Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D8C186002D1C11EEB4A60D3EC4F9AE02.roa
File: D8C186002D1C11EEB4A60D3EC4F9AE02.roa (raw, json)
Hash identifier: UvjWF78Iu3S6i0KVZeQgiPutwKap2aeGiqvKgU9huQI=
Subject key identifier: BF:3A:6B:B2:E9:77:5B:96:8F:FB:F3:9A:F4:95:B9:16:5F:56:EA:13
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 76F9
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D8C186002D1C11EEB4A60D3EC4F9AE02.roa
Signing time: Sat 05 Aug 2023 07:31:39 +0000
ROA not before: Sat 05 Aug 2023 07:31:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58898
IP address blocks: 45.116.112.0/22 maxlen: 24
103.25.44.0/22 maxlen: 24
103.69.8.0/22 maxlen: 24
103.91.84.0/23 maxlen: 24
103.93.104.0/22 maxlen: 24
103.116.232.0/23 maxlen: 24
103.127.170.0/24 maxlen: 24
103.137.148.0/24 maxlen: 24
103.143.214.0/24 maxlen: 24
103.148.134.0/23 maxlen: 24
103.151.114.0/24 maxlen: 24
103.153.22.0/24 maxlen: 24
103.157.228.0/23 maxlen: 23
103.157.228.0/24 maxlen: 24
103.157.229.0/24 maxlen: 24
103.159.136.0/24 maxlen: 24
103.159.180.0/24 maxlen: 24
103.160.171.0/24 maxlen: 24
103.170.160.0/24 maxlen: 24
103.175.108.0/23 maxlen: 24
103.176.124.0/23 maxlen: 24
103.225.124.0/22 maxlen: 24
163.53.204.0/22 maxlen: 24
2001:df2:a640::/48 maxlen: 48
2403:f680::/40 maxlen: 48
2403:f680:102::/48 maxlen: 48
2403:f680:103::/48 maxlen: 48
2403:f680:104::/48 maxlen: 48
2403:f680:105::/48 maxlen: 48
2403:f680:106::/48 maxlen: 48
2403:f680:107::/48 maxlen: 48
2403:f680:108::/48 maxlen: 48
2403:f680:112::/48 maxlen: 48
2403:f680:113::/48 maxlen: 48
2403:f680:114::/48 maxlen: 48
2403:f680:115::/48 maxlen: 48
2403:f680:116::/48 maxlen: 48
2403:f680:117::/48 maxlen: 48
2403:f680:118::/48 maxlen: 48
2403:f680:119::/48 maxlen: 48
2403:f680:120::/48 maxlen: 48
2403:f680:121::/48 maxlen: 48
2403:f680:122::/48 maxlen: 48
2403:f680:123::/48 maxlen: 48
2403:f680:124::/48 maxlen: 48
2403:f680:125::/48 maxlen: 48
2403:f680:126::/48 maxlen: 48
2403:f680:127::/48 maxlen: 48
2403:f680:128::/48 maxlen: 48
2403:f680:129::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30457 (0x76f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 5 07:31:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64cdfadb-2e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:47:ff:81:96:0b:da:7b:9b:55:47:e7:5e:28:
c4:bd:3d:89:63:7b:9c:b0:7a:af:61:e1:8a:16:ab:
96:ce:c3:08:ad:44:ea:ca:0d:24:94:d5:b5:3e:aa:
d9:cc:fa:27:1c:42:fc:9c:3d:de:f7:9a:fe:24:0d:
1b:df:55:f0:f0:f7:3a:eb:9a:1e:8a:50:bd:97:46:
a3:30:7e:c6:9d:f5:a2:05:a6:93:56:06:d3:ac:b7:
d8:d6:10:42:e5:fe:0b:04:77:c2:ee:a8:b1:3b:0b:
93:ef:9b:d1:2c:75:a4:1e:af:34:e5:70:dd:39:f0:
eb:4f:84:31:fe:a0:f2:31:da:ab:66:d5:a8:57:5b:
1a:8f:09:df:23:3b:8b:97:f0:21:3b:4e:cf:1e:fb:
bb:c0:52:18:ac:64:db:bb:d7:ec:3e:8d:78:d3:2d:
fd:83:18:50:ea:2d:24:69:e7:ef:1f:d6:3d:5a:c8:
b5:29:a3:03:dd:4e:89:18:b0:a5:3f:fd:e2:09:2d:
f4:be:12:d7:28:80:5b:4f:fc:16:e2:0e:6f:05:38:
bc:dc:28:fa:fc:63:34:ba:c0:f3:c7:51:01:2a:f4:
ad:cd:f0:9b:35:73:c3:67:cb:e7:b3:44:3a:ed:91:
65:d3:0e:9a:f1:35:fd:da:2a:ed:34:2e:41:2c:74:
19:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3A:6B:B2:E9:77:5B:96:8F:FB:F3:9A:F4:95:B9:16:5F:56:EA:13
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D8C186002D1C11EEB4A60D3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.116.112.0/22
103.25.44.0/22
103.69.8.0/22
103.91.84.0/23
103.93.104.0/22
103.116.232.0/23
103.127.170.0/24
103.137.148.0/24
103.143.214.0/24
103.148.134.0/23
103.151.114.0/24
103.153.22.0/24
103.157.228.0/23
103.159.136.0/24
103.159.180.0/24
103.160.171.0/24
103.170.160.0/24
103.175.108.0/23
103.176.124.0/23
103.225.124.0/22
163.53.204.0/22
IPv6:
2001:df2:a640::/48
2403:f680::/40
2403:f680:102::-2403:f680:108:ffff:ffff:ffff:ffff:ffff
2403:f680:112::-2403:f680:119:ffff:ffff:ffff:ffff:ffff
2403:f680:120::-2403:f680:129:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
95:e4:c7:ea:dd:4d:ae:bb:d2:f1:54:5c:a1:ec:64:5b:33:e2:
1d:d4:42:ac:67:4b:5e:f6:e1:68:fd:de:e1:69:a2:e9:46:10:
2d:d4:ee:77:f2:a0:b2:7a:46:8e:2f:31:89:f9:8e:b7:36:b2:
3b:fd:02:db:d2:93:08:83:09:02:38:7d:28:a2:48:a6:b9:80:
0a:15:ec:4e:41:3c:4d:3b:7c:c2:55:85:f4:41:57:68:4f:a3:
1a:fc:d2:90:c7:38:25:c5:45:f8:c3:cc:61:d9:4f:52:0c:21:
ca:cd:64:f4:6d:06:6f:7d:86:c5:05:11:92:d4:e2:8f:24:3a:
90:ad:66:30:c9:df:08:c3:24:8b:f8:ef:01:1d:d6:01:eb:6a:
61:84:1e:3d:25:dc:b3:12:95:6a:9f:7d:ec:d3:3b:8a:6f:2b:
af:45:e5:36:51:2a:80:2f:82:52:c5:c8:b5:47:aa:aa:c8:7b:
5b:e3:07:0a:54:af:1f:1b:9b:f3:d8:6c:ce:6a:58:8a:32:46:
a0:9b:60:15:94:45:99:b1:87:b0:83:e3:45:7e:40:58:40:03:
a4:1f:ea:eb:4c:b6:da:ae:01:82:e9:e6:1a:db:b3:2c:63:a9:
88:62:aa:fa:71:8c:29:f9:04:3f:2f:f8:fc:79:ed:89:54:49:
54:5b:af:7d
-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgICdvkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwODA1MDczMTM5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNkZmFkYi0yZTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6kf/gZYL2nubVUfnXijEvT2JY3ucsHqvYeGKFquWzsMIrUTqyg0klNW1PqrZ
zPonHEL8nD3e95r+JA0b31Xw8Pc665oeilC9l0ajMH7GnfWiBaaTVgbTrLfY1hBC
5f4LBHfC7qixOwuT75vRLHWkHq805XDdOfDrT4Qx/qDyMdqrZtWoV1sajwnfIzuL
l/AhO07PHvu7wFIYrGTbu9fsPo140y39gxhQ6i0kaefvH9Y9Wsi1KaMD3U6JGLCl
P/3iCS30vhLXKIBbT/wW4g5vBTi83Cj6/GM0usDzx1EBKvStzfCbNXPDZ8vns0Q6
7ZFl0w6a8TX92irtNC5BLHQZdwIDAQABo4IDZjCCA2IwHQYDVR0OBBYEFL86a7Lp
d1uWj/vzmvSVuRZfVuoTMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRDhDMTg2MDAy
RDFDMTFFRUI0QTYwRDNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwge8GCCsGAQUFBwEHAQH/
BIHfMIHcMIGEBAIAATB+AwQCLXRwAwQCZxksAwQCZ0UIAwQBZ1tUAwQCZ11oAwQB
Z3ToAwQAZ3+qAwQAZ4mUAwQAZ4/WAwQBZ5SGAwQAZ5dyAwQAZ5kWAwQBZ53kAwQA
Z5+IAwQAZ5+0AwQAZ6CrAwQAZ6qgAwQBZ69sAwQBZ7B8AwQCZ+F8AwQCozXMMFME
AgACME0DBwAgAQ3ypkADBgAkA/aAADASAwcBJAP2gAECAwcAJAP2gAEIMBIDBwEk
A/aAARIDBwEkA/aAARgwEgMHBSQD9oABIAMHASQD9oABKDANBgkqhkiG9w0BAQsF
AAOCAQEAleTH6t1NrrvS8VRcoexkWzPiHdRCrGdLXvbhaP3e4Wmi6UYQLdTud/Kg
snpGji8xifmOtzayO/0C29KTCIMJAjh9KKJIprmAChXsTkE8TTt8wlWF9EFXaE+j
GvzSkMc4JcVF+MPMYdlPUgwhys1k9G0Gb32GxQURktTijyQ6kK1mMMnfCMMki/jv
AR3WAetqYYQePSXcsxKVap997NM7im8rr0XlNlEqgC+CUsXItUeqqsh7W+MHClSv
Hxub89hszmpYijJGoJtgFZRFmbGHsIPjRX5AWEADpB/q60y22q4BgunmGtuzLGOp
iGKq+nGMKfkEPy/4/HntiVRJVFuvfQ==
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:19:47 2024 by rpki-client on console-ams.rpki-client.org