Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A611E104C7B011ED88DCF11EC4F9AE02.roa
File: A611E104C7B011ED88DCF11EC4F9AE02.roa (raw, json)
Hash identifier: BI6QH/ARQ/0FNbFpmyR7ThyGx06aTEYnnEhZx4nxVYc=
Subject key identifier: 5F:AA:97:F9:E7:84:F2:94:09:50:CC:63:20:4E:EB:55:D7:EF:33:98
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7C16
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A611E104C7B011ED88DCF11EC4F9AE02.roa
Signing time: Tue 17 Oct 2023 06:54:40 +0000
ROA not before: Tue 17 Oct 2023 06:54:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 132770
IP address blocks: 43.227.20.0/22 maxlen: 24
43.228.72.0/22 maxlen: 24
43.241.24.0/22 maxlen: 24
45.119.57.0/24 maxlen: 24
45.119.58.0/24 maxlen: 24
45.119.59.0/24 maxlen: 24
45.252.72.0/22 maxlen: 24
103.59.104.0/24 maxlen: 24
103.81.36.0/22 maxlen: 24
103.93.240.0/24 maxlen: 24
103.93.241.0/24 maxlen: 24
103.93.242.0/24 maxlen: 24
103.93.243.0/24 maxlen: 24
103.94.56.0/22 maxlen: 23
103.94.57.0/24 maxlen: 24
103.94.59.0/24 maxlen: 24
103.126.68.0/22 maxlen: 24
103.178.206.0/24 maxlen: 24
103.178.207.0/24 maxlen: 24
103.184.86.0/24 maxlen: 24
103.184.87.0/24 maxlen: 24
103.204.36.0/22 maxlen: 24
103.211.60.0/24 maxlen: 24
103.211.61.0/24 maxlen: 24
103.211.62.0/24 maxlen: 24
103.211.63.0/24 maxlen: 24
103.221.72.0/22 maxlen: 24
103.239.84.0/22 maxlen: 24
103.241.80.0/22 maxlen: 24
103.243.112.0/22 maxlen: 24
103.249.240.0/22 maxlen: 24
103.251.208.0/22 maxlen: 24
103.254.52.0/22 maxlen: 24
150.129.128.0/22 maxlen: 24
150.129.156.0/22 maxlen: 24
163.53.200.0/22 maxlen: 24
202.136.68.0/22 maxlen: 24
2404:4980::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31766 (0x7c16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 17 06:54:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=652e2fb0-9e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:78:c2:1f:b7:d2:f5:19:4c:13:7c:7c:35:54:
60:92:0d:ba:d9:d7:22:8e:1d:30:29:67:e9:7b:68:
a3:1c:56:ca:a8:de:7a:e3:d3:28:3b:cb:4c:15:e4:
c0:d8:7c:85:b2:53:c9:51:df:04:76:29:ac:4b:0e:
14:ab:ea:a6:87:31:d8:cf:f4:43:4f:14:c4:de:8d:
45:76:6e:86:fe:02:b3:db:41:a4:62:a0:9b:80:b1:
4d:69:65:f7:b3:1e:16:0a:8b:be:2f:b7:0b:af:80:
da:4a:7c:a6:c3:14:16:57:f0:0c:1b:91:51:c9:36:
07:53:a6:18:db:c7:97:fb:9b:7e:82:af:5a:06:3b:
c2:e5:46:16:ae:15:1f:f5:f8:26:27:a3:be:ba:34:
37:62:ff:95:5a:86:19:ed:36:5e:7c:bd:7e:3b:27:
38:2a:56:1d:00:5c:aa:5d:77:06:98:be:65:1a:4c:
f6:aa:86:3d:b3:0d:17:40:c5:40:38:52:ad:d8:d1:
c0:71:93:7f:9c:38:50:9e:95:c3:54:f3:0c:b1:f9:
ea:66:e1:6b:ee:2f:2e:5b:15:92:15:71:d1:c8:a2:
11:1d:2e:cf:57:5b:ed:1a:db:5b:65:a7:69:f5:bb:
b5:d1:93:c0:96:29:ec:4b:fa:9a:83:4b:ae:7f:c6:
40:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:AA:97:F9:E7:84:F2:94:09:50:CC:63:20:4E:EB:55:D7:EF:33:98
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A611E104C7B011ED88DCF11EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.20.0/22
43.228.72.0/22
43.241.24.0/22
45.119.57.0-45.119.59.255
45.252.72.0/22
103.59.104.0/24
103.81.36.0/22
103.93.240.0/22
103.94.56.0/22
103.126.68.0/22
103.178.206.0/23
103.184.86.0/23
103.204.36.0/22
103.211.60.0/22
103.221.72.0/22
103.239.84.0/22
103.241.80.0/22
103.243.112.0/22
103.249.240.0/22
103.251.208.0/22
103.254.52.0/22
150.129.128.0/22
150.129.156.0/22
163.53.200.0/22
202.136.68.0/22
IPv6:
2404:4980::/32
Signature Algorithm: sha256WithRSAEncryption
98:bd:1f:4e:bc:7f:61:e0:ac:3f:a0:70:66:a0:36:62:7c:5e:
37:76:5e:a6:3d:27:d7:f6:c8:7c:1a:d3:dd:aa:36:a5:00:d8:
4f:5f:be:2a:f2:00:75:66:a2:78:89:b9:e4:49:0c:ef:4a:e6:
2d:40:3b:f8:cd:6b:88:eb:f6:2a:0f:26:42:a3:87:05:21:c9:
bb:40:90:3f:3c:86:16:9f:72:36:e7:7f:99:de:eb:3a:d6:0d:
30:15:3e:37:17:6b:14:f0:74:45:27:f5:12:da:83:43:d2:85:
8a:ae:9a:c8:02:90:fc:8f:6c:db:b4:77:d1:55:4d:41:23:7b:
2e:51:71:c3:3e:ba:89:1e:a3:24:28:74:17:98:94:54:28:89:
5d:12:f3:82:da:36:c8:bc:55:65:29:8a:64:d8:8b:e2:03:5d:
e6:db:86:c5:29:f4:fc:50:02:bb:a8:37:34:eb:c3:e1:d8:e4:
bd:79:f9:78:4b:ac:1e:c8:da:b8:0c:ce:94:8b:0e:c7:e4:51:
ce:8c:f6:63:ea:61:75:9b:7e:ef:42:08:0b:9a:dd:bf:61:76:
c9:c5:02:c7:4e:b5:8f:06:1d:5a:6b:4f:bc:67:a9:6c:ab:1b:
42:16:1b:ea:d4:9b:ec:12:07:b7:88:bf:9c:e0:da:87:3b:fc:
ab:76:69:e5
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgICfBYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMDE3MDY1NDQwWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTJlMmZiMC05ZTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArHjCH7fS9RlME3x8NVRgkg262dcijh0wKWfpe2ijHFbKqN5649MoO8tMFeTA
2HyFslPJUd8EdimsSw4Uq+qmhzHYz/RDTxTE3o1Fdm6G/gKz20GkYqCbgLFNaWX3
sx4WCou+L7cLr4DaSnymwxQWV/AMG5FRyTYHU6YY28eX+5t+gq9aBjvC5UYWrhUf
9fgmJ6O+ujQ3Yv+VWoYZ7TZefL1+Oyc4KlYdAFyqXXcGmL5lGkz2qoY9sw0XQMVA
OFKt2NHAcZN/nDhQnpXDVPMMsfnqZuFr7i8uWxWSFXHRyKIRHS7PV1vtGttbZadp
9bu10ZPAlinsS/qag0uuf8ZAsQIDAQABo4IDQTCCAz0wHQYDVR0OBBYEFF+ql/nn
hPKUCVDMYyBO61XX7zOYMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQTYxMUUxMDRD
N0IwMTFFRDg4RENGMTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgcoGCCsGAQUFBwEHAQH/
BIG6MIG3MIGlBAIAATCBngMEAivjFAMEAivkSAMEAivxGDAMAwQALXc5AwQCLXc4
AwQCLfxIAwQAZztoAwQCZ1EkAwQCZ13wAwQCZ144AwQCZ35EAwQBZ7LOAwQBZ7hW
AwQCZ8wkAwQCZ9M8AwQCZ91IAwQCZ+9UAwQCZ/FQAwQCZ/NwAwQCZ/nwAwQCZ/vQ
AwQCZ/40AwQCloGAAwQCloGcAwQCozXIAwQCyohEMA0EAgACMAcDBQAkBEmAMA0G
CSqGSIb3DQEBCwUAA4IBAQCYvR9OvH9h4Kw/oHBmoDZifF43dl6mPSfX9sh8GtPd
qjalANhPX74q8gB1ZqJ4ibnkSQzvSuYtQDv4zWuI6/YqDyZCo4cFIcm7QJA/PIYW
n3I253+Z3us61g0wFT43F2sU8HRFJ/US2oND0oWKrprIApD8j2zbtHfRVU1BI3su
UXHDPrqJHqMkKHQXmJRUKIldEvOC2jbIvFVlKYpk2IviA13m24bFKfT8UAK7qDc0
68Ph2OS9efl4S6weyNq4DM6Uiw7H5FHOjPZj6mF1m37vQggLmt2/YXbJxQLHTrWP
Bh1aa0+8Z6lsqxtCFhvq1JvsEge3iL+c4NqHO/yrdmnl
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:19:41 2024 by rpki-client on console-ams.rpki-client.org