Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1551AC80BE6811EEA3F1816EC4F9AE02.roa
File: 1551AC80BE6811EEA3F1816EC4F9AE02.roa (raw, json)
Hash identifier: VGDeBTcTqmkGxX3YceXFwpPGgV3cT+aK1iBLO3kfLYc=
Subject key identifier: D7:2E:32:3B:C5:3E:EF:27:B6:5A:6B:82:79:42:71:91:F6:FB:A5:A1
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8205
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1551AC80BE6811EEA3F1816EC4F9AE02.roa
Signing time: Mon 29 Jan 2024 05:38:37 +0000
ROA not before: Mon 29 Jan 2024 05:38:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55353
IP address blocks: 103.15.64.0/22 maxlen: 22
103.15.64.0/24 maxlen: 24
103.15.65.0/24 maxlen: 24
103.15.66.0/24 maxlen: 24
103.15.67.0/24 maxlen: 24
111.118.240.0/20 maxlen: 20
111.118.240.0/24 maxlen: 24
111.118.241.0/24 maxlen: 24
111.118.242.0/24 maxlen: 24
111.118.243.0/24 maxlen: 24
111.118.244.0/24 maxlen: 24
111.118.245.0/24 maxlen: 24
111.118.246.0/24 maxlen: 24
111.118.247.0/24 maxlen: 24
111.118.248.0/24 maxlen: 24
111.118.249.0/24 maxlen: 24
111.118.250.0/24 maxlen: 24
111.118.251.0/24 maxlen: 24
111.118.252.0/24 maxlen: 24
111.118.253.0/24 maxlen: 24
111.118.254.0/24 maxlen: 24
111.118.255.0/24 maxlen: 24
150.129.144.0/22 maxlen: 22
150.129.144.0/24 maxlen: 24
150.129.145.0/24 maxlen: 24
150.129.146.0/24 maxlen: 24
150.129.147.0/24 maxlen: 24
183.182.84.0/22 maxlen: 22
183.182.84.0/24 maxlen: 24
183.182.85.0/24 maxlen: 24
183.182.86.0/24 maxlen: 24
183.182.87.0/24 maxlen: 24
2401:c300::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33285 (0x8205)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 29 05:38:37 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65b739dd-d261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a8:0f:da:e4:8d:c7:30:86:9d:55:1c:a3:bd:
1d:31:8b:41:31:00:91:89:81:5a:da:e7:0e:3c:e9:
42:01:37:0b:38:0a:ac:68:3f:17:dd:74:e6:57:a8:
b8:9c:67:eb:8b:00:33:36:66:9e:94:9f:df:f1:87:
74:6a:0e:bf:dc:51:d7:bc:dc:e3:13:02:04:e7:b0:
0a:05:8f:0e:94:95:f8:a4:9e:c2:15:a2:fa:a8:14:
a2:f7:73:d7:4d:d4:ca:6a:74:be:f2:25:96:5e:af:
df:7b:f9:1b:a9:d8:3b:2b:d7:a5:14:b6:5c:38:83:
10:26:6c:34:f7:83:2c:97:aa:b2:8c:d7:89:1a:10:
cb:91:bd:c0:02:e4:bc:4a:aa:e7:30:57:11:bd:d3:
43:b4:42:f5:b2:5b:ea:42:06:82:62:73:b4:9f:25:
17:ad:be:fd:49:1d:d3:b8:4e:d3:01:cf:d8:15:bc:
e8:9e:2d:c5:07:62:12:82:ed:28:5e:9d:22:62:c8:
b3:c9:78:5a:3f:82:d7:98:30:dc:8f:fc:80:cf:c9:
34:6c:2d:af:26:65:d3:a4:c7:03:0f:a1:7d:7a:b5:
20:f0:d0:65:7a:dd:c9:ae:85:19:89:14:00:08:51:
ff:7f:5b:30:8c:0f:7c:aa:8c:01:65:02:b7:96:82:
ea:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2E:32:3B:C5:3E:EF:27:B6:5A:6B:82:79:42:71:91:F6:FB:A5:A1
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1551AC80BE6811EEA3F1816EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.15.64.0/22
111.118.240.0/20
150.129.144.0/22
183.182.84.0/22
IPv6:
2401:c300::/32
Signature Algorithm: sha256WithRSAEncryption
5a:82:d6:7c:a4:9f:19:20:2d:3c:ec:06:9a:a4:ec:85:da:a2:
cb:7b:c8:ee:9f:0e:92:8c:48:0b:80:b6:bb:ef:30:44:eb:71:
c0:c6:95:6b:bc:42:fc:cb:fa:0b:02:c8:ff:4c:cb:a6:39:cf:
7c:14:03:26:f5:24:29:47:2c:a3:2e:b0:e0:4e:2b:0a:b1:a7:
12:d7:a4:3f:37:d5:7d:5a:7c:db:99:fc:9e:53:f5:33:74:bc:
0b:e8:d2:1f:f8:24:aa:d7:ab:2e:e7:19:65:ef:68:a7:44:a3:
c5:c3:90:84:ef:63:88:4f:15:79:18:6f:87:c9:6d:f1:bd:45:
e5:18:6b:2a:2c:1f:8c:52:42:0b:11:78:f9:8b:bc:28:15:fe:
79:c2:c3:3e:70:0d:6f:96:b9:f8:4c:61:6f:3c:96:1b:fa:12:
dc:b3:2d:f6:11:8c:4d:5a:3e:23:cb:25:85:7a:7a:a5:35:91:
12:5a:9e:41:51:29:1a:fb:8a:cf:d3:cf:7d:e6:bc:de:66:3f:
60:0e:4c:07:7b:a1:ba:61:36:5f:56:e1:22:cc:9d:7f:83:66:
1e:28:2e:68:8f:42:93:aa:6a:30:f6:44:4d:9d:58:b2:d2:8f:
bd:90:c2:54:e3:c1:fc:8d:31:f5:c3:6d:d6:13:2e:40:b1:ff:
ad:9e:3a:d0
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAIIFMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDEyOTA1MzgzN1oXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjViNzM5ZGQtZDI2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOKoD9rkjccwhp1VHKO9HTGLQTEAkYmBWtrnDjzpQgE3CzgKrGg/F9105leo
uJxn64sAMzZmnpSf3/GHdGoOv9xR17zc4xMCBOewCgWPDpSV+KSewhWi+qgUovdz
103Uymp0vvIlll6v33v5G6nYOyvXpRS2XDiDECZsNPeDLJeqsozXiRoQy5G9wALk
vEqq5zBXEb3TQ7RC9bJb6kIGgmJztJ8lF62+/Ukd07hO0wHP2BW86J4txQdiEoLt
KF6dImLIs8l4Wj+C15gw3I/8gM/JNGwtryZl06THAw+hfXq1IPDQZXrdya6FGYkU
AAhR/39bMIwPfKqMAWUCt5aC6vUCAwEAAaOCArYwggKyMB0GA1UdDgQWBBTXLjI7
xT7vJ7Zaa4J5QnGR9vuloTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzE1NTFBQzgw
QkU2ODExRUVBM0YxODE2RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEAGCCsGAQUFBwEHAQH/
BDEwLzAeBAIAATAYAwQCZw9AAwQEb3bwAwQCloGQAwQCt7ZUMA0EAgACMAcDBQAk
AcMAMA0GCSqGSIb3DQEBCwUAA4IBAQBagtZ8pJ8ZIC087AaapOyF2qLLe8junw6S
jEgLgLa77zBE63HAxpVrvEL8y/oLAsj/TMumOc98FAMm9SQpRyyjLrDgTisKsacS
16Q/N9V9WnzbmfyeU/UzdLwL6NIf+CSq16su5xll72inRKPFw5CE72OITxV5GG+H
yW3xvUXlGGsqLB+MUkILEXj5i7woFf55wsM+cA1vlrn4TGFvPJYb+hLcsy32EYxN
Wj4jyyWFenqlNZESWp5BUSka+4rP08995rzeZj9gDkwHe6G6YTZfVuEizJ1/g2Ye
KC5oj0KTqmow9kRNnViy0o+9kMJU48H8jTH1w23WEy5Asf+tnjrQ
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:19:27 2024 by rpki-client on console-ams.rpki-client.org