Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
File: B902532EFEA211EDB9013076C4F9AE02.roa (raw, json)
Hash identifier: /MUdYRIWkufp8fDWckAxf6b95VmqW3Wc81PbXLsfGbY=
Subject key identifier: 1E:D1:A5:0B:98:70:D0:57:B4:F3:E6:06:C8:CF:48:5D:8D:87:02:9D
Certificate issuer: /CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Certificate serial: 0579
Authority key identifier: 31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
Signing time: Sat 02 Nov 2024 23:02:22 +0000
ROA not before: Sat 02 Nov 2024 23:02:22 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 63956
IP address blocks: 45.112.244.0/22 maxlen: 24
103.20.17.0/24 maxlen: 24
103.21.108.0/24 maxlen: 24
103.52.116.0/22 maxlen: 24
103.97.52.0/22 maxlen: 22
103.97.52.0/24 maxlen: 24
103.97.53.0/24 maxlen: 24
103.97.54.0/24 maxlen: 24
103.97.55.0/24 maxlen: 24
103.225.96.0/24 maxlen: 24
203.12.129.0/24 maxlen: 24
203.18.194.0/24 maxlen: 24
203.210.102.0/24 maxlen: 24
2402:1b80::/40 maxlen: 40
2402:1b80:10::/48 maxlen: 48
2402:1b80:11::/48 maxlen: 48
2402:1b80:14::/48 maxlen: 48
2402:1b80:103::/48 maxlen: 48
2402:1b80:104::/48 maxlen: 48
2402:1b80:106::/48 maxlen: 48
2402:1b80:203::/48 maxlen: 48
2402:1b80:204::/48 maxlen: 48
2402:1b80:206::/48 maxlen: 48
2402:1b80:300::/40 maxlen: 40
2402:1b80:304::/48 maxlen: 48
2402:1b80:306::/48 maxlen: 48
2402:1b80:403::/48 maxlen: 48
2402:1b80:3000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 20:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1401 (0x579)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Validity
Not Before: Nov 2 23:02:22 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6726af7e-c174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3f:0a:ec:b3:43:1b:b8:18:dd:ed:24:80:54:
93:17:a1:30:2f:89:e9:6f:14:7e:6a:96:55:0e:91:
0b:34:69:5d:6b:01:58:5d:5e:e2:ee:ec:94:48:13:
64:eb:5a:4f:2f:14:6f:37:b6:63:b4:4e:be:16:46:
d3:f4:7f:30:bc:f8:3b:17:9b:14:ca:ff:bd:89:f4:
35:8a:95:ab:82:9e:a2:0f:5c:bb:97:50:59:52:5c:
aa:1e:a6:f7:5f:fa:cb:91:4b:98:7b:4e:82:10:3d:
6c:0d:3e:d2:25:b3:5a:9f:77:7f:61:3e:47:cf:8a:
61:47:3b:f2:1f:d9:a9:2f:65:24:94:97:74:3f:e8:
e6:11:0f:ad:2d:e4:45:32:a6:6d:b5:ab:07:f3:d2:
9d:ff:3d:95:1c:a4:41:04:b0:e4:f5:e9:bc:35:29:
0a:55:4c:ee:23:35:a0:9e:34:b8:14:1d:85:b7:c2:
0c:e8:67:1e:53:8d:61:6a:25:38:57:a9:95:79:06:
ac:db:61:56:03:be:f9:f8:dd:18:0c:91:f9:30:52:
c8:97:22:9a:ec:46:bf:4b:7f:81:b3:cc:64:a6:0e:
b8:fd:bd:1a:64:ce:21:b5:20:b4:cf:81:2b:e4:90:
5c:c1:32:07:b4:4f:8f:5c:e3:1f:f8:1b:34:ac:d5:
eb:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D1:A5:0B:98:70:D0:57:B4:F3:E6:06:C8:CF:48:5D:8D:87:02:9D
X509v3 Authority Key Identifier:
keyid:31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.244.0/22
103.20.17.0/24
103.21.108.0/24
103.52.116.0/22
103.97.52.0/22
103.225.96.0/24
203.12.129.0/24
203.18.194.0/24
203.210.102.0/24
IPv6:
2402:1b80::/40
2402:1b80:103::-2402:1b80:104:ffff:ffff:ffff:ffff:ffff
2402:1b80:106::/48
2402:1b80:203::-2402:1b80:204:ffff:ffff:ffff:ffff:ffff
2402:1b80:206::/48
2402:1b80:300::/40
2402:1b80:403::/48
2402:1b80:3000::/40
Signature Algorithm: sha256WithRSAEncryption
7c:d8:2f:b2:50:1b:3d:ec:f4:df:91:63:17:f9:50:52:24:98:
14:51:51:f2:7d:9a:a1:1c:c3:9f:2b:ef:4e:04:6d:6c:fd:f6:
ab:e6:39:91:74:d4:d3:a9:f5:5c:28:c3:19:6f:b5:74:05:44:
a6:c2:4f:f1:e3:6d:d6:9e:d2:d9:1f:23:f5:33:cf:ab:3e:87:
75:6c:77:8d:af:2d:ef:b4:02:73:15:3e:f6:12:60:39:84:77:
66:93:49:d2:93:cc:08:db:81:53:d5:91:a3:42:fa:a4:7f:3e:
5f:4b:b3:f8:38:83:74:98:d9:84:bb:af:62:3e:9d:c0:a6:a7:
a5:75:52:ae:31:f2:04:fe:35:9f:72:db:fe:b6:4d:8b:25:7f:
ac:b1:78:65:6d:55:59:1d:02:9b:d5:dd:d7:59:e5:df:6f:01:
9e:e1:c5:2d:67:8d:75:b5:51:7a:02:0c:42:0e:6c:c5:35:7a:
da:f3:eb:35:d8:7b:51:97:0e:87:1f:4a:e6:08:3e:35:71:e6:
d8:c5:8c:db:6e:ad:8d:e2:f7:ea:27:94:af:ba:87:bc:38:e3:
de:48:fe:61:16:95:87:21:11:6e:3d:70:be:a2:d5:00:5b:19:
57:02:cc:d5:49:b1:37:4f:ad:a4:19:22:00:81:82:0e:aa:5e:
f6:5b:aa:7e
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgICBXkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQzRjMxMTAvBgNVBAUTKDMxN0MzMDdGRkM2RUNCNkNGNjU2RjI2QjgyODJGRkI5
RTYyRjkzNjUwHhcNMjQxMTAyMjMwMjIyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI2YWY3ZS1jMTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzj8K7LNDG7gY3e0kgFSTF6EwL4npbxR+apZVDpELNGldawFYXV7i7uyUSBNk
61pPLxRvN7ZjtE6+FkbT9H8wvPg7F5sUyv+9ifQ1ipWrgp6iD1y7l1BZUlyqHqb3
X/rLkUuYe06CED1sDT7SJbNan3d/YT5Hz4phRzvyH9mpL2UklJd0P+jmEQ+tLeRF
MqZttasH89Kd/z2VHKRBBLDk9em8NSkKVUzuIzWgnjS4FB2Ft8IM6GceU41haiU4
V6mVeQas22FWA775+N0YDJH5MFLIlyKa7Ea/S3+Bs8xkpg64/b0aZM4htSC0z4Er
5JBcwTIHtE+PXOMf+Bs0rNXr9wIDAQABo4IDKzCCAycwHQYDVR0OBBYEFB7RpQuY
cNBXtPPmBsjPSF2NhwKdMB8GA1UdIwQYMBaAFDF8MH/8bsts9lbya4KC/7nmL5Nl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDNGMy9CMjU0NDgxQUNB
MzQxMUVCOEM5MEQ5NDFDNEY5QUUwMi9NWHd3Zl94dXkyejJWdkpyZ29MX3VlWXZr
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01Yd3dmX3h1eTJ6MlZ2SnJnb0xfdWVZdmsyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQzRjMvQjI1NDQ4MUFDQTM0MTFFQjhDOTBEOTQxQzRGOUFFMDIvQjkwMjUzMkVG
RUEyMTFFREI5MDEzMDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbQGCCsGAQUFBwEHAQH/
BIGkMIGhMDwEAgABMDYDBAItcPQDBABnFBEDBABnFWwDBAJnNHQDBAJnYTQDBABn
4WADBADLDIEDBADLEsIDBADL0mYwYQQCAAIwWwMGACQCG4AAMBIDBwAkAhuAAQMD
BwAkAhuAAQQDBwAkAhuAAQYwEgMHACQCG4ACAwMHACQCG4ACBAMHACQCG4ACBgMG
ACQCG4ADAwcAJAIbgAQDAwYAJAIbgDAwDQYJKoZIhvcNAQELBQADggEBAHzYL7JQ
Gz3s9N+RYxf5UFIkmBRRUfJ9mqEcw58r704EbWz99qvmOZF01NOp9VwowxlvtXQF
RKbCT/Hjbdae0tkfI/Uzz6s+h3Vsd42vLe+0AnMVPvYSYDmEd2aTSdKTzAjbgVPV
kaNC+qR/Pl9Ls/g4g3SY2YS7r2I+ncCmp6V1Uq4x8gT+NZ9y2/62TYslf6yxeGVt
VVkdApvV3ddZ5d9vAZ7hxS1njXW1UXoCDEIObMU1etrz6zXYe1GXDocfSuYIPjVx
5tjFjNturY3i9+onlK+6h7w4495I/mEWlYchEW49cL6i1QBbGVcCzNVJsTdPraQZ
IgCBgg6qXvZbqn4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 00:21:19 2024 by rpki-client on console-fra.rpki-client.org