Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/B35C646A52E211EAAF44AE23C4F9AE02.roa
File: B35C646A52E211EAAF44AE23C4F9AE02.roa (raw, json)
Hash identifier: ao1Wr7vNeGVliqTGN9SNG5wwxHLrdENYcs4yur0fNr8=
Subject key identifier: B3:D2:17:9A:89:03:AF:23:B7:FC:8B:80:4B:AE:AE:A0:0A:0B:AF:50
Certificate issuer: /CN=A9167B50/serialNumber=991B3F17084F76F12F9F0509D597F0FFECA04B4A
Certificate serial: 33D3
Authority key identifier: 99:1B:3F:17:08:4F:76:F1:2F:9F:05:09:D5:97:F0:FF:EC:A0:4B:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/B35C646A52E211EAAF44AE23C4F9AE02.roa
Signing time: Sat 28 Oct 2023 15:00:47 +0000
ROA not before: Sat 28 Oct 2023 15:00:47 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 7532
IP address blocks: 103.70.52.0/22 maxlen: 22
103.70.52.0/24 maxlen: 24
103.70.53.0/24 maxlen: 24
103.70.54.0/24 maxlen: 24
103.70.55.0/24 maxlen: 24
112.121.64.0/19 maxlen: 19
112.121.64.0/24 maxlen: 24
112.121.65.0/24 maxlen: 24
112.121.66.0/24 maxlen: 24
112.121.68.0/24 maxlen: 24
112.121.69.0/24 maxlen: 24
112.121.70.0/24 maxlen: 24
112.121.71.0/24 maxlen: 24
112.121.72.0/24 maxlen: 24
112.121.73.0/24 maxlen: 24
112.121.74.0/24 maxlen: 24
112.121.75.0/24 maxlen: 24
112.121.76.0/24 maxlen: 24
112.121.77.0/24 maxlen: 24
112.121.78.0/24 maxlen: 24
112.121.79.0/24 maxlen: 24
112.121.80.0/24 maxlen: 24
112.121.81.0/24 maxlen: 24
112.121.82.0/24 maxlen: 24
112.121.83.0/24 maxlen: 24
112.121.84.0/24 maxlen: 24
112.121.85.0/24 maxlen: 24
112.121.86.0/24 maxlen: 24
112.121.87.0/24 maxlen: 24
112.121.88.0/24 maxlen: 24
112.121.89.0/24 maxlen: 24
112.121.90.0/24 maxlen: 24
112.121.91.0/24 maxlen: 24
112.121.92.0/24 maxlen: 24
112.121.93.0/24 maxlen: 24
112.121.94.0/24 maxlen: 24
112.121.95.0/24 maxlen: 24
112.121.96.0/21 maxlen: 21
112.121.96.0/23 maxlen: 23
112.121.104.0/22 maxlen: 22
112.121.105.0/24 maxlen: 24
112.121.108.0/23 maxlen: 23
112.121.108.0/24 maxlen: 24
112.121.112.0/22 maxlen: 22
112.121.116.0/23 maxlen: 23
112.121.116.0/24 maxlen: 24
112.121.117.0/24 maxlen: 24
112.121.120.0/22 maxlen: 22
112.121.120.0/24 maxlen: 24
112.121.121.0/24 maxlen: 24
112.121.122.0/24 maxlen: 24
112.121.123.0/24 maxlen: 24
202.80.104.0/23 maxlen: 23
202.80.104.0/24 maxlen: 24
202.80.105.0/24 maxlen: 24
202.80.106.0/23 maxlen: 23
202.80.106.0/24 maxlen: 24
202.80.107.0/24 maxlen: 24
202.80.108.0/24 maxlen: 24
202.80.111.0/24 maxlen: 24
2402:b600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.crl
rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 14:45:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13267 (0x33d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9167B50/serialNumber=991B3F17084F76F12F9F0509D597F0FFECA04B4A
Validity
Not Before: Oct 28 15:00:47 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=653d221e-737a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d4:18:70:43:2f:c5:2c:5a:2e:32:d2:ae:97:
ed:8a:42:4a:54:da:14:03:46:37:f5:78:db:6e:f6:
2a:35:a5:89:5b:d0:32:a6:d8:f8:e9:50:b5:44:05:
27:59:05:1a:65:66:fc:f5:0b:99:6f:16:f1:c0:6d:
70:3b:0c:9b:ef:33:88:c1:22:0d:d8:58:a3:85:2e:
a8:6c:a5:2d:e3:db:8b:78:d7:29:e9:85:2f:f7:3a:
6c:97:72:24:44:b7:a5:94:cc:6c:56:27:aa:29:d3:
01:e4:9c:ec:e7:36:78:78:ca:4c:2b:e1:70:25:9b:
ad:24:3a:a5:99:bd:fc:f8:54:e8:01:53:91:aa:0e:
c9:1c:d6:e1:99:a6:f4:ba:b7:59:65:a3:81:c3:dd:
4d:83:db:6e:eb:50:72:2a:9e:ba:b5:d0:c4:f3:f2:
03:cd:c5:9a:26:56:2e:ad:b7:8b:70:13:99:72:11:
71:e9:2f:c9:1f:9f:1d:eb:c3:a2:d9:27:0d:b0:74:
87:96:96:26:aa:7c:e1:0e:c4:30:c6:58:7b:67:47:
41:b9:a8:60:eb:14:01:37:d2:8e:2d:77:bc:09:26:
6f:98:73:ad:6a:fd:2b:60:4c:89:b9:88:b0:48:ce:
09:ed:ab:4a:0f:1c:ac:18:42:3e:b2:fc:b9:6c:d0:
50:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D2:17:9A:89:03:AF:23:B7:FC:8B:80:4B:AE:AE:A0:0A:0B:AF:50
X509v3 Authority Key Identifier:
keyid:99:1B:3F:17:08:4F:76:F1:2F:9F:05:09:D5:97:F0:FF:EC:A0:4B:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/B35C646A52E211EAAF44AE23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.70.52.0/22
112.121.64.0-112.121.109.255
112.121.112.0-112.121.117.255
112.121.120.0/22
202.80.104.0-202.80.108.255
202.80.111.0/24
IPv6:
2402:b600::/32
Signature Algorithm: sha256WithRSAEncryption
5d:40:b7:c7:ef:29:13:c4:30:29:57:54:d5:18:15:c1:a7:c2:
ad:b6:70:00:ef:67:e2:1b:7a:6b:28:77:a5:9d:7b:2c:8f:00:
7c:e2:35:98:75:81:75:0e:63:2e:67:7d:6a:d0:af:3d:d0:15:
e8:84:29:a0:d6:e3:47:d7:47:d5:33:10:20:9f:d5:aa:55:c4:
fd:aa:0b:15:07:4d:3c:9f:26:73:4f:5b:b7:10:21:23:29:58:
f5:d9:b7:f3:51:72:e6:e8:02:1f:ca:40:0f:8b:20:25:58:a7:
14:88:40:71:b6:66:13:51:f0:da:ae:29:8d:6d:eb:61:07:cb:
79:2d:e0:fa:65:09:a6:11:e0:3e:89:e8:71:db:a2:e0:fa:a6:
b2:d1:d2:f5:3c:0f:cd:0f:39:ab:8a:c5:cc:e3:99:1b:04:5f:
fd:b2:0e:85:c4:8b:7e:56:51:ea:e4:57:0e:b9:7e:19:4f:88:
7e:6c:f9:c9:e8:03:ee:1e:9f:d0:44:40:6f:61:a5:b6:ec:6b:
98:98:6e:ab:64:47:40:77:d1:42:27:9e:93:50:b5:ac:26:ee:
e9:7f:ff:e0:0b:bd:c3:92:80:9d:29:5a:5a:2f:55:bc:74:77:
99:ea:1e:af:94:49:2a:23:40:8e:16:f3:08:9a:bf:6a:59:7b:
ba:0b:10:c4
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICM9MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjdCNTAxMTAvBgNVBAUTKDk5MUIzRjE3MDg0Rjc2RjEyRjlGMDUwOUQ1OTdGMEZG
RUNBMDRCNEEwHhcNMjMxMDI4MTUwMDQ3WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTNkMjIxZS03MzdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAotQYcEMvxSxaLjLSrpftikJKVNoUA0Y39XjbbvYqNaWJW9Ayptj46VC1RAUn
WQUaZWb89QuZbxbxwG1wOwyb7zOIwSIN2FijhS6obKUt49uLeNcp6YUv9zpsl3Ik
RLellMxsVieqKdMB5Jzs5zZ4eMpMK+FwJZutJDqlmb38+FToAVORqg7JHNbhmab0
urdZZaOBw91Ng9tu61ByKp66tdDE8/IDzcWaJlYurbeLcBOZchFx6S/JH58d68Oi
2ScNsHSHlpYmqnzhDsQwxlh7Z0dBuahg6xQBN9KOLXe8CSZvmHOtav0rYEyJuYiw
SM4J7atKDxysGEI+svy5bNBQ6QIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFLPSF5qJ
A68jt/yLgEuurqAKC69QMB8GA1UdIwQYMBaAFJkbPxcIT3bxL58FCdWX8P/soEtK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0I1MC85RDEzMDVDODFE
OEYxMUUyQTAyQkNERUUwOEIwMkNEMi9tUnNfRndoUGR2RXZud1VKMVpmd18teWdT
MG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21Sc19Gd2hQZHZFdm53VUoxWmZ3Xy15Z1Mwby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjdCNTAvOUQxMzA1QzgxRDhGMTFFMkEwMkJDREVFMDhCMDJDRDIvQjM1QzY0NkE1
MkUyMTFFQUFGNDRBRTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAJnRjQwDAMEBnB5QAMEAXB5bDAMAwQEcHlwAwQBcHl0AwQC
cHl4MAwDBAPKUGgDBADKUGwDBADKUG8wDQQCAAIwBwMFACQCtgAwDQYJKoZIhvcN
AQELBQADggEBAF1At8fvKRPEMClXVNUYFcGnwq22cADvZ+Ibemsod6WdeyyPAHzi
NZh1gXUOYy5nfWrQrz3QFeiEKaDW40fXR9UzECCf1apVxP2qCxUHTTyfJnNPW7cQ
ISMpWPXZt/NRcuboAh/KQA+LICVYpxSIQHG2ZhNR8NquKY1t62EHy3kt4PplCaYR
4D6J6HHbouD6prLR0vU8D80POauKxczjmRsEX/2yDoXEi35WUerkVw65fhlPiH5s
+cnoA+4en9BEQG9hpbbsa5iYbqtkR0B30UInnpNQtawm7ul//+ALvcOSgJ0pWlov
Vbx0d5nqHq+USSojQI4W8wiav2pZe7oLEMQ=
-----END CERTIFICATE-----
Generated at Thu May 16 16:14:31 2024 by rpki-client on console-fra.rpki-client.org