Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915C281/002013461D9911E2BC10668308B02CD2/92078AAE0B5411EF957DA628C4F9AE02.roa
File: 92078AAE0B5411EF957DA628C4F9AE02.roa (raw, json)
Hash identifier: Xb2hPwWdc7QTcQDz+qvvab15wycaCcgbmopek0oJdTs=
Subject key identifier: EB:6F:FC:71:DE:5D:B4:5E:E6:9A:9B:2A:C1:22:D3:D8:B3:3F:BD:C2
Certificate issuer: /CN=A915C281/serialNumber=131768A36B30346E3DBEBEBF87B8481BAABE3EEB
Certificate serial: 3473
Authority key identifier: 13:17:68:A3:6B:30:34:6E:3D:BE:BE:BF:87:B8:48:1B:AA:BE:3E:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Exdoo2swNG49vr6_h7hIG6q-Pus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915C281/002013461D9911E2BC10668308B02CD2/92078AAE0B5411EF957DA628C4F9AE02.roa
Signing time: Wed 31 Jul 2024 15:30:51 +0000
ROA not before: Wed 31 Jul 2024 15:30:51 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45245
IP address blocks: 27.54.144.0/22 maxlen: 24
43.245.120.0/23 maxlen: 24
43.245.122.0/23 maxlen: 24
43.255.20.0/22 maxlen: 24
59.152.0.0/21 maxlen: 24
103.15.164.0/22 maxlen: 24
103.67.156.0/23 maxlen: 24
103.67.158.0/23 maxlen: 24
103.239.4.0/22 maxlen: 24
103.244.12.0/22 maxlen: 24
103.253.44.0/22 maxlen: 24
116.58.200.0/22 maxlen: 24
116.58.204.0/22 maxlen: 24
150.242.104.0/22 maxlen: 24
202.86.216.0/21 maxlen: 24
203.223.92.0/23 maxlen: 24
203.223.94.0/23 maxlen: 24
2401:1900::/32 maxlen: 36
2401:1900::/42 maxlen: 48
2401:1900:40::/42 maxlen: 42
2401:1900:80::/42 maxlen: 46
2401:1900:c0::/42 maxlen: 46
2401:1900:100::/42 maxlen: 46
2401:1900:140::/42 maxlen: 42
2401:1900:180::/42 maxlen: 42
2401:1900:1c0::/42 maxlen: 42
2401:1900:200::/42 maxlen: 42
2401:1900:1000::/42 maxlen: 48
2401:1900:1040::/42 maxlen: 42
2401:1900:1080::/42 maxlen: 42
2401:1900:1100::/42 maxlen: 42
2401:1900:1140::/42 maxlen: 42
2401:1900:2000::/42 maxlen: 48
2401:1900:2040::/42 maxlen: 42
2401:1900:2080::/42 maxlen: 42
2401:1900:2100::/42 maxlen: 42
2401:1900:2140::/42 maxlen: 42
2401:1900:8000::/42 maxlen: 48
2401:1900:8040::/42 maxlen: 46
2401:1900:8080::/42 maxlen: 46
2401:1900:80c0::/42 maxlen: 46
2401:1900:8100::/42 maxlen: 42
2401:1900:8140::/42 maxlen: 42
2401:1900:8180::/42 maxlen: 42
2401:1900:81c0::/42 maxlen: 42
2401:1900:9000::/42 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915C281/002013461D9911E2BC10668308B02CD2/Exdoo2swNG49vr6_h7hIG6q-Pus.crl
rsync://rpki.apnic.net/member_repository/A915C281/002013461D9911E2BC10668308B02CD2/Exdoo2swNG49vr6_h7hIG6q-Pus.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Exdoo2swNG49vr6_h7hIG6q-Pus.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:55:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13427 (0x3473)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915C281/serialNumber=131768A36B30346E3DBEBEBF87B8481BAABE3EEB
Validity
Not Before: Jul 31 15:30:51 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66aa58aa-3134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:99:60:ef:fd:e5:30:91:f6:c8:9a:c9:bc:4d:
7a:ac:09:24:d5:fe:28:d3:3e:c4:a7:73:0d:c4:43:
4d:87:0e:79:8b:96:2a:66:cb:4e:18:1e:dc:9a:67:
ab:a3:32:fa:66:7c:c1:1d:ad:f0:b6:f6:aa:8f:11:
54:fe:74:ec:4e:c4:b3:be:7c:17:cd:56:fe:85:24:
f2:0f:4d:85:b9:2c:99:43:05:a0:ad:a2:74:08:2b:
ff:f8:1b:ee:f4:0e:2a:e3:5a:a3:20:1a:ed:bb:f2:
d3:ad:0a:eb:54:f7:23:d3:11:58:04:f9:e8:45:05:
f0:a4:11:9a:70:2e:ab:1b:de:a8:1c:98:e8:39:dc:
71:ee:d0:45:46:11:ee:41:c8:83:7e:cf:c5:5d:7d:
2c:93:f3:b4:a2:e8:27:59:63:59:90:ba:97:5c:0e:
ce:8f:13:00:51:f6:6e:52:cc:c1:04:87:c4:4c:7e:
55:95:8c:70:39:c7:20:44:0d:f9:b9:16:f5:e6:4a:
f5:67:fd:1c:4c:3e:e3:57:c3:38:a8:01:af:7a:2d:
b9:d2:29:e6:25:b0:c0:3a:41:2c:d7:c0:66:54:e0:
7d:6c:70:2f:1d:40:bf:a2:b1:f8:5e:31:37:51:74:
0c:e0:59:33:2a:94:59:14:8c:cf:2e:c0:bb:89:97:
3b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6F:FC:71:DE:5D:B4:5E:E6:9A:9B:2A:C1:22:D3:D8:B3:3F:BD:C2
X509v3 Authority Key Identifier:
keyid:13:17:68:A3:6B:30:34:6E:3D:BE:BE:BF:87:B8:48:1B:AA:BE:3E:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915C281/002013461D9911E2BC10668308B02CD2/Exdoo2swNG49vr6_h7hIG6q-Pus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Exdoo2swNG49vr6_h7hIG6q-Pus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C281/002013461D9911E2BC10668308B02CD2/92078AAE0B5411EF957DA628C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.144.0/22
43.245.120.0/22
43.255.20.0/22
59.152.0.0/21
103.15.164.0/22
103.67.156.0/22
103.239.4.0/22
103.244.12.0/22
103.253.44.0/22
116.58.200.0/21
150.242.104.0/22
202.86.216.0/21
203.223.92.0/22
IPv6:
2401:1900::/32
Signature Algorithm: sha256WithRSAEncryption
5d:a6:d0:a6:81:77:d2:ba:88:f3:1c:5d:4b:06:3c:56:3e:fa:
26:7b:3a:df:5a:cf:34:1b:c2:ff:c9:9b:0e:52:1f:42:b1:75:
a8:5d:f3:4a:c2:28:27:91:c8:5b:ca:91:d4:a5:df:a2:64:cd:
a1:18:fb:69:0b:49:e0:38:04:18:d6:29:50:97:ce:1f:5b:2a:
1c:a0:fc:c7:f7:4c:8d:7c:5c:fd:90:13:45:94:64:63:b0:98:
ec:b8:86:a8:b9:e1:81:42:22:ba:92:49:d9:08:22:5f:0a:f9:
23:83:19:d7:80:fd:62:ad:52:3d:05:aa:b3:df:75:fc:8e:ef:
b0:d1:f6:88:6d:24:bf:56:b8:d5:48:2b:94:01:b6:58:ec:cf:
7d:44:78:19:cd:39:62:65:40:d7:cd:5c:44:af:e9:1d:49:93:
65:09:be:ac:2f:88:bd:f4:4e:02:ef:58:eb:2b:07:ca:49:6f:
07:4b:60:f9:2f:6d:71:bf:8c:75:89:19:cf:3b:01:62:60:71:
37:30:a5:3f:11:53:c5:1f:6f:37:54:a1:0e:bd:40:61:86:46:
19:fc:05:f1:ef:79:84:eb:be:59:9c:55:c2:70:74:59:04:c1:
ef:8c:78:7e:71:b0:f2:44:07:14:15:de:65:7c:7c:c2:bf:ca:
00:41:51:1c
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgICNHMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUMyODExMTAvBgNVBAUTKDEzMTc2OEEzNkIzMDM0NkUzREJFQkVCRjg3Qjg0ODFC
QUFCRTNFRUIwHhcNMjQwNzMxMTUzMDUxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFhNThhYS0zMTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA05lg7/3lMJH2yJrJvE16rAkk1f4o0z7Ep3MNxENNhw55i5YqZstOGB7cmmer
ozL6ZnzBHa3wtvaqjxFU/nTsTsSzvnwXzVb+hSTyD02FuSyZQwWgraJ0CCv/+Bvu
9A4q41qjIBrtu/LTrQrrVPcj0xFYBPnoRQXwpBGacC6rG96oHJjoOdxx7tBFRhHu
QciDfs/FXX0sk/O0ougnWWNZkLqXXA7OjxMAUfZuUszBBIfETH5VlYxwOccgRA35
uRb15kr1Z/0cTD7jV8M4qAGvei250inmJbDAOkEs18BmVOB9bHAvHUC/orH4XjE3
UXQM4FkzKpRZFIzPLsC7iZc73wIDAQABo4IC7DCCAugwHQYDVR0OBBYEFOtv/HHe
XbRe5pqbKsEi09izP73CMB8GA1UdIwQYMBaAFBMXaKNrMDRuPb6+v4e4SBuqvj7r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzI4MS8wMDIwMTM0NjFE
OTkxMUUyQkMxMDY2ODMwOEIwMkNEMi9FeGRvbzJzd05HNDl2cjZfaDdoSUc2cS1Q
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0V4ZG9vMnN3Tkc0OXZyNl9oN2hJRzZxLVB1cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUMyODEvMDAyMDEzNDYxRDk5MTFFMkJDMTA2NjgzMDhCMDJDRDIvOTIwNzhBQUUw
QjU0MTFFRjk1N0RBNjI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdgYIKwYBBQUHAQcBAf8E
ZzBlMFQEAgABME4DBAIbNpADBAIr9XgDBAIr/xQDBAM7mAADBAJnD6QDBAJnQ5wD
BAJn7wQDBAJn9AwDBAJn/SwDBAN0OsgDBAKW8mgDBAPKVtgDBALL31wwDQQCAAIw
BwMFACQBGQAwDQYJKoZIhvcNAQELBQADggEBAF2m0KaBd9K6iPMcXUsGPFY++iZ7
Ot9azzQbwv/Jmw5SH0Kxdahd80rCKCeRyFvKkdSl36JkzaEY+2kLSeA4BBjWKVCX
zh9bKhyg/Mf3TI18XP2QE0WUZGOwmOy4hqi54YFCIrqSSdkIIl8K+SODGdeA/WKt
Uj0FqrPfdfyO77DR9ohtJL9WuNVIK5QBtljsz31EeBnNOWJlQNfNXESv6R1Jk2UJ
vqwviL30TgLvWOsrB8pJbwdLYPkvbXG/jHWJGc87AWJgcTcwpT8RU8UfbzdUoQ69
QGGGRhn8BfHveYTrvlmcVcJwdFkEwe+MeH5xsPJEBxQV3mV8fMK/ygBBURw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:55:46 2024 by rpki-client on console-fra.rpki-client.org