Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B7BBC928FEA211EDB9013076C4F9AE02.roa
File: B7BBC928FEA211EDB9013076C4F9AE02.roa (raw, json)
Hash identifier: LpmTyVuFiKxNlNatqdTKbndN71cWDdkV/vAgDWE3yxI=
Subject key identifier: C6:9D:F4:1A:4B:82:6B:77:99:61:65:79:ED:74:B7:96:18:C8:18:BA
Certificate issuer: /CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Certificate serial: 0576
Authority key identifier: 31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B7BBC928FEA211EDB9013076C4F9AE02.roa
Signing time: Sat 02 Nov 2024 23:02:19 +0000
ROA not before: Sat 02 Nov 2024 23:02:19 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 133480
IP address blocks: 43.245.160.0/24 maxlen: 24
43.245.161.0/24 maxlen: 24
43.245.162.0/24 maxlen: 24
43.245.163.0/24 maxlen: 24
45.125.125.0/24 maxlen: 24
103.76.164.0/24 maxlen: 24
103.76.165.0/24 maxlen: 24
103.77.232.0/24 maxlen: 24
103.77.233.0/24 maxlen: 24
103.77.234.0/24 maxlen: 24
103.77.235.0/24 maxlen: 24
103.192.173.0/24 maxlen: 24
103.194.4.0/24 maxlen: 24
103.231.88.0/24 maxlen: 24
103.231.89.0/24 maxlen: 24
103.231.90.0/24 maxlen: 24
103.231.91.0/24 maxlen: 24
116.206.228.0/24 maxlen: 24
116.206.229.0/24 maxlen: 24
116.206.230.0/24 maxlen: 24
116.206.231.0/24 maxlen: 24
203.209.209.0/24 maxlen: 24
203.209.212.0/24 maxlen: 24
203.209.217.0/24 maxlen: 24
203.209.219.0/24 maxlen: 24
2400:fa80:1::/48 maxlen: 48
2400:fa80:4::/48 maxlen: 48
2400:fa80:5::/48 maxlen: 48
2400:fa80:6::/48 maxlen: 48
2402:1b80:3002::/48 maxlen: 48
2407:a080::/32 maxlen: 32
2407:a080::/48 maxlen: 48
2407:a080:5000::/36 maxlen: 36
2407:a080:7000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 20:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1398 (0x576)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Validity
Not Before: Nov 2 23:02:19 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6726af7a-3bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:1b:84:16:e5:05:e0:60:bd:05:88:c6:eb:a8:
fe:c9:22:2b:2f:b9:bc:6c:0f:03:1a:eb:25:e0:be:
79:af:59:92:a2:ac:fa:49:15:58:d8:84:84:85:aa:
5c:99:76:63:58:02:2c:ee:81:56:4f:e7:46:6c:37:
1d:5f:33:5f:12:94:f5:a5:4d:6b:b1:19:c7:6d:23:
9d:b7:c8:4d:d4:1a:18:de:90:23:bf:ec:87:f9:26:
4d:24:e4:7e:cf:27:09:eb:da:32:9c:f1:36:62:b7:
cd:82:7f:5d:20:fd:18:6c:01:ae:45:ce:5d:21:de:
39:c8:d4:60:07:73:f5:6d:f1:9d:e8:ac:54:8a:3a:
d1:4a:83:a2:8b:37:c4:ce:dc:a1:c6:6f:d6:d9:5a:
94:63:2e:ef:65:5c:e1:37:fd:5a:d9:04:84:14:41:
63:5b:84:88:93:c7:7d:68:92:34:58:27:23:d8:27:
e1:92:60:db:e2:75:e1:e8:45:fc:8b:ee:49:6f:95:
32:ac:4c:c9:5c:23:b4:36:51:c5:3b:06:cf:d0:3b:
a5:92:ed:a4:e9:9d:65:af:72:fb:cd:e7:d2:1f:38:
4c:35:7b:b7:d9:a3:9a:c8:26:bb:68:c1:ba:15:41:
3a:01:f1:f7:c6:f9:3c:53:0e:48:74:96:f3:e5:f6:
b2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:9D:F4:1A:4B:82:6B:77:99:61:65:79:ED:74:B7:96:18:C8:18:BA
X509v3 Authority Key Identifier:
keyid:31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B7BBC928FEA211EDB9013076C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.160.0/22
45.125.125.0/24
103.76.164.0/23
103.77.232.0/22
103.192.173.0/24
103.194.4.0/24
103.231.88.0/22
116.206.228.0/22
203.209.209.0/24
203.209.212.0/24
203.209.217.0/24
203.209.219.0/24
IPv6:
2400:fa80:1::/48
2400:fa80:4::-2400:fa80:6:ffff:ffff:ffff:ffff:ffff
2402:1b80:3002::/48
2407:a080::/32
Signature Algorithm: sha256WithRSAEncryption
13:ef:ec:06:9f:93:02:51:a3:76:f0:82:d0:82:1e:c2:2c:a2:
2a:5a:b4:4d:e1:a8:a8:1b:23:55:d7:f2:38:dd:43:e1:83:9e:
5c:2d:f5:25:7f:79:49:35:c8:4d:52:32:ae:da:31:93:9a:eb:
37:98:bf:a6:02:f3:b7:bc:51:b7:f0:26:31:14:90:00:b2:02:
f8:4f:2c:c9:1d:4d:8e:ae:d6:b5:a0:f1:e8:b2:41:a0:ad:15:
bc:50:f3:d6:77:af:19:e6:ff:ad:72:8f:e9:19:db:9d:33:71:
40:21:9e:f9:1d:de:95:ea:f9:15:8d:f1:53:15:c9:07:d0:e3:
30:8e:15:cf:70:19:31:9d:7f:29:a0:ce:00:d1:5e:f7:7f:35:
bb:58:dd:b0:3c:45:25:49:8f:fb:ed:ca:64:64:31:2a:de:88:
51:af:ca:28:0e:38:2d:8a:a9:df:5b:81:24:b1:ac:9c:aa:f3:
49:5f:98:c8:2c:96:07:ce:8f:aa:70:38:78:8d:22:cc:07:00:
0a:79:47:90:41:8a:6e:05:55:5d:6e:25:c4:e7:a3:4c:f9:70:
ad:e4:20:4c:ac:c2:40:8a:73:09:4b:4d:e6:44:04:28:3e:7e:
bb:bf:70:3a:d3:8f:6a:c9:3e:54:0a:6a:94:c6:e5:d6:77:e3:
01:99:7e:07
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgICBXYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQzRjMxMTAvBgNVBAUTKDMxN0MzMDdGRkM2RUNCNkNGNjU2RjI2QjgyODJGRkI5
RTYyRjkzNjUwHhcNMjQxMTAyMjMwMjE5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI2YWY3YS0zYmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5BuEFuUF4GC9BYjG66j+ySIrL7m8bA8DGusl4L55r1mSoqz6SRVY2ISEhapc
mXZjWAIs7oFWT+dGbDcdXzNfEpT1pU1rsRnHbSOdt8hN1BoY3pAjv+yH+SZNJOR+
zycJ69oynPE2YrfNgn9dIP0YbAGuRc5dId45yNRgB3P1bfGd6KxUijrRSoOiizfE
ztyhxm/W2VqUYy7vZVzhN/1a2QSEFEFjW4SIk8d9aJI0WCcj2CfhkmDb4nXh6EX8
i+5Jb5UyrEzJXCO0NlHFOwbP0Dulku2k6Z1lr3L7zefSHzhMNXu32aOayCa7aMG6
FUE6AfH3xvk8Uw5IdJbz5fayIQIDAQABo4IDDzCCAwswHQYDVR0OBBYEFMad9BpL
gmt3mWFlee10t5YYyBi6MB8GA1UdIwQYMBaAFDF8MH/8bsts9lbya4KC/7nmL5Nl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDNGMy9CMjU0NDgxQUNB
MzQxMUVCOEM5MEQ5NDFDNEY5QUUwMi9NWHd3Zl94dXkyejJWdkpyZ29MX3VlWXZr
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01Yd3dmX3h1eTJ6MlZ2SnJnb0xfdWVZdmsyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQzRjMvQjI1NDQ4MUFDQTM0MTFFQjhDOTBEOTQxQzRGOUFFMDIvQjdCQkM5MjhG
RUEyMTFFREI5MDEzMDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZgGCCsGAQUFBwEHAQH/
BIGIMIGFME4EAgABMEgDBAIr9aADBAAtfX0DBAFnTKQDBAJnTegDBABnwK0DBABn
wgQDBAJn51gDBAJ0zuQDBADL0dEDBADL0dQDBADL0dkDBADL0dswMwQCAAIwLQMH
ACQA+oAAATASAwcCJAD6gAAEAwcAJAD6gAAGAwcAJAIbgDACAwUAJAeggDANBgkq
hkiG9w0BAQsFAAOCAQEAE+/sBp+TAlGjdvCC0IIewiyiKlq0TeGoqBsjVdfyON1D
4YOeXC31JX95STXITVIyrtoxk5rrN5i/pgLzt7xRt/AmMRSQALIC+E8syR1Njq7W
taDx6LJBoK0VvFDz1nevGeb/rXKP6RnbnTNxQCGe+R3eler5FY3xUxXJB9DjMI4V
z3AZMZ1/KaDOANFe9381u1jdsDxFJUmP++3KZGQxKt6IUa/KKA44LYqp31uBJLGs
nKrzSV+YyCyWB86PqnA4eI0izAcACnlHkEGKbgVVXW4lxOejTPlwreQgTKzCQIpz
CUtN5kQEKD5+u79wOtOPask+VApqlMbl1nfjAZl+Bw==
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:55:36 2024 by rpki-client on console-ams.rpki-client.org