Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/860FE244E7F211EEA82C4340C4F9AE02.roa
File: 860FE244E7F211EEA82C4340C4F9AE02.roa (raw, json)
Hash identifier: tJJTcGQ2m2pshzd0U/DwfkAv50Vcbcpb9AnTouLN/sk=
Subject key identifier: 31:E5:67:CC:67:1D:50:46:F6:D2:06:1A:11:5F:54:47:59:A1:35:E7
Certificate issuer: /CN=A91B036A/serialNumber=0F17F37DBC9484D96E1A0ABC78A4F9CACD5EDA8A
Certificate serial: 58
Authority key identifier: 0F:17:F3:7D:BC:94:84:D9:6E:1A:0A:BC:78:A4:F9:CA:CD:5E:DA:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/860FE244E7F211EEA82C4340C4F9AE02.roa
Signing time: Fri 22 Mar 2024 02:28:22 +0000
ROA not before: Fri 22 Mar 2024 02:28:22 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 24334
IP address blocks: 103.11.88.0/22 maxlen: 24
202.83.240.0/21 maxlen: 21
202.83.240.0/24 maxlen: 24
202.83.241.0/24 maxlen: 24
202.83.242.0/24 maxlen: 24
202.83.243.0/24 maxlen: 24
202.83.244.0/24 maxlen: 24
202.83.245.0/24 maxlen: 24
202.83.246.0/24 maxlen: 24
202.83.247.0/24 maxlen: 24
202.171.208.0/21 maxlen: 21
202.171.208.0/24 maxlen: 24
202.171.209.0/24 maxlen: 24
202.171.210.0/24 maxlen: 24
202.171.211.0/24 maxlen: 24
202.171.212.0/24 maxlen: 24
202.171.213.0/24 maxlen: 24
202.171.214.0/24 maxlen: 24
202.171.215.0/24 maxlen: 24
203.142.88.0/21 maxlen: 21
203.142.88.0/24 maxlen: 24
203.142.89.0/24 maxlen: 24
203.142.90.0/24 maxlen: 24
203.142.91.0/24 maxlen: 24
203.142.92.0/24 maxlen: 24
203.142.93.0/24 maxlen: 24
203.142.94.0/24 maxlen: 24
203.142.95.0/24 maxlen: 24
2404:1a0::/30 maxlen: 32
2404:1a0:1000::/46 maxlen: 46
2404:1a0:1000::/47 maxlen: 47
2404:1a0:1001::/48 maxlen: 48
2404:1a0:1002::/48 maxlen: 48
2404:1a0:2008::/48 maxlen: 48
2404:1a0:fffc::/46 maxlen: 46
2404:1a0:fffc::/47 maxlen: 47
2404:1a0:ffff::/48 maxlen: 48
2404:1a3:1000::/46 maxlen: 46
2404:1a3:1000::/47 maxlen: 47
2404:1a3:1001::/48 maxlen: 48
2404:1a3:fffc::/46 maxlen: 46
2404:1a3:fffc::/47 maxlen: 47
2404:1a3:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.crl
rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 02 Jul 2024 07:11:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88 (0x58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B036A/serialNumber=0F17F37DBC9484D96E1A0ABC78A4F9CACD5EDA8A
Validity
Not Before: Mar 22 02:28:22 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65fcecc6-354a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a7:71:46:e5:06:b3:69:4f:27:44:bf:98:7b:
53:80:7f:75:b8:c3:bc:ff:4f:96:42:7e:04:0b:a4:
79:40:c8:f6:38:ba:99:a5:ed:22:47:8e:af:56:20:
5c:a7:52:94:a2:bb:d5:5f:3f:ab:de:ac:6f:2d:39:
08:0b:c3:97:c1:4e:d8:8f:d2:68:7e:64:e3:71:da:
0f:b4:f1:e1:99:d2:8a:d8:12:ed:62:80:64:a1:a6:
9e:a8:2e:10:ba:9e:0e:7f:45:46:9d:02:5b:09:7c:
e4:2b:2f:e0:9e:5b:07:90:57:13:76:5a:ea:9d:5a:
f4:a2:e8:f0:48:a7:86:7b:af:8d:69:ad:9b:a3:8e:
e6:50:08:b0:8d:6d:26:97:b6:fd:48:ef:ba:fc:85:
4e:06:8c:d3:aa:43:57:71:b6:bf:96:21:01:ac:85:
87:db:9f:f3:e1:b9:30:7d:c6:5c:8e:47:e5:a2:ab:
14:e0:89:ab:43:a4:7b:9a:dc:a9:f2:0e:0c:e2:6b:
72:37:14:8f:e2:62:f8:fc:3f:56:c3:eb:31:08:7b:
c2:b8:54:00:1b:17:fc:96:e1:a6:0f:7f:3e:48:94:
72:bd:fa:7b:d5:72:58:a3:48:83:a2:b8:5c:4d:a5:
07:79:e9:a3:3e:05:3e:0f:b3:2b:44:25:3d:e3:21:
e1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E5:67:CC:67:1D:50:46:F6:D2:06:1A:11:5F:54:47:59:A1:35:E7
X509v3 Authority Key Identifier:
keyid:0F:17:F3:7D:BC:94:84:D9:6E:1A:0A:BC:78:A4:F9:CA:CD:5E:DA:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/860FE244E7F211EEA82C4340C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.11.88.0/22
202.83.240.0/21
202.171.208.0/21
203.142.88.0/21
IPv6:
2404:1a0::/30
Signature Algorithm: sha256WithRSAEncryption
49:3f:2c:8f:a4:e2:cc:eb:59:62:ef:e2:ef:7e:6b:cf:59:27:
eb:79:a5:62:9a:5c:f0:50:75:d1:08:a2:50:89:70:be:6d:9b:
cf:c3:ef:57:68:13:19:9a:9d:4c:ea:f9:ed:72:38:78:49:62:
c0:00:0c:0e:c5:ad:27:05:ba:91:0b:ef:90:6a:06:e9:01:8d:
45:08:ca:eb:bc:95:4e:33:49:e2:5d:2c:25:62:e6:be:59:3e:
4d:20:02:a5:38:9a:4b:74:fd:53:82:04:12:d3:30:3e:10:26:
1a:83:0f:d1:45:0c:46:5a:9f:96:95:4c:7d:30:f9:b5:51:b4:
d9:e0:07:22:0a:f2:31:82:d5:ec:db:07:99:b7:49:97:27:11:
ea:69:67:1b:30:3d:a3:ce:f9:f2:29:ad:f8:72:3a:6b:3e:30:
36:bc:a5:38:b2:23:90:01:df:5a:80:1d:76:49:c2:53:e9:72:
0f:07:a6:e3:0a:9a:a2:08:79:52:a0:c6:00:f1:80:98:6d:09:
25:52:32:12:5f:d3:8f:73:f0:bf:85:e4:0b:33:3c:d8:93:f8:
ec:aa:66:e7:ce:c3:57:f8:fc:75:16:aa:ea:13:f9:1b:18:0d:
66:08:55:11:15:58:b1:cd:2c:1e:3b:c9:44:cf:e3:44:c7:a0:
4c:d0:96:f4
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBWDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
MDM2QTExMC8GA1UEBRMoMEYxN0YzN0RCQzk0ODREOTZFMUEwQUJDNzhBNEY5Q0FD
RDVFREE4QTAeFw0yNDAzMjIwMjI4MjJaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZmNlY2M2LTM1NGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5p3FG5QazaU8nRL+Ye1OAf3W4w7z/T5ZCfgQLpHlAyPY4upml7SJHjq9WIFyn
UpSiu9VfP6verG8tOQgLw5fBTtiP0mh+ZONx2g+08eGZ0orYEu1igGShpp6oLhC6
ng5/RUadAlsJfOQrL+CeWweQVxN2WuqdWvSi6PBIp4Z7r41prZujjuZQCLCNbSaX
tv1I77r8hU4GjNOqQ1dxtr+WIQGshYfbn/PhuTB9xlyOR+WiqxTgiatDpHua3Kny
Dgzia3I3FI/iYvj8P1bD6zEIe8K4VAAbF/yW4aYPfz5IlHK9+nvVclijSIOiuFxN
pQd56aM+BT4PsytEJT3jIeGpAgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUMeVnzGcd
UEb20gYaEV9UR1mhNecwHwYDVR0jBBgwFoAUDxfzfbyUhNluGgq8eKT5ys1e2oow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIwMzZBL0JCQzJGNzc2RDFG
MTExRUU4NjA1MUE2MUM0RjlBRTAyL0R4ZnpmYnlVaE5sdUdncThlS1Q1eXMxZTJv
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRHhmemZieVVoTmx1R2dxOGVLVDV5czFlMm9vLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MDM2QS9CQkMyRjc3NkQxRjExMUVFODYwNTFBNjFDNEY5QUUwMi84NjBGRTI0NEU3
RjIxMUVFQTgyQzQzNDBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEAmcLWAMEA8pT8AMEA8qr0AMEA8uOWDANBAIAAjAHAwUCJAQB
oDANBgkqhkiG9w0BAQsFAAOCAQEAST8sj6TizOtZYu/i735rz1kn63mlYppc8FB1
0QiiUIlwvm2bz8PvV2gTGZqdTOr57XI4eEliwAAMDsWtJwW6kQvvkGoG6QGNRQjK
67yVTjNJ4l0sJWLmvlk+TSACpTiaS3T9U4IEEtMwPhAmGoMP0UUMRlqflpVMfTD5
tVG02eAHIgryMYLV7NsHmbdJlycR6mlnGzA9o8758imt+HI6az4wNrylOLIjkAHf
WoAddknCU+lyDwem4wqaogh5UqDGAPGAmG0JJVIyEl/Tj3Pwv4XkCzM82JP47Kpm
587DV/j8dRaq6hP5GxgNZghVERVYsc0sHjvJRM/jRMegTNCW9A==
-----END CERTIFICATE-----
Generated at Tue Jun 25 10:52:21 2024 by rpki-client on console-ams.rpki-client.org