Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/1CD22132A72F11EF97454481C4F9AE02.roa
File: 1CD22132A72F11EF97454481C4F9AE02.roa (raw, json)
Hash identifier: 3tMiL1mexjdLgBp1kDW8JS0R1BkdeWP6efber9ffNPg=
Subject key identifier: 92:33:E2:57:CC:62:87:8E:7E:18:03:2B:1D:FC:C1:DC:CD:23:AC:54
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1DAC
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/1CD22132A72F11EF97454481C4F9AE02.roa
Signing time: Mon 25 Nov 2024 06:46:33 +0000
ROA not before: Mon 25 Nov 2024 06:46:33 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 43.226.224.0/22 maxlen: 24
103.11.63.0/24 maxlen: 24
113.203.231.0/24 maxlen: 24
113.203.241.0/24 maxlen: 24
115.167.17.0/24 maxlen: 24
115.167.18.0/24 maxlen: 24
115.167.19.0/24 maxlen: 24
115.167.29.0/24 maxlen: 24
115.167.30.0/24 maxlen: 24
115.167.31.0/24 maxlen: 24
115.167.48.0/24 maxlen: 24
115.167.64.0/24 maxlen: 24
115.167.66.0/24 maxlen: 24
115.167.73.0/24 maxlen: 24
115.167.78.0/24 maxlen: 24
115.167.125.0/24 maxlen: 24
175.110.80.0/22 maxlen: 24
180.178.142.0/24 maxlen: 24
180.178.161.0/24 maxlen: 24
180.178.188.0/24 maxlen: 24
180.178.191.0/24 maxlen: 24
202.92.26.0/24 maxlen: 24
223.29.225.0/24 maxlen: 24
223.29.229.0/24 maxlen: 24
223.29.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Dec 2024 06:59:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7596 (0x1dac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Nov 25 06:46:33 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67441d49-4055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:df:98:65:64:e5:af:d7:36:77:b6:69:4e:33:
e2:37:ab:6c:0c:a5:6f:8c:78:06:ed:aa:03:f0:5e:
1f:50:60:bf:a0:1a:2a:90:4e:87:08:13:d0:95:18:
52:08:5a:dc:a5:d2:4d:aa:63:6f:de:4b:ae:04:8a:
65:89:7b:3f:f2:50:b8:62:0e:38:57:fe:11:d5:13:
ba:0a:2d:f7:5d:63:0a:1a:e8:89:e3:5a:08:05:da:
b1:62:c5:22:af:2d:3a:99:6d:79:a0:33:f2:0f:13:
27:5c:19:11:86:a5:38:26:76:91:fb:32:31:b6:56:
fe:fb:60:e2:b6:4b:fa:10:76:a5:73:f9:b6:bd:7d:
9b:a1:65:6f:ee:17:05:b4:9a:a3:d8:06:15:d3:ce:
44:94:d2:82:b2:90:d0:3b:6a:d9:cb:7e:57:50:71:
3f:cf:1f:e0:3e:f3:a0:18:00:98:56:77:da:29:68:
1f:69:f0:6c:b4:38:ac:47:e0:65:1d:a5:0d:fb:db:
6c:f0:2d:ff:51:af:7e:7a:b8:a8:5c:c7:e6:bc:fb:
ba:d7:99:98:a8:0a:2d:79:c8:c7:3a:6a:3d:1b:47:
e5:b1:b6:4c:5b:e9:f2:19:9d:9d:ca:71:2b:58:12:
64:d6:95:aa:45:d4:99:0e:20:95:59:0c:18:d6:a1:
9a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:33:E2:57:CC:62:87:8E:7E:18:03:2B:1D:FC:C1:DC:CD:23:AC:54
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/1CD22132A72F11EF97454481C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.226.224.0/22
103.11.63.0/24
113.203.231.0/24
113.203.241.0/24
115.167.17.0-115.167.19.255
115.167.29.0-115.167.31.255
115.167.48.0/24
115.167.64.0/24
115.167.66.0/24
115.167.73.0/24
115.167.78.0/24
115.167.125.0/24
175.110.80.0/22
180.178.142.0/24
180.178.161.0/24
180.178.188.0/24
180.178.191.0/24
202.92.26.0/24
223.29.225.0/24
223.29.229.0/24
223.29.239.0/24
Signature Algorithm: sha256WithRSAEncryption
01:76:81:9c:47:10:63:48:52:ba:70:6a:d3:97:56:71:99:6f:
74:c4:1f:18:7b:97:40:2d:54:17:a3:32:e2:3e:e7:8e:d0:cc:
69:30:72:2e:ca:8c:4f:20:f2:0b:1d:d0:bc:b8:ec:60:45:4e:
63:84:69:38:2e:e8:18:5e:d4:82:3e:5e:33:3c:b5:cb:72:61:
44:06:97:fd:1c:cf:e0:38:0b:06:f4:f7:90:d1:2d:42:fd:96:
b8:ba:74:15:27:a2:89:d7:8f:3a:43:96:b1:cc:4a:be:c5:b8:
b2:27:00:44:c7:6f:fc:3a:7f:24:cf:ac:b5:d7:e7:c4:f2:58:
1d:b1:ea:17:f4:07:f4:40:53:ab:cd:c1:8e:b4:cd:a2:a9:79:
97:eb:17:0c:f2:ff:36:c8:d4:37:18:05:23:24:bc:ab:b7:25:
6f:83:6b:b5:9b:d4:df:89:96:67:4a:7b:48:59:00:dd:34:16:
36:c6:a1:c6:64:e6:aa:bf:b0:35:4b:b2:a9:c1:cd:85:b2:07:
ca:54:97:d3:ec:4a:b1:d6:62:ca:e0:0e:24:6a:21:b4:ca:a6:
70:51:87:f6:3b:40:78:4b:a0:ac:b6:b3:c1:57:5f:fa:c0:77:
4d:a5:d2:85:21:ec:59:26:10:70:21:f0:22:a9:74:5f:8d:79:
55:8a:c9:3b
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgICHawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMTI1MDY0NjMzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ0MWQ0OS00MDU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAut+YZWTlr9c2d7ZpTjPiN6tsDKVvjHgG7aoD8F4fUGC/oBoqkE6HCBPQlRhS
CFrcpdJNqmNv3kuuBIpliXs/8lC4Yg44V/4R1RO6Ci33XWMKGuiJ41oIBdqxYsUi
ry06mW15oDPyDxMnXBkRhqU4JnaR+zIxtlb++2Ditkv6EHalc/m2vX2boWVv7hcF
tJqj2AYV085ElNKCspDQO2rZy35XUHE/zx/gPvOgGACYVnfaKWgfafBstDisR+Bl
HaUN+9ts8C3/Ua9+erioXMfmvPu615mYqAotecjHOmo9G0flsbZMW+nyGZ2dynEr
WBJk1pWqRdSZDiCVWQwY1qGa8wIDAQABo4IDIjCCAx4wHQYDVR0OBBYEFJIz4lfM
YoeOfhgDKx38wdzNI6xUMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMUNEMjIxMzJB
NzJGMTFFRjk3NDU0NDgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgasGCCsGAQUFBwEHAQH/
BIGbMIGYMIGVBAIAATCBjgMEAivi4AMEAGcLPwMEAHHL5wMEAHHL8TAMAwQAc6cR
AwQCc6cQMAwDBABzpx0DBAVzpwADBABzpzADBABzp0ADBABzp0IDBABzp0kDBABz
p04DBABzp30DBAKvblADBAC0so4DBAC0sqEDBAC0srwDBAC0sr8DBADKXBoDBADf
HeEDBADfHeUDBADfHe8wDQYJKoZIhvcNAQELBQADggEBAAF2gZxHEGNIUrpwatOX
VnGZb3TEHxh7l0AtVBejMuI+547QzGkwci7KjE8g8gsd0Ly47GBFTmOEaTgu6Bhe
1II+XjM8tctyYUQGl/0cz+A4Cwb095DRLUL9lri6dBUnoonXjzpDlrHMSr7FuLIn
AETHb/w6fyTPrLXX58TyWB2x6hf0B/RAU6vNwY60zaKpeZfrFwzy/zbI1DcYBSMk
vKu3JW+Da7Wb1N+JlmdKe0hZAN00FjbGocZk5qq/sDVLsqnBzYWyB8pUl9PsSrHW
YsrgDiRqIbTKpnBRh/Y7QHhLoKy2s8FXX/rAd02l0oUh7FkmEHAh8CKpdF+NeVWK
yTs=
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:06:06 2024 by rpki-client on console-ams.rpki-client.org