Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EF91B17CBD0111EAAA712152C4F9AE02.roa
File: EF91B17CBD0111EAAA712152C4F9AE02.roa (raw, json)
Hash identifier: MTrIwJ5Onyf0e31u7Jcfpyw5P/eqYDnXKbu4nLemZFM=
Subject key identifier: 40:AA:CE:60:D1:28:A0:0D:38:B3:19:DD:9B:04:9B:FD:9C:C5:0D:67
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 715A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EF91B17CBD0111EAAA712152C4F9AE02.roa
Signing time: Wed 10 May 2023 16:47:49 +0000
ROA not before: Wed 10 May 2023 16:47:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18207
IP address blocks: 103.170.42.0/23 maxlen: 24
203.88.128.0/24 maxlen: 24
203.88.129.0/24 maxlen: 24
203.88.130.0/24 maxlen: 24
203.88.131.0/24 maxlen: 24
203.88.133.0/24 maxlen: 24
203.88.135.0/24 maxlen: 24
203.88.137.0/24 maxlen: 24
203.88.138.0/24 maxlen: 24
203.88.139.0/24 maxlen: 24
203.88.140.0/24 maxlen: 24
203.88.141.0/24 maxlen: 24
203.88.142.0/24 maxlen: 24
203.88.143.0/24 maxlen: 24
203.88.144.0/24 maxlen: 24
203.88.145.0/24 maxlen: 24
203.88.147.0/24 maxlen: 24
203.88.148.0/24 maxlen: 24
203.88.149.0/24 maxlen: 24
203.88.154.0/24 maxlen: 24
203.88.155.0/24 maxlen: 24
203.88.156.0/24 maxlen: 24
203.88.157.0/24 maxlen: 24
203.88.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29018 (0x715a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:47:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bcab5-4c22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:11:a4:88:35:af:a1:b3:18:67:ce:75:2f:3f:
49:90:e4:3c:bc:75:d6:06:06:88:23:24:00:a3:3f:
e3:9c:74:17:82:68:8b:8e:94:25:54:48:78:b5:46:
0e:69:35:48:98:88:83:02:28:9e:bb:cf:64:3f:85:
07:af:10:7d:48:57:b0:eb:79:7e:f0:5f:54:f6:1e:
30:47:46:56:3e:75:51:2c:4a:b4:28:4e:18:ae:f9:
29:6f:08:03:e6:c5:a1:ab:ab:b4:a2:01:58:9e:69:
5f:43:60:71:6b:1f:c7:cc:d7:50:43:e3:30:6b:8a:
28:9b:b4:ce:20:e9:30:ff:f0:26:62:97:7c:e2:44:
03:7b:66:f0:fb:d7:55:27:9f:6e:aa:89:e1:8c:8a:
16:c2:12:3a:ac:9c:d0:62:58:4f:51:7a:12:e3:fe:
79:7e:b8:25:ed:db:fe:03:31:fc:51:90:2b:3e:17:
fc:00:d0:ea:1e:6c:5f:c6:16:9b:9d:5b:fa:d9:a7:
cb:7a:db:16:0d:dd:88:29:19:24:2a:a0:57:6b:15:
d2:25:89:9e:60:3b:b0:03:4d:d1:9a:b2:6b:60:32:
27:24:89:94:4b:39:44:9d:6b:8e:10:8a:a3:d1:3a:
b1:4b:96:b4:69:0b:60:a6:23:0f:0f:60:b1:81:c9:
77:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:AA:CE:60:D1:28:A0:0D:38:B3:19:DD:9B:04:9B:FD:9C:C5:0D:67
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/EF91B17CBD0111EAAA712152C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.170.42.0/23
203.88.128.0/22
203.88.133.0/24
203.88.135.0/24
203.88.137.0-203.88.145.255
203.88.147.0-203.88.149.255
203.88.154.0-203.88.158.255
Signature Algorithm: sha256WithRSAEncryption
22:00:6d:bc:9f:a5:8c:04:ac:2c:92:36:ba:19:dc:45:d0:72:
71:6d:f5:61:3e:d3:51:ef:61:79:72:64:78:0d:c4:9d:1f:71:
c1:44:80:a4:60:15:7d:1e:dd:a3:1d:38:2e:03:41:2b:e7:4e:
2d:6c:fd:f4:0b:96:0a:90:35:f1:cf:ad:18:09:9a:45:65:67:
b1:63:6e:5a:70:11:1a:44:d7:72:f0:c2:64:27:1e:31:40:e0:
d9:fa:0b:38:4a:27:90:94:0d:f4:6a:f7:13:29:c5:c4:7f:64:
f6:de:71:92:74:59:f8:12:46:f8:81:b7:42:c9:0b:20:0a:0e:
d4:b4:b1:01:c2:d0:a9:81:56:be:17:5c:29:29:72:80:4e:10:
42:9e:21:5c:7d:90:b8:e5:ac:20:96:a1:25:82:79:18:07:a3:
d4:48:0d:61:87:96:5c:71:f9:f9:2c:32:bf:d9:35:1b:e7:43:
23:17:82:a3:20:9d:ab:6d:aa:8a:9c:d8:b9:07:06:6b:35:f0:
77:56:b6:c0:b7:61:42:3d:1e:7b:24:f4:32:c4:72:00:18:f7:
90:cf:c2:64:75:0c:f2:7f:85:6e:d5:65:d3:fa:27:08:3a:35:
f9:91:d7:f8:db:6b:02:29:5b:e6:6a:4a:b3:36:b7:ac:25:7e:
ba:8b:fd:80
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgICcVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTY0NzQ5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViY2FiNS00YzIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwxGkiDWvobMYZ851Lz9JkOQ8vHXWBgaIIyQAoz/jnHQXgmiLjpQlVEh4tUYO
aTVImIiDAiieu89kP4UHrxB9SFew63l+8F9U9h4wR0ZWPnVRLEq0KE4YrvkpbwgD
5sWhq6u0ogFYnmlfQ2Bxax/HzNdQQ+Mwa4oom7TOIOkw//AmYpd84kQDe2bw+9dV
J59uqonhjIoWwhI6rJzQYlhPUXoS4/55frgl7dv+AzH8UZArPhf8ANDqHmxfxhab
nVv62afLetsWDd2IKRkkKqBXaxXSJYmeYDuwA03RmrJrYDInJImUSzlEnWuOEIqj
0TqxS5a0aQtgpiMPD2Cxgcl3BwIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFECqzmDR
KKANOLMZ3ZsEm/2cxQ1nMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRUY5MUIxN0NC
RDAxMTFFQUFBNzEyMTUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWwYIKwYBBQUHAQcBAf8E
TDBKMEgEAgABMEIDBAFnqioDBALLWIADBADLWIUDBADLWIcwDAMEAMtYiQMEActY
kDAMAwQAy1iTAwQBy1iUMAwDBAHLWJoDBADLWJ4wDQYJKoZIhvcNAQELBQADggEB
ACIAbbyfpYwErCySNroZ3EXQcnFt9WE+01HvYXlyZHgNxJ0fccFEgKRgFX0e3aMd
OC4DQSvnTi1s/fQLlgqQNfHPrRgJmkVlZ7FjblpwERpE13LwwmQnHjFA4Nn6CzhK
J5CUDfRq9xMpxcR/ZPbecZJ0WfgSRviBt0LJCyAKDtS0sQHC0KmBVr4XXCkpcoBO
EEKeIVx9kLjlrCCWoSWCeRgHo9RIDWGHllxx+fksMr/ZNRvnQyMXgqMgnattqoqc
2LkHBms18HdWtsC3YUI9Hnsk9DLEcgAY95DPwmR1DPJ/hW7VZdP6Jwg6NfmR1/jb
awIpW+ZqSrM2t6wlfrqL/YA=
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:19:50 2024 by rpki-client on console-ams.rpki-client.org