxlen: 48
2405:ec00:9014::/48 maxlen: 48
2405:ec00:9015::/48 maxlen: 48
2405:ec00:9016::/48 maxlen: 48
2405:ec00:9017::/48 maxlen: 48
2405:ec00:9018::/48 maxlen: 48
2405:ec00:9019::/48 maxlen: 48
2405:ec00:901a::/48 maxlen: 48
2405:ec00:901b::/48 maxlen: 48
2405:ec00:9021::/48 maxlen: 48
2405:ec00:9022::/48 maxlen: 48
2405:ec00:9023::/48 maxlen: 48
2405:ec00:9024::/48 maxlen: 48
2405:ec00:9025::/48 maxlen: 48
2405:ec00:9051::/48 maxlen: 48
2405:ec00:9052::/48 maxlen: 48
2405:ec00:9053::/48 maxlen: 48
2405:ec00:9054::/48 maxlen: 48
2405:ec00:9055::/48 maxlen: 48
2405:ec00:9071::/48 maxlen: 48
2405:ec00:9072::/48 maxlen: 48
2405:ec00:9073::/48 maxlen: 48
2405:ec00:9074::/48 maxlen: 48
2405:ec00:9075::/48 maxlen: 48
2405:ec00:9081::/48 maxlen: 48
2405:ec00:9082::/48 maxlen: 48
2405:ec00:9083::/48 maxlen: 48
2405:ec00:9100::/48 maxlen: 48
2405:ec00:9101::/48 maxlen: 48
2405:ec00:a1ca::/48 maxlen: 48
2405:ec00:fa00::/48 maxlen: 48
2405:ec00:face::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl
rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13538 (0x34e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C4F06/serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
Validity
Not Before: Sep 30 14:51:07 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66fabada-4577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a3:8f:89:f3:06:5d:79:21:80:e1:11:ae:9e:
67:5b:fe:25:bb:8d:e8:30:53:76:e5:b5:bb:03:ba:
59:b6:df:2e:de:62:62:53:99:d8:23:ce:97:d7:c1:
bf:78:40:d9:aa:04:e4:48:d2:38:9e:20:c7:cd:43:
9f:4b:f3:9e:97:69:57:b8:f3:d5:9e:c4:89:7c:55:
8a:c3:59:2c:52:70:88:eb:c4:ff:e8:85:cc:09:35:
78:ed:81:7e:bf:8e:e7:9e:c0:3e:d5:0a:c5:29:f4:
53:4b:4f:52:61:60:b7:3e:23:5c:f9:50:b1:65:c5:
23:8d:7e:1e:2a:40:57:23:f3:0e:53:7f:5d:35:99:
0b:32:8d:41:98:eb:20:56:2f:44:54:88:0d:1c:c1:
ad:80:00:66:c4:54:a9:49:db:05:f5:2c:35:d8:1d:
e7:9c:a9:b6:c5:99:7f:1c:4d:6e:8f:e4:b4:d2:65:
16:26:3a:82:85:f3:82:55:a5:43:1d:00:0e:d6:1e:
f1:a5:d6:05:e8:ce:ae:67:ef:db:76:dc:81:58:e9:
e6:24:ac:18:c5:54:e4:04:d8:22:04:57:1d:28:52:
30:b7:9c:72:fc:89:fe:27:8e:09:de:89:95:98:7e:
e7:89:d1:9e:1f:e1:ba:b4:a7:22:0c:07:58:40:cc:
d4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D0:8F:1B:E1:31:9E:69:C7:C6:DD:CD:E9:FC:9C:D4:32:17:12:DA
X509v3 Authority Key Identifier:
keyid:3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.136.0/22
103.29.224.0/22
103.71.40.0/22
118.103.136.0/21
IPv6:
2405:ec00::/32
Signature Algorithm: sha256WithRSAEncryption
43:20:b9:ba:65:58:19:1c:ff:9d:6c:db:4e:9b:45:20:48:0a:
56:02:2a:9e:80:e9:30:f4:49:7d:ab:d6:28:b2:06:d2:a6:a9:
1b:4d:dc:17:ef:b6:94:38:5f:c4:69:97:a7:64:d8:b5:73:ff:
a8:3e:ce:49:7c:58:91:fd:69:b8:d7:80:b7:ac:71:c2:97:f6:
21:bb:16:ba:b7:5b:46:13:bd:aa:f8:98:5b:df:af:51:5d:37:
49:11:64:af:23:3b:ae:02:b6:ac:4c:43:18:53:3b:0e:31:dd:
63:03:2d:99:3f:47:cd:b8:00:d3:4f:c6:73:68:fa:4e:16:6a:
59:b9:25:d8:04:0d:fd:f0:3a:5a:6f:7a:56:df:b1:df:80:4c:
70:9e:c6:13:91:73:78:7e:3e:10:b9:29:19:48:58:50:b9:69:
0c:72:96:08:26:7f:ee:6e:20:c0:f5:68:cc:2c:fd:92:49:54:
60:77:88:b4:53:c9:52:6f:26:83:af:f0:e0:b9:64:5c:3c:10:
c4:6f:f5:a2:70:9b:f7:d1:14:dd:8f:fc:62:85:7a:e9:12:17:
43:4b:16:7d:6b:58:36:72:41:9a:32:2b:0a:48:43:db:c5:97:
14:f3:37:de:9a:48:fe:82:d2:21:79:80:b9:d7:ca:20:67:32:
72:0a:58:d5
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICNOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzRGMDYxMTAvBgNVBAUTKDNBQUY4MEVBOTdFOTlCOTUyNUIzM0JDMTMzNUJCMDk1
QzJEMjc4QTcwHhcNMjQwOTMwMTQ1MTA3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZhYmFkYS00NTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnKOPifMGXXkhgOERrp5nW/4lu43oMFN25bW7A7pZtt8u3mJiU5nYI86X18G/
eEDZqgTkSNI4niDHzUOfS/Oel2lXuPPVnsSJfFWKw1ksUnCI68T/6IXMCTV47YF+
v47nnsA+1QrFKfRTS09SYWC3PiNc+VCxZcUjjX4eKkBXI/MOU39dNZkLMo1BmOsg
Vi9EVIgNHMGtgABmxFSpSdsF9Sw12B3nnKm2xZl/HE1uj+S00mUWJjqChfOCVaVD
HQAO1h7xpdYF6M6uZ+/bdtyBWOnmJKwYxVTkBNgiBFcdKFIwt5xy/In+J44J3omV
mH7nidGeH+G6tKciDAdYQMzUpQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFLHQjxvh
MZ5px8bdzen8nNQyFxLaMB8GA1UdIwQYMBaAFDqvgOqX6ZuVJbM7wTNbsJXC0nin
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEYwNi83NkUxQzQ3RTFE
OTUxMUUyQkU1OTVFN0QwOEIwMkNEMi9PcS1BNnBmcG01VWxzenZCTTF1d2xjTFNl
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09xLUE2cGZwbTVVbHN6dkJNMXV3bGNMU2VLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzRGMDYvNzZFMUM0N0UxRDk1MTFFMkJFNTk1RTdEMDhCMDJDRDIvNUEzMThFMDZG
NkExMTFFQkI2MzE4QjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr8YgDBAJnHeADBAJnRygDBAN2Z4gwDQQCAAIwBwMFACQF
7AAwDQYJKoZIhvcNAQELBQADggEBAEMgubplWBkc/51s206bRSBIClYCKp6A6TD0
SX2r1iiyBtKmqRtN3BfvtpQ4X8Rpl6dk2LVz/6g+zkl8WJH9abjXgLesccKX9iG7
Frq3W0YTvar4mFvfr1FdN0kRZK8jO64CtqxMQxhTOw4x3WMDLZk/R824ANNPxnNo
+k4Walm5JdgEDf3wOlpvelbfsd+ATHCexhORc3h+PhC5KRlIWFC5aQxylggmf+5u
IMD1aMws/ZJJVGB3iLRTyVJvJoOv8OC5ZFw8EMRv9aJwm/fRFN2P/GKFeukSF0NL
Fn1rWDZyQZoyKwpIQ9vFlxTzN96aSP6C0iF5gLnXyiBnMnIKWNU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:50:04 2024 by rpki-client on console-ams.rpki-client.org