Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/38E0157CF01511EEB397FC14C4F9AE02.roa
File: 38E0157CF01511EEB397FC14C4F9AE02.roa (raw, json)
Hash identifier: gzeh9Tv/4700L1wq1Ou6BE1judMnO6GYO6njhRH17us=
Subject key identifier: 27:80:16:0E:F3:62:53:CC:BE:78:CA:DF:16:D7:F2:EE:4B:7F:D2:67
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 85DE
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/38E0157CF01511EEB397FC14C4F9AE02.roa
Signing time: Wed 03 Apr 2024 12:59:47 +0000
ROA not before: Wed 03 Apr 2024 12:59:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45433
IP address blocks: 43.229.92.0/24 maxlen: 24
43.229.93.0/24 maxlen: 24
45.64.177.0/24 maxlen: 24
45.64.179.0/24 maxlen: 24
45.118.204.0/24 maxlen: 24
45.118.205.0/24 maxlen: 24
45.118.207.0/24 maxlen: 24
45.127.220.0/24 maxlen: 24
45.127.221.0/24 maxlen: 24
45.127.222.0/24 maxlen: 24
45.250.170.0/24 maxlen: 24
103.23.236.0/24 maxlen: 24
103.23.237.0/24 maxlen: 24
103.23.238.0/24 maxlen: 24
103.23.239.0/24 maxlen: 24
103.36.49.0/24 maxlen: 24
103.36.50.0/24 maxlen: 24
103.36.51.0/24 maxlen: 24
103.39.9.0/24 maxlen: 24
103.39.11.0/24 maxlen: 24
103.58.248.0/24 maxlen: 24
103.58.250.0/24 maxlen: 24
103.70.58.0/24 maxlen: 24
103.131.26.0/24 maxlen: 24
103.157.124.0/24 maxlen: 24
103.157.125.0/24 maxlen: 24
103.157.168.0/24 maxlen: 24
103.157.169.0/24 maxlen: 24
103.175.8.0/24 maxlen: 24
103.175.9.0/24 maxlen: 24
103.178.110.0/24 maxlen: 24
103.178.111.0/24 maxlen: 24
103.179.0.0/24 maxlen: 24
103.179.1.0/24 maxlen: 24
103.194.120.0/24 maxlen: 24
103.196.208.0/24 maxlen: 24
103.196.209.0/24 maxlen: 24
103.196.211.0/24 maxlen: 24
103.207.168.0/24 maxlen: 24
103.207.169.0/24 maxlen: 24
103.207.170.0/24 maxlen: 24
103.207.171.0/24 maxlen: 24
103.209.179.0/24 maxlen: 24
103.255.8.0/24 maxlen: 24
103.255.10.0/24 maxlen: 24
103.255.11.0/24 maxlen: 24
115.178.96.0/24 maxlen: 24
115.178.97.0/24 maxlen: 24
115.178.98.0/24 maxlen: 24
115.178.99.0/24 maxlen: 24
115.178.100.0/24 maxlen: 24
115.178.102.0/24 maxlen: 24
115.178.103.0/24 maxlen: 24
122.102.24.0/24 maxlen: 24
122.102.25.0/24 maxlen: 24
122.102.27.0/24 maxlen: 24
122.102.28.0/24 maxlen: 24
122.102.29.0/24 maxlen: 24
122.102.30.0/24 maxlen: 24
163.53.80.0/22 maxlen: 22
163.53.80.0/24 maxlen: 24
163.53.81.0/24 maxlen: 24
163.53.82.0/24 maxlen: 24
163.53.83.0/24 maxlen: 24
175.111.128.0/24 maxlen: 24
175.111.129.0/24 maxlen: 24
175.111.130.0/24 maxlen: 24
175.111.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 08 May 2024 08:21:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34270 (0x85de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 3 12:59:47 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=660d52c3-1b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9f:29:18:ba:b9:f5:85:e7:25:81:50:4d:65:
44:e1:02:a1:ea:80:4d:85:cf:e9:8e:1c:81:97:a0:
1e:57:eb:45:11:15:a8:72:40:20:86:2f:dd:df:20:
d9:3f:c1:02:33:7d:a0:76:b4:46:3b:59:9b:e7:54:
31:26:e3:82:ef:3a:c1:9b:45:2a:19:a4:fc:a3:ba:
36:2a:9b:17:90:c1:23:80:4f:02:7d:9d:96:d8:49:
33:8b:ce:a1:5b:02:81:70:5b:7c:0e:fd:4b:5b:d9:
85:f7:80:11:cb:a7:18:29:e9:a6:ab:85:53:19:5c:
f4:97:8f:34:97:ef:87:24:a2:03:a3:64:6b:bc:98:
8f:85:5a:73:fa:56:0e:ec:a8:f5:3e:56:e1:1b:d9:
99:8b:00:d2:b4:7a:1f:ed:39:bb:c2:0f:42:f1:f7:
85:46:3a:5e:88:e1:25:18:ad:7a:af:9f:d7:fd:03:
34:f4:bf:ec:37:4e:74:92:33:8b:31:72:28:2d:74:
12:27:6c:d7:be:3d:b4:cb:d1:ed:cb:c5:16:56:b5:
44:73:49:be:2e:8c:cb:d1:ce:d0:3b:99:ef:f0:c2:
db:8a:92:f7:bf:f9:dd:73:b4:56:43:d9:2d:f3:d1:
04:dc:95:07:31:d8:d6:6f:f0:51:2b:8f:14:6f:7c:
53:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:80:16:0E:F3:62:53:CC:BE:78:CA:DF:16:D7:F2:EE:4B:7F:D2:67
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/38E0157CF01511EEB397FC14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.92.0/23
45.64.177.0/24
45.64.179.0/24
45.118.204.0/23
45.118.207.0/24
45.127.220.0-45.127.222.255
45.250.170.0/24
103.23.236.0/22
103.36.49.0-103.36.51.255
103.39.9.0/24
103.39.11.0/24
103.58.248.0/24
103.58.250.0/24
103.70.58.0/24
103.131.26.0/24
103.157.124.0/23
103.157.168.0/23
103.175.8.0/23
103.178.110.0/23
103.179.0.0/23
103.194.120.0/24
103.196.208.0/23
103.196.211.0/24
103.207.168.0/22
103.209.179.0/24
103.255.8.0/24
103.255.10.0/23
115.178.96.0-115.178.100.255
115.178.102.0/23
122.102.24.0/23
122.102.27.0-122.102.30.255
163.53.80.0/22
175.111.128.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:ac:ca:c6:2e:97:90:52:e2:91:55:90:70:4b:d4:09:8c:6a:
6c:8b:80:73:05:67:96:0c:64:5b:41:98:d5:16:bf:0b:9a:16:
8f:cb:e8:99:fe:ca:fe:a2:7e:b0:d7:8b:51:7c:45:57:8b:2b:
17:1b:8b:dd:3f:60:d9:d1:e6:d4:0d:72:fd:5b:c9:6d:77:b8:
c2:8e:34:4f:a3:1f:d2:91:fb:7f:03:6e:a3:a0:82:48:c4:86:
2c:34:62:f7:ea:02:bc:72:c7:43:22:f3:9b:ba:bb:12:e3:7e:
9b:5b:7a:9c:4e:2c:a2:0a:1e:a9:8f:4a:59:51:5a:10:b7:c4:
4c:a3:68:fd:e7:37:72:88:06:e9:ec:5e:6a:79:31:6f:cc:a3:
7a:23:e1:b3:40:3a:4d:b2:dd:ed:f9:61:cd:ba:5f:f7:52:31:
b7:07:7a:82:e3:80:74:85:52:69:51:6f:25:cf:9c:22:48:8f:
8f:9d:f7:f8:48:a5:42:e3:87:fc:b4:a2:45:a3:3b:6c:01:74:
67:6f:27:d0:32:f3:cc:b8:2a:ae:9c:dc:15:8d:2c:eb:8b:25:
15:79:38:81:96:55:1f:4b:e9:a5:95:3e:eb:67:7c:b0:53:1e:
57:71:d8:93:54:6d:f5:fd:ea:53:e3:2d:54:f7:42:02:b9:f7:
d4:82:32:51
-----BEGIN CERTIFICATE-----
MIIGWDCCBUCgAwIBAgIDAIXeMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDQwMzEyNTk0N1oXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjYwZDUyYzMtMWIwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANKfKRi6ufWF5yWBUE1lROECoeqATYXP6Y4cgZegHlfrRREVqHJAIIYv3d8g
2T/BAjN9oHa0RjtZm+dUMSbjgu86wZtFKhmk/KO6NiqbF5DBI4BPAn2dlthJM4vO
oVsCgXBbfA79S1vZhfeAEcunGCnppquFUxlc9JePNJfvhySiA6Nka7yYj4Vac/pW
Duyo9T5W4RvZmYsA0rR6H+05u8IPQvH3hUY6XojhJRiteq+f1/0DNPS/7DdOdJIz
izFyKC10Eids1749tMvR7cvFFla1RHNJvi6My9HO0DuZ7/DC24qS97/53XO0VkPZ
LfPRBNyVBzHY1m/wUSuPFG98U1MCAwEAAaOCA3swggN3MB0GA1UdDgQWBBQngBYO
82JTzL54yt8W1/LuS3/SZzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM4RTAxNTdD
RjAxNTExRUVCMzk3RkMxNEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBAwYIKwYBBQUHAQcB
Af8EgfMwgfAwge0EAgABMIHmAwQBK+VcAwQALUCxAwQALUCzAwQBLXbMAwQALXbP
MAwDBAItf9wDBAAtf94DBAAt+qoDBAJnF+wwDAMEAGckMQMEAmckMAMEAGcnCQME
AGcnCwMEAGc6+AMEAGc6+gMEAGdGOgMEAGeDGgMEAWedfAMEAWedqAMEAWevCAME
AWeybgMEAWezAAMEAGfCeAMEAWfE0AMEAGfE0wMEAmfPqAMEAGfRswMEAGf/CAME
AWf/CjAMAwQFc7JgAwQAc7JkAwQBc7JmAwQBemYYMAwDBAB6ZhsDBAB6Zh4DBAKj
NVADBAKvb4AwDQYJKoZIhvcNAQELBQADggEBABqsysYul5BS4pFVkHBL1AmMamyL
gHMFZ5YMZFtBmNUWvwuaFo/L6Jn+yv6ifrDXi1F8RVeLKxcbi90/YNnR5tQNcv1b
yW13uMKONE+jH9KR+38DbqOggkjEhiw0YvfqArxyx0Mi85u6uxLjfptbepxOLKIK
HqmPSllRWhC3xEyjaP3nN3KIBunsXmp5MW/Mo3oj4bNAOk2y3e35Yc26X/dSMbcH
eoLjgHSFUmlRbyXPnCJIj4+d9/hIpULjh/y0okWjO2wBdGdvJ9Ay88y4Kq6c3BWN
LOuLJRV5OIGWVR9L6aWVPutnfLBTHldx2JNUbfX96lPjLVT3QgK599SCMlE=
-----END CERTIFICATE-----
Generated at Wed May 1 10:33:49 2024 by rpki-client on console-fra.rpki-client.org