Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/B35C646A52E211EAAF44AE23C4F9AE02.roa
File: B35C646A52E211EAAF44AE23C4F9AE02.roa (raw, json)
Hash identifier: NQbEGDSQWJX2q4PE4RLTvTYnpC+usGIpVztyYiOyjGY=
Subject key identifier: F8:08:5F:5D:48:44:A7:9E:42:E5:52:9B:DF:93:51:3B:D4:61:D6:BE
Certificate issuer: /CN=A9167B50/serialNumber=991B3F17084F76F12F9F0509D597F0FFECA04B4A
Certificate serial: 349A
Authority key identifier: 99:1B:3F:17:08:4F:76:F1:2F:9F:05:09:D5:97:F0:FF:EC:A0:4B:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/B35C646A52E211EAAF44AE23C4F9AE02.roa
Signing time: Sat 02 Nov 2024 14:50:53 +0000
ROA not before: Sat 02 Nov 2024 14:50:53 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 7532
IP address blocks: 103.70.52.0/22 maxlen: 22
103.70.52.0/24 maxlen: 24
103.70.53.0/24 maxlen: 24
103.70.54.0/24 maxlen: 24
103.70.55.0/24 maxlen: 24
112.121.64.0/19 maxlen: 19
112.121.64.0/24 maxlen: 24
112.121.65.0/24 maxlen: 24
112.121.66.0/24 maxlen: 24
112.121.68.0/24 maxlen: 24
112.121.69.0/24 maxlen: 24
112.121.70.0/24 maxlen: 24
112.121.71.0/24 maxlen: 24
112.121.72.0/24 maxlen: 24
112.121.73.0/24 maxlen: 24
112.121.74.0/24 maxlen: 24
112.121.75.0/24 maxlen: 24
112.121.76.0/24 maxlen: 24
112.121.77.0/24 maxlen: 24
112.121.78.0/24 maxlen: 24
112.121.79.0/24 maxlen: 24
112.121.80.0/24 maxlen: 24
112.121.81.0/24 maxlen: 24
112.121.82.0/24 maxlen: 24
112.121.83.0/24 maxlen: 24
112.121.84.0/24 maxlen: 24
112.121.85.0/24 maxlen: 24
112.121.86.0/24 maxlen: 24
112.121.87.0/24 maxlen: 24
112.121.88.0/24 maxlen: 24
112.121.89.0/24 maxlen: 24
112.121.90.0/24 maxlen: 24
112.121.91.0/24 maxlen: 24
112.121.92.0/24 maxlen: 24
112.121.93.0/24 maxlen: 24
112.121.94.0/24 maxlen: 24
112.121.95.0/24 maxlen: 24
112.121.96.0/21 maxlen: 21
112.121.96.0/23 maxlen: 23
112.121.104.0/22 maxlen: 22
112.121.105.0/24 maxlen: 24
112.121.108.0/23 maxlen: 23
112.121.108.0/24 maxlen: 24
112.121.112.0/22 maxlen: 22
112.121.113.0/24 maxlen: 24
112.121.116.0/23 maxlen: 23
112.121.116.0/24 maxlen: 24
112.121.117.0/24 maxlen: 24
112.121.120.0/22 maxlen: 22
112.121.120.0/24 maxlen: 24
112.121.121.0/24 maxlen: 24
112.121.122.0/24 maxlen: 24
112.121.123.0/24 maxlen: 24
202.80.104.0/23 maxlen: 23
202.80.104.0/24 maxlen: 24
202.80.105.0/24 maxlen: 24
202.80.106.0/23 maxlen: 23
202.80.106.0/24 maxlen: 24
202.80.107.0/24 maxlen: 24
202.80.108.0/24 maxlen: 24
202.80.111.0/24 maxlen: 24
2402:b600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.crl
rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:40:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13466 (0x349a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9167B50/serialNumber=991B3F17084F76F12F9F0509D597F0FFECA04B4A
Validity
Not Before: Nov 2 14:50:53 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67263c4d-ab1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:32:fb:5d:40:0e:88:9e:cb:d3:2b:23:ac:d0:
d2:2d:9c:60:7b:bf:a9:ff:06:e8:3f:39:ff:c9:f7:
d7:e6:0a:99:f8:cc:92:55:96:d3:69:6c:ec:ad:63:
38:a2:de:1f:ad:cf:00:c7:b9:9b:ef:85:89:52:b9:
22:d1:bb:69:dc:c9:ac:05:42:d8:22:44:96:7b:93:
a7:83:bc:19:0a:47:38:63:87:4c:bb:21:f6:b6:5a:
f5:73:8b:af:7a:26:82:68:82:af:c3:bf:47:f0:da:
11:37:a2:e0:59:67:c0:da:f3:dd:04:c2:df:c6:93:
8a:ce:b6:37:96:38:40:04:a3:ba:f1:08:64:3b:42:
08:7e:01:66:57:b0:12:af:eb:8c:b0:7f:1e:b1:4f:
f6:07:61:8a:58:aa:47:d1:47:b9:3d:de:88:0a:b5:
43:70:a4:a5:c3:b8:86:c0:28:23:d5:d6:fb:9b:b7:
1d:32:5d:fe:30:3b:25:13:09:08:5c:c1:4c:6a:7e:
49:22:21:10:a6:7d:2f:39:65:31:e2:23:27:b2:84:
04:c7:02:37:fe:0b:90:15:ec:3d:d9:c9:50:3e:ba:
fd:11:cb:92:de:9c:41:1b:83:55:0f:4d:30:09:f0:
8d:d2:5f:67:e4:4c:2d:4b:f2:43:62:08:47:22:a3:
af:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:08:5F:5D:48:44:A7:9E:42:E5:52:9B:DF:93:51:3B:D4:61:D6:BE
X509v3 Authority Key Identifier:
keyid:99:1B:3F:17:08:4F:76:F1:2F:9F:05:09:D5:97:F0:FF:EC:A0:4B:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mRs_FwhPdvEvnwUJ1Zfw_-ygS0o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167B50/9D1305C81D8F11E2A02BCDEE08B02CD2/B35C646A52E211EAAF44AE23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.70.52.0/22
112.121.64.0-112.121.109.255
112.121.112.0-112.121.117.255
112.121.120.0/22
202.80.104.0-202.80.108.255
202.80.111.0/24
IPv6:
2402:b600::/32
Signature Algorithm: sha256WithRSAEncryption
2e:8c:f6:21:d5:ca:3f:47:62:55:64:3a:07:55:d2:da:27:0a:
2c:6e:3b:45:1d:99:2d:34:b0:55:d5:b9:48:8f:26:3b:34:ea:
bc:86:17:2d:ae:28:78:ae:91:52:9f:72:84:b4:0e:44:72:13:
c2:d2:f5:f7:95:71:ac:d9:dc:b4:3c:ec:49:c3:c5:47:ff:ea:
81:aa:6a:4b:72:1d:74:e7:47:4a:5d:f2:3c:e0:61:47:9c:12:
9b:41:25:b3:e4:aa:d3:9e:ac:d6:e3:33:12:c4:ca:df:4e:84:
fc:ca:b7:04:8d:ef:42:ce:15:e8:75:12:e4:98:00:c8:e0:78:
f9:0e:74:61:4b:27:61:63:66:40:54:0a:3d:c1:db:0e:5d:04:
bd:04:bf:20:f0:aa:19:4d:d2:91:d4:9d:45:a2:2b:e2:13:9e:
62:c9:ca:30:42:bc:17:6a:94:12:29:00:a4:93:37:c7:bb:31:
9c:45:b3:3c:78:e0:2e:2e:bd:0d:54:ba:8b:ff:6e:ad:be:4d:
98:2d:60:ab:08:67:e9:3f:7b:eb:74:c3:89:32:41:79:4a:2e:
72:42:31:ab:39:f2:14:5c:56:bb:7b:3d:14:29:5f:5b:5c:82:
8e:a2:89:84:2a:d6:57:c2:e6:62:a5:a8:cf:7a:e8:44:f4:b6:
cf:ae:69:25
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICNJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjdCNTAxMTAvBgNVBAUTKDk5MUIzRjE3MDg0Rjc2RjEyRjlGMDUwOUQ1OTdGMEZG
RUNBMDRCNEEwHhcNMjQxMTAyMTQ1MDUzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI2M2M0ZC1hYjFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAozL7XUAOiJ7L0ysjrNDSLZxge7+p/wboPzn/yffX5gqZ+MySVZbTaWzsrWM4
ot4frc8Ax7mb74WJUrki0btp3MmsBULYIkSWe5Ong7wZCkc4Y4dMuyH2tlr1c4uv
eiaCaIKvw79H8NoRN6LgWWfA2vPdBMLfxpOKzrY3ljhABKO68QhkO0IIfgFmV7AS
r+uMsH8esU/2B2GKWKpH0Ue5Pd6ICrVDcKSlw7iGwCgj1db7m7cdMl3+MDslEwkI
XMFMan5JIiEQpn0vOWUx4iMnsoQExwI3/guQFew92clQPrr9EcuS3pxBG4NVD00w
CfCN0l9n5EwtS/JDYghHIqOvvwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFPgIX11I
RKeeQuVSm9+TUTvUYda+MB8GA1UdIwQYMBaAFJkbPxcIT3bxL58FCdWX8P/soEtK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0I1MC85RDEzMDVDODFE
OEYxMUUyQTAyQkNERUUwOEIwMkNEMi9tUnNfRndoUGR2RXZud1VKMVpmd18teWdT
MG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21Sc19Gd2hQZHZFdm53VUoxWmZ3Xy15Z1Mwby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjdCNTAvOUQxMzA1QzgxRDhGMTFFMkEwMkJDREVFMDhCMDJDRDIvQjM1QzY0NkE1
MkUyMTFFQUFGNDRBRTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAJnRjQwDAMEBnB5QAMEAXB5bDAMAwQEcHlwAwQBcHl0AwQC
cHl4MAwDBAPKUGgDBADKUGwDBADKUG8wDQQCAAIwBwMFACQCtgAwDQYJKoZIhvcN
AQELBQADggEBAC6M9iHVyj9HYlVkOgdV0tonCixuO0UdmS00sFXVuUiPJjs06ryG
Fy2uKHiukVKfcoS0DkRyE8LS9feVcazZ3LQ87EnDxUf/6oGqaktyHXTnR0pd8jzg
YUecEptBJbPkqtOerNbjMxLEyt9OhPzKtwSN70LOFeh1EuSYAMjgePkOdGFLJ2Fj
ZkBUCj3B2w5dBL0EvyDwqhlN0pHUnUWiK+ITnmLJyjBCvBdqlBIpAKSTN8e7MZxF
szx44C4uvQ1Uuov/bq2+TZgtYKsIZ+k/e+t0w4kyQXlKLnJCMas58hRcVrt7PRQp
X1tcgo6iiYQq1lfC5mKlqM966ET0ts+uaSU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:25:37 2024 by rpki-client on console-fra.rpki-client.org