Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/6FF9B406643511EBBDB29E47C4F9AE02.roa
File: 6FF9B406643511EBBDB29E47C4F9AE02.roa (raw, json)
Hash identifier: f1WA37R2HP0U6+F1HlbBo3yl4pWSv+M/az7LNQlg+OU=
Subject key identifier: 8B:BB:B9:FD:65:38:4A:5B:5C:35:08:CC:5D:8B:90:93:0D:6D:E1:CC
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4596
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/6FF9B406643511EBBDB29E47C4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:33:14 +0000
ROA not before: Thu 05 Sep 2024 03:33:14 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 140766
IP address blocks: 103.22.218.0/23 maxlen: 24
103.52.112.0/23 maxlen: 24
103.71.96.0/23 maxlen: 24
103.145.78.0/23 maxlen: 24
103.146.166.0/23 maxlen: 24
103.154.186.0/23 maxlen: 24
103.160.74.0/23 maxlen: 24
103.160.76.0/23 maxlen: 24
103.160.78.0/23 maxlen: 24
103.160.84.0/23 maxlen: 24
103.160.88.0/23 maxlen: 24
103.160.90.0/23 maxlen: 24
103.174.212.0/23 maxlen: 24
103.174.216.0/23 maxlen: 24
103.176.146.0/23 maxlen: 24
103.176.148.0/23 maxlen: 24
103.191.144.0/23 maxlen: 24
103.191.146.0/23 maxlen: 24
103.209.32.0/23 maxlen: 24
113.192.6.0/23 maxlen: 24
203.29.16.0/22 maxlen: 24
2001:df1:440::/48 maxlen: 48
2001:df1:4c0::/48 maxlen: 48
2001:df1:13c0::/48 maxlen: 48
2001:df1:2640::/48 maxlen: 48
2001:df2:4c40::/48 maxlen: 48
2001:df2:7c40::/48 maxlen: 48
2001:df3:4140::/48 maxlen: 48
2001:df3:5fc0::/48 maxlen: 48
2001:df3:abc0::/48 maxlen: 48
2001:df5:9980::/48 maxlen: 48
2400:15a0::/48 maxlen: 48
2400:1660::/48 maxlen: 48
2400:3320::/48 maxlen: 48
2400:3360::/48 maxlen: 48
2400:b8e0::/48 maxlen: 48
2400:ca60::/48 maxlen: 48
2400:f760::/48 maxlen: 48
2401:74e0::/48 maxlen: 48
2406:e4c0::/48 maxlen: 48
2406:e540::/48 maxlen: 48
2406:e640::/48 maxlen: 48
2406:e6c0::/48 maxlen: 48
2406:e740::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Dec 2024 11:15:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17814 (0x4596)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Sep 5 03:33:14 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d9267a-4c8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b8:64:9d:44:44:3b:9c:77:37:eb:ed:0b:8d:
0c:88:e6:5b:14:e3:15:e8:70:42:1b:54:f8:a6:1a:
cc:0d:70:0e:9a:11:a5:5f:7d:39:2c:41:c0:8f:fb:
7c:a8:8e:d8:1e:8f:38:cc:c3:e2:b8:07:17:5d:41:
6e:25:ad:70:1b:51:d9:28:c4:9b:10:c2:26:bc:c0:
b8:2e:60:92:87:4f:bb:0c:d4:bd:c3:c4:09:8d:5d:
88:de:e2:5c:a6:92:ff:54:dd:99:8f:ec:c7:25:4d:
7d:82:f2:72:03:75:db:3b:a6:20:8c:44:24:c7:3f:
10:f0:f2:b3:c5:cd:98:47:61:6c:71:38:d2:64:5b:
53:81:7e:6a:12:8a:4f:9f:96:49:d8:eb:60:9b:8d:
67:27:41:85:51:62:57:b4:e3:6e:16:d8:6b:e4:01:
76:64:10:45:41:3e:c2:7f:b2:9b:40:a2:e0:1e:a8:
b1:16:22:3c:74:a8:fc:e1:93:e6:2f:de:04:39:d6:
38:2f:d2:d9:cb:24:8c:c4:8a:c0:ce:af:77:9f:a4:
83:95:a7:06:74:f2:94:72:cd:f3:9a:85:ef:6a:e9:
39:c0:fe:74:10:cb:07:a6:14:a9:dd:24:5d:37:6f:
83:e5:0f:f5:12:8d:ba:26:7c:ca:9a:03:8f:b7:3d:
c6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:BB:B9:FD:65:38:4A:5B:5C:35:08:CC:5D:8B:90:93:0D:6D:E1:CC
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/6FF9B406643511EBBDB29E47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.22.218.0/23
103.52.112.0/23
103.71.96.0/23
103.145.78.0/23
103.146.166.0/23
103.154.186.0/23
103.160.74.0-103.160.79.255
103.160.84.0/23
103.160.88.0/22
103.174.212.0/23
103.174.216.0/23
103.176.146.0-103.176.149.255
103.191.144.0/22
103.209.32.0/23
113.192.6.0/23
203.29.16.0/22
IPv6:
2001:df1:440::/48
2001:df1:4c0::/48
2001:df1:13c0::/48
2001:df1:2640::/48
2001:df2:4c40::/48
2001:df2:7c40::/48
2001:df3:4140::/48
2001:df3:5fc0::/48
2001:df3:abc0::/48
2001:df5:9980::/48
2400:15a0::/48
2400:1660::/48
2400:3320::/48
2400:3360::/48
2400:b8e0::/48
2400:ca60::/48
2400:f760::/48
2401:74e0::/48
2406:e4c0::/48
2406:e540::/48
2406:e640::/48
2406:e6c0::/48
2406:e740::/48
Signature Algorithm: sha256WithRSAEncryption
60:3e:cb:7d:15:19:67:51:77:be:59:79:52:f5:bc:d0:e4:85:
f4:b7:96:ee:d0:46:55:80:99:95:04:a5:f8:6e:a2:64:0f:1e:
32:18:b2:cd:82:a7:fe:c8:18:54:bd:95:27:50:b4:ba:2e:e4:
f8:9f:0e:c6:59:28:79:b9:4f:b9:a4:10:00:db:30:7e:fc:10:
3f:c0:c7:f8:de:8d:13:08:a2:2d:7b:b0:56:41:fa:cc:29:f1:
71:94:99:47:a6:7f:4a:4f:06:86:9f:03:22:92:8d:e5:da:3d:
b3:79:99:86:77:54:a7:e2:22:ec:25:a9:d3:ac:22:86:20:de:
ef:84:b0:14:3c:9b:dd:38:9d:bd:bc:80:84:cd:a1:5c:79:73:
8d:8f:33:8b:59:aa:2c:90:1e:d3:53:62:55:45:1e:a5:02:67:
4d:c5:9f:da:16:f2:22:cb:ef:bc:49:94:47:5e:8f:2f:fb:2e:
6b:54:35:46:59:31:26:1c:93:7a:da:6b:21:3f:c1:95:7c:1c:
c2:8e:de:4f:79:5b:9f:3e:46:b1:da:8c:1f:73:23:8e:c8:91:
cf:30:15:ae:37:f6:4f:99:95:50:20:db:38:48:5e:68:60:a3:
cb:5e:c3:1a:56:1f:11:14:3b:75:77:19:11:34:a1:7d:9d:cb:
a3:17:2f:1d
-----BEGIN CERTIFICATE-----
MIIGujCCBaKgAwIBAgICRZYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzMzE0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjY3YS00YzhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtrhknUREO5x3N+vtC40MiOZbFOMV6HBCG1T4phrMDXAOmhGlX305LEHAj/t8
qI7YHo84zMPiuAcXXUFuJa1wG1HZKMSbEMImvMC4LmCSh0+7DNS9w8QJjV2I3uJc
ppL/VN2Zj+zHJU19gvJyA3XbO6YgjEQkxz8Q8PKzxc2YR2FscTjSZFtTgX5qEopP
n5ZJ2Otgm41nJ0GFUWJXtONuFthr5AF2ZBBFQT7Cf7KbQKLgHqixFiI8dKj84ZPm
L94EOdY4L9LZyySMxIrAzq93n6SDlacGdPKUcs3zmoXvauk5wP50EMsHphSp3SRd
N2+D5Q/1Eo26JnzKmgOPtz3GZQIDAQABo4ID3jCCA9owHQYDVR0OBBYEFIu7uf1l
OEpbXDUIzF2LkJMNbeHMMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNkZGOUI0MDY2
NDM1MTFFQkJEQjI5RTQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFmBggrBgEFBQcBBwEB
/wSCAVUwggFRMHYEAgABMHADBAFnFtoDBAFnNHADBAFnR2ADBAFnkU4DBAFnkqYD
BAFnmrowDAMEAWegSgMEBGegQAMEAWegVAMEAmegWAMEAWeu1AMEAWeu2DAMAwQB
Z7CSAwQBZ7CUAwQCZ7+QAwQBZ9EgAwQBccAGAwQCyx0QMIHWBAIAAjCBzwMHACAB
DfEEQAMHACABDfEEwAMHACABDfETwAMHACABDfEmQAMHACABDfJMQAMHACABDfJ8
QAMHACABDfNBQAMHACABDfNfwAMHACABDfOrwAMHACABDfWZgAMHACQAFaAAAAMH
ACQAFmAAAAMHACQAMyAAAAMHACQAM2AAAAMHACQAuOAAAAMHACQAymAAAAMHACQA
92AAAAMHACQBdOAAAAMHACQG5MAAAAMHACQG5UAAAAMHACQG5kAAAAMHACQG5sAA
AAMHACQG50AAADANBgkqhkiG9w0BAQsFAAOCAQEAYD7LfRUZZ1F3vll5UvW80OSF
9LeW7tBGVYCZlQSl+G6iZA8eMhiyzYKn/sgYVL2VJ1C0ui7k+J8OxlkoeblPuaQQ
ANswfvwQP8DH+N6NEwiiLXuwVkH6zCnxcZSZR6Z/Sk8Ghp8DIpKN5do9s3mZhndU
p+Ii7CWp06wihiDe74SwFDyb3TidvbyAhM2hXHlzjY8zi1mqLJAe01NiVUUepQJn
TcWf2hbyIsvvvEmUR16PL/sua1Q1RlkxJhyTetprIT/BlXwcwo7eT3lbnz5GsdqM
H3MjjsiRzzAVrjf2T5mVUCDbOEheaGCjy17DGlYfERQ7dXcZETShfZ3LoxcvHQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:17:32 2024 by rpki-client on console-ams.rpki-client.org