Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A2836372A1C011EB9CD78934C4F9AE02.roa
File: A2836372A1C011EB9CD78934C4F9AE02.roa (raw, json)
Hash identifier: lTJ6DeOpGAzp4mxkt5KQW637hanyewLVOBQTflBM/bI=
Subject key identifier: 9B:3D:ED:8A:27:BD:D7:E7:AA:54:A9:46:FD:CA:E3:13:D1:F6:D6:4A
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 467D
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A2836372A1C011EB9CD78934C4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:36:33 +0000
ROA not before: Thu 05 Sep 2024 03:36:33 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 63737
IP address blocks: 36.50.52.0/23 maxlen: 23
42.96.10.0/23 maxlen: 23
103.14.154.0/23 maxlen: 23
103.15.94.0/23 maxlen: 23
103.30.10.0/23 maxlen: 23
103.39.124.0/23 maxlen: 23
103.57.128.0/23 maxlen: 23
103.57.130.0/23 maxlen: 24
103.74.104.0/22 maxlen: 22
103.122.140.0/23 maxlen: 23
103.149.136.0/23 maxlen: 23
103.167.84.0/23 maxlen: 23
103.167.90.0/23 maxlen: 23
103.167.92.0/23 maxlen: 23
103.170.254.0/23 maxlen: 23
103.171.0.0/23 maxlen: 23
103.176.110.0/23 maxlen: 23
103.176.112.0/23 maxlen: 23
103.177.108.0/23 maxlen: 23
103.180.150.0/23 maxlen: 23
103.180.152.0/23 maxlen: 23
103.182.18.0/23 maxlen: 23
103.183.114.0/23 maxlen: 23
103.183.118.0/23 maxlen: 23
103.186.66.0/23 maxlen: 23
103.187.4.0/23 maxlen: 23
103.190.80.0/23 maxlen: 23
103.209.60.0/23 maxlen: 23
103.232.52.0/22 maxlen: 22
103.253.22.0/23 maxlen: 24
202.55.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:34:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18045 (0x467d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Sep 5 03:36:33 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d92741-967c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7d:6e:21:88:3a:85:d7:72:e3:5b:4a:d7:c0:
b4:49:fc:fa:84:42:7a:5d:77:78:ef:ca:7f:70:72:
a5:7d:ea:65:2b:96:88:c2:0a:38:27:64:e9:49:aa:
1f:0f:c6:96:93:92:63:d9:da:4f:2b:f5:1a:ad:ac:
4d:ca:a8:75:dd:80:49:4b:d6:bd:b7:ff:4e:dd:cf:
4d:fe:c6:e2:0c:cc:24:05:99:1a:cd:2f:b6:9b:52:
d2:52:7a:d7:61:f7:0c:07:01:b8:8b:72:95:4f:3f:
28:99:d3:5d:92:b5:4e:49:ca:dd:07:c2:7e:d3:32:
6c:fb:a8:82:1a:ac:ce:a3:dd:91:81:61:d7:78:76:
86:6a:e7:5d:dc:45:49:f3:04:a5:1c:f2:7c:7b:e0:
a8:6e:a7:8b:60:50:e2:06:90:aa:f7:0a:05:3d:4b:
5c:01:dc:00:89:24:4c:fd:53:4b:f0:a6:62:da:0e:
d1:6b:2d:2e:d3:49:6d:bd:eb:48:94:81:24:dc:be:
f1:84:25:d3:18:98:56:1b:43:09:0e:32:94:44:9e:
f3:3c:87:b8:34:61:f5:d5:69:6e:18:2f:37:b6:a9:
3d:e0:d5:79:b2:a8:17:9c:67:c8:d3:7f:52:76:2c:
82:3d:68:16:5d:fd:ff:3e:4a:09:fb:bb:a5:3a:89:
86:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3D:ED:8A:27:BD:D7:E7:AA:54:A9:46:FD:CA:E3:13:D1:F6:D6:4A
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A2836372A1C011EB9CD78934C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.52.0/23
42.96.10.0/23
103.14.154.0/23
103.15.94.0/23
103.30.10.0/23
103.39.124.0/23
103.57.128.0/22
103.74.104.0/22
103.122.140.0/23
103.149.136.0/23
103.167.84.0/23
103.167.90.0-103.167.93.255
103.170.254.0-103.171.1.255
103.176.110.0-103.176.113.255
103.177.108.0/23
103.180.150.0-103.180.153.255
103.182.18.0/23
103.183.114.0/23
103.183.118.0/23
103.186.66.0/23
103.187.4.0/23
103.190.80.0/23
103.209.60.0/23
103.232.52.0/22
103.253.22.0/23
202.55.132.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:24:ab:86:f8:1f:a6:93:cb:fb:a1:ee:0a:bc:48:e5:7b:d0:
49:d3:06:3f:e2:c7:c0:04:4c:cb:3e:97:b3:0a:67:c9:45:34:
f4:66:97:3c:2a:8c:5e:e6:25:62:a5:a2:14:ef:b8:0b:ab:21:
59:a3:85:01:eb:36:a9:b7:4a:df:b8:6c:aa:da:ec:67:a9:c1:
b9:53:f8:67:c6:5a:83:03:43:9c:70:d9:fb:01:2b:3b:20:4c:
32:2d:67:6a:18:75:b2:aa:28:5d:0f:30:be:b6:64:03:55:4c:
62:20:ea:a2:8b:d5:54:3a:7f:cc:8f:1f:98:ef:06:09:21:3d:
ef:c4:ae:f2:1b:79:89:e4:1e:e5:82:8d:8b:9a:77:f4:80:0a:
96:27:7c:23:2a:c9:29:14:23:e8:b3:30:d3:99:ca:50:48:bf:
0d:e9:47:0a:b0:c6:af:97:87:12:7c:91:54:c3:a7:55:35:ef:
a8:86:cb:51:30:31:71:35:a5:1a:a2:29:05:bb:c9:6c:b8:f3:
a9:54:53:af:95:78:d9:b3:45:20:eb:98:5c:cd:72:b5:a2:6d:
ee:0e:bc:41:14:cc:51:6c:2f:7e:28:24:79:15:6a:db:a4:3c:
c1:0b:da:56:fe:73:ee:c2:cf:4c:3f:8a:bb:d1:25:c4:e1:78:
52:81:bd:9e
-----BEGIN CERTIFICATE-----
MIIGLDCCBRSgAwIBAgICRn0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNjMzWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5Mjc0MS05NjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0X1uIYg6hddy41tK18C0Sfz6hEJ6XXd478p/cHKlfeplK5aIwgo4J2TpSaof
D8aWk5Jj2dpPK/UaraxNyqh13YBJS9a9t/9O3c9N/sbiDMwkBZkazS+2m1LSUnrX
YfcMBwG4i3KVTz8omdNdkrVOScrdB8J+0zJs+6iCGqzOo92RgWHXeHaGaudd3EVJ
8wSlHPJ8e+CobqeLYFDiBpCq9woFPUtcAdwAiSRM/VNL8KZi2g7Ray0u00ltvetI
lIEk3L7xhCXTGJhWG0MJDjKURJ7zPIe4NGH11WluGC83tqk94NV5sqgXnGfI039S
diyCPWgWXf3/PkoJ+7ulOomGKQIDAQABo4IDUDCCA0wwHQYDVR0OBBYEFJs97Yon
vdfnqlSpRv3K4xPR9tZKMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQTI4MzYzNzJB
MUMwMTFFQjlDRDc4OTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdkGCCsGAQUFBwEHAQH/
BIHJMIHGMIHDBAIAATCBvAMEASQyNAMEASpgCgMEAWcOmgMEAWcPXgMEAWceCgME
AWcnfAMEAmc5gAMEAmdKaAMEAWd6jAMEAWeViAMEAWenVDAMAwQBZ6daAwQBZ6dc
MAwDBAFnqv4DBAFnqwAwDAMEAWewbgMEAWewcAMEAWexbDAMAwQBZ7SWAwQBZ7SY
AwQBZ7YSAwQBZ7dyAwQBZ7d2AwQBZ7pCAwQBZ7sEAwQBZ75QAwQBZ9E8AwQCZ+g0
AwQBZ/0WAwQCyjeEMA0GCSqGSIb3DQEBCwUAA4IBAQAfJKuG+B+mk8v7oe4KvEjl
e9BJ0wY/4sfABEzLPpezCmfJRTT0Zpc8Koxe5iVipaIU77gLqyFZo4UB6zapt0rf
uGyq2uxnqcG5U/hnxlqDA0OccNn7ASs7IEwyLWdqGHWyqihdDzC+tmQDVUxiIOqi
i9VUOn/Mjx+Y7wYJIT3vxK7yG3mJ5B7lgo2Lmnf0gAqWJ3wjKskpFCPoszDTmcpQ
SL8N6UcKsMavl4cSfJFUw6dVNe+ohstRMDFxNaUaoikFu8lsuPOpVFOvlXjZs0Ug
65hczXK1om3uDrxBFMxRbC9+KCR5FWrbpDzBC9pW/nPuws9MP4q70SXE4XhSgb2e
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:25:42 2024 by rpki-client on console-fra.rpki-client.org