Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918E308/C77F7A1206D511EA8A897F4FC4F9AE02/B430443A324211EFB14FB614C4F9AE02.roa
File: B430443A324211EFB14FB614C4F9AE02.roa (raw, json)
Hash identifier: CYY0LXP9X4xKQBGfZAofQe57hCMYIiU/YbWGmHYH8e0=
Subject key identifier: 5E:70:45:4C:08:8F:CD:89:41:78:39:8E:62:B0:68:28:BB:72:1C:47
Certificate issuer: /CN=A918E308/serialNumber=D2536918C18B6BC2D91042808BCADFCDB7347531
Certificate serial: 0BE2
Authority key identifier: D2:53:69:18:C1:8B:6B:C2:D9:10:42:80:8B:CA:DF:CD:B7:34:75:31
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0lNpGMGLa8LZEEKAi8rfzbc0dTE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918E308/C77F7A1206D511EA8A897F4FC4F9AE02/B430443A324211EFB14FB614C4F9AE02.roa
Signing time: Sun 22 Sep 2024 18:57:11 +0000
ROA not before: Sun 22 Sep 2024 18:57:11 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 134572
IP address blocks: 103.89.244.0/22 maxlen: 24
103.120.160.0/22 maxlen: 22
103.120.160.0/23 maxlen: 23
103.120.160.0/24 maxlen: 24
103.120.161.0/24 maxlen: 24
103.120.162.0/23 maxlen: 23
103.120.162.0/24 maxlen: 24
103.120.163.0/24 maxlen: 24
160.238.33.0/24 maxlen: 24
202.53.131.0/24 maxlen: 24
2403:59c0::/32 maxlen: 32
2403:59c0:1::/48 maxlen: 48
2403:59c0:2::/48 maxlen: 48
2403:59c0:3::/48 maxlen: 48
2403:59c0:4::/48 maxlen: 48
2403:59c0:5::/48 maxlen: 48
2403:59c0:6::/48 maxlen: 48
2403:59c0:7::/48 maxlen: 48
2403:59c0:8::/48 maxlen: 48
2403:59c0:9::/48 maxlen: 48
2403:59c0:a::/48 maxlen: 48
2403:59c0:b::/48 maxlen: 48
2403:59c0:c::/48 maxlen: 48
2403:59c0:d::/48 maxlen: 48
2403:59c0:e::/48 maxlen: 48
2403:59c0:f::/48 maxlen: 48
2403:59c0:10::/48 maxlen: 48
2403:59c0:11::/48 maxlen: 48
2403:59c0:12::/48 maxlen: 48
2403:59c0:13::/48 maxlen: 48
2403:59c0:14::/48 maxlen: 48
2403:59c0:15::/48 maxlen: 48
2403:59c0:16::/48 maxlen: 48
2403:59c0:17::/48 maxlen: 48
2403:59c0:18::/48 maxlen: 48
2403:59c0:19::/48 maxlen: 48
2403:59c0:1a::/48 maxlen: 48
2403:59c0:1b::/48 maxlen: 48
2403:59c0:1c::/48 maxlen: 48
2403:59c0:1d::/48 maxlen: 48
2403:59c0:1e::/48 maxlen: 48
2403:59c0:1f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918E308/C77F7A1206D511EA8A897F4FC4F9AE02/0lNpGMGLa8LZEEKAi8rfzbc0dTE.crl
rsync://rpki.apnic.net/member_repository/A918E308/C77F7A1206D511EA8A897F4FC4F9AE02/0lNpGMGLa8LZEEKAi8rfzbc0dTE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0lNpGMGLa8LZEEKAi8rfzbc0dTE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 18:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3042 (0xbe2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918E308/serialNumber=D2536918C18B6BC2D91042808BCADFCDB7347531
Validity
Not Before: Sep 22 18:57:11 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f06887-6c0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:83:c6:b3:04:18:fe:f2:4e:e0:7a:19:b6:1c:
b0:73:7f:7b:e8:e2:b6:62:fb:11:99:e4:d3:e5:5e:
8b:96:3c:0a:11:d0:c0:02:45:95:a1:63:f3:15:3a:
07:c0:38:c7:b1:87:03:e6:43:cb:24:64:b2:53:80:
35:a8:14:ed:41:09:73:72:51:65:6e:61:a1:2d:d4:
54:b5:62:4d:89:bf:a8:76:76:6d:a2:b6:ac:f2:a2:
6f:11:fa:e2:c2:ee:e4:fb:cf:3f:7c:b6:8e:55:57:
56:5d:50:76:b6:19:96:54:97:f2:36:5e:a9:08:58:
e8:14:b0:52:ea:76:21:da:8d:1e:c8:1b:27:bf:21:
09:68:c8:d5:9e:1a:16:1d:b0:50:92:29:98:8b:29:
e1:15:e8:e0:71:4e:fd:f7:89:f1:2e:e4:1e:e3:58:
da:9d:2e:29:9f:e6:8b:8d:3c:dd:aa:8c:31:3a:51:
07:a4:02:13:2d:8b:23:51:6c:97:b5:b4:cd:f7:7a:
f1:f9:ee:ec:f8:f1:bc:35:c8:b2:b9:59:49:e2:aa:
e1:6d:ff:70:38:d3:de:b3:32:53:c2:1a:4d:10:e0:
4f:02:2c:da:57:77:bb:97:c6:f9:c7:36:8e:f8:e8:
02:9f:af:df:72:6d:d7:ec:0c:c8:1c:ab:ba:ab:a8:
63:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:70:45:4C:08:8F:CD:89:41:78:39:8E:62:B0:68:28:BB:72:1C:47
X509v3 Authority Key Identifier:
keyid:D2:53:69:18:C1:8B:6B:C2:D9:10:42:80:8B:CA:DF:CD:B7:34:75:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918E308/C77F7A1206D511EA8A897F4FC4F9AE02/0lNpGMGLa8LZEEKAi8rfzbc0dTE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0lNpGMGLa8LZEEKAi8rfzbc0dTE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E308/C77F7A1206D511EA8A897F4FC4F9AE02/B430443A324211EFB14FB614C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.89.244.0/22
103.120.160.0/22
160.238.33.0/24
202.53.131.0/24
IPv6:
2403:59c0::/32
Signature Algorithm: sha256WithRSAEncryption
af:0c:1c:d9:83:a3:c2:2e:31:72:5e:2c:74:83:32:1e:b3:5c:
d3:9c:4a:d0:78:c1:8c:a7:0a:d3:85:d5:82:e9:4f:20:25:e6:
96:9d:45:62:c3:97:0b:6f:d0:88:4b:1a:4d:69:9b:b6:b1:da:
bb:ca:0c:ae:03:f1:6f:b4:26:f0:0d:a8:43:22:97:1f:e9:f7:
40:d6:db:5a:cc:76:ac:30:b7:9c:be:f5:dd:ff:81:1f:6d:67:
ad:22:5c:26:5b:62:4d:1a:d6:9c:bd:02:5e:d3:41:af:af:49:
32:11:6b:e1:98:d0:6d:53:dc:1c:62:85:01:c9:59:61:ad:58:
6d:96:af:d3:51:e4:48:cd:d9:2f:7b:69:ca:f9:04:28:e9:d5:
aa:6f:51:ba:7d:24:ec:f9:11:60:a7:cc:90:be:1c:d2:ea:97:
2d:a9:5e:e8:3c:ca:8a:f3:54:f7:d2:86:fa:d4:81:e4:c5:8c:
d7:7f:75:da:8b:d2:bd:42:2e:38:c6:92:c0:e0:0f:93:69:1f:
d3:f7:ba:07:ca:48:17:29:b9:9d:91:c0:63:02:5b:fb:c3:8b:
7d:82:b0:50:18:8a:41:38:6b:11:b8:4e:cf:b2:4c:9d:a8:5a:
ec:4b:7b:67:ac:9a:d1:26:4b:45:98:30:71:b7:9e:e1:93:c7:
e8:c0:0e:c4
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICC+IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEUzMDgxMTAvBgNVBAUTKEQyNTM2OTE4QzE4QjZCQzJEOTEwNDI4MDhCQ0FERkNE
QjczNDc1MzEwHhcNMjQwOTIyMTg1NzExWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYwNjg4Ny02YzBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA24PGswQY/vJO4HoZthywc3976OK2YvsRmeTT5V6LljwKEdDAAkWVoWPzFToH
wDjHsYcD5kPLJGSyU4A1qBTtQQlzclFlbmGhLdRUtWJNib+odnZtoras8qJvEfri
wu7k+88/fLaOVVdWXVB2thmWVJfyNl6pCFjoFLBS6nYh2o0eyBsnvyEJaMjVnhoW
HbBQkimYiynhFejgcU7994nxLuQe41janS4pn+aLjTzdqowxOlEHpAITLYsjUWyX
tbTN93rx+e7s+PG8NciyuVlJ4qrhbf9wONPeszJTwhpNEOBPAizaV3e7l8b5xzaO
+OgCn6/fcm3X7AzIHKu6q6hjIQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFF5wRUwI
j82JQXg5jmKwaCi7chxHMB8GA1UdIwQYMBaAFNJTaRjBi2vC2RBCgIvK3823NHUx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTMwOC9DNzdGN0ExMjA2
RDUxMUVBOEE4OTdGNEZDNEY5QUUwMi8wbE5wR01HTGE4TFpFRUtBaThyZnpiYzBk
VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzBsTnBHTUdMYThMWkVFS0FpOHJmemJjMGRURS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEUzMDgvQzc3RjdBMTIwNkQ1MTFFQThBODk3RjRGQzRGOUFFMDIvQjQzMDQ0M0Ez
MjQyMTFFRkIxNEZCNjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnWfQDBAJneKADBACg7iEDBADKNYMwDQQCAAIwBwMFACQD
WcAwDQYJKoZIhvcNAQELBQADggEBAK8MHNmDo8IuMXJeLHSDMh6zXNOcStB4wYyn
CtOF1YLpTyAl5padRWLDlwtv0IhLGk1pm7ax2rvKDK4D8W+0JvANqEMilx/p90DW
21rMdqwwt5y+9d3/gR9tZ60iXCZbYk0a1py9Al7TQa+vSTIRa+GY0G1T3BxihQHJ
WWGtWG2Wr9NR5EjN2S97acr5BCjp1apvUbp9JOz5EWCnzJC+HNLqly2pXug8yorz
VPfShvrUgeTFjNd/ddqL0r1CLjjGksDgD5NpH9P3ugfKSBcpuZ2RwGMCW/vDi32C
sFAYikE4axG4Ts+yTJ2oWuxLe2esmtEmS0WYMHG3nuGTx+jADsQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:45:00 2024 by rpki-client on console-fra.rpki-client.org