Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5F101E723A0111EBAE5ABF25C4F9AE02.roa
File: 5F101E723A0111EBAE5ABF25C4F9AE02.roa (raw, json)
Hash identifier: I9yiMU7NsVnU+Zh5LNQaD6oI/6V9VYkWwxRQts9DRuQ=
Subject key identifier: 08:B4:1F:DA:22:BF:40:19:D4:21:D6:2E:7A:A6:7B:B3:A8:F4:84:21
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 71BF
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5F101E723A0111EBAE5ABF25C4F9AE02.roa
Signing time: Wed 10 May 2023 16:49:46 +0000
ROA not before: Wed 10 May 2023 16:49:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58765
IP address blocks: 43.231.48.0/22 maxlen: 24
45.113.88.0/22 maxlen: 24
45.123.160.0/22 maxlen: 24
103.31.188.0/22 maxlen: 24
103.52.244.0/24 maxlen: 24
103.52.245.0/24 maxlen: 24
103.52.246.0/24 maxlen: 24
103.52.247.0/24 maxlen: 24
103.85.96.0/22 maxlen: 24
103.220.16.0/24 maxlen: 24
103.220.17.0/24 maxlen: 24
103.220.18.0/24 maxlen: 24
103.220.19.0/24 maxlen: 24
103.250.84.0/22 maxlen: 24
115.124.40.0/21 maxlen: 24
2407:9300:1::/48 maxlen: 48
2407:9300:2::/48 maxlen: 48
2407:9300:3::/48 maxlen: 48
2407:9300:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29119 (0x71bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:49:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bcb2a-e51d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:14:15:b8:a2:3b:08:bd:1c:0e:59:3d:c6:4a:
7b:b1:c1:37:38:c8:b5:d4:06:5e:65:b4:7e:ad:20:
a7:bf:62:5d:d0:aa:e9:b8:cf:f4:7f:96:50:86:76:
2d:76:f8:4a:21:70:b5:ca:ab:61:f7:ad:5b:51:fb:
dc:fd:dd:62:8a:0d:c0:55:c5:9b:ae:13:6e:a5:9e:
07:85:fc:21:80:3e:2a:32:36:e3:f7:dc:d7:04:1f:
e5:ed:a1:b7:18:b2:6d:0d:fe:4b:7f:01:ec:85:84:
89:cc:df:9c:6c:1c:32:96:08:70:8f:fe:84:02:47:
54:0d:55:e0:24:0f:57:f1:7b:d0:aa:a5:03:19:ad:
22:a4:10:fa:bc:26:d5:85:7c:bd:08:9a:7a:a2:d9:
dd:6d:5a:d5:fb:ae:db:1c:9d:5b:6d:0e:cf:5c:74:
10:32:c6:e4:fc:e2:83:e6:c3:e0:bb:5b:72:60:a6:
cb:3f:8c:7a:d6:c1:3e:17:78:57:1c:37:a9:67:38:
d8:76:c9:e0:70:18:af:19:30:17:77:57:30:ca:a9:
81:8e:43:44:53:27:02:c4:f9:8a:85:2e:60:dd:78:
f0:17:50:ff:ff:ba:10:c4:0c:ad:f7:2d:d2:b3:7a:
ba:20:3f:79:69:0e:75:cd:c2:4c:70:a6:07:6f:dc:
81:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B4:1F:DA:22:BF:40:19:D4:21:D6:2E:7A:A6:7B:B3:A8:F4:84:21
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5F101E723A0111EBAE5ABF25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.48.0/22
45.113.88.0/22
45.123.160.0/22
103.31.188.0/22
103.52.244.0/22
103.85.96.0/22
103.220.16.0/22
103.250.84.0/22
115.124.40.0/21
IPv6:
2407:9300:1::-2407:9300:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
58:79:cd:a3:18:33:80:f7:3f:6d:03:b6:b2:71:68:46:a2:15:
8f:ae:ff:6f:59:b3:33:9b:e0:e4:41:3f:7f:4e:ac:0d:13:33:
1c:4f:9e:23:4f:e9:b8:3e:4f:9f:4b:bf:87:0e:0d:33:63:d1:
62:3f:64:9d:5e:65:a5:c0:bd:1e:22:3d:f2:78:78:7a:49:45:
09:e7:2c:87:89:be:2b:fa:f0:4f:49:e5:46:e0:26:81:11:0c:
a4:b4:12:1f:62:e4:00:e6:1c:54:8a:e1:ed:dd:98:35:30:3c:
88:0b:37:c7:5a:59:ac:0d:46:f2:88:8f:6e:d2:35:6e:fb:48:
dc:8a:b6:85:64:27:98:63:e3:fc:87:3b:b0:29:f3:9f:72:e3:
7f:d1:21:b2:d4:10:76:77:e6:9f:e8:59:4b:48:94:3f:9e:a1:
b6:be:1f:43:43:eb:78:96:39:00:fe:0a:43:94:d2:80:eb:76:
e7:f2:57:7c:f6:35:a6:d4:e3:8e:dd:92:e2:07:09:71:e8:db:
07:1b:8c:ad:a6:4b:a7:8c:dc:e6:52:a1:6f:2e:5d:da:8f:f9:
ea:9b:68:ad:92:4e:b9:ff:3e:c9:aa:36:7d:9a:c2:2b:f1:fa:
69:f7:17:50:eb:3a:5d:0e:79:cc:ca:92:54:ec:8c:13:51:79:
3d:6b:11:74
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICcb8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTY0OTQ2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViY2IyYS1lNTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6xQVuKI7CL0cDlk9xkp7scE3OMi11AZeZbR+rSCnv2Jd0KrpuM/0f5ZQhnYt
dvhKIXC1yqth961bUfvc/d1iig3AVcWbrhNupZ4HhfwhgD4qMjbj99zXBB/l7aG3
GLJtDf5LfwHshYSJzN+cbBwylghwj/6EAkdUDVXgJA9X8XvQqqUDGa0ipBD6vCbV
hXy9CJp6otndbVrV+67bHJ1bbQ7PXHQQMsbk/OKD5sPgu1tyYKbLP4x61sE+F3hX
HDepZzjYdsngcBivGTAXd1cwyqmBjkNEUycCxPmKhS5g3XjwF1D//7oQxAyt9y3S
s3q6ID95aQ51zcJMcKYHb9yBNQIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFAi0H9oi
v0AZ1CHWLnqme7Oo9IQhMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNUYxMDFFNzIz
QTAxMTFFQkFFNUFCRjI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMDwEAgABMDYDBAIr5zADBAItcVgDBAIte6ADBAJnH7wDBAJnNPQDBAJnVWAD
BAJn3BADBAJn+lQDBANzfCgwGgQCAAIwFDASAwcAJAeTAAABAwcAJAeTAAAEMA0G
CSqGSIb3DQEBCwUAA4IBAQBYec2jGDOA9z9tA7aycWhGohWPrv9vWbMzm+DkQT9/
TqwNEzMcT54jT+m4Pk+fS7+HDg0zY9FiP2SdXmWlwL0eIj3yeHh6SUUJ5yyHib4r
+vBPSeVG4CaBEQyktBIfYuQA5hxUiuHt3Zg1MDyICzfHWlmsDUbyiI9u0jVu+0jc
iraFZCeYY+P8hzuwKfOfcuN/0SGy1BB2d+af6FlLSJQ/nqG2vh9DQ+t4ljkA/gpD
lNKA63bn8ld89jWm1OOO3ZLiBwlx6NsHG4ytpkunjNzmUqFvLl3aj/nqm2itkk65
/z7JqjZ9msIr8fpp9xdQ6zpdDnnMypJU7IwTUXk9axF0
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:19:34 2024 by rpki-client on console-ams.rpki-client.org