Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/BBF567AEB0F011E5A08A224DC4F9AE02.roa
File: BBF567AEB0F011E5A08A224DC4F9AE02.roa (raw, json)
Hash identifier: gUaglzjVEo/jAQam5U3T7T5H9G5lSnkvKcItCzMbsY0=
Subject key identifier: DC:CF:45:58:58:0C:75:15:41:05:D6:14:9E:8A:F6:07:97:14:01:09
Certificate issuer: /CN=A91EAE60/serialNumber=20083D4DFA844C5727558C4C756DB20DF807CD81
Certificate serial: 2713
Authority key identifier: 20:08:3D:4D:FA:84:4C:57:27:55:8C:4C:75:6D:B2:0D:F8:07:CD:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAg9TfqETFcnVYxMdW2yDfgHzYE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/BBF567AEB0F011E5A08A224DC4F9AE02.roa
Signing time: Tue 05 Nov 2024 04:28:13 +0000
ROA not before: Tue 05 Nov 2024 04:28:13 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 17887
IP address blocks: 43.247.56.0/22 maxlen: 22
43.247.56.0/24 maxlen: 24
43.247.57.0/24 maxlen: 24
103.11.12.0/22 maxlen: 22
103.106.8.0/22 maxlen: 22
103.106.8.0/24 maxlen: 24
103.213.204.0/22 maxlen: 22
103.213.204.0/24 maxlen: 24
103.213.205.0/24 maxlen: 24
202.60.192.0/20 maxlen: 20
202.60.192.0/21 maxlen: 21
202.60.192.0/22 maxlen: 22
202.60.195.0/24 maxlen: 24
202.60.196.0/22 maxlen: 22
202.60.198.0/24 maxlen: 24
202.60.199.0/24 maxlen: 24
202.60.200.0/21 maxlen: 21
202.60.200.0/22 maxlen: 22
202.60.200.0/24 maxlen: 24
202.60.203.0/24 maxlen: 24
202.60.204.0/22 maxlen: 22
202.60.204.0/24 maxlen: 24
202.60.205.0/24 maxlen: 24
202.60.207.0/24 maxlen: 24
203.159.72.0/22 maxlen: 22
203.159.72.0/24 maxlen: 24
203.159.73.0/24 maxlen: 24
203.159.74.0/24 maxlen: 24
203.159.75.0/24 maxlen: 24
203.159.96.0/19 maxlen: 19
203.159.96.0/24 maxlen: 24
203.159.100.0/24 maxlen: 24
203.159.101.0/24 maxlen: 24
203.159.103.0/24 maxlen: 24
203.159.104.0/24 maxlen: 24
203.159.107.0/24 maxlen: 24
203.159.108.0/24 maxlen: 24
203.159.120.0/24 maxlen: 24
203.159.124.0/24 maxlen: 24
203.159.125.0/24 maxlen: 24
203.159.126.0/24 maxlen: 24
203.159.127.0/24 maxlen: 24
2405:6d00::/32 maxlen: 32
2405:6d00:100::/48 maxlen: 48
2405:6d00:101::/48 maxlen: 48
2405:6d00:104::/48 maxlen: 48
2405:6d00:105::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/IAg9TfqETFcnVYxMdW2yDfgHzYE.crl
rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/IAg9TfqETFcnVYxMdW2yDfgHzYE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAg9TfqETFcnVYxMdW2yDfgHzYE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 15:22:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10003 (0x2713)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE60/serialNumber=20083D4DFA844C5727558C4C756DB20DF807CD81
Validity
Not Before: Nov 5 04:28:13 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67299edd-16c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6e:e5:e6:54:50:f5:2e:2a:7b:f0:b2:21:8d:
bf:fd:05:2c:48:b8:f3:3e:7f:0d:d9:31:37:95:cb:
c3:cd:68:44:8d:0b:b2:1f:d3:37:4d:43:ef:b5:3d:
c5:9d:e2:8d:68:30:a9:b5:ee:c4:86:f7:49:f8:95:
32:e6:af:b1:a9:81:b7:46:66:07:89:4f:00:5e:ae:
fb:55:c3:ea:72:02:30:23:54:8d:62:4e:0d:ca:9f:
8b:14:61:dd:0a:74:3c:f2:6e:2e:8d:a1:84:17:09:
02:0f:35:be:7c:c0:1d:76:7a:43:8e:fc:37:7d:3c:
4c:b1:7c:75:40:6a:45:ea:55:0d:e9:dd:39:41:03:
7c:98:a3:e0:a4:e8:3d:1e:11:a9:67:02:14:8a:f9:
57:76:55:f3:e8:18:57:9e:99:51:b5:ec:20:d1:98:
43:af:8a:56:39:25:75:5b:9e:42:74:ef:65:0a:22:
72:d5:6b:89:9a:17:c5:b2:77:07:96:b9:a9:60:4d:
27:8d:44:42:12:c4:38:3b:64:25:e5:1a:0e:c9:d2:
d1:a3:1a:a7:8d:6d:56:be:45:0b:6b:17:a8:59:c9:
23:7c:23:c1:03:b3:89:59:7b:e5:6a:ad:e0:09:d7:
6d:c6:ce:df:82:3f:d4:dd:02:b6:5b:e2:9f:c6:ed:
d1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:CF:45:58:58:0C:75:15:41:05:D6:14:9E:8A:F6:07:97:14:01:09
X509v3 Authority Key Identifier:
keyid:20:08:3D:4D:FA:84:4C:57:27:55:8C:4C:75:6D:B2:0D:F8:07:CD:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/IAg9TfqETFcnVYxMdW2yDfgHzYE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAg9TfqETFcnVYxMdW2yDfgHzYE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE60/F1996712C7CF11E4B13BE121C4F9AE02/BBF567AEB0F011E5A08A224DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.56.0/22
103.11.12.0/22
103.106.8.0/22
103.213.204.0/22
202.60.192.0/20
203.159.72.0/22
203.159.96.0/19
IPv6:
2405:6d00::/32
Signature Algorithm: sha256WithRSAEncryption
14:b6:b7:1c:78:b8:f6:d7:1a:5d:ce:63:15:52:8e:03:89:d6:
d1:6d:5a:fb:1e:72:4b:df:b4:82:b9:8f:6e:5f:0d:4d:57:3c:
63:2b:3d:7c:eb:47:56:b6:c0:88:e3:df:16:58:80:2f:87:c3:
1a:df:ce:8c:d6:58:b1:25:10:50:32:2c:c6:30:af:12:c0:cb:
43:b1:95:14:75:da:71:94:a9:f6:8b:3f:bf:67:d8:fd:8b:d6:
59:d8:56:99:24:22:c6:8d:eb:d6:af:be:31:93:32:5e:16:59:
40:78:9b:b2:7b:97:3b:13:f8:3b:5e:c2:a7:7f:93:11:c0:d0:
e2:78:8d:29:ef:b3:df:02:90:a9:72:af:ab:02:e8:c1:99:35:
e0:e1:d8:5b:eb:63:17:44:e8:22:5e:73:c0:4f:50:1c:48:4d:
20:ba:ac:0f:9d:d9:bc:13:25:d5:51:80:a4:a3:ef:19:e4:4d:
95:68:2d:d9:b3:3c:8d:a1:96:f2:6d:5d:09:6a:77:8c:6a:68:
31:47:b1:69:d0:0c:73:37:3b:f4:00:bc:ee:cc:30:49:78:2c:
57:a9:1b:86:f5:09:3a:6e:20:e4:b3:47:e3:c5:68:52:3e:12:
9d:d9:cd:c0:41:44:ad:35:50:1a:4c:a5:4e:e1:7c:e3:ab:e1:
d5:50:c5:0a
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICJxMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFNjAxMTAvBgNVBAUTKDIwMDgzRDRERkE4NDRDNTcyNzU1OEM0Qzc1NkRCMjBE
RjgwN0NEODEwHhcNMjQxMTA1MDQyODEzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI5OWVkZC0xNmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzW7l5lRQ9S4qe/CyIY2//QUsSLjzPn8N2TE3lcvDzWhEjQuyH9M3TUPvtT3F
neKNaDCpte7EhvdJ+JUy5q+xqYG3RmYHiU8AXq77VcPqcgIwI1SNYk4Nyp+LFGHd
CnQ88m4ujaGEFwkCDzW+fMAddnpDjvw3fTxMsXx1QGpF6lUN6d05QQN8mKPgpOg9
HhGpZwIUivlXdlXz6BhXnplRtewg0ZhDr4pWOSV1W55CdO9lCiJy1WuJmhfFsncH
lrmpYE0njURCEsQ4O2Ql5RoOydLRoxqnjW1WvkULaxeoWckjfCPBA7OJWXvlaq3g
Cddtxs7fgj/U3QK2W+Kfxu3RWQIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFNzPRVhY
DHUVQQXWFJ6K9geXFAEJMB8GA1UdIwQYMBaAFCAIPU36hExXJ1WMTHVtsg34B82B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUU2MC9GMTk5NjcxMkM3
Q0YxMUU0QjEzQkUxMjFDNEY5QUUwMi9JQWc5VGZxRVRGY25WWXhNZFcyeURmZ0h6
WUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lBZzlUZnFFVEZjblZZeE1kVzJ5RGZnSHpZRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFNjAvRjE5OTY3MTJDN0NGMTFFNEIxM0JFMTIxQzRGOUFFMDIvQkJGNTY3QUVC
MEYwMTFFNUEwOEEyMjREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAIr9zgDBAJnCwwDBAJnaggDBAJn1cwDBATKPMADBALLn0gD
BAXLn2AwDQQCAAIwBwMFACQFbQAwDQYJKoZIhvcNAQELBQADggEBABS2txx4uPbX
Gl3OYxVSjgOJ1tFtWvseckvftIK5j25fDU1XPGMrPXzrR1a2wIjj3xZYgC+Hwxrf
zozWWLElEFAyLMYwrxLAy0OxlRR12nGUqfaLP79n2P2L1lnYVpkkIsaN69avvjGT
Ml4WWUB4m7J7lzsT+Dtewqd/kxHA0OJ4jSnvs98CkKlyr6sC6MGZNeDh2FvrYxdE
6CJec8BPUBxITSC6rA+d2bwTJdVRgKSj7xnkTZVoLdmzPI2hlvJtXQlqd4xqaDFH
sWnQDHM3O/QAvO7MMEl4LFepG4b1CTpuIOSzR+PFaFI+Ep3ZzcBBRK01UBpMpU7h
fOOr4dVQxQo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:50:06 2024 by rpki-client on console-ams.rpki-client.org