Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915C281/002013461D9911E2BC10668308B02CD2/92078AAE0B5411EF957DA628C4F9AE02.roa
File: 92078AAE0B5411EF957DA628C4F9AE02.roa (raw, json)
Hash identifier: 91eB0Wh9wB3Kxca4R/fpssFUpFmBuw5d9UIN7vpBsIg=
Subject key identifier: 42:90:DE:47:60:F6:E7:7D:D6:90:5A:67:9A:7F:3A:79:5C:16:C6:4A
Certificate issuer: /CN=A915C281/serialNumber=131768A36B30346E3DBEBEBF87B8481BAABE3EEB
Certificate serial: 3452
Authority key identifier: 13:17:68:A3:6B:30:34:6E:3D:BE:BE:BF:87:B8:48:1B:AA:BE:3E:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Exdoo2swNG49vr6_h7hIG6q-Pus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915C281/002013461D9911E2BC10668308B02CD2/92078AAE0B5411EF957DA628C4F9AE02.roa
Signing time: Wed 05 Jun 2024 08:00:35 +0000
ROA not before: Wed 05 Jun 2024 08:00:35 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 45245
IP address blocks: 27.54.144.0/22 maxlen: 24
43.245.120.0/23 maxlen: 24
43.245.122.0/23 maxlen: 24
43.255.20.0/22 maxlen: 24
59.152.0.0/21 maxlen: 24
103.15.164.0/22 maxlen: 24
103.67.156.0/23 maxlen: 24
103.67.158.0/23 maxlen: 24
103.239.4.0/22 maxlen: 24
103.244.12.0/22 maxlen: 24
103.253.44.0/22 maxlen: 24
116.58.200.0/22 maxlen: 24
116.58.204.0/22 maxlen: 24
150.242.104.0/22 maxlen: 24
202.86.216.0/21 maxlen: 24
203.223.92.0/23 maxlen: 24
203.223.94.0/23 maxlen: 24
2401:1900::/32 maxlen: 36
2401:1900::/42 maxlen: 48
2401:1900:40::/42 maxlen: 42
2401:1900:80::/42 maxlen: 46
2401:1900:c0::/42 maxlen: 46
2401:1900:100::/42 maxlen: 46
2401:1900:140::/42 maxlen: 42
2401:1900:180::/42 maxlen: 42
2401:1900:1c0::/42 maxlen: 42
2401:1900:200::/42 maxlen: 42
2401:1900:1000::/42 maxlen: 48
2401:1900:1040::/42 maxlen: 42
2401:1900:1080::/42 maxlen: 42
2401:1900:1100::/42 maxlen: 42
2401:1900:1140::/42 maxlen: 42
2401:1900:2000::/42 maxlen: 48
2401:1900:2040::/42 maxlen: 42
2401:1900:2080::/42 maxlen: 42
2401:1900:2100::/42 maxlen: 42
2401:1900:2140::/42 maxlen: 42
2401:1900:8000::/42 maxlen: 48
2401:1900:8040::/42 maxlen: 46
2401:1900:8080::/42 maxlen: 46
2401:1900:80c0::/42 maxlen: 46
2401:1900:8100::/42 maxlen: 42
2401:1900:8140::/42 maxlen: 42
2401:1900:8180::/42 maxlen: 42
2401:1900:81c0::/42 maxlen: 42
2401:1900:9000::/42 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915C281/002013461D9911E2BC10668308B02CD2/Exdoo2swNG49vr6_h7hIG6q-Pus.crl
rsync://rpki.apnic.net/member_repository/A915C281/002013461D9911E2BC10668308B02CD2/Exdoo2swNG49vr6_h7hIG6q-Pus.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Exdoo2swNG49vr6_h7hIG6q-Pus.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 13 Jun 2024 15:04:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13394 (0x3452)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915C281/serialNumber=131768A36B30346E3DBEBEBF87B8481BAABE3EEB
Validity
Not Before: Jun 5 08:00:35 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=66601b23-6cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:51:09:41:d3:3b:dd:5e:ad:9d:25:4f:f6:37:
6f:4e:6d:f4:cb:a9:8d:ae:7f:61:d4:77:d3:ed:06:
74:5c:5f:a2:5a:fe:1c:be:99:49:e5:5a:13:5d:4d:
27:d1:db:74:fa:40:89:7b:eb:ab:2c:8e:21:59:4e:
1c:ac:64:93:63:80:3d:13:af:5f:34:d2:3c:f0:92:
44:32:b5:9a:74:a7:64:c4:7c:78:a6:3f:6d:f2:f7:
27:6e:ba:e9:65:e5:f5:cf:cf:a0:c4:7e:2c:42:90:
f3:2b:e0:e1:a5:89:9c:f9:7f:d4:14:36:42:3b:14:
9c:19:24:61:1a:7a:1d:25:d1:bc:dc:82:ae:a3:a8:
c3:51:36:b4:6e:c7:66:04:e4:a6:f0:3e:e2:5f:5c:
f8:68:13:71:0d:71:40:5b:d0:60:48:ef:07:de:f7:
bd:bb:84:8d:50:81:3e:98:98:d9:b3:b4:bb:1b:16:
68:9b:2b:f1:04:bd:d8:1b:aa:dd:f7:53:84:b2:ab:
6c:0a:f2:b4:ee:fb:78:17:e4:7f:4f:7a:dc:3a:95:
c6:1c:2c:1a:96:86:a2:ac:f1:a2:48:2e:eb:5d:e8:
1e:29:e0:e4:f2:d7:23:56:80:42:0b:b1:23:92:9a:
20:ab:be:f9:40:86:5b:48:0f:05:83:9a:74:69:ab:
93:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:90:DE:47:60:F6:E7:7D:D6:90:5A:67:9A:7F:3A:79:5C:16:C6:4A
X509v3 Authority Key Identifier:
keyid:13:17:68:A3:6B:30:34:6E:3D:BE:BE:BF:87:B8:48:1B:AA:BE:3E:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915C281/002013461D9911E2BC10668308B02CD2/Exdoo2swNG49vr6_h7hIG6q-Pus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Exdoo2swNG49vr6_h7hIG6q-Pus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C281/002013461D9911E2BC10668308B02CD2/92078AAE0B5411EF957DA628C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.144.0/22
43.245.120.0/22
43.255.20.0/22
59.152.0.0/21
103.15.164.0/22
103.67.156.0/22
103.239.4.0/22
103.244.12.0/22
103.253.44.0/22
116.58.200.0/21
150.242.104.0/22
202.86.216.0/21
203.223.92.0/22
IPv6:
2401:1900::/32
Signature Algorithm: sha256WithRSAEncryption
74:fc:08:c3:30:ed:dd:ed:d8:42:ba:fb:b8:8c:cb:54:61:8f:
d1:58:b1:b0:7a:5b:e5:05:20:ea:28:f1:80:86:e0:14:01:fc:
4a:bb:27:5a:5b:66:50:18:28:c7:57:60:a0:36:9f:1b:0f:0f:
41:a3:55:c1:da:e7:26:39:b0:63:fc:8d:ee:ea:ae:40:a2:88:
cb:a8:df:45:f0:cc:ae:d5:ff:36:6b:c7:ad:13:8a:fc:9e:14:
ab:fd:6d:4b:d8:0d:04:a5:c2:59:30:1f:31:8e:90:bf:34:2c:
45:6d:c0:22:e9:7b:a2:c7:fb:86:38:22:ff:c0:39:06:78:c9:
f4:41:85:f9:6b:a1:a3:cd:b9:39:19:ac:ba:10:f6:e7:db:c6:
bd:e8:cc:53:81:f2:be:50:58:a0:52:c8:46:cc:41:b4:2f:d7:
e7:e6:95:2f:ab:53:64:97:bf:7a:67:e0:ad:1f:9a:e8:35:78:
98:10:54:67:48:e4:44:60:f3:c9:aa:34:c5:bc:3b:6b:ae:9d:
78:0d:76:40:14:1e:1f:d6:49:53:b5:71:9f:69:85:4a:b2:98:
10:03:af:82:c5:25:47:ed:c2:fd:e3:fe:92:cb:1d:6c:30:9a:
d5:cf:5b:40:f6:e8:11:57:2e:b0:9b:fd:f1:71:47:67:6f:0d:
82:ae:57:a3
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgICNFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUMyODExMTAvBgNVBAUTKDEzMTc2OEEzNkIzMDM0NkUzREJFQkVCRjg3Qjg0ODFC
QUFCRTNFRUIwHhcNMjQwNjA1MDgwMDM1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYwMWIyMy02Y2IwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAplEJQdM73V6tnSVP9jdvTm30y6mNrn9h1HfT7QZ0XF+iWv4cvplJ5VoTXU0n
0dt0+kCJe+urLI4hWU4crGSTY4A9E69fNNI88JJEMrWadKdkxHx4pj9t8vcnbrrp
ZeX1z8+gxH4sQpDzK+DhpYmc+X/UFDZCOxScGSRhGnodJdG83IKuo6jDUTa0bsdm
BOSm8D7iX1z4aBNxDXFAW9BgSO8H3ve9u4SNUIE+mJjZs7S7GxZomyvxBL3YG6rd
91OEsqtsCvK07vt4F+R/T3rcOpXGHCwaloairPGiSC7rXegeKeDk8tcjVoBCC7Ej
kpogq775QIZbSA8Fg5p0aauT1wIDAQABo4IC7DCCAugwHQYDVR0OBBYEFEKQ3kdg
9ud91pBaZ5p/OnlcFsZKMB8GA1UdIwQYMBaAFBMXaKNrMDRuPb6+v4e4SBuqvj7r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzI4MS8wMDIwMTM0NjFE
OTkxMUUyQkMxMDY2ODMwOEIwMkNEMi9FeGRvbzJzd05HNDl2cjZfaDdoSUc2cS1Q
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0V4ZG9vMnN3Tkc0OXZyNl9oN2hJRzZxLVB1cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUMyODEvMDAyMDEzNDYxRDk5MTFFMkJDMTA2NjgzMDhCMDJDRDIvOTIwNzhBQUUw
QjU0MTFFRjk1N0RBNjI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdgYIKwYBBQUHAQcBAf8E
ZzBlMFQEAgABME4DBAIbNpADBAIr9XgDBAIr/xQDBAM7mAADBAJnD6QDBAJnQ5wD
BAJn7wQDBAJn9AwDBAJn/SwDBAN0OsgDBAKW8mgDBAPKVtgDBALL31wwDQQCAAIw
BwMFACQBGQAwDQYJKoZIhvcNAQELBQADggEBAHT8CMMw7d3t2EK6+7iMy1Rhj9FY
sbB6W+UFIOoo8YCG4BQB/Eq7J1pbZlAYKMdXYKA2nxsPD0GjVcHa5yY5sGP8je7q
rkCiiMuo30XwzK7V/zZrx60TivyeFKv9bUvYDQSlwlkwHzGOkL80LEVtwCLpe6LH
+4Y4Iv/AOQZ4yfRBhflroaPNuTkZrLoQ9ufbxr3ozFOB8r5QWKBSyEbMQbQv1+fm
lS+rU2SXv3pn4K0fmug1eJgQVGdI5ERg88mqNMW8O2uunXgNdkAUHh/WSVO1cZ9p
hUqymBADr4LFJUftwv3j/pLLHWwwmtXPW0D26BFXLrCb/fFxR2dvDYKuV6M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:47:48 2024 by rpki-client on console-fra.rpki-client.org