Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A8816BEAFE6611EBB771CF1BC4F9AE02.roa
File: A8816BEAFE6611EBB771CF1BC4F9AE02.roa (raw, json)
Hash identifier: 0MLbgQwRVYDfKWDuUa/7j6D/HF2pPxChX/mbB01xyXM=
Subject key identifier: 58:33:00:01:48:E5:13:64:84:B4:44:7A:09:6D:36:68:37:6A:A7:0C
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 47E4
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A8816BEAFE6611EBB771CF1BC4F9AE02.roa
Signing time: Tue 05 Nov 2024 07:34:15 +0000
ROA not before: Tue 05 Nov 2024 07:34:15 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 140815
IP address blocks: 103.6.248.0/23 maxlen: 24
103.10.68.0/23 maxlen: 24
103.16.160.0/23 maxlen: 24
103.16.214.0/23 maxlen: 24
103.16.224.0/23 maxlen: 24
103.29.0.0/23 maxlen: 24
103.29.2.0/23 maxlen: 24
103.131.56.0/23 maxlen: 24
103.170.120.0/23 maxlen: 24
103.180.132.0/23 maxlen: 24
103.180.134.0/23 maxlen: 24
103.182.16.0/23 maxlen: 24
103.184.96.0/23 maxlen: 24
103.186.148.0/23 maxlen: 24
103.189.202.0/23 maxlen: 24
103.190.36.0/23 maxlen: 24
103.190.106.0/23 maxlen: 24
103.196.144.0/23 maxlen: 24
103.250.78.0/23 maxlen: 24
103.253.16.0/23 maxlen: 24
113.192.8.0/23 maxlen: 24
203.145.44.0/23 maxlen: 24
2001:df0:5b40::/48 maxlen: 48
2001:df0:5bc0::/48 maxlen: 48
2001:df0:aac0::/48 maxlen: 48
2001:df0:d9c0::/48 maxlen: 48
2001:df0:e3c0::/48 maxlen: 48
2001:df0:eac0::/48 maxlen: 48
2001:df3:41c0::/48 maxlen: 48
2001:df3:b640::/48 maxlen: 48
2001:df3:edc0::/48 maxlen: 48
2001:df4:540::/48 maxlen: 48
2001:df4:5c0::/48 maxlen: 48
2001:df4:11c0::/48 maxlen: 48
2001:df4:7040::/48 maxlen: 48
2001:df4:8240::/48 maxlen: 48
2401:4b20::/48 maxlen: 48
2401:4ba0::/48 maxlen: 48
2401:50e0::/48 maxlen: 48
2401:7420::/48 maxlen: 48
2401:7560::/48 maxlen: 48
2401:7620::/48 maxlen: 48
2401:8aa0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Dec 2024 11:15:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18404 (0x47e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Nov 5 07:34:15 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6729ca76-d074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7c:3c:b0:5d:3e:18:7e:bb:26:e2:d4:29:6c:
1b:18:1a:18:de:de:d6:9d:58:6d:0b:c3:bf:64:c5:
ed:a9:66:7f:0a:7b:ea:19:6e:24:d5:ae:f0:f9:6d:
c2:41:a6:3f:af:3e:a7:c3:df:64:e8:45:8a:a6:41:
f5:5b:27:ab:91:36:f8:28:6d:96:20:3e:2d:05:65:
0f:9a:f5:09:78:77:fa:a9:01:05:25:59:f9:44:4f:
9c:d0:8e:ef:04:e9:1e:04:36:5c:14:01:7f:f4:1c:
5d:4b:61:b3:78:c6:9f:ce:ce:8b:9a:19:6b:3f:12:
40:30:ab:3b:f5:61:c7:9a:59:54:b5:72:bb:4e:8d:
7b:99:38:56:d7:6d:59:91:43:66:ec:bd:f3:74:cd:
f6:28:34:7d:03:51:b7:91:b0:ee:fa:4b:57:0e:d5:
18:fc:e5:e7:13:6b:e3:11:5f:d2:75:49:a5:44:3f:
22:1f:ba:0c:45:89:07:c6:56:e6:e0:2e:8f:fe:3f:
0d:07:d7:7d:c1:39:aa:69:e3:8e:53:ca:83:63:29:
dc:e5:ed:d0:36:99:5f:44:25:8b:49:5f:dc:5e:66:
39:44:37:b9:d3:ac:53:94:3e:46:c0:6e:ea:90:78:
72:56:86:04:81:87:62:a6:f6:58:33:48:b7:1a:10:
5e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:33:00:01:48:E5:13:64:84:B4:44:7A:09:6D:36:68:37:6A:A7:0C
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/A8816BEAFE6611EBB771CF1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.6.248.0/23
103.10.68.0/23
103.16.160.0/23
103.16.214.0/23
103.16.224.0/23
103.29.0.0/22
103.131.56.0/23
103.170.120.0/23
103.180.132.0/22
103.182.16.0/23
103.184.96.0/23
103.186.148.0/23
103.189.202.0/23
103.190.36.0/23
103.190.106.0/23
103.196.144.0/23
103.250.78.0/23
103.253.16.0/23
113.192.8.0/23
203.145.44.0/23
IPv6:
2001:df0:5b40::/48
2001:df0:5bc0::/48
2001:df0:aac0::/48
2001:df0:d9c0::/48
2001:df0:e3c0::/48
2001:df0:eac0::/48
2001:df3:41c0::/48
2001:df3:b640::/48
2001:df3:edc0::/48
2001:df4:540::/48
2001:df4:5c0::/48
2001:df4:11c0::/48
2001:df4:7040::/48
2001:df4:8240::/48
2401:4b20::/48
2401:4ba0::/48
2401:50e0::/48
2401:7420::/48
2401:7560::/48
2401:7620::/48
2401:8aa0::/48
Signature Algorithm: sha256WithRSAEncryption
63:80:6b:6b:c4:69:06:92:b1:97:ab:c2:ac:56:00:16:9f:9c:
2f:c7:41:41:b8:6c:91:c5:0a:15:82:06:ce:8d:cf:43:2a:f7:
a9:fd:90:bc:6f:ae:62:3b:72:e0:23:3f:50:4c:e3:9d:19:5d:
a9:73:09:f1:4a:a2:56:41:04:7a:0a:28:b1:ab:09:90:ff:76:
d9:95:8e:48:e4:96:d7:da:1c:66:72:2e:f1:1f:4d:1f:43:ce:
b0:5b:74:82:64:62:7f:9a:3d:5a:08:cf:48:92:ac:13:08:f6:
eb:8d:67:83:ad:36:d7:a2:9f:a0:19:e1:35:2e:8f:fb:2b:e8:
9a:d3:5b:ab:0b:b8:f8:e9:44:f8:7b:54:3b:c0:43:98:8d:f8:
38:36:66:a6:6d:86:5c:9e:f6:d7:20:59:e7:0b:62:26:1a:65:
1b:c8:82:cd:34:08:c6:59:68:79:32:da:57:d1:fa:d2:ac:70:
67:e3:6b:21:9d:2a:be:a4:82:2a:6a:ad:35:70:42:16:7a:e3:
61:eb:fb:57:77:ae:b8:85:41:64:49:15:e5:5d:00:5f:6e:3b:
4e:ec:cb:bd:db:df:9a:8a:b1:49:2d:a4:c2:bf:8b:54:7a:18:
88:e4:5c:ab:af:38:07:0d:f5:76:3b:85:90:d9:09:46:e7:df:
6a:48:63:2c
-----BEGIN CERTIFICATE-----
MIIGsDCCBZigAwIBAgICR+QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQxMTA1MDczNDE1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI5Y2E3Ni1kMDc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq3w8sF0+GH67JuLUKWwbGBoY3t7WnVhtC8O/ZMXtqWZ/CnvqGW4k1a7w+W3C
QaY/rz6nw99k6EWKpkH1WyerkTb4KG2WID4tBWUPmvUJeHf6qQEFJVn5RE+c0I7v
BOkeBDZcFAF/9BxdS2GzeMafzs6LmhlrPxJAMKs79WHHmllUtXK7To17mThW121Z
kUNm7L3zdM32KDR9A1G3kbDu+ktXDtUY/OXnE2vjEV/SdUmlRD8iH7oMRYkHxlbm
4C6P/j8NB9d9wTmqaeOOU8qDYync5e3QNplfRCWLSV/cXmY5RDe506xTlD5GwG7q
kHhyVoYEgYdipvZYM0i3GhBeSwIDAQABo4ID1DCCA9AwHQYDVR0OBBYEFFgzAAFI
5RNkhLREegltNmg3aqcMMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQTg4MTZCRUFG
RTY2MTFFQkI3NzFDRjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFcBggrBgEFBQcBBwEB
/wSCAUswggFHMH4EAgABMHgDBAFnBvgDBAFnCkQDBAFnEKADBAFnENYDBAFnEOAD
BAJnHQADBAFngzgDBAFnqngDBAJntIQDBAFnthADBAFnuGADBAFnupQDBAFnvcoD
BAFnviQDBAFnvmoDBAFnxJADBAFn+k4DBAFn/RADBAFxwAgDBAHLkSwwgcQEAgAC
MIG9AwcAIAEN8FtAAwcAIAEN8FvAAwcAIAEN8KrAAwcAIAEN8NnAAwcAIAEN8OPA
AwcAIAEN8OrAAwcAIAEN80HAAwcAIAEN87ZAAwcAIAEN8+3AAwcAIAEN9AVAAwcA
IAEN9AXAAwcAIAEN9BHAAwcAIAEN9HBAAwcAIAEN9IJAAwcAJAFLIAAAAwcAJAFL
oAAAAwcAJAFQ4AAAAwcAJAF0IAAAAwcAJAF1YAAAAwcAJAF2IAAAAwcAJAGKoAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBjgGtrxGkGkrGXq8KsVgAWn5wvx0FBuGyRxQoV
ggbOjc9DKvep/ZC8b65iO3LgIz9QTOOdGV2pcwnxSqJWQQR6CiixqwmQ/3bZlY5I
5JbX2hxmci7xH00fQ86wW3SCZGJ/mj1aCM9IkqwTCPbrjWeDrTbXop+gGeE1Lo/7
K+ia01urC7j46UT4e1Q7wEOYjfg4NmambYZcnvbXIFnnC2ImGmUbyILNNAjGWWh5
MtpX0frSrHBn42shnSq+pIIqaq01cEIWeuNh6/tXd664hUFkSRXlXQBfbjtO7Mu9
29+airFJLaTCv4tUehiI5FyrrzgHDfV2O4WQ2QlG599qSGMs
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:17:33 2024 by rpki-client on console-ams.rpki-client.org