Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D7F5D8EA7D2E11EE8E6BE309C4F9AE02.roa
File: D7F5D8EA7D2E11EE8E6BE309C4F9AE02.roa (raw, json)
Hash identifier: TNN+jKz+JY3XKN4pnAZi3y7/YPCNiNoXlDUcCWLju08=
Subject key identifier: 57:9C:1C:82:EF:7F:27:44:63:2B:7D:B4:43:DC:3B:14:68:AC:49:95
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7DCA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D7F5D8EA7D2E11EE8E6BE309C4F9AE02.roa
Signing time: Wed 15 Nov 2023 08:29:15 +0000
ROA not before: Wed 15 Nov 2023 08:29:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 43.255.56.0/22 maxlen: 22
43.255.56.0/24 maxlen: 24
43.255.57.0/24 maxlen: 24
43.255.58.0/24 maxlen: 24
43.255.59.0/24 maxlen: 24
45.125.252.0/22 maxlen: 22
45.125.252.0/24 maxlen: 24
45.125.253.0/24 maxlen: 24
45.125.254.0/24 maxlen: 24
45.125.255.0/24 maxlen: 24
103.18.156.0/22 maxlen: 22
103.18.156.0/24 maxlen: 24
103.18.157.0/24 maxlen: 24
103.18.158.0/24 maxlen: 24
103.18.159.0/24 maxlen: 24
103.110.248.0/24 maxlen: 24
103.110.249.0/24 maxlen: 24
103.110.250.0/24 maxlen: 24
103.114.65.0/24 maxlen: 24
103.114.66.0/24 maxlen: 24
103.114.67.0/24 maxlen: 24
103.118.8.0/22 maxlen: 22
103.118.8.0/24 maxlen: 24
103.118.9.0/24 maxlen: 24
103.118.10.0/24 maxlen: 24
103.118.11.0/24 maxlen: 24
103.170.36.0/23 maxlen: 24
103.170.38.0/23 maxlen: 24
103.179.94.0/23 maxlen: 24
103.179.96.0/23 maxlen: 24
103.180.212.0/23 maxlen: 24
103.180.214.0/23 maxlen: 24
103.180.236.0/23 maxlen: 24
103.180.238.0/23 maxlen: 24
103.181.150.0/23 maxlen: 24
103.181.152.0/23 maxlen: 24
103.194.116.0/22 maxlen: 22
103.194.116.0/24 maxlen: 24
103.194.117.0/24 maxlen: 24
103.194.118.0/24 maxlen: 24
103.194.119.0/24 maxlen: 24
103.199.184.0/22 maxlen: 22
103.199.184.0/24 maxlen: 24
103.199.185.0/24 maxlen: 24
103.199.186.0/24 maxlen: 24
103.199.187.0/24 maxlen: 24
103.212.132.0/22 maxlen: 22
103.212.132.0/24 maxlen: 24
103.212.133.0/24 maxlen: 24
103.212.134.0/24 maxlen: 24
103.212.135.0/24 maxlen: 24
103.217.80.0/22 maxlen: 22
103.217.80.0/24 maxlen: 24
103.217.81.0/24 maxlen: 24
103.217.82.0/24 maxlen: 24
103.217.83.0/24 maxlen: 24
103.225.180.0/22 maxlen: 22
103.225.180.0/24 maxlen: 24
103.225.181.0/24 maxlen: 24
103.225.182.0/24 maxlen: 24
103.225.183.0/24 maxlen: 24
103.229.208.0/22 maxlen: 22
103.229.208.0/24 maxlen: 24
103.229.209.0/24 maxlen: 24
103.229.210.0/24 maxlen: 24
103.229.211.0/24 maxlen: 24
103.230.52.0/22 maxlen: 22
103.230.52.0/24 maxlen: 24
103.230.53.0/24 maxlen: 24
103.230.54.0/24 maxlen: 24
103.230.55.0/24 maxlen: 24
103.241.132.0/22 maxlen: 22
103.241.132.0/24 maxlen: 24
103.241.133.0/24 maxlen: 24
103.241.134.0/24 maxlen: 24
103.241.135.0/24 maxlen: 24
103.252.40.0/22 maxlen: 22
103.252.40.0/24 maxlen: 24
103.252.41.0/24 maxlen: 24
103.252.42.0/24 maxlen: 24
103.252.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32202 (0x7dca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 15 08:29:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6554815b-39d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5e:51:21:62:04:22:f2:b1:a1:60:31:10:1b:
d7:ce:06:08:af:28:51:83:de:98:53:d4:81:91:ba:
93:81:08:6b:71:7e:db:71:ca:5f:6a:91:4b:8d:8f:
6c:d3:a5:7b:2f:8d:ef:9d:14:ea:f9:eb:fd:5b:9e:
0f:f4:32:4e:c4:e7:6f:88:0e:47:9f:48:6a:9a:9c:
82:f2:a5:f9:9d:84:47:8b:f8:38:43:75:6f:b2:82:
e6:e8:5f:ce:f4:7a:1e:7a:c1:1a:fb:e3:75:4c:38:
80:47:f3:da:e7:6c:cb:57:51:a0:3c:4a:cd:37:72:
97:db:58:06:5b:ff:82:93:ee:85:91:23:a5:a0:ba:
f8:13:77:c9:c0:06:3d:b6:27:55:06:5c:71:1f:94:
2d:0d:4e:84:50:c3:94:17:58:e6:e3:5a:ff:9b:67:
01:03:3b:55:26:a3:12:22:6f:6c:8d:d4:fd:2e:98:
71:64:d9:c5:60:cb:ac:b8:e2:5e:5b:f1:0e:e8:28:
8e:19:63:00:a6:1c:34:d8:37:2f:b8:8e:ba:3b:45:
5e:5c:15:e9:6b:20:10:71:3e:e5:de:b2:3e:a8:50:
c1:5e:3e:6e:40:89:03:50:92:28:90:66:ba:26:62:
4f:a1:c4:09:d3:d5:88:11:00:b8:83:c6:00:e5:63:
28:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:9C:1C:82:EF:7F:27:44:63:2B:7D:B4:43:DC:3B:14:68:AC:49:95
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D7F5D8EA7D2E11EE8E6BE309C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.56.0/22
45.125.252.0/22
103.18.156.0/22
103.110.248.0-103.110.250.255
103.114.65.0-103.114.67.255
103.118.8.0/22
103.170.36.0/22
103.179.94.0-103.179.97.255
103.180.212.0/22
103.180.236.0/22
103.181.150.0-103.181.153.255
103.194.116.0/22
103.199.184.0/22
103.212.132.0/22
103.217.80.0/22
103.225.180.0/22
103.229.208.0/22
103.230.52.0/22
103.241.132.0/22
103.252.40.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:5b:2f:27:95:77:b5:62:9e:19:08:b7:7d:6a:8e:bc:3d:79:
a5:b7:c1:cb:af:e1:9b:e6:42:ba:14:ee:89:4c:9f:d0:17:9d:
49:38:d6:9e:d9:08:e1:04:54:87:31:b7:b3:4b:62:32:e6:8b:
4b:ab:d3:3b:2d:4e:21:69:68:dd:8d:36:23:58:ba:29:98:a1:
8b:fd:29:48:d5:ac:bf:6f:b6:3d:23:99:a1:6b:91:43:7d:06:
f1:24:d0:e8:a2:1c:e8:c5:c7:84:e5:23:3b:d3:6f:46:80:24:
aa:24:41:34:23:92:0f:62:4f:ce:3c:99:26:51:35:7f:6a:60:
b1:42:c7:b7:18:fd:f2:73:52:2e:51:19:9a:b2:fe:f7:03:fa:
5d:f4:0e:5d:5a:a4:60:9e:78:54:f3:e2:02:e4:53:d3:02:57:
e4:87:9d:06:60:8e:eb:80:e2:88:64:62:82:e5:16:0f:56:d7:
c2:7c:49:ca:ce:99:56:c1:72:83:3c:e5:2e:c2:fc:ff:cd:9e:
86:a5:b4:01:1d:fa:62:ed:f9:d5:66:9e:b0:3f:1a:8b:bf:88:
9f:89:16:1f:61:19:c2:1d:ac:92:d2:08:65:51:04:aa:5e:34:
ed:16:33:95:71:33:a0:f0:99:4d:f2:3c:11:45:e2:66:04:d0:
fb:67:79:a0
-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgICfcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMTE1MDgyOTE1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU0ODE1Yi0zOWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwV5RIWIEIvKxoWAxEBvXzgYIryhRg96YU9SBkbqTgQhrcX7bccpfapFLjY9s
06V7L43vnRTq+ev9W54P9DJOxOdviA5Hn0hqmpyC8qX5nYRHi/g4Q3VvsoLm6F/O
9HoeesEa++N1TDiAR/Pa52zLV1GgPErNN3KX21gGW/+Ck+6FkSOloLr4E3fJwAY9
tidVBlxxH5QtDU6EUMOUF1jm41r/m2cBAztVJqMSIm9sjdT9LphxZNnFYMusuOJe
W/EO6CiOGWMAphw02DcvuI66O0VeXBXpayAQcT7l3rI+qFDBXj5uQIkDUJIokGa6
JmJPocQJ09WIEQC4g8YA5WMovwIDAQABo4IDLDCCAygwHQYDVR0OBBYEFFecHILv
fydEYyt9tEPcOxRorEmVMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRDdGNUQ4RUE3
RDJFMTFFRThFNkJFMzA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbUGCCsGAQUFBwEHAQH/
BIGlMIGiMIGfBAIAATCBmAMEAiv/OAMEAi19/AMEAmcSnDAMAwQDZ274AwQAZ276
MAwDBABnckEDBAJnckADBAJndggDBAJnqiQwDAMEAWezXgMEAWezYAMEAme01AME
Ame07DAMAwQBZ7WWAwQBZ7WYAwQCZ8J0AwQCZ8e4AwQCZ9SEAwQCZ9lQAwQCZ+G0
AwQCZ+XQAwQCZ+Y0AwQCZ/GEAwQCZ/woMA0GCSqGSIb3DQEBCwUAA4IBAQCgWy8n
lXe1Yp4ZCLd9ao68PXmlt8HLr+Gb5kK6FO6JTJ/QF51JONae2QjhBFSHMbezS2Iy
5otLq9M7LU4haWjdjTYjWLopmKGL/SlI1ay/b7Y9I5mha5FDfQbxJNDoohzoxceE
5SM7029GgCSqJEE0I5IPYk/OPJkmUTV/amCxQse3GP3yc1IuURmasv73A/pd9A5d
WqRgnnhU8+IC5FPTAlfkh50GYI7rgOKIZGKC5RYPVtfCfEnKzplWwXKDPOUuwvz/
zZ6GpbQBHfpi7fnVZp6wPxqLv4ifiRYfYRnCHayS0ghlUQSqXjTtFjOVcTOg8JlN
8jwRReJmBND7Z3mg
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:19:47 2024 by rpki-client on console-ams.rpki-client.org