Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E95C8740912411EF99F2FA27C4F9AE02.roa
File: E95C8740912411EF99F2FA27C4F9AE02.roa (raw, json)
Hash identifier: ryrWCDP2geDCf9QHHNw71KTXx5bJgMG6ViqUruuMawI=
Subject key identifier: 6B:97:51:F5:0C:AA:80:C6:77:A5:CC:90:75:8C:71:82:32:14:49:C8
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4841
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E95C8740912411EF99F2FA27C4F9AE02.roa
Signing time: Fri 22 Nov 2024 01:34:00 +0000
ROA not before: Fri 22 Nov 2024 01:34:00 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135905
IP address blocks: 14.225.0.0/16 maxlen: 24
103.9.204.0/22 maxlen: 24
103.78.92.0/24 maxlen: 24
103.137.184.0/23 maxlen: 24
103.145.0.0/23 maxlen: 23
103.159.60.0/23 maxlen: 23
103.200.22.0/24 maxlen: 24
123.30.111.0/24 maxlen: 24
123.30.150.0/24 maxlen: 24
123.30.154.0/23 maxlen: 24
123.30.156.0/23 maxlen: 24
123.30.158.0/23 maxlen: 24
123.30.200.0/24 maxlen: 24
123.30.242.0/24 maxlen: 24
123.31.10.0/24 maxlen: 24
123.31.11.0/24 maxlen: 24
123.31.12.0/24 maxlen: 24
123.31.24.0/24 maxlen: 24
123.31.27.0/24 maxlen: 24
123.31.28.0/22 maxlen: 24
123.31.32.0/20 maxlen: 24
203.162.13.0/24 maxlen: 24
203.162.34.0/24 maxlen: 24
222.255.38.0/24 maxlen: 24
2001:df3:cbc0::/48 maxlen: 48
2001:df3:e640::/48 maxlen: 48
2001:df4:340::/48 maxlen: 48
2001:df4:2240::/48 maxlen: 48
2001:df4:7340::/48 maxlen: 48
2001:df4:80c0::/48 maxlen: 48
2001:ee0:300::/40 maxlen: 48
2400:1060::/48 maxlen: 48
2401:82e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 06 Dec 2024 03:54:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18497 (0x4841)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Nov 22 01:34:00 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=673fdf88-9def
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0e:26:ac:4c:d9:c2:5c:22:d7:51:ca:2b:fa:
58:e5:6a:c4:6f:b9:d5:a4:12:24:98:0a:32:2e:82:
5a:64:42:98:ed:e6:ff:94:8d:75:33:75:6e:4a:d8:
d8:c3:56:93:61:69:4e:99:fa:30:e1:9a:47:9d:41:
ef:b4:eb:56:98:eb:34:da:07:b1:37:46:95:0f:8e:
dc:a7:ab:ee:75:9a:e9:7e:50:be:98:34:b4:b7:8a:
84:c5:4f:68:5e:d3:e1:77:a6:88:25:93:f9:07:1a:
55:95:18:17:4c:3f:4d:e5:cf:0f:19:f8:64:e7:c3:
c5:34:ab:ef:de:0d:0e:c0:e3:af:98:d5:4e:b1:e5:
7d:c2:f2:07:2a:f1:59:59:22:7c:0d:ad:47:9a:c7:
69:d4:0a:1b:18:07:a8:dc:6d:18:b9:ff:ed:1b:b8:
a7:82:f5:7a:5b:73:b6:71:cf:d6:be:e2:9e:3b:c3:
08:68:38:a8:64:59:23:a9:8a:a7:50:c7:b5:48:d2:
ca:9b:b4:ae:30:f4:ae:70:e7:db:3f:31:c5:ba:d0:
56:cb:1a:eb:4c:da:ea:b6:71:39:61:3b:ad:69:2a:
eb:26:bd:51:8a:21:06:f6:c3:01:1d:6f:c9:7f:d9:
b0:f4:30:47:65:cd:2f:bb:6f:05:75:dd:d4:0c:6e:
e2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:97:51:F5:0C:AA:80:C6:77:A5:CC:90:75:8C:71:82:32:14:49:C8
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/E95C8740912411EF99F2FA27C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.225.0.0/16
103.9.204.0/22
103.78.92.0/24
103.137.184.0/23
103.145.0.0/23
103.159.60.0/23
103.200.22.0/24
123.30.111.0/24
123.30.150.0/24
123.30.154.0-123.30.159.255
123.30.200.0/24
123.30.242.0/24
123.31.10.0-123.31.12.255
123.31.24.0/24
123.31.27.0-123.31.47.255
203.162.13.0/24
203.162.34.0/24
222.255.38.0/24
IPv6:
2001:df3:cbc0::/48
2001:df3:e640::/48
2001:df4:340::/48
2001:df4:2240::/48
2001:df4:7340::/48
2001:df4:80c0::/48
2001:ee0:300::/40
2400:1060::/48
2401:82e0::/48
Signature Algorithm: sha256WithRSAEncryption
b3:9c:e5:b1:d6:e6:56:f0:17:a5:b5:79:c5:d4:23:83:14:9c:
aa:23:b8:85:e5:c4:4f:00:04:33:d9:34:df:7e:49:31:c3:ce:
1b:de:8d:87:c3:dc:0c:8e:01:01:b4:81:02:aa:d6:c1:b5:b8:
2b:ab:b0:ae:35:c6:eb:3f:f9:a0:92:d1:95:11:02:29:d3:8e:
13:93:d4:20:18:86:16:f8:28:b1:61:10:d0:75:31:f2:4d:23:
a5:73:82:04:c9:e7:89:45:53:17:b7:0f:72:40:6e:43:08:18:
12:c3:89:f8:10:74:64:df:7e:95:7d:84:e3:fc:c5:ab:7e:86:
f3:5d:a1:00:dc:56:5e:64:80:db:2e:cb:3a:fd:9b:ba:24:87:
e9:cf:17:45:af:cd:08:25:c2:20:84:d2:2c:ef:58:24:2f:40:
46:bc:02:7f:da:11:1e:44:d4:76:71:91:5e:e7:f2:44:a2:77:
6b:b9:26:df:cb:6e:bd:4c:a1:ca:85:ab:95:ab:d8:0c:21:fa:
f9:9c:d4:a8:76:48:2a:37:b5:e9:ce:6a:83:d9:f7:82:60:29:
66:44:5a:54:6e:1d:c7:74:43:af:67:44:26:1c:b8:f5:7d:af:
bf:e1:07:24:54:8f:6c:2a:13:68:9c:3f:1b:8f:28:7f:27:eb:
64:16:b8:02
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgICSEEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQxMTIyMDEzNDAwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNmZGY4OC05ZGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmw4mrEzZwlwi11HKK/pY5WrEb7nVpBIkmAoyLoJaZEKY7eb/lI11M3VuStjY
w1aTYWlOmfow4ZpHnUHvtOtWmOs02gexN0aVD47cp6vudZrpflC+mDS0t4qExU9o
XtPhd6aIJZP5BxpVlRgXTD9N5c8PGfhk58PFNKvv3g0OwOOvmNVOseV9wvIHKvFZ
WSJ8Da1Hmsdp1AobGAeo3G0Yuf/tG7ingvV6W3O2cc/WvuKeO8MIaDioZFkjqYqn
UMe1SNLKm7SuMPSucOfbPzHFutBWyxrrTNrqtnE5YTutaSrrJr1RiiEG9sMBHW/J
f9mw9DBHZc0vu28Fdd3UDG7i2wIDAQABo4IDbzCCA2swHQYDVR0OBBYEFGuXUfUM
qoDGd6XMkHWMcYIyFEnIMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvRTk1Qzg3NDA5
MTI0MTFFRjk5RjJGQTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfgGCCsGAQUFBwEHAQH/
BIHoMIHlMIGKBAIAATCBgwMDAA7hAwQCZwnMAwQAZ05cAwQBZ4m4AwQBZ5EAAwQB
Z588AwQAZ8gWAwQAex5vAwQAex6WMAwDBAF7HpoDBAV7HoADBAB7HsgDBAB7HvIw
DAMEAXsfCgMEAHsfDAMEAHsfGDAMAwQAex8bAwQEex8gAwQAy6INAwQAy6IiAwQA
3v8mMFYEAgACMFADBwAgAQ3zy8ADBwAgAQ3z5kADBwAgAQ30A0ADBwAgAQ30IkAD
BwAgAQ30c0ADBwAgAQ30gMADBgAgAQ7gAwMHACQAEGAAAAMHACQBguAAADANBgkq
hkiG9w0BAQsFAAOCAQEAs5zlsdbmVvAXpbV5xdQjgxScqiO4heXETwAEM9k0335J
McPOG96Nh8PcDI4BAbSBAqrWwbW4K6uwrjXG6z/5oJLRlRECKdOOE5PUIBiGFvgo
sWEQ0HUx8k0jpXOCBMnniUVTF7cPckBuQwgYEsOJ+BB0ZN9+lX2E4/zFq36G812h
ANxWXmSA2y7LOv2buiSH6c8XRa/NCCXCIITSLO9YJC9ARrwCf9oRHkTUdnGRXufy
RKJ3a7km38tuvUyhyoWrlavYDCH6+ZzUqHZIKje16c5qg9n3gmApZkRaVG4dx3RD
r2dEJhy49X2vv+EHJFSPbCoTaJw/G48ofyfrZBa4Ag==
-----END CERTIFICATE-----
Generated at Fri Nov 29 05:35:52 2024 by rpki-client on console-ams.rpki-client.org