Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/8B2EE9667A0911EE934F1262C4F9AE02.roa
File: 8B2EE9667A0911EE934F1262C4F9AE02.roa (raw, json)
Hash identifier: k9iCQXzhjwfzVaU7vow/nBOXFL+lk5IPY/l7RxNnfPA=
Subject key identifier: 1E:21:FF:44:37:9A:2D:7A:3A:90:91:DF:96:01:52:C1:FB:41:17:A1
Certificate issuer: /CN=A91743EF/serialNumber=D1D65C8A4324E287F6EA915B39F5D3602D1E37A6
Certificate serial: 1735
Authority key identifier: D1:D6:5C:8A:43:24:E2:87:F6:EA:91:5B:39:F5:D3:60:2D:1E:37:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0dZcikMk4of26pFbOfXTYC0eN6Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/8B2EE9667A0911EE934F1262C4F9AE02.roa
Signing time: Thu 04 Apr 2024 17:25:04 +0000
ROA not before: Thu 04 Apr 2024 17:25:04 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 17747
IP address blocks: 103.199.224.0/24 maxlen: 24
103.199.225.0/24 maxlen: 24
103.199.226.0/24 maxlen: 24
103.199.227.0/24 maxlen: 24
150.107.8.0/23 maxlen: 24
202.142.80.0/24 maxlen: 24
202.142.82.0/24 maxlen: 24
202.142.84.0/24 maxlen: 24
202.142.88.0/24 maxlen: 24
202.142.94.0/24 maxlen: 24
202.142.108.0/23 maxlen: 23
202.142.109.0/24 maxlen: 24
202.142.111.0/24 maxlen: 24
202.142.116.0/24 maxlen: 24
202.142.117.0/24 maxlen: 24
202.142.121.0/24 maxlen: 24
202.142.122.0/24 maxlen: 24
203.81.240.0/24 maxlen: 24
203.81.241.0/24 maxlen: 24
203.81.242.0/24 maxlen: 24
203.81.243.0/24 maxlen: 24
2402:ea80::/32 maxlen: 32
2402:ea80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/0dZcikMk4of26pFbOfXTYC0eN6Y.crl
rsync://rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/0dZcikMk4of26pFbOfXTYC0eN6Y.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0dZcikMk4of26pFbOfXTYC0eN6Y.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5941 (0x1735)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91743EF/serialNumber=D1D65C8A4324E287F6EA915B39F5D3602D1E37A6
Validity
Not Before: Apr 4 17:25:04 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=660ee270-618b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:7b:b2:ee:f4:be:44:15:2b:de:b6:e9:d2:15:
56:d1:5a:ef:48:af:7b:81:0c:a3:fe:fe:d1:29:85:
71:00:38:38:c5:ca:08:59:db:3e:24:98:03:bc:fe:
f6:5b:a8:9e:b7:e6:ea:4f:32:f3:bf:d8:a5:de:2e:
2d:34:0c:7a:fb:66:b7:ea:79:7b:40:b5:46:ca:f3:
4c:18:22:36:c8:ce:ec:1b:9b:49:eb:ea:fb:f5:d4:
64:5c:96:cd:0a:6a:48:04:81:44:60:82:70:02:e5:
72:17:b4:5c:42:ba:fb:95:75:26:8a:46:03:a5:e7:
e4:90:82:01:fa:7e:64:04:38:88:c9:5c:76:55:ae:
f1:a1:8d:69:8d:ad:83:67:1f:ee:72:03:d0:92:2d:
d7:08:f0:e5:cd:4e:22:5a:69:f3:5c:ef:5e:4e:4e:
3e:cf:23:72:3c:7c:53:0c:2f:46:af:c4:73:4b:39:
73:ac:b5:75:be:de:f7:7c:4e:3a:21:0b:f8:17:7c:
53:07:24:b8:f5:b0:67:14:70:de:8f:6a:3f:c9:dc:
93:db:90:09:c0:fc:a3:d9:6d:82:99:a4:ba:00:2a:
12:eb:11:34:f3:c0:46:11:56:3f:dc:15:ba:0e:d8:
0b:82:9c:ed:d5:b5:a1:0b:99:3d:02:05:a6:90:ae:
96:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:21:FF:44:37:9A:2D:7A:3A:90:91:DF:96:01:52:C1:FB:41:17:A1
X509v3 Authority Key Identifier:
keyid:D1:D6:5C:8A:43:24:E2:87:F6:EA:91:5B:39:F5:D3:60:2D:1E:37:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/0dZcikMk4of26pFbOfXTYC0eN6Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0dZcikMk4of26pFbOfXTYC0eN6Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91743EF/E6ABB010BA4011E7A08D266FC4F9AE02/8B2EE9667A0911EE934F1262C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.199.224.0/22
150.107.8.0/23
202.142.80.0/24
202.142.82.0/24
202.142.84.0/24
202.142.88.0/24
202.142.94.0/24
202.142.108.0/23
202.142.111.0/24
202.142.116.0/23
202.142.121.0-202.142.122.255
203.81.240.0/22
IPv6:
2402:ea80::/32
Signature Algorithm: sha256WithRSAEncryption
1b:d6:dc:1a:65:ae:91:ed:e9:24:a1:f3:f6:4a:12:9b:05:65:
a0:8d:ca:d7:95:e4:88:0e:d0:22:05:47:41:ad:04:ed:e5:bd:
14:dd:ce:de:ed:6c:d8:35:f7:67:95:a6:d7:0f:09:73:d5:06:
6c:7c:3f:86:40:9a:13:03:19:0d:3d:7f:da:14:d1:b1:f3:68:
b8:3a:43:3b:ba:4e:68:49:47:ae:9d:0f:e0:a0:5f:7f:5a:7b:
7c:61:07:20:e1:e2:96:da:8d:3e:ac:ba:3f:16:db:38:e9:06:
95:b8:f6:01:ca:af:51:8d:d1:6f:8a:b1:bd:d0:29:6b:bb:7d:
54:42:ba:a3:45:df:2f:35:2a:9b:40:99:79:7a:a4:4d:cc:5d:
6a:4d:39:a0:ce:cc:fa:8b:c2:24:d4:50:22:95:4b:40:3e:63:
f1:ec:31:9b:4c:2f:4f:8c:06:55:ee:5c:2c:f6:4a:f5:37:5a:
c6:1f:62:22:79:ff:40:64:2d:68:3d:56:a7:0c:fd:9b:6f:c7:
53:31:d4:45:20:f4:df:b2:67:be:4f:9f:5a:6b:07:03:9e:50:
70:0a:02:15:92:79:44:b9:be:91:42:03:f8:29:95:00:2e:2b:
65:bc:27:84:a9:06:98:2d:b3:0c:48:1c:ea:7a:da:cb:42:a2:
cd:f1:9e:f4
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgICFzUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQzRUYxMTAvBgNVBAUTKEQxRDY1QzhBNDMyNEUyODdGNkVBOTE1QjM5RjVEMzYw
MkQxRTM3QTYwHhcNMjQwNDA0MTcyNTA0WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBlZTI3MC02MThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA43uy7vS+RBUr3rbp0hVW0VrvSK97gQyj/v7RKYVxADg4xcoIWds+JJgDvP72
W6iet+bqTzLzv9il3i4tNAx6+2a36nl7QLVGyvNMGCI2yM7sG5tJ6+r79dRkXJbN
CmpIBIFEYIJwAuVyF7RcQrr7lXUmikYDpefkkIIB+n5kBDiIyVx2Va7xoY1pja2D
Zx/ucgPQki3XCPDlzU4iWmnzXO9eTk4+zyNyPHxTDC9Gr8RzSzlzrLV1vt73fE46
IQv4F3xTByS49bBnFHDej2o/ydyT25AJwPyj2W2CmaS6ACoS6xE088BGEVY/3BW6
DtgLgpzt1bWhC5k9AgWmkK6WuQIDAQABo4IC7jCCAuowHQYDVR0OBBYEFB4h/0Q3
mi16OpCR35YBUsH7QRehMB8GA1UdIwQYMBaAFNHWXIpDJOKH9uqRWzn102AtHjem
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDNFRi9FNkFCQjAxMEJB
NDAxMUU3QTA4RDI2NkZDNEY5QUUwMi8wZFpjaWtNazRvZjI2cEZiT2ZYVFlDMGVO
NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBkWmNpa01rNG9mMjZwRmJPZlhUWUMwZU42WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQzRUYvRTZBQkIwMTBCQTQwMTFFN0EwOEQyNjZGQzRGOUFFMDIvOEIyRUU5NjY3
QTA5MTFFRTkzNEYxMjYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwweAYIKwYBBQUHAQcBAf8E
aTBnMFYEAgABMFADBAJnx+ADBAGWawgDBADKjlADBADKjlIDBADKjlQDBADKjlgD
BADKjl4DBAHKjmwDBADKjm8DBAHKjnQwDAMEAMqOeQMEAMqOegMEAstR8DANBAIA
AjAHAwUAJALqgDANBgkqhkiG9w0BAQsFAAOCAQEAG9bcGmWuke3pJKHz9koSmwVl
oI3K15XkiA7QIgVHQa0E7eW9FN3O3u1s2DX3Z5Wm1w8Jc9UGbHw/hkCaEwMZDT1/
2hTRsfNouDpDO7pOaElHrp0P4KBff1p7fGEHIOHiltqNPqy6PxbbOOkGlbj2Acqv
UY3Rb4qxvdApa7t9VEK6o0XfLzUqm0CZeXqkTcxdak05oM7M+ovCJNRQIpVLQD5j
8ewxm0wvT4wGVe5cLPZK9Tdaxh9iInn/QGQtaD1Wpwz9m2/HUzHURSD037Jnvk+f
WmsHA55QcAoCFZJ5RLm+kUID+CmVAC4rZbwnhKkGmC2zDEgc6nray0KizfGe9A==
-----END CERTIFICATE-----
Generated at Sat May 18 18:21:37 2024 by rpki-client on console-ams.rpki-client.org