Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1EB1232C377D11EE8DE0982DC4F9AE02.roa
File: 1EB1232C377D11EE8DE0982DC4F9AE02.roa (raw, json)
Hash identifier: 9RZA3qn4pni+PMnsrNetNGYw0rVmtaFyfACB9aCtzUo=
Subject key identifier: 40:02:CB:AD:69:6D:58:75:09:33:D0:76:B4:10:3E:15:21:99:AF:7D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7754
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1EB1232C377D11EE8DE0982DC4F9AE02.roa
Signing time: Thu 10 Aug 2023 12:55:02 +0000
ROA not before: Thu 10 Aug 2023 12:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59162
IP address blocks: 43.225.68.0/22 maxlen: 24
43.225.212.0/22 maxlen: 24
45.114.152.0/24 maxlen: 24
45.114.153.0/24 maxlen: 24
45.114.154.0/24 maxlen: 24
45.114.155.0/24 maxlen: 24
45.115.168.0/22 maxlen: 24
45.117.112.0/24 maxlen: 24
45.117.113.0/24 maxlen: 24
45.117.114.0/24 maxlen: 24
45.117.115.0/24 maxlen: 24
45.119.236.0/24 maxlen: 24
45.119.237.0/24 maxlen: 24
45.119.238.0/24 maxlen: 24
45.119.239.0/24 maxlen: 24
45.123.8.0/22 maxlen: 22
45.123.8.0/24 maxlen: 24
45.123.9.0/24 maxlen: 24
45.123.10.0/24 maxlen: 24
45.123.11.0/24 maxlen: 24
45.248.12.0/22 maxlen: 24
45.251.40.0/22 maxlen: 24
103.17.48.0/22 maxlen: 24
103.38.202.0/24 maxlen: 24
103.38.203.0/24 maxlen: 24
103.40.64.0/24 maxlen: 24
103.40.65.0/24 maxlen: 24
103.40.66.0/24 maxlen: 24
103.40.67.0/24 maxlen: 24
103.57.176.0/24 maxlen: 24
103.57.177.0/24 maxlen: 24
103.57.178.0/24 maxlen: 24
103.57.179.0/24 maxlen: 24
103.106.152.0/24 maxlen: 24
103.106.153.0/24 maxlen: 24
103.106.154.0/24 maxlen: 24
103.106.155.0/24 maxlen: 24
103.117.152.0/22 maxlen: 24
103.134.112.0/24 maxlen: 24
103.134.113.0/24 maxlen: 24
103.146.233.0/24 maxlen: 24
103.193.200.0/22 maxlen: 24
103.211.59.0/24 maxlen: 24
103.219.216.0/22 maxlen: 24
103.239.140.0/24 maxlen: 24
103.239.141.0/24 maxlen: 24
103.239.142.0/24 maxlen: 24
103.239.143.0/24 maxlen: 24
103.253.208.0/22 maxlen: 24
103.254.206.0/24 maxlen: 24
103.254.207.0/24 maxlen: 24
103.255.72.0/22 maxlen: 24
114.134.20.0/24 maxlen: 24
114.134.21.0/24 maxlen: 24
114.134.22.0/24 maxlen: 24
114.134.23.0/24 maxlen: 24
2001:df2:59c0::/48 maxlen: 48
2001:df7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30548 (0x7754)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 10 12:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64d4de26-217d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4a:ba:42:46:2e:76:fc:a4:8a:f9:16:31:1f:
d1:92:52:c7:73:99:28:6e:43:e7:40:11:e0:ad:23:
73:b3:a7:2c:06:3e:5a:68:6b:f4:37:b3:97:76:03:
b7:a0:f0:56:76:cd:d9:ea:69:8d:e9:5e:c9:bf:d8:
0b:88:81:5a:e0:6f:3f:6b:d7:a2:37:65:5a:a5:9c:
a0:4b:9a:d2:46:8a:82:d0:a2:71:d6:6a:2e:76:e4:
00:26:c7:7e:52:f2:12:20:7b:5f:5c:6b:1b:a4:4c:
55:02:f9:e8:dc:12:f4:ed:1b:e3:50:cd:d5:fe:28:
69:e7:10:e0:a5:0b:07:e7:15:a6:70:42:eb:fb:6a:
61:f5:7f:72:79:fd:96:57:3d:d2:b3:8c:fc:ba:9e:
90:08:c4:d5:a8:3c:93:96:79:ef:fe:17:08:cc:da:
85:4e:9d:85:cb:6a:8c:38:de:9e:b8:c0:92:72:a3:
4e:12:c9:ce:b6:81:1e:37:5e:0a:c9:9b:61:f8:5a:
d2:5c:17:37:db:a6:2d:59:1a:e0:5d:69:f1:1a:31:
73:f9:52:0e:75:3e:48:69:88:47:df:d2:42:71:01:
a8:3c:fd:42:69:46:a4:d7:a5:80:a4:06:62:d0:3e:
4b:e9:fa:ec:b2:d7:d6:bd:c3:e4:9a:2d:d0:78:09:
9e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:02:CB:AD:69:6D:58:75:09:33:D0:76:B4:10:3E:15:21:99:AF:7D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/1EB1232C377D11EE8DE0982DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.68.0/22
43.225.212.0/22
45.114.152.0/22
45.115.168.0/22
45.117.112.0/22
45.119.236.0/22
45.123.8.0/22
45.248.12.0/22
45.251.40.0/22
103.17.48.0/22
103.38.202.0/23
103.40.64.0/22
103.57.176.0/22
103.106.152.0/22
103.117.152.0/22
103.134.112.0/23
103.146.233.0/24
103.193.200.0/22
103.211.59.0/24
103.219.216.0/22
103.239.140.0/22
103.253.208.0/22
103.254.206.0/23
103.255.72.0/22
114.134.20.0/22
IPv6:
2001:df2:59c0::/48
2001:df7::/48
Signature Algorithm: sha256WithRSAEncryption
68:36:36:50:4b:4e:02:78:5b:78:b5:a7:0f:ff:8a:64:88:af:
fe:01:5a:26:c2:6f:56:3d:e5:e9:15:21:02:d2:40:f6:de:8e:
6f:29:47:d8:7d:e2:12:fe:40:29:3e:c1:56:7a:b7:af:b1:41:
d9:88:63:e9:06:17:c6:4d:bd:29:51:2a:c3:5c:a0:d4:b8:98:
f1:55:f0:c9:a6:15:3f:24:25:14:a9:e9:8c:c1:f9:93:9b:37:
6e:56:b3:ca:1b:bb:7a:e9:b2:fa:a2:d2:e8:9c:a3:bf:dd:4c:
5f:c4:7b:fe:4e:10:84:e1:b1:d8:a3:30:b4:92:0c:ff:4c:7e:
9f:4f:ee:e1:5d:7f:2d:89:64:8a:3b:60:9a:ca:93:ef:6e:84:
ca:db:08:cf:95:3b:85:7b:07:1e:29:b8:01:2a:6e:2f:4c:4d:
6c:d6:dd:66:89:3b:5c:e0:d1:3a:4e:b2:91:73:03:32:ac:ba:
d4:98:f0:2f:30:32:1d:26:a2:d7:69:9f:d7:21:6b:6f:63:84:
a4:4c:c6:17:9c:61:5e:16:86:6a:aa:1b:07:1f:95:03:a1:27:
81:94:9b:ce:ff:ce:12:04:df:32:5a:2b:bc:a2:e4:d2:db:93:
6e:19:ed:18:2c:04:58:6d:ef:6f:e4:13:81:91:2b:7d:5f:2a:
f0:3c:1a:1c
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgICd1QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwODEwMTI1NTAyWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ0ZGUyNi0yMTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqEq6QkYudvykivkWMR/RklLHc5kobkPnQBHgrSNzs6csBj5aaGv0N7OXdgO3
oPBWds3Z6mmN6V7Jv9gLiIFa4G8/a9eiN2VapZygS5rSRoqC0KJx1mouduQAJsd+
UvISIHtfXGsbpExVAvno3BL07RvjUM3V/ihp5xDgpQsH5xWmcELr+2ph9X9yef2W
Vz3Ss4z8up6QCMTVqDyTlnnv/hcIzNqFTp2Fy2qMON6euMCScqNOEsnOtoEeN14K
yZth+FrSXBc326YtWRrgXWnxGjFz+VIOdT5IaYhH39JCcQGoPP1CaUak16WApAZi
0D5L6frsstfWvcPkmi3QeAmeVwIDAQABo4IDRDCCA0AwHQYDVR0OBBYEFEACy61p
bVh1CTPQdrQQPhUhma99MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMUVCMTIzMkMz
NzdEMTFFRThERTA5ODJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgc0GCCsGAQUFBwEHAQH/
BIG9MIG6MIGdBAIAATCBlgMEAivhRAMEAivh1AMEAi1ymAMEAi1zqAMEAi11cAME
Ai137AMEAi17CAMEAi34DAMEAi37KAMEAmcRMAMEAWcmygMEAmcoQAMEAmc5sAME
AmdqmAMEAmd1mAMEAWeGcAMEAGeS6QMEAmfByAMEAGfTOwMEAmfb2AMEAmfvjAME
Amf90AMEAWf+zgMEAmf/SAMEAnKGFDAYBAIAAjASAwcAIAEN8lnAAwcAIAEN9wAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBoNjZQS04CeFt4tacP/4pkiK/+AVomwm9WPeXp
FSEC0kD23o5vKUfYfeIS/kApPsFWerevsUHZiGPpBhfGTb0pUSrDXKDUuJjxVfDJ
phU/JCUUqemMwfmTmzduVrPKG7t66bL6otLonKO/3UxfxHv+ThCE4bHYozC0kgz/
TH6fT+7hXX8tiWSKO2CaypPvboTK2wjPlTuFewceKbgBKm4vTE1s1t1miTtc4NE6
TrKRcwMyrLrUmPAvMDIdJqLXaZ/XIWtvY4SkTMYXnGFeFoZqqhsHH5UDoSeBlJvO
/84SBN8yWiu8ouTS25NuGe0YLARYbe9v5BOBkSt9XyrwPBoc
-----END CERTIFICATE-----
Generated at Sun Apr 28 15:51:15 2024 by rpki-client on console-fra.rpki-client.org