Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/8B6B6494B0F011E5A08A224DC4F9AE02.roa
File: 8B6B6494B0F011E5A08A224DC4F9AE02.roa (raw, json)
Hash identifier: X/AoEfrGCI52JyMo1GUhCuOrngGgcDZWyNG/aPEoqxI=
Subject key identifier: 40:FE:10:5D:A9:02:8F:56:53:5F:D0:E8:15:48:FD:F1:F5:AC:33:A7
Certificate issuer: /CN=A916413C/serialNumber=365D71B2682F56B0EEFF1154755D279B8F9AFB33
Certificate serial: 2702
Authority key identifier: 36:5D:71:B2:68:2F:56:B0:EE:FF:11:54:75:5D:27:9B:8F:9A:FB:33
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/8B6B6494B0F011E5A08A224DC4F9AE02.roa
Signing time: Fri 26 Jan 2024 08:26:44 +0000
ROA not before: Fri 26 Jan 2024 08:26:44 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 132045
IP address blocks: 43.228.108.0/22 maxlen: 22
43.228.108.0/24 maxlen: 24
43.228.109.0/24 maxlen: 24
43.228.110.0/24 maxlen: 24
43.228.111.0/24 maxlen: 24
101.2.176.0/20 maxlen: 20
101.2.176.0/21 maxlen: 21
101.2.176.0/22 maxlen: 22
101.2.176.0/24 maxlen: 24
101.2.177.0/24 maxlen: 24
101.2.178.0/24 maxlen: 24
101.2.179.0/24 maxlen: 24
101.2.180.0/22 maxlen: 22
101.2.180.0/24 maxlen: 24
101.2.181.0/24 maxlen: 24
101.2.182.0/24 maxlen: 24
101.2.183.0/24 maxlen: 24
101.2.184.0/21 maxlen: 21
101.2.184.0/22 maxlen: 22
101.2.184.0/24 maxlen: 24
101.2.185.0/24 maxlen: 24
101.2.186.0/24 maxlen: 24
101.2.187.0/24 maxlen: 24
101.2.188.0/24 maxlen: 24
101.2.189.0/24 maxlen: 24
101.2.190.0/24 maxlen: 24
101.2.191.0/24 maxlen: 24
103.227.244.0/22 maxlen: 22
103.227.244.0/24 maxlen: 24
103.227.245.0/24 maxlen: 24
103.227.246.0/24 maxlen: 24
103.227.247.0/24 maxlen: 24
203.153.220.0/22 maxlen: 22
203.153.220.0/24 maxlen: 24
203.153.221.0/24 maxlen: 24
203.153.222.0/24 maxlen: 24
203.153.223.0/24 maxlen: 24
223.224.0.0/19 maxlen: 19
223.224.0.0/22 maxlen: 22
223.224.0.0/24 maxlen: 24
223.224.1.0/24 maxlen: 24
223.224.2.0/24 maxlen: 24
223.224.3.0/24 maxlen: 24
223.224.4.0/22 maxlen: 22
223.224.4.0/24 maxlen: 24
223.224.5.0/24 maxlen: 24
223.224.6.0/24 maxlen: 24
223.224.7.0/24 maxlen: 24
223.224.8.0/22 maxlen: 22
223.224.8.0/24 maxlen: 24
223.224.9.0/24 maxlen: 24
223.224.10.0/24 maxlen: 24
223.224.11.0/24 maxlen: 24
223.224.12.0/22 maxlen: 22
223.224.12.0/24 maxlen: 24
223.224.13.0/24 maxlen: 24
223.224.14.0/24 maxlen: 24
223.224.15.0/24 maxlen: 24
223.224.16.0/22 maxlen: 22
223.224.16.0/24 maxlen: 24
223.224.17.0/24 maxlen: 24
223.224.18.0/24 maxlen: 24
223.224.19.0/24 maxlen: 24
223.224.20.0/22 maxlen: 22
223.224.20.0/24 maxlen: 24
223.224.21.0/24 maxlen: 24
223.224.22.0/24 maxlen: 24
223.224.23.0/24 maxlen: 24
223.224.24.0/22 maxlen: 22
223.224.24.0/24 maxlen: 24
223.224.25.0/24 maxlen: 24
223.224.26.0/24 maxlen: 24
223.224.27.0/24 maxlen: 24
223.224.28.0/22 maxlen: 22
223.224.28.0/24 maxlen: 24
223.224.29.0/24 maxlen: 24
223.224.30.0/24 maxlen: 24
223.224.31.0/24 maxlen: 24
2400:ff00::/32 maxlen: 32
2400:ff00:5::/48 maxlen: 48
2400:ff00:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.crl
rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 15:22:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9986 (0x2702)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916413C/serialNumber=365D71B2682F56B0EEFF1154755D279B8F9AFB33
Validity
Not Before: Jan 26 08:26:44 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65b36cc4-0814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7f:c3:38:fb:6b:86:6c:28:a9:4c:8b:c5:40:
a7:56:c0:4f:f7:55:03:ce:34:b1:54:f3:a5:8d:11:
c4:ea:7f:bd:9f:9d:bf:9f:2f:6a:49:17:ed:5b:ad:
72:e1:8a:5d:6d:06:2e:87:b0:40:c5:83:d9:96:0f:
a9:3e:68:04:c0:1c:c8:08:40:ef:91:c4:5a:46:82:
93:c5:ce:a2:89:c3:a8:29:87:c1:d8:1e:ce:fd:48:
bc:b0:a9:b6:34:ae:c8:40:90:e5:42:d6:e3:e4:6c:
db:67:9f:1c:bb:e8:e0:26:72:39:35:78:38:64:cf:
44:d0:79:28:7e:de:ed:91:7f:06:2e:b8:8d:d4:f5:
2f:70:eb:5f:5b:ae:46:e3:36:8a:ce:80:c2:3b:b7:
bd:59:e2:dc:18:a4:8e:c2:cd:93:ea:47:b1:a6:cb:
b9:a9:3b:99:86:26:41:b3:3c:1d:2d:dd:a8:f1:38:
fe:42:05:fc:de:df:02:ae:2e:e6:50:4e:9a:7a:a4:
08:2e:bf:bc:c7:cb:fc:dd:eb:dd:e3:0d:29:ce:27:
8f:58:f5:1f:f4:26:73:db:48:24:dc:ad:9e:fe:7f:
ca:1f:d5:ee:d5:20:b2:32:f7:3d:f1:96:45:da:e6:
22:ef:62:45:e8:1e:f2:1b:df:b9:22:68:ef:c6:95:
ac:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:FE:10:5D:A9:02:8F:56:53:5F:D0:E8:15:48:FD:F1:F5:AC:33:A7
X509v3 Authority Key Identifier:
keyid:36:5D:71:B2:68:2F:56:B0:EE:FF:11:54:75:5D:27:9B:8F:9A:FB:33
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nl1xsmgvVrDu_xFUdV0nm4-a-zM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916413C/9DD8201AA07311E4A8BB6F44C4F9AE02/8B6B6494B0F011E5A08A224DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.228.108.0/22
101.2.176.0/20
103.227.244.0/22
203.153.220.0/22
223.224.0.0/19
IPv6:
2400:ff00::/32
Signature Algorithm: sha256WithRSAEncryption
75:19:13:d1:eb:c0:3d:3d:95:8a:a8:36:31:1b:43:76:48:79:
08:39:0a:77:46:41:48:35:72:c9:c8:43:18:45:78:d1:4c:c6:
bb:30:97:fc:6c:43:12:3f:46:ba:1e:a1:a8:51:8a:c4:4e:43:
75:9a:57:46:81:61:93:c1:79:e6:f1:8b:b5:11:e7:c1:56:e0:
ef:0a:62:e7:37:21:95:c9:97:9d:c5:f9:a8:3c:63:a5:6d:16:
bb:56:07:1f:41:96:7c:10:cb:82:b5:24:8c:7f:9c:bc:e5:d6:
82:86:4d:ce:ba:19:34:f1:6d:ec:9d:86:77:e7:60:7a:bb:9a:
23:23:9e:9c:46:0c:a3:73:4d:b0:d5:70:16:8f:49:be:fb:da:
fb:6c:0f:64:c3:b3:e2:e5:d1:b5:76:c8:7c:cd:a1:bc:b6:65:
5f:91:2e:61:ae:8a:df:14:29:83:3e:d3:7f:27:10:3b:97:61:
05:9a:fa:87:72:ed:2f:d2:df:b8:f9:73:cf:3c:02:50:64:dc:
2f:19:44:c7:98:e3:53:1d:ba:c9:6b:01:6b:f7:27:8e:0f:bc:
ec:3c:34:7a:93:e3:6a:fc:06:b1:1b:57:05:df:7d:2d:ed:f0:
23:b5:a8:d3:29:5c:dd:4e:25:b3:fd:4f:2e:fe:09:91:c6:15:
3e:23:32:f1
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICJwIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjQxM0MxMTAvBgNVBAUTKDM2NUQ3MUIyNjgyRjU2QjBFRUZGMTE1NDc1NUQyNzlC
OEY5QUZCMzMwHhcNMjQwMTI2MDgyNjQ0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWIzNmNjNC0wODE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyH/DOPtrhmwoqUyLxUCnVsBP91UDzjSxVPOljRHE6n+9n52/ny9qSRftW61y
4YpdbQYuh7BAxYPZlg+pPmgEwBzICEDvkcRaRoKTxc6iicOoKYfB2B7O/Ui8sKm2
NK7IQJDlQtbj5GzbZ58cu+jgJnI5NXg4ZM9E0Hkoft7tkX8GLriN1PUvcOtfW65G
4zaKzoDCO7e9WeLcGKSOws2T6kexpsu5qTuZhiZBszwdLd2o8Tj+QgX83t8Cri7m
UE6aeqQILr+8x8v83evd4w0pziePWPUf9CZz20gk3K2e/n/KH9Xu1SCyMvc98ZZF
2uYi72JF6B7yG9+5ImjvxpWsmwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFED+EF2p
Ao9WU1/Q6BVI/fH1rDOnMB8GA1UdIwQYMBaAFDZdcbJoL1aw7v8RVHVdJ5uPmvsz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDEzQy85REQ4MjAxQUEw
NzMxMUU0QThCQjZGNDRDNEY5QUUwMi9ObDF4c21ndlZyRHVfeEZVZFYwbm00LWEt
ek0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05sMXhzbWd2VnJEdV94RlVkVjBubTQtYS16TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjQxM0MvOUREODIwMUFBMDczMTFFNEE4QkI2RjQ0QzRGOUFFMDIvOEI2QjY0OTRC
MEYwMTFFNUEwOEEyMjREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAIr5GwDBARlArADBAJn4/QDBALLmdwDBAXf4AAwDQQCAAIw
BwMFACQA/wAwDQYJKoZIhvcNAQELBQADggEBAHUZE9HrwD09lYqoNjEbQ3ZIeQg5
CndGQUg1csnIQxhFeNFMxrswl/xsQxI/RroeoahRisROQ3WaV0aBYZPBeebxi7UR
58FW4O8KYuc3IZXJl53F+ag8Y6VtFrtWBx9BlnwQy4K1JIx/nLzl1oKGTc66GTTx
beydhnfnYHq7miMjnpxGDKNzTbDVcBaPSb772vtsD2TDs+Ll0bV2yHzNoby2ZV+R
LmGuit8UKYM+038nEDuXYQWa+ody7S/S37j5c888AlBk3C8ZRMeY41MduslrAWv3
J44PvOw8NHqT42r8BrEbVwXffS3t8CO1qNMpXN1OJbP9Ty7+CZHGFT4jMvE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:49:21 2024 by rpki-client on console-ams.rpki-client.org