Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/2BD3A918A71A11EF91555F30C4F9AE02.roa
File: 2BD3A918A71A11EF91555F30C4F9AE02.roa (raw, json)
Hash identifier: o1BdlTatlePGvlEfG/+tNCIOAIuskpmvNavthGt2b2w=
Subject key identifier: 9C:C8:EB:11:6A:0C:C2:04:F7:9C:E8:3A:3A:99:38:DA:58:C9:17:6B
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1D8A
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/2BD3A918A71A11EF91555F30C4F9AE02.roa
Signing time: Wed 20 Nov 2024 08:33:52 +0000
ROA not before: Wed 20 Nov 2024 08:33:52 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 55154
IP address blocks: 103.151.27.0/24 maxlen: 24
113.203.211.0/24 maxlen: 24
113.203.213.0/24 maxlen: 24
113.203.214.0/24 maxlen: 24
113.203.215.0/24 maxlen: 24
113.203.219.0/24 maxlen: 24
113.203.222.0/24 maxlen: 24
113.203.224.0/24 maxlen: 24
113.203.225.0/24 maxlen: 24
113.203.227.0/24 maxlen: 24
113.203.243.0/24 maxlen: 24
113.203.248.0/24 maxlen: 24
115.167.3.0/24 maxlen: 24
115.167.5.0/24 maxlen: 24
115.167.9.0/24 maxlen: 24
115.167.12.0/22 maxlen: 22
115.167.28.0/24 maxlen: 24
115.167.50.0/24 maxlen: 24
115.167.52.0/24 maxlen: 24
115.167.53.0/24 maxlen: 24
115.167.54.0/24 maxlen: 24
115.167.55.0/24 maxlen: 24
115.167.76.0/24 maxlen: 24
115.167.101.0/24 maxlen: 24
115.167.103.0/24 maxlen: 24
115.167.124.0/24 maxlen: 24
175.110.97.0/24 maxlen: 24
175.110.104.0/24 maxlen: 24
175.110.106.0/24 maxlen: 24
175.110.111.0/24 maxlen: 24
180.178.144.0/24 maxlen: 24
180.178.147.0/24 maxlen: 24
180.178.148.0/24 maxlen: 24
180.178.149.0/24 maxlen: 24
180.178.150.0/24 maxlen: 24
180.178.160.0/24 maxlen: 24
180.178.162.0/24 maxlen: 24
180.178.163.0/24 maxlen: 24
180.178.165.0/24 maxlen: 24
180.178.166.0/24 maxlen: 24
180.178.167.0/24 maxlen: 24
180.178.168.0/24 maxlen: 24
180.178.169.0/24 maxlen: 24
180.178.170.0/24 maxlen: 24
180.178.171.0/24 maxlen: 24
180.178.189.0/24 maxlen: 24
223.29.228.0/24 maxlen: 24
223.29.230.0/24 maxlen: 24
223.29.231.0/24 maxlen: 24
223.29.236.0/24 maxlen: 24
223.29.237.0/24 maxlen: 24
223.29.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 06:14:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7562 (0x1d8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Nov 20 08:33:52 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=673d9ef0-dbb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9b:5b:a8:8a:05:38:bc:ff:79:a6:dd:48:e2:
db:45:3b:4a:13:06:f5:71:ca:f5:59:b8:fe:38:19:
eb:ef:96:a1:45:39:69:2b:8f:2f:53:63:81:49:2f:
a4:2c:64:b2:77:4b:6c:90:b0:eb:90:e0:17:7e:a9:
63:b0:40:d5:b6:91:66:fe:85:9d:75:5d:8a:3b:29:
e5:2a:ef:f2:d7:74:f5:b2:86:bd:7b:11:07:b7:dc:
ab:87:0a:b1:85:03:b3:8d:90:8c:bd:2f:88:7d:58:
82:a5:e3:20:10:55:1b:97:ea:52:77:20:fe:ea:14:
5b:f5:75:66:9e:70:de:e2:50:c9:e2:54:8c:2e:a7:
c7:14:68:14:58:b5:1d:73:52:df:44:ac:d7:c7:58:
c7:56:80:58:ec:87:72:46:7e:2e:81:47:b0:16:a0:
f8:56:d9:62:6b:db:bd:a7:10:22:13:13:86:a5:6a:
a7:de:f8:86:eb:ce:95:a9:04:9d:90:0d:bc:d7:90:
ee:0d:79:f7:84:68:21:54:36:b4:d7:a2:f3:8b:e7:
9d:10:af:9c:7b:ce:c2:ab:be:24:ac:88:bf:df:bc:
c7:46:6f:c1:79:d2:13:bf:9c:6d:b4:30:21:63:1d:
2b:de:0f:19:00:6c:16:8f:6b:67:1e:08:d8:9f:87:
90:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C8:EB:11:6A:0C:C2:04:F7:9C:E8:3A:3A:99:38:DA:58:C9:17:6B
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/2BD3A918A71A11EF91555F30C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.27.0/24
113.203.211.0/24
113.203.213.0-113.203.215.255
113.203.219.0/24
113.203.222.0/24
113.203.224.0/23
113.203.227.0/24
113.203.243.0/24
113.203.248.0/24
115.167.3.0/24
115.167.5.0/24
115.167.9.0/24
115.167.12.0/22
115.167.28.0/24
115.167.50.0/24
115.167.52.0/22
115.167.76.0/24
115.167.101.0/24
115.167.103.0/24
115.167.124.0/24
175.110.97.0/24
175.110.104.0/24
175.110.106.0/24
175.110.111.0/24
180.178.144.0/24
180.178.147.0-180.178.150.255
180.178.160.0/24
180.178.162.0/23
180.178.165.0-180.178.171.255
180.178.189.0/24
223.29.228.0/24
223.29.230.0/23
223.29.236.0-223.29.238.255
Signature Algorithm: sha256WithRSAEncryption
51:6c:db:6e:82:a3:54:8e:75:9c:5e:fd:0d:e4:9c:8b:5a:8d:
79:08:5b:4e:ce:c7:65:1e:b5:3f:cc:02:94:39:cb:f6:44:32:
ba:f6:d1:f6:32:8b:ee:b9:d3:c9:1e:f8:b3:f4:88:ee:41:fd:
6a:c4:a1:f1:4d:c1:5c:c5:9e:ac:79:d3:fa:f4:aa:e6:c7:1d:
b9:4a:9a:8e:40:a2:df:60:a2:c6:41:e6:aa:81:dd:02:97:88:
b7:07:66:b7:ae:23:ba:04:13:a4:9a:47:c0:69:7c:05:da:bf:
31:41:80:50:f0:78:2b:c5:70:16:60:58:42:e4:fb:21:24:12:
b8:66:04:b3:18:4b:79:21:b4:69:24:ce:5e:17:57:15:5e:ad:
b3:68:3e:ae:f4:8e:d4:a8:dd:db:1f:42:d1:23:16:3f:3a:ca:
a7:74:fc:5c:a5:55:ec:de:ea:0f:33:31:6f:86:09:5b:5d:c3:
e0:b3:8e:ba:cf:3d:e1:b7:e8:bc:a3:26:0a:58:78:65:5c:47:
f8:49:1d:f6:13:d8:f4:b8:bc:1e:36:e9:6e:eb:e9:39:99:72:
f8:35:fb:ea:01:51:73:e1:8a:7c:50:09:b7:93:84:19:cf:41:
ec:ea:c5:6c:14:c2:19:26:f1:cd:13:f3:14:7b:99:cd:77:c4:
f5:05:06:df
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgICHYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMTIwMDgzMzUyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNkOWVmMC1kYmI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA05tbqIoFOLz/eabdSOLbRTtKEwb1ccr1Wbj+OBnr75ahRTlpK48vU2OBSS+k
LGSyd0tskLDrkOAXfqljsEDVtpFm/oWddV2KOynlKu/y13T1soa9exEHt9yrhwqx
hQOzjZCMvS+IfViCpeMgEFUbl+pSdyD+6hRb9XVmnnDe4lDJ4lSMLqfHFGgUWLUd
c1LfRKzXx1jHVoBY7IdyRn4ugUewFqD4Vtlia9u9pxAiExOGpWqn3viG686VqQSd
kA2815DuDXn3hGghVDa016Lzi+edEK+ce87Cq74krIi/37zHRm/BedITv5xttDAh
Yx0r3g8ZAGwWj2tnHgjYn4eQZQIDAQABo4IDezCCA3cwHQYDVR0OBBYEFJzI6xFq
DMIE95zoOjqZONpYyRdrMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvMkJEM0E5MThB
NzFBMTFFRjkxNTU1RjMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEDBggrBgEFBQcBBwEB
/wSB8zCB8DCB7QQCAAEwgeYDBABnlxsDBABxy9MwDAMEAHHL1QMEA3HL0AMEAHHL
2wMEAHHL3gMEAXHL4AMEAHHL4wMEAHHL8wMEAHHL+AMEAHOnAwMEAHOnBQMEAHOn
CQMEAnOnDAMEAHOnHAMEAHOnMgMEAnOnNAMEAHOnTAMEAHOnZQMEAHOnZwMEAHOn
fAMEAK9uYQMEAK9uaAMEAK9uagMEAK9ubwMEALSykDAMAwQAtLKTAwQAtLKWAwQA
tLKgAwQBtLKiMAwDBAC0sqUDBAK0sqgDBAC0sr0DBADfHeQDBAHfHeYwDAMEAt8d
7AMEAN8d7jANBgkqhkiG9w0BAQsFAAOCAQEAUWzbboKjVI51nF79DeSci1qNeQhb
Ts7HZR61P8wClDnL9kQyuvbR9jKL7rnTyR74s/SI7kH9asSh8U3BXMWerHnT+vSq
5scduUqajkCi32CixkHmqoHdApeItwdmt64jugQTpJpHwGl8Bdq/MUGAUPB4K8Vw
FmBYQuT7ISQSuGYEsxhLeSG0aSTOXhdXFV6ts2g+rvSO1Kjd2x9C0SMWPzrKp3T8
XKVV7N7qDzMxb4YJW13D4LOOus894bfovKMmClh4ZVxH+Ekd9hPY9Li8Hjbpbuvp
OZly+DX76gFRc+GKfFAJt5OEGc9B7OrFbBTCGSbxzRPzFHuZzXfE9QUG3w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:10 2024 by rpki-client on console-fra.rpki-client.org