Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D53/D586F8F0307111EE8546A32FC4F9AE02/208652BA35F911EEB45F8B44C4F9AE02.roa
File: 208652BA35F911EEB45F8B44C4F9AE02.roa (raw, json)
Hash identifier: OWWtH/DncdQ6/nNcT+6EDKUDwpNhjKI+s0G+B3kctfg=
Subject key identifier: 2A:5A:C0:A6:EB:87:FD:8A:7D:63:A6:C9:9A:50:E5:64:1D:E7:AB:95
Certificate issuer: /CN=A9148D53/serialNumber=FDBD4C0D34492F5CEAE4879E4762796E527007EB
Certificate serial: 0121
Authority key identifier: FD:BD:4C:0D:34:49:2F:5C:EA:E4:87:9E:47:62:79:6E:52:70:07:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_b1MDTRJL1zq5IeeR2J5blJwB-s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148D53/D586F8F0307111EE8546A32FC4F9AE02/208652BA35F911EEB45F8B44C4F9AE02.roa
Signing time: Wed 03 Jul 2024 12:15:58 +0000
ROA not before: Wed 03 Jul 2024 12:15:58 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 43519
IP address blocks: 43.230.48.0/24 maxlen: 24
43.230.49.0/24 maxlen: 24
43.230.50.0/24 maxlen: 24
43.230.51.0/24 maxlen: 24
103.49.80.0/24 maxlen: 24
103.49.81.0/24 maxlen: 24
103.49.82.0/24 maxlen: 24
103.49.83.0/24 maxlen: 24
2401:fd80:101::/48 maxlen: 48
2401:fd80:102::/48 maxlen: 48
2401:fd80:103::/48 maxlen: 48
2401:fd80:104::/48 maxlen: 48
2401:fd80:105::/48 maxlen: 48
2401:fd80:106::/48 maxlen: 48
2401:fd80:107::/48 maxlen: 48
2401:fd80:108::/48 maxlen: 48
2401:fd80:1fd::/48 maxlen: 48
2401:fd80:200::/48 maxlen: 48
2401:fd80:2ff::/48 maxlen: 48
2401:fd80:400::/48 maxlen: 48
2401:fd80:401::/48 maxlen: 48
2401:fd80:402::/48 maxlen: 48
2401:fd80:403::/48 maxlen: 48
2401:fd80:404::/48 maxlen: 48
2401:fd80:405::/48 maxlen: 48
2401:fd80:406::/48 maxlen: 48
2401:fd80:407::/48 maxlen: 48
2401:fd80:408::/48 maxlen: 48
2401:fd80:409::/48 maxlen: 48
2401:fd80:4ff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9148D53/D586F8F0307111EE8546A32FC4F9AE02/_b1MDTRJL1zq5IeeR2J5blJwB-s.crl
rsync://rpki.apnic.net/member_repository/A9148D53/D586F8F0307111EE8546A32FC4F9AE02/_b1MDTRJL1zq5IeeR2J5blJwB-s.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_b1MDTRJL1zq5IeeR2J5blJwB-s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 03:23:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 289 (0x121)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148D53/serialNumber=FDBD4C0D34492F5CEAE4879E4762796E527007EB
Validity
Not Before: Jul 3 12:15:58 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=668540fd-2525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ba:a8:8f:68:7d:cd:36:1c:88:52:30:69:2e:
36:c4:4e:e5:17:c7:88:36:83:48:29:56:a5:70:f8:
92:14:ec:8e:65:12:85:4d:3c:c4:03:73:52:c7:01:
89:53:dc:2b:ba:b6:81:3b:af:e3:01:85:f0:a5:42:
45:76:b9:3b:ba:6a:41:cf:83:78:1e:92:dd:54:cb:
07:5d:01:80:c3:50:e9:97:f4:5f:f9:48:17:aa:f2:
6e:40:f5:d4:f8:70:30:3a:e8:e5:48:5a:44:04:eb:
58:bc:b1:e1:67:30:24:b8:26:b0:77:2f:35:26:ac:
08:46:b6:05:e7:a6:04:7a:c2:bc:a1:31:80:7a:3c:
7f:ea:71:d3:17:9b:de:32:c2:9a:37:09:3a:ef:59:
d2:b3:af:d7:37:b2:bd:f4:11:1b:4c:7e:31:46:90:
cf:08:f2:9d:73:e6:31:2e:fe:f6:0c:03:34:b7:8d:
1b:76:c8:5b:83:36:7e:68:a3:e3:c5:a9:cf:d0:fd:
1b:7d:6d:cd:1d:72:c7:0d:78:25:c3:71:23:b4:85:
5b:2c:d2:0a:89:e1:ea:1b:5d:4e:77:72:20:ee:f7:
d8:96:13:78:bd:82:32:f5:01:06:92:a1:4c:5c:a5:
e7:63:65:5c:62:28:66:ab:16:c2:32:bb:20:3e:44:
f8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:5A:C0:A6:EB:87:FD:8A:7D:63:A6:C9:9A:50:E5:64:1D:E7:AB:95
X509v3 Authority Key Identifier:
keyid:FD:BD:4C:0D:34:49:2F:5C:EA:E4:87:9E:47:62:79:6E:52:70:07:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148D53/D586F8F0307111EE8546A32FC4F9AE02/_b1MDTRJL1zq5IeeR2J5blJwB-s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_b1MDTRJL1zq5IeeR2J5blJwB-s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D53/D586F8F0307111EE8546A32FC4F9AE02/208652BA35F911EEB45F8B44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.48.0/22
103.49.80.0/22
IPv6:
2401:fd80:101::-2401:fd80:108:ffff:ffff:ffff:ffff:ffff
2401:fd80:1fd::/48
2401:fd80:200::/48
2401:fd80:2ff::/48
2401:fd80:400::-2401:fd80:409:ffff:ffff:ffff:ffff:ffff
2401:fd80:4ff::/48
Signature Algorithm: sha256WithRSAEncryption
27:60:fd:d8:00:21:d0:1a:6b:bf:4a:94:da:0a:e4:4e:ea:39:
b8:4b:07:e2:6d:85:e7:63:bf:9c:cf:59:d5:85:f4:05:e7:b2:
fe:9e:b1:dc:dd:a4:cd:d2:5f:1b:2a:af:79:7f:e2:f1:a9:a3:
68:87:78:22:4d:79:85:df:45:81:24:79:c7:eb:8e:57:52:5c:
bf:f3:5d:0d:44:5e:65:95:81:63:6c:6e:ef:c8:ad:6e:76:19:
3d:c5:03:e9:66:0f:2f:ac:cd:b6:5c:c3:b1:d8:85:58:71:cd:
51:8a:07:79:f1:b3:b3:73:09:81:84:ae:d2:42:fa:80:32:59:
c7:d1:e0:d0:4f:aa:92:a3:fe:27:00:9f:62:46:63:0d:f9:ac:
6e:15:75:82:e7:cb:7c:65:90:24:b1:50:b0:f6:29:a8:69:5a:
90:32:28:e3:be:54:fc:05:73:1d:0d:df:f6:c5:fb:8b:66:81:
8b:51:3f:bd:2e:17:7f:1a:6d:6d:5f:4c:46:76:ef:30:52:c0:
44:76:cf:02:48:e1:ce:9f:a0:3e:d7:7e:6b:81:00:38:fa:06:
b2:3f:f2:63:3c:ed:21:42:19:e7:ed:f4:dd:b9:e6:5a:13:a6:
d4:6a:f5:24:46:02:f3:f9:41:96:a9:67:fb:4f:95:21:31:ee:
ed:77:f9:94
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgICASEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhENTMxMTAvBgNVBAUTKEZEQkQ0QzBEMzQ0OTJGNUNFQUU0ODc5RTQ3NjI3OTZF
NTI3MDA3RUIwHhcNMjQwNzAzMTIxNTU4WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg1NDBmZC0yNTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxbqoj2h9zTYciFIwaS42xE7lF8eINoNIKValcPiSFOyOZRKFTTzEA3NSxwGJ
U9wruraBO6/jAYXwpUJFdrk7umpBz4N4HpLdVMsHXQGAw1Dpl/Rf+UgXqvJuQPXU
+HAwOujlSFpEBOtYvLHhZzAkuCawdy81JqwIRrYF56YEesK8oTGAejx/6nHTF5ve
MsKaNwk671nSs6/XN7K99BEbTH4xRpDPCPKdc+YxLv72DAM0t40bdshbgzZ+aKPj
xanP0P0bfW3NHXLHDXglw3EjtIVbLNIKieHqG11Od3Ig7vfYlhN4vYIy9QEGkqFM
XKXnY2VcYihmqxbCMrsgPkT4owIDAQABo4IC7jCCAuowHQYDVR0OBBYEFCpawKbr
h/2KfWOmyZpQ5WQd56uVMB8GA1UdIwQYMBaAFP29TA00SS9c6uSHnkdieW5ScAfr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQ1My9ENTg2RjhGMDMw
NzExMUVFODU0NkEzMkZDNEY5QUUwMi9fYjFNRFRSSkwxenE1SWVlUjJKNWJsSndC
LXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19iMU1EVFJKTDF6cTVJZWVSMko1YmxKd0Itcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhENTMvRDU4NkY4RjAzMDcxMTFFRTg1NDZBMzJGQzRGOUFFMDIvMjA4NjUyQkEz
NUY5MTFFRUI0NUY4QjQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwweAYIKwYBBQUHAQcBAf8E
aTBnMBIEAgABMAwDBAIr5jADBAJnMVAwUQQCAAIwSzASAwcAJAH9gAEBAwcAJAH9
gAEIAwcAJAH9gAH9AwcAJAH9gAIAAwcAJAH9gAL/MBEDBgIkAf2ABAMHASQB/YAE
CAMHACQB/YAE/zANBgkqhkiG9w0BAQsFAAOCAQEAJ2D92AAh0Bprv0qU2grkTuo5
uEsH4m2F52O/nM9Z1YX0Beey/p6x3N2kzdJfGyqveX/i8amjaId4Ik15hd9FgSR5
x+uOV1Jcv/NdDUReZZWBY2xu78itbnYZPcUD6WYPL6zNtlzDsdiFWHHNUYoHefGz
s3MJgYSu0kL6gDJZx9Hg0E+qkqP+JwCfYkZjDfmsbhV1gufLfGWQJLFQsPYpqGla
kDIo475U/AVzHQ3f9sX7i2aBi1E/vS4XfxptbV9MRnbvMFLARHbPAkjhzp+gPtd+
a4EAOPoGsj/yYzztIUIZ5+303bnmWhOm1Gr1JEYC8/lBlqln+0+VITHu7Xf5lA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 05:37:04 2024 by rpki-client on console-ams.rpki-client.org