Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/2A329982168611EE8DC17442C4F9AE02.roa
File: 2A329982168611EE8DC17442C4F9AE02.roa (raw, json)
Hash identifier: UE5taCBFG1yQ4DXIBVVF1fNqzfO2MRWtYsgMEKxs8Z0=
Subject key identifier: 6A:B4:AF:AE:35:5C:15:D6:AA:48:CF:F8:60:27:32:86:28:31:8A:68
Certificate issuer: /CN=A913900D/serialNumber=C603786D55A904124E7592EED2899EF578921100
Certificate serial: 7C00
Authority key identifier: C6:03:78:6D:55:A9:04:12:4E:75:92:EE:D2:89:9E:F5:78:92:11:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/2A329982168611EE8DC17442C4F9AE02.roa
Signing time: Thu 31 Aug 2023 17:44:43 +0000
ROA not before: Thu 31 Aug 2023 17:44:43 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 3949
IP address blocks: 103.13.83.144/29 maxlen: 29
103.13.83.152/29 maxlen: 29
103.13.83.160/29 maxlen: 29
103.13.83.161/32 maxlen: 32
202.68.66.76/30 maxlen: 30
202.68.67.48/29 maxlen: 29
202.68.68.0/26 maxlen: 26
202.68.68.96/27 maxlen: 27
202.68.68.96/28 maxlen: 28
202.68.68.112/28 maxlen: 28
202.68.68.192/26 maxlen: 26
202.68.68.192/27 maxlen: 27
202.68.68.224/27 maxlen: 27
202.68.69.0/27 maxlen: 27
202.68.69.32/29 maxlen: 29
202.68.69.48/28 maxlen: 28
202.68.69.64/27 maxlen: 28
202.68.69.68/30 maxlen: 30
202.68.69.96/28 maxlen: 28
202.68.69.128/25 maxlen: 25
202.68.71.0/26 maxlen: 26
202.68.71.64/26 maxlen: 26
202.68.71.128/26 maxlen: 26
202.68.71.192/29 maxlen: 29
202.68.71.200/29 maxlen: 29
202.68.71.208/29 maxlen: 29
202.68.71.216/29 maxlen: 29
202.68.71.224/29 maxlen: 29
202.68.71.232/29 maxlen: 29
202.68.71.240/28 maxlen: 28
202.68.72.0/24 maxlen: 24
202.68.73.88/29 maxlen: 29
202.68.73.192/27 maxlen: 27
202.68.74.32/29 maxlen: 29
202.68.74.96/28 maxlen: 28
202.68.74.156/30 maxlen: 30
202.68.74.208/28 maxlen: 28
202.68.75.64/28 maxlen: 28
202.68.75.80/28 maxlen: 28
202.68.75.104/29 maxlen: 29
202.68.75.128/27 maxlen: 27
202.68.75.160/28 maxlen: 28
202.68.75.176/28 maxlen: 28
202.68.75.240/28 maxlen: 28
202.68.79.0/24 maxlen: 24
202.68.79.0/25 maxlen: 25
202.68.79.128/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.crl
rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 29 May 2024 17:41:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31744 (0x7c00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913900D/serialNumber=C603786D55A904124E7592EED2899EF578921100
Validity
Not Before: Aug 31 17:44:43 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64f0d18b-869e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:02:30:e2:8c:7e:0a:bc:a1:32:59:5c:8b:b4:
e8:a7:c2:18:6b:23:3a:54:19:a0:61:0b:e0:94:4f:
98:e7:60:a5:79:59:b5:02:c6:9b:25:74:95:6a:01:
44:48:c2:aa:c1:0b:6c:04:74:2e:91:6b:d0:db:4e:
57:c7:e3:70:3e:26:e0:78:05:d9:af:cd:52:6f:d5:
e3:7d:bc:56:bf:fe:82:e6:b4:a8:1a:e4:dd:85:2c:
70:4a:f7:55:1c:0c:85:2f:1f:f1:f6:da:22:ba:94:
cb:bc:4b:e6:06:0b:a1:05:e2:1a:63:6f:9a:02:4d:
39:af:47:53:dc:ae:2f:4f:b7:2c:8c:72:36:89:b0:
97:62:34:24:ec:e9:21:b1:7a:c2:9f:df:76:ae:1e:
e9:8b:d1:f2:97:f2:80:be:4f:66:e3:63:8b:52:37:
d5:4b:51:19:e2:3b:4b:f0:65:98:e0:8b:27:2a:b5:
30:be:48:bb:df:1f:0b:63:fc:97:36:2c:10:78:6f:
6f:b6:95:9a:64:00:94:1f:e7:e8:0f:bb:61:b1:e0:
09:1e:7e:38:70:4b:cf:dd:65:66:1a:35:82:d6:83:
62:53:96:b5:bb:ba:4c:42:57:54:16:a7:84:d6:a8:
54:dc:5f:7b:4c:36:1b:bf:12:10:23:47:6b:96:27:
dc:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B4:AF:AE:35:5C:15:D6:AA:48:CF:F8:60:27:32:86:28:31:8A:68
X509v3 Authority Key Identifier:
keyid:C6:03:78:6D:55:A9:04:12:4E:75:92:EE:D2:89:9E:F5:78:92:11:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/2A329982168611EE8DC17442C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.13.83.144-103.13.83.167
202.68.66.76/30
202.68.67.48/29
202.68.68.0/26
202.68.68.96/27
202.68.68.192-202.68.69.39
202.68.69.48-202.68.69.111
202.68.69.128/25
202.68.71.0-202.68.72.255
202.68.73.88/29
202.68.73.192/27
202.68.74.32/29
202.68.74.96/28
202.68.74.156/30
202.68.74.208/28
202.68.75.64/27
202.68.75.104/29
202.68.75.128/26
202.68.75.240/28
202.68.79.0/24
Signature Algorithm: sha256WithRSAEncryption
63:d0:08:e5:83:6f:c9:04:6d:0f:3f:f8:c2:2a:f1:cd:1f:91:
af:28:3e:9d:e2:96:d0:d9:81:97:9a:30:9a:b8:49:4a:d1:f8:
53:83:50:a0:aa:06:d5:5a:59:88:9e:ce:56:59:8e:8d:cd:83:
96:8b:55:a2:e1:83:39:96:dc:57:dc:16:2b:b3:e6:c2:7e:69:
09:4c:62:b3:9b:83:44:1a:16:e5:66:06:c9:90:e8:f2:dd:d9:
dd:29:06:1f:5d:ca:ae:cb:bb:64:29:14:31:25:d5:1f:43:80:
d3:74:1f:9a:18:4e:92:f9:33:c8:4d:7b:e9:e8:3f:46:f7:87:
b0:3b:47:cc:d8:e1:f4:30:65:c2:c5:cf:03:07:c0:f5:6c:58:
7e:ce:4d:14:9f:d2:59:9c:1b:f8:73:35:8b:ce:53:c6:b1:da:
d8:7c:19:1b:a2:8b:7e:b9:e7:b9:b7:05:c5:78:9a:0d:3a:d2:
e0:87:c6:19:cb:e5:f4:ea:a0:fc:ad:38:db:c7:29:c3:2f:08:
e7:16:89:0d:64:c8:32:fb:72:e3:79:a2:fc:79:c0:32:19:73:
17:3e:37:24:a7:ba:0b:9a:5d:1b:85:a4:14:40:e6:38:22:a4:
e5:53:70:83:40:de:94:d7:1d:a1:4a:bd:6e:ca:a8:a1:5c:1b:
20:82:85:a7
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgICfAAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkwMEQxMTAvBgNVBAUTKEM2MDM3ODZENTVBOTA0MTI0RTc1OTJFRUQyODk5RUY1
Nzg5MjExMDAwHhcNMjMwODMxMTc0NDQzWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGYwZDE4Yi04NjllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0AIw4ox+CryhMllci7Top8IYayM6VBmgYQvglE+Y52CleVm1AsabJXSVagFE
SMKqwQtsBHQukWvQ205Xx+NwPibgeAXZr81Sb9XjfbxWv/6C5rSoGuTdhSxwSvdV
HAyFLx/x9toiupTLvEvmBguhBeIaY2+aAk05r0dT3K4vT7csjHI2ibCXYjQk7Okh
sXrCn992rh7pi9Hyl/KAvk9m42OLUjfVS1EZ4jtL8GWY4IsnKrUwvki73x8LY/yX
NiwQeG9vtpWaZACUH+foD7thseAJHn44cEvP3WVmGjWC1oNiU5a1u7pMQldUFqeE
1qhU3F97TDYbvxIQI0drlifc3QIDAQABo4IDQTCCAz0wHQYDVR0OBBYEFGq0r641
XBXWqkjP+GAnMoYoMYpoMB8GA1UdIwQYMBaAFMYDeG1VqQQSTnWS7tKJnvV4khEA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTAwRC9GQ0RDRDNBMEFD
OUQxMUU4OTJDREFEMERDNEY5QUUwMi94Z040YlZXcEJCSk9kWkx1MG9tZTlYaVNF
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hnTjRiVldwQkJKT2RaTHUwb21lOVhpU0VRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkwMEQvRkNEQ0QzQTBBQzlEMTFFODkyQ0RBRDBEQzRGOUFFMDIvMkEzMjk5ODIx
Njg2MTFFRThEQzE3NDQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcoGCCsGAQUFBwEHAQH/
BIG6MIG3MIG0BAIAATCBrTAOAwUEZw1TkAMFA2cNU6ADBQLKREJMAwUDykRDMAMF
BspERAADBQXKRERgMA4DBQbKRETAAwUDykRFIDAOAwUEykRFMAMFBMpERWADBQfK
REWAMAwDBADKREcDBADKREgDBQPKRElYAwUFykRJwAMFA8pESiADBQTKREpgAwUC
ykRKnAMFBMpEStADBQXKREtAAwUDykRLaAMFBspES4ADBQTKREvwAwQAykRPMA0G
CSqGSIb3DQEBCwUAA4IBAQBj0Ajlg2/JBG0PP/jCKvHNH5GvKD6d4pbQ2YGXmjCa
uElK0fhTg1CgqgbVWlmIns5WWY6NzYOWi1Wi4YM5ltxX3BYrs+bCfmkJTGKzm4NE
GhblZgbJkOjy3dndKQYfXcquy7tkKRQxJdUfQ4DTdB+aGE6S+TPITXvp6D9G94ew
O0fM2OH0MGXCxc8DB8D1bFh+zk0Un9JZnBv4czWLzlPGsdrYfBkboot+uee5twXF
eJoNOtLgh8YZy+X06qD8rTjbxynDLwjnFokNZMgy+3LjeaL8ecAyGXMXPjckp7oL
ml0bhaQUQOY4IqTlU3CDQN6U1x2hSr1uyqihXBsggoWn
-----END CERTIFICATE-----
Generated at Wed May 22 20:07:55 2024 by rpki-client on console-ams.rpki-client.org