Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/73462B74643C11EB9E7DF918C4F9AE02.roa
File: 73462B74643C11EB9E7DF918C4F9AE02.roa (raw, json)
Hash identifier: Y9VWafh22KU7OnWVXkmUJUXKGTh789Edf5KDIHOIQCk=
Subject key identifier: F0:80:F0:90:85:99:EC:69:F0:FC:BB:53:43:D9:55:20:1D:11:10:62
Certificate issuer: /CN=A919819A/serialNumber=358399C736EF055D5D592CAB19016FE3816F6608
Certificate serial: 333E
Authority key identifier: 35:83:99:C7:36:EF:05:5D:5D:59:2C:AB:19:01:6F:E3:81:6F:66:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYOZxzbvBV1dWSyrGQFv44FvZgg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/73462B74643C11EB9E7DF918C4F9AE02.roa
Signing time: Tue 04 Jul 2023 15:20:41 +0000
ROA not before: Tue 04 Jul 2023 15:20:41 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 45780
IP address blocks: 103.23.0.0/22 maxlen: 24
110.173.232.0/22 maxlen: 22
110.173.232.0/23 maxlen: 24
110.173.234.0/23 maxlen: 23
110.173.235.0/24 maxlen: 24
110.173.236.0/22 maxlen: 24
111.118.216.0/24 maxlen: 24
111.118.217.0/24 maxlen: 24
111.118.218.0/24 maxlen: 24
111.118.219.0/24 maxlen: 24
119.17.32.0/19 maxlen: 24
123.254.112.0/20 maxlen: 24
163.47.52.0/22 maxlen: 23
175.103.16.0/20 maxlen: 20
175.103.16.0/23 maxlen: 23
175.103.18.0/24 maxlen: 24
175.103.19.0/24 maxlen: 24
175.103.20.0/24 maxlen: 24
175.103.21.0/24 maxlen: 24
175.103.22.0/24 maxlen: 24
175.103.23.0/24 maxlen: 24
175.103.24.0/23 maxlen: 23
175.103.26.0/23 maxlen: 23
175.103.28.0/22 maxlen: 24
2404:fa00::/36 maxlen: 36
2404:fa00::/40 maxlen: 40
2404:fa00:1000::/36 maxlen: 36
2404:fa00:2000::/36 maxlen: 36
2404:fa00:5000::/36 maxlen: 36
2404:fa00:d000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/NYOZxzbvBV1dWSyrGQFv44FvZgg.crl
rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/NYOZxzbvBV1dWSyrGQFv44FvZgg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYOZxzbvBV1dWSyrGQFv44FvZgg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 15:11:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13118 (0x333e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919819A/serialNumber=358399C736EF055D5D592CAB19016FE3816F6608
Validity
Not Before: Jul 4 15:20:41 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64a438c9-0808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:31:33:87:b2:ad:f9:05:44:53:a3:76:e3:f9:
a3:c0:29:d8:16:4e:f2:78:a7:8c:4b:81:af:94:63:
9a:21:e4:47:77:91:1c:15:6b:59:fd:ef:98:94:a2:
50:ab:c3:3b:6d:7b:c5:cf:40:47:09:64:b0:ac:e2:
65:33:49:28:7c:97:0b:b3:78:6e:4e:23:75:97:1d:
a2:8c:fa:38:8b:84:e6:13:8b:bb:4b:38:87:ab:5d:
00:9a:a0:e0:32:1a:b0:ae:8f:13:ba:e5:e1:fb:c6:
7b:db:aa:bb:f5:c1:3a:cf:8b:47:8e:59:a6:fe:2a:
91:30:6f:eb:ba:f9:cd:2a:ce:b6:f9:85:f6:bb:7c:
e6:95:83:7f:07:71:4e:c2:87:e2:d5:bc:c0:f6:b5:
1b:cc:bf:be:20:69:ad:a2:0f:90:56:de:6c:27:57:
f7:e8:6f:f6:a4:d2:45:69:63:12:a9:b5:44:d2:4e:
c9:ac:66:df:a2:f8:43:68:7b:19:79:8f:03:fd:cc:
78:78:a3:a8:22:11:0f:fd:ea:4f:d1:af:38:5d:4a:
27:b6:38:74:e6:95:0e:64:c1:95:93:f8:34:b4:04:
54:db:62:11:da:ca:14:2d:5d:74:a1:12:6f:fc:ad:
fb:bd:70:29:12:2a:f3:8e:0f:6b:00:57:e7:43:a7:
b3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:80:F0:90:85:99:EC:69:F0:FC:BB:53:43:D9:55:20:1D:11:10:62
X509v3 Authority Key Identifier:
keyid:35:83:99:C7:36:EF:05:5D:5D:59:2C:AB:19:01:6F:E3:81:6F:66:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/NYOZxzbvBV1dWSyrGQFv44FvZgg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYOZxzbvBV1dWSyrGQFv44FvZgg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919819A/63EA20921D9E11E2ADB73F8E08B02CD2/73462B74643C11EB9E7DF918C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.0.0/22
110.173.232.0/21
111.118.216.0/22
119.17.32.0/19
123.254.112.0/20
163.47.52.0/22
175.103.16.0/20
IPv6:
2404:fa00::-2404:fa00:2fff:ffff:ffff:ffff:ffff:ffff
2404:fa00:5000::/36
2404:fa00:d000::/36
Signature Algorithm: sha256WithRSAEncryption
b7:77:2f:e4:c5:dc:da:6d:2b:16:7c:c4:a0:d2:47:b1:46:25:
5e:9f:d5:b4:3d:e0:b2:4b:e6:87:19:94:db:20:cc:30:68:6a:
7b:57:32:e2:93:aa:93:70:83:2a:84:73:b2:7c:3b:6e:7c:60:
d0:ae:db:24:d6:75:fa:e5:88:84:ab:cb:11:d8:3a:de:cb:6b:
de:1b:ad:49:b3:5f:2f:83:68:52:e7:ba:83:3a:ee:b2:b1:23:
20:c1:5b:19:56:57:25:14:9b:7a:fd:cf:a4:52:3a:75:eb:97:
49:96:68:38:c1:02:36:46:6a:86:cc:e6:a4:ae:cd:47:01:09:
a6:85:e9:6c:38:8b:51:6f:bd:e3:d1:60:65:b4:51:cd:42:dc:
d2:af:32:97:ee:4a:68:39:3a:b6:d6:33:33:63:0a:e6:a3:93:
86:ad:ab:f6:1f:0a:79:e1:9b:d3:42:49:bc:a1:a6:48:9c:18:
d0:9e:94:a8:1a:cd:fc:0c:28:3b:5a:ff:3c:09:ec:84:ca:a2:
fe:fb:fe:9c:6c:4b:d4:a7:1b:a5:d5:19:7e:bd:82:b0:93:9e:
f7:d9:14:cd:91:d4:2f:93:ff:97:8f:45:3f:ad:55:20:e0:9c:
bb:00:29:eb:06:f9:97:b0:81:f9:2d:15:83:bd:a6:59:7d:74:
77:a4:60:2a
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICMz4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTgxOUExMTAvBgNVBAUTKDM1ODM5OUM3MzZFRjA1NUQ1RDU5MkNBQjE5MDE2RkUz
ODE2RjY2MDgwHhcNMjMwNzA0MTUyMDQxWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE0MzhjOS0wODA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoTEzh7Kt+QVEU6N24/mjwCnYFk7yeKeMS4GvlGOaIeRHd5EcFWtZ/e+YlKJQ
q8M7bXvFz0BHCWSwrOJlM0kofJcLs3huTiN1lx2ijPo4i4TmE4u7SziHq10AmqDg
Mhqwro8TuuXh+8Z726q79cE6z4tHjlmm/iqRMG/ruvnNKs62+YX2u3zmlYN/B3FO
wofi1bzA9rUbzL++IGmtog+QVt5sJ1f36G/2pNJFaWMSqbVE0k7JrGbfovhDaHsZ
eY8D/cx4eKOoIhEP/epP0a84XUontjh05pUOZMGVk/g0tARU22IR2soULV10oRJv
/K37vXApEirzjg9rAFfnQ6ezjQIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFPCA8JCF
mexp8Py7U0PZVSAdERBiMB8GA1UdIwQYMBaAFDWDmcc27wVdXVksqxkBb+OBb2YI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODE5QS82M0VBMjA5MjFE
OUUxMUUyQURCNzNGOEUwOEIwMkNEMi9OWU9aeHpidkJWMWRXU3lyR1FGdjQ0RnZa
Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05ZT1p4emJ2QlYxZFdTeXJHUUZ2NDRGdlpnZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTgxOUEvNjNFQTIwOTIxRDlFMTFFMkFEQjczRjhFMDhCMDJDRDIvNzM0NjJCNzQ2
NDNDMTFFQjlFN0RGOTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMDAEAgABMCoDBAJnFwADBANuregDBAJvdtgDBAV3ESADBAR7/nADBAKjLzQD
BASvZxAwJgQCAAIwIDAOAwQBJAT6AwYEJAT6ACADBgQkBPoAUAMGBCQE+gDQMA0G
CSqGSIb3DQEBCwUAA4IBAQC3dy/kxdzabSsWfMSg0kexRiVen9W0PeCyS+aHGZTb
IMwwaGp7VzLik6qTcIMqhHOyfDtufGDQrtsk1nX65YiEq8sR2Drey2veG61Js18v
g2hS57qDOu6ysSMgwVsZVlclFJt6/c+kUjp165dJlmg4wQI2RmqGzOakrs1HAQmm
helsOItRb73j0WBltFHNQtzSrzKX7kpoOTq21jMzYwrmo5OGrav2Hwp54ZvTQkm8
oaZInBjQnpSoGs38DCg7Wv88CeyEyqL++/6cbEvUpxul1Rl+vYKwk5732RTNkdQv
k/+Xj0U/rVUg4Jy7ACnrBvmXsIH5LRWDvaZZfXR3pGAq
-----END CERTIFICATE-----
Generated at Thu May 16 17:51:49 2024 by rpki-client on console-ams.rpki-client.org