Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B7BBC928FEA211EDB9013076C4F9AE02.roa
File: B7BBC928FEA211EDB9013076C4F9AE02.roa (raw, json)
Hash identifier: Ao1tv/oC6DHEIsrO50brMTGNKACODp2rT6dyQrhvkoY=
Subject key identifier: 7A:3C:80:1C:C3:F7:A0:53:F1:85:A6:EA:03:C4:16:EC:1E:5B:34:D2
Certificate issuer: /CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Certificate serial: 04B4
Authority key identifier: 31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B7BBC928FEA211EDB9013076C4F9AE02.roa
Signing time: Tue 19 Dec 2023 23:40:25 +0000
ROA not before: Tue 19 Dec 2023 23:40:25 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 133480
IP address blocks: 43.245.160.0/24 maxlen: 24
43.245.161.0/24 maxlen: 24
43.245.162.0/24 maxlen: 24
43.245.163.0/24 maxlen: 24
103.76.164.0/24 maxlen: 24
103.76.165.0/24 maxlen: 24
103.77.232.0/24 maxlen: 24
103.77.233.0/24 maxlen: 24
103.77.234.0/24 maxlen: 24
103.77.235.0/24 maxlen: 24
103.192.173.0/24 maxlen: 24
103.231.88.0/24 maxlen: 24
103.231.89.0/24 maxlen: 24
103.231.90.0/24 maxlen: 24
103.231.91.0/24 maxlen: 24
116.206.228.0/24 maxlen: 24
116.206.229.0/24 maxlen: 24
116.206.230.0/24 maxlen: 24
116.206.231.0/24 maxlen: 24
203.209.209.0/24 maxlen: 24
203.209.212.0/24 maxlen: 24
203.209.217.0/24 maxlen: 24
203.209.219.0/24 maxlen: 24
2400:fa80:1::/48 maxlen: 48
2400:fa80:4::/48 maxlen: 48
2400:fa80:5::/48 maxlen: 48
2400:fa80:6::/48 maxlen: 48
2407:a080::/32 maxlen: 32
2407:a080::/48 maxlen: 48
2407:a080:5000::/36 maxlen: 36
2407:a080:7000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 08 May 2024 00:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1204 (0x4b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Validity
Not Before: Dec 19 23:40:25 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=658229e9-acb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:37:ae:5f:e5:21:d8:e4:30:4f:f7:93:f1:39:
5d:cd:bc:83:2b:f1:a9:ef:1a:c8:e0:e0:36:01:7a:
b5:87:ff:3f:16:93:48:bc:f4:5e:e9:4c:e1:f3:69:
27:5e:f8:1e:2c:39:d8:20:70:d3:b9:e0:fa:8b:05:
2d:da:cd:f7:2a:ca:8f:c0:67:c0:49:c6:8c:b0:66:
bf:b3:c3:f8:07:bc:49:30:fa:ec:df:2a:0b:49:9c:
70:15:fb:54:ba:db:89:3c:09:d0:af:59:8a:f2:14:
6a:10:83:8b:22:e9:0f:54:17:c0:fe:45:a7:1d:ff:
ad:a3:e7:7c:42:4f:fe:fe:44:dd:af:0c:42:fc:38:
b9:c8:47:d3:62:71:c5:29:f6:f8:24:4b:51:02:fc:
21:7e:d5:6a:b5:f2:58:18:9f:26:25:cc:88:9a:29:
45:c0:56:d5:22:b5:13:8e:44:af:06:08:bc:75:34:
0c:42:b0:a0:34:95:3a:0e:b0:67:78:11:4f:c3:bc:
74:93:cc:df:7c:c9:11:b4:c3:70:56:6a:0e:96:91:
e6:be:ff:58:fa:17:ed:88:06:6d:d6:19:4f:bd:da:
03:9d:c0:46:14:a8:95:5d:70:60:75:dc:a8:c7:82:
c2:48:2a:d1:c6:6d:e7:c6:3a:a5:e1:08:7f:d2:e3:
f2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:3C:80:1C:C3:F7:A0:53:F1:85:A6:EA:03:C4:16:EC:1E:5B:34:D2
X509v3 Authority Key Identifier:
keyid:31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B7BBC928FEA211EDB9013076C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.160.0/22
103.76.164.0/23
103.77.232.0/22
103.192.173.0/24
103.231.88.0/22
116.206.228.0/22
203.209.209.0/24
203.209.212.0/24
203.209.217.0/24
203.209.219.0/24
IPv6:
2400:fa80:1::/48
2400:fa80:4::-2400:fa80:6:ffff:ffff:ffff:ffff:ffff
2407:a080::/32
Signature Algorithm: sha256WithRSAEncryption
7f:8f:64:51:30:67:8b:8e:2a:11:b1:2b:74:52:d5:61:19:42:
43:81:74:ab:f9:04:24:f3:85:3a:a8:62:67:49:11:b5:4d:8a:
13:e2:c1:fa:51:13:e7:91:86:4f:78:42:ce:bb:32:ba:25:d5:
24:a0:41:1c:77:63:95:26:3e:03:07:3a:fd:29:4d:cf:69:6c:
78:d4:f7:66:5b:36:d9:28:cf:3d:0c:90:03:fc:25:48:e5:d8:
d2:f9:8a:8f:ed:02:42:19:a7:10:4c:38:07:66:e5:66:99:d4:
3d:5e:dc:28:8c:79:c3:a4:dd:12:46:fb:31:aa:c3:03:fb:69:
ff:b1:cc:ea:73:c1:7d:75:50:30:af:45:d7:89:d8:65:bc:70:
0c:4d:35:16:a8:52:88:90:29:f2:17:9c:3d:31:1a:01:be:1b:
0c:6a:9b:96:52:a0:25:67:32:db:73:70:2d:d7:c4:e4:3a:40:
ec:0c:6b:bf:06:9e:f6:5d:8f:ca:8b:41:c3:02:bb:14:28:b2:
31:0e:0f:3e:ba:af:83:ac:04:60:d0:e4:0b:a2:99:08:db:41:
9e:59:ad:67:d7:0b:76:66:41:10:3c:62:b4:75:02:d2:d2:2c:
70:1f:bb:4b:4b:0d:af:4d:f7:1c:9f:19:64:67:d1:b4:60:d3:
12:c7:46:7c
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgICBLQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQzRjMxMTAvBgNVBAUTKDMxN0MzMDdGRkM2RUNCNkNGNjU2RjI2QjgyODJGRkI5
RTYyRjkzNjUwHhcNMjMxMjE5MjM0MDI1WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgyMjllOS1hY2IxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxDeuX+Uh2OQwT/eT8TldzbyDK/Gp7xrI4OA2AXq1h/8/FpNIvPRe6Uzh82kn
XvgeLDnYIHDTueD6iwUt2s33KsqPwGfAScaMsGa/s8P4B7xJMPrs3yoLSZxwFftU
utuJPAnQr1mK8hRqEIOLIukPVBfA/kWnHf+to+d8Qk/+/kTdrwxC/Di5yEfTYnHF
Kfb4JEtRAvwhftVqtfJYGJ8mJcyImilFwFbVIrUTjkSvBgi8dTQMQrCgNJU6DrBn
eBFPw7x0k8zffMkRtMNwVmoOlpHmvv9Y+hftiAZt1hlPvdoDncBGFKiVXXBgddyo
x4LCSCrRxm3nxjql4Qh/0uPyRwIDAQABo4IC+DCCAvQwHQYDVR0OBBYEFHo8gBzD
96BT8YWm6gPEFuweWzTSMB8GA1UdIwQYMBaAFDF8MH/8bsts9lbya4KC/7nmL5Nl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDNGMy9CMjU0NDgxQUNB
MzQxMUVCOEM5MEQ5NDFDNEY5QUUwMi9NWHd3Zl94dXkyejJWdkpyZ29MX3VlWXZr
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01Yd3dmX3h1eTJ6MlZ2SnJnb0xfdWVZdmsyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQzRjMvQjI1NDQ4MUFDQTM0MTFFQjhDOTBEOTQxQzRGOUFFMDIvQjdCQkM5MjhG
RUEyMTFFREI5MDEzMDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYEGCCsGAQUFBwEHAQH/
BHIwcDBCBAIAATA8AwQCK/WgAwQBZ0ykAwQCZ03oAwQAZ8CtAwQCZ+dYAwQCdM7k
AwQAy9HRAwQAy9HUAwQAy9HZAwQAy9HbMCoEAgACMCQDBwAkAPqAAAEwEgMHAiQA
+oAABAMHACQA+oAABgMFACQHoIAwDQYJKoZIhvcNAQELBQADggEBAH+PZFEwZ4uO
KhGxK3RS1WEZQkOBdKv5BCTzhTqoYmdJEbVNihPiwfpRE+eRhk94Qs67Mrol1SSg
QRx3Y5UmPgMHOv0pTc9pbHjU92ZbNtkozz0MkAP8JUjl2NL5io/tAkIZpxBMOAdm
5WaZ1D1e3CiMecOk3RJG+zGqwwP7af+xzOpzwX11UDCvRdeJ2GW8cAxNNRaoUoiQ
KfIXnD0xGgG+Gwxqm5ZSoCVnMttzcC3XxOQ6QOwMa78GnvZdj8qLQcMCuxQosjEO
Dz66r4OsBGDQ5AuimQjbQZ5ZrWfXC3ZmQRA8YrR1AtLSLHAfu0tLDa9N9xyfGWRn
0bRg0xLHRnw=
-----END CERTIFICATE-----
Generated at Wed May 1 02:08:01 2024 by rpki-client on console-fra.rpki-client.org