Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
File: 5A318E06F6A111EBB6318B7EC4F9AE02.roa (raw, json)
Hash identifier: TCLXExfkmuO4Dtzy4n4E0hd2z7bRoZNQTGBqPkoceig=
Subject key identifier: DA:65:CC:05:38:1A:F6:42:79:E5:48:84:44:2F:6E:E5:A6:A4:C5:9D
Certificate issuer: /CN=A91C4F06/serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
Certificate serial: 341B
Authority key identifier: 3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
Signing time: Wed 04 Oct 2023 15:11:03 +0000
ROA not before: Wed 04 Oct 2023 15:11:03 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 23955
IP address blocks: 43.241.136.0/22 maxlen: 23
43.241.136.0/23 maxlen: 24
43.241.138.0/24 maxlen: 24
103.29.224.0/22 maxlen: 24
103.71.40.0/22 maxlen: 24
118.103.136.0/21 maxlen: 23
118.103.136.0/23 maxlen: 24
118.103.139.0/24 maxlen: 24
118.103.140.0/22 maxlen: 24
2405:ec00::/32 maxlen: 32
2405:ec00:2::/48 maxlen: 48
2405:ec00:3::/48 maxlen: 48
2405:ec00:4::/48 maxlen: 48
2405:ec00:5::/48 maxlen: 48
2405:ec00:6::/48 maxlen: 48
2405:ec00:10a::/48 maxlen: 48
2405:ec00:10b::/48 maxlen: 48
2405:ec00:10c::/48 maxlen: 48
2405:ec00:10d::/48 maxlen: 48
2405:ec00:10e::/48 maxlen: 48
2405:ec00:10f::/48 maxlen: 48
2405:ec00:110::/48 maxlen: 48
2405:ec00:1000::/48 maxlen: 48
2405:ec00:1001::/48 maxlen: 48
2405:ec00:1002::/48 maxlen: 48
2405:ec00:1003::/48 maxlen: 48
2405:ec00:1004::/48 maxlen: 48
2405:ec00:1005::/48 maxlen: 48
2405:ec00:1100::/48 maxlen: 48
2405:ec00:1101::/48 maxlen: 48
2405:ec00:1201::/48 maxlen: 48
2405:ec00:1202::/48 maxlen: 48
2405:ec00:1203::/48 maxlen: 48
2405:ec00:1204::/48 maxlen: 48
2405:ec00:1205::/48 maxlen: 48
2405:ec00:1206::/48 maxlen: 48
2405:ec00:1208::/48 maxlen: 48
2405:ec00:1209::/48 maxlen: 48
2405:ec00:1300::/48 maxlen: 48
2405:ec00:1301::/48 maxlen: 48
2405:ec00:7000::/40 maxlen: 40
2405:ec00:7100::/40 maxlen: 40
2405:ec00:9011::/48 maxlen: 48
2405:ec00:9012::/48 maxlen: 48
2405:ec00:9013::/48 maxlen: 48
2405:ec00:9014::/48 maxlen: 48
2405:ec00:9015::/48 maxlen: 48
2405:ec00:9016::/48 maxlen: 48
2405:ec00:9017::/48 maxlen: 48
2405:ec00:9018::/48 maxlen: 48
2405:ec00:9019::/48 maxlen: 48
2405:ec00:901a::/48 maxlen: 48
2405:ec00:901b::/48 maxlen: 48
2405:ec00:9021::/48 maxlen: 48
2405:ec00:9022::/48 maxlen: 48
2405:ec00:9023::/48 maxlen: 48
2405:ec00:9024::/48 maxlen: 48
2405:ec00:9025::/48 maxlen: 48
2405:ec00:9051::/48 maxlen: 48
2405:ec00:9052::/48 maxlen: 48
2405:ec00:9053::/48 maxlen: 48
2405:ec00:9054::/48 maxlen: 48
2405:ec00:9055::/48 maxlen: 48
2405:ec00:9071::/48 maxlen: 48
2405:ec00:9072::/48 maxlen: 48
2405:ec00:9073::/48 maxlen: 48
2405:ec00:9074::/48 maxlen: 48
2405:ec00:9075::/48 maxlen: 48
2405:ec00:9081::/48 maxlen: 48
2405:ec00:9082::/48 maxlen: 48
2405:ec00:9083::/48 maxlen: 48
2405:ec00:9100::/48 maxlen: 48
2405:ec00:9101::/48 maxlen: 48
2405:ec00:a1ca::/48 maxlen: 48
2405:ec00:fa00::/48 maxlen: 48
2405:ec00:face::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl
rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 29 May 2024 14:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13339 (0x341b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C4F06/serialNumber=3AAF80EA97E99B9525B33BC1335BB095C2D278A7
Validity
Not Before: Oct 4 15:11:03 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=651d8087-20b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f1:6d:98:4a:67:da:8e:59:1f:15:cb:96:27:
0a:fa:1e:9e:d5:0b:c7:1a:6a:98:97:f6:97:b8:32:
78:ed:38:0e:8e:d8:01:2d:ea:07:db:ce:9b:e4:c5:
bd:14:bd:cb:69:1f:f8:d6:33:19:8a:09:5d:d2:77:
8e:e6:4d:fd:00:18:64:7a:b0:45:bf:9f:76:72:1f:
81:67:c9:56:b7:32:ea:9f:63:26:76:9a:2f:ec:7c:
6e:f5:a6:8a:ed:79:c7:1a:50:a2:88:c2:50:54:00:
b0:17:a4:4e:5c:d1:7d:25:a2:b9:15:ef:3f:4f:cd:
fa:1e:e3:9c:0e:b6:ac:2b:19:a8:b7:18:f3:17:e1:
1b:c8:e0:ea:f1:d3:ff:89:e4:fb:15:6d:0e:5b:af:
c4:55:00:db:9d:88:e9:11:b9:8e:52:db:3b:ec:7a:
ae:a9:f5:0d:0f:8c:51:a1:8b:ac:61:9f:b2:0d:d0:
5f:20:ae:a8:46:9b:41:df:52:5e:e0:aa:5e:c5:f8:
8e:f4:fa:7a:f8:1c:b7:8c:1a:bb:44:67:47:aa:91:
31:d2:bc:65:14:3d:70:46:5c:fd:6f:27:1d:0e:03:
fe:c2:73:d7:7c:c8:7a:f7:d5:ec:90:7b:55:f3:53:
e8:10:95:f2:41:40:c2:67:c6:d4:d8:d5:4a:c5:79:
fd:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:65:CC:05:38:1A:F6:42:79:E5:48:84:44:2F:6E:E5:A6:A4:C5:9D
X509v3 Authority Key Identifier:
keyid:3A:AF:80:EA:97:E9:9B:95:25:B3:3B:C1:33:5B:B0:95:C2:D2:78:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq-A6pfpm5UlszvBM1uwlcLSeKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4F06/76E1C47E1D9511E2BE595E7D08B02CD2/5A318E06F6A111EBB6318B7EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.136.0/22
103.29.224.0/22
103.71.40.0/22
118.103.136.0/21
IPv6:
2405:ec00::/32
Signature Algorithm: sha256WithRSAEncryption
2f:ba:c5:32:fe:c6:2f:0f:71:ef:80:d9:e0:cd:89:30:1f:25:
f2:e8:99:0d:b6:23:33:99:bc:fd:de:b2:1b:8d:b0:fd:29:c8:
7d:92:28:f0:d0:9e:d8:ec:6d:c4:c7:57:41:4a:41:28:76:21:
ad:fe:8e:81:9f:09:55:bd:7b:9f:31:7c:69:87:0f:11:79:02:
d4:b5:d5:b9:8d:c6:b0:31:ae:58:d3:40:2e:f0:6f:2c:93:c0:
4b:4d:b3:35:e3:1e:70:68:06:60:67:11:c2:00:a0:98:8f:1c:
3a:3d:f1:0b:f3:e6:68:40:02:fd:7e:c2:d3:8b:6f:d1:35:d3:
50:88:54:c6:2d:df:b4:9c:fc:87:40:8c:7c:82:d1:4d:4f:3b:
14:2a:2e:98:36:23:db:69:7b:98:f9:b1:32:5d:60:96:db:e9:
cb:05:17:b2:97:bb:2c:ac:ad:90:17:e7:8c:44:cb:10:8d:20:
2f:cd:16:73:0f:72:0f:86:86:c0:cc:32:38:6f:73:6f:26:c7:
7d:7e:74:57:42:1f:f1:1b:bc:5d:fb:71:10:24:30:cd:18:57:
8c:e2:a6:9e:35:4c:b5:8f:c4:a4:10:18:b6:51:43:13:7b:c4:
2f:2e:99:8a:14:27:0e:44:fa:77:3b:de:4e:ac:c1:31:1c:3f:
03:50:b0:1a
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICNBswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzRGMDYxMTAvBgNVBAUTKDNBQUY4MEVBOTdFOTlCOTUyNUIzM0JDMTMzNUJCMDk1
QzJEMjc4QTcwHhcNMjMxMDA0MTUxMTAzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkODA4Ny0yMGIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv/FtmEpn2o5ZHxXLlicK+h6e1QvHGmqYl/aXuDJ47TgOjtgBLeoH286b5MW9
FL3LaR/41jMZigld0neO5k39ABhkerBFv592ch+BZ8lWtzLqn2Mmdpov7Hxu9aaK
7XnHGlCiiMJQVACwF6ROXNF9JaK5Fe8/T836HuOcDrasKxmotxjzF+EbyODq8dP/
ieT7FW0OW6/EVQDbnYjpEbmOUts77HquqfUND4xRoYusYZ+yDdBfIK6oRptB31Je
4KpexfiO9Pp6+By3jBq7RGdHqpEx0rxlFD1wRlz9bycdDgP+wnPXfMh699XskHtV
81PoEJXyQUDCZ8bU2NVKxXn9vwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFNplzAU4
GvZCeeVIhEQvbuWmpMWdMB8GA1UdIwQYMBaAFDqvgOqX6ZuVJbM7wTNbsJXC0nin
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEYwNi83NkUxQzQ3RTFE
OTUxMUUyQkU1OTVFN0QwOEIwMkNEMi9PcS1BNnBmcG01VWxzenZCTTF1d2xjTFNl
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09xLUE2cGZwbTVVbHN6dkJNMXV3bGNMU2VLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzRGMDYvNzZFMUM0N0UxRDk1MTFFMkJFNTk1RTdEMDhCMDJDRDIvNUEzMThFMDZG
NkExMTFFQkI2MzE4QjdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr8YgDBAJnHeADBAJnRygDBAN2Z4gwDQQCAAIwBwMFACQF
7AAwDQYJKoZIhvcNAQELBQADggEBAC+6xTL+xi8Pce+A2eDNiTAfJfLomQ22IzOZ
vP3eshuNsP0pyH2SKPDQntjsbcTHV0FKQSh2Ia3+joGfCVW9e58xfGmHDxF5AtS1
1bmNxrAxrljTQC7wbyyTwEtNszXjHnBoBmBnEcIAoJiPHDo98Qvz5mhAAv1+wtOL
b9E101CIVMYt37Sc/IdAjHyC0U1POxQqLpg2I9tpe5j5sTJdYJbb6csFF7KXuyys
rZAX54xEyxCNIC/NFnMPcg+GhsDMMjhvc28mx31+dFdCH/EbvF37cRAkMM0YV4zi
pp41TLWPxKQQGLZRQxN7xC8umYoUJw5E+nc73k6swTEcPwNQsBo=
-----END CERTIFICATE-----
Generated at Wed May 22 16:21:47 2024 by rpki-client on console-ams.rpki-client.org