Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7354642E8A8B11ED942E6F74C4F9AE02.roa
File: 7354642E8A8B11ED942E6F74C4F9AE02.roa (raw, json)
Hash identifier: XC7Vrgf0UFAtfpwdhTWat+pxUJU9YU4cGM2cjsRsUT0=
Subject key identifier: 44:CC:3F:B3:30:4E:E6:25:83:23:BD:3D:85:0F:6C:5F:BE:28:83:41
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8335
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7354642E8A8B11ED942E6F74C4F9AE02.roa
Signing time: Tue 20 Feb 2024 04:38:56 +0000
ROA not before: Tue 20 Feb 2024 04:38:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58965
IP address blocks: 43.225.192.0/24 maxlen: 24
43.225.193.0/24 maxlen: 24
43.225.194.0/24 maxlen: 24
43.225.195.0/24 maxlen: 24
103.70.162.0/24 maxlen: 24
103.70.163.0/24 maxlen: 24
103.74.144.0/22 maxlen: 24
103.77.40.0/24 maxlen: 24
103.77.41.0/24 maxlen: 24
103.77.42.0/24 maxlen: 24
103.77.43.0/24 maxlen: 24
103.83.144.0/22 maxlen: 22
103.83.144.0/24 maxlen: 24
103.83.145.0/24 maxlen: 24
103.83.146.0/24 maxlen: 24
103.83.147.0/24 maxlen: 24
103.83.220.0/22 maxlen: 22
103.83.220.0/24 maxlen: 24
103.83.221.0/24 maxlen: 24
103.83.222.0/24 maxlen: 24
103.83.223.0/24 maxlen: 24
103.110.16.0/22 maxlen: 24
103.125.128.0/24 maxlen: 24
103.125.129.0/24 maxlen: 24
103.125.130.0/24 maxlen: 24
103.125.131.0/24 maxlen: 24
103.129.194.0/24 maxlen: 24
103.134.114.0/24 maxlen: 24
103.134.115.0/24 maxlen: 24
103.141.90.0/23 maxlen: 24
103.157.52.0/23 maxlen: 24
103.161.198.0/24 maxlen: 24
103.163.144.0/23 maxlen: 24
103.164.46.0/24 maxlen: 24
103.164.47.0/24 maxlen: 24
103.165.28.0/23 maxlen: 24
103.180.42.0/23 maxlen: 24
103.233.116.0/24 maxlen: 24
103.233.117.0/24 maxlen: 24
103.233.118.0/24 maxlen: 24
103.233.119.0/24 maxlen: 24
103.243.7.0/24 maxlen: 24
103.254.204.0/23 maxlen: 24
2001:df0:4940::/48 maxlen: 48
2001:df3:69c0::/48 maxlen: 48
2001:df7:2b00::/48 maxlen: 48
2407:45c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33589 (0x8335)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 20 04:38:56 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65d42cdf-a1c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:16:f2:92:ed:03:6f:6a:d7:0d:a1:b2:8b:b8:
8b:9d:10:45:4f:c6:61:7c:79:e9:07:c0:9c:06:af:
fe:60:2a:04:92:78:a4:44:e2:90:21:0a:31:7b:40:
a3:09:fe:2b:2b:43:b3:15:39:ab:e7:71:09:ba:64:
d1:08:10:7a:b5:7f:40:9e:ae:ab:6c:53:86:d1:81:
f6:e0:84:38:c1:b1:b7:d9:22:0f:b0:b7:cf:23:ff:
0b:74:fd:72:f8:d4:23:21:3d:78:a7:5c:1b:ee:f4:
85:07:26:f6:2f:6d:52:e9:eb:8c:fa:d6:ca:b0:02:
b8:18:e3:05:68:46:97:77:0e:25:74:48:d9:ee:29:
24:ea:7f:6d:74:3e:fe:2c:54:b0:50:72:f3:11:64:
74:1f:0f:6f:ee:b0:d6:82:5d:76:6f:99:f5:ee:df:
8f:52:50:df:89:0c:23:8e:cf:a0:6c:e2:b0:ee:94:
9f:06:bd:aa:c4:61:7f:07:97:bf:7c:cd:17:1e:92:
6c:7a:77:1a:b7:95:5b:36:d0:9c:05:2c:98:33:87:
b7:0c:97:c8:e2:99:ab:7b:9b:08:4d:49:d7:42:bc:
7c:c9:03:a7:58:af:91:25:2d:03:60:6a:3d:db:cd:
37:59:f8:ef:bd:49:e7:e7:2e:57:54:94:9b:f8:b4:
d4:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:CC:3F:B3:30:4E:E6:25:83:23:BD:3D:85:0F:6C:5F:BE:28:83:41
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7354642E8A8B11ED942E6F74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.192.0/22
103.70.162.0/23
103.74.144.0/22
103.77.40.0/22
103.83.144.0/22
103.83.220.0/22
103.110.16.0/22
103.125.128.0/22
103.129.194.0/24
103.134.114.0/23
103.141.90.0/23
103.157.52.0/23
103.161.198.0/24
103.163.144.0/23
103.164.46.0/23
103.165.28.0/23
103.180.42.0/23
103.233.116.0/22
103.243.7.0/24
103.254.204.0/23
IPv6:
2001:df0:4940::/48
2001:df3:69c0::/48
2001:df7:2b00::/48
2407:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
a1:84:a1:ab:b8:c4:5c:e8:ab:5e:eb:01:d6:10:22:a1:5f:d3:
41:e2:2e:69:fb:0b:01:7a:73:d7:f0:3c:5f:d3:b7:99:6f:f5:
52:a6:ec:b1:3c:f2:8f:83:ef:f6:20:3d:bc:5d:fa:88:d5:61:
54:98:85:30:ea:5d:a6:eb:fe:02:87:9c:2c:c7:e9:d9:b1:ef:
79:ee:a9:20:a3:96:60:05:b2:22:7b:42:09:8d:aa:db:72:9c:
df:1a:7a:8f:4a:bf:1e:4a:b1:61:e4:42:aa:ef:90:b5:9d:d8:
10:b0:dc:7c:66:bc:cd:26:10:e1:45:5c:72:f5:47:b7:4e:76:
48:94:7a:cc:ec:8f:05:a6:81:8c:dc:23:b3:d5:3d:7a:ca:5d:
3e:29:74:52:09:60:ac:c3:cb:dd:d0:13:0d:1d:a1:68:1c:32:
e3:ff:c8:7c:3b:46:02:ff:38:2a:d1:47:38:f9:3b:13:bf:ae:
1c:28:a8:1f:ec:34:3a:a0:50:9a:2a:d9:bb:69:91:69:ca:f5:
81:ef:18:18:2a:6d:bc:2c:64:79:9a:2c:e7:21:0c:7f:06:a2:
4e:1e:47:2b:ce:53:d9:02:f6:ad:d0:88:b6:5e:88:33:17:b0:
45:44:19:d5:93:b0:59:5a:e0:3e:71:ff:d0:a4:5d:5f:d6:c2:
11:dd:f0:42
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgIDAIM1MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDIyMDA0Mzg1NloXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjVkNDJjZGYtYTFjODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMW8pLtA29q1w2hsou4i50QRU/GYXx56QfAnAav/mAqBJJ4pETikCEKMXtA
own+KytDsxU5q+dxCbpk0QgQerV/QJ6uq2xThtGB9uCEOMGxt9kiD7C3zyP/C3T9
cvjUIyE9eKdcG+70hQcm9i9tUunrjPrWyrACuBjjBWhGl3cOJXRI2e4pJOp/bXQ+
/ixUsFBy8xFkdB8Pb+6w1oJddm+Z9e7fj1JQ34kMI47PoGzisO6Unwa9qsRhfweX
v3zNFx6SbHp3GreVWzbQnAUsmDOHtwyXyOKZq3ubCE1J10K8fMkDp1ivkSUtA2Bq
PdvNN1n4771J5+cuV1SUm/i01MMCAwEAAaOCAzQwggMwMB0GA1UdDgQWBBREzD+z
ME7mJYMjvT2FD2xfviiDQTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzczNTQ2NDJF
OEE4QjExRUQ5NDJFNkY3NEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIG9BggrBgEFBQcBBwEB
/wSBrTCBqjB+BAIAATB4AwQCK+HAAwQBZ0aiAwQCZ0qQAwQCZ00oAwQCZ1OQAwQC
Z1PcAwQCZ24QAwQCZ32AAwQAZ4HCAwQBZ4ZyAwQBZ41aAwQBZ500AwQAZ6HGAwQB
Z6OQAwQBZ6QuAwQBZ6UcAwQBZ7QqAwQCZ+l0AwQAZ/MHAwQBZ/7MMCgEAgACMCID
BwAgAQ3wSUADBwAgAQ3zacADBwAgAQ33KwADBQAkB0XAMA0GCSqGSIb3DQEBCwUA
A4IBAQChhKGruMRc6Kte6wHWECKhX9NB4i5p+wsBenPX8Dxf07eZb/VSpuyxPPKP
g+/2ID28XfqI1WFUmIUw6l2m6/4Ch5wsx+nZse957qkgo5ZgBbIie0IJjarbcpzf
GnqPSr8eSrFh5EKq75C1ndgQsNx8ZrzNJhDhRVxy9Ue3TnZIlHrM7I8FpoGM3COz
1T16yl0+KXRSCWCsw8vd0BMNHaFoHDLj/8h8O0YC/zgq0Uc4+TsTv64cKKgf7DQ6
oFCaKtm7aZFpyvWB7xgYKm28LGR5miznIQx/BqJOHkcrzlPZAvat0Ii2XogzF7BF
RBnVk7BZWuA+cf/QpF1f1sIR3fBC
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:19:37 2024 by rpki-client on console-ams.rpki-client.org