Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/744D8A1005EE11EF851FA42FC4F9AE02.roa
File: 744D8A1005EE11EF851FA42FC4F9AE02.roa (raw, json)
Hash identifier: hVORPrWbzvnXa1/beyF2q+C2vxvW8EJa17wyUDKL+P4=
Subject key identifier: DD:4D:61:CD:4B:A3:7A:EC:90:71:41:3E:0D:56:37:FB:50:80:A5:96
Certificate issuer: /CN=A91847C2/serialNumber=3885F9D2FD0860283B55381F1C4F4A5A3A1EEF3F
Certificate serial: 02
Authority key identifier: 38:85:F9:D2:FD:08:60:28:3B:55:38:1F:1C:4F:4A:5A:3A:1E:EF:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIX50v0IYCg7VTgfHE9KWjoe7z8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/744D8A1005EE11EF851FA42FC4F9AE02.roa
Signing time: Mon 29 Apr 2024 06:05:18 +0000
ROA not before: Mon 29 Apr 2024 06:05:18 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 7131
IP address blocks: 45.117.196.0/22 maxlen: 22
45.117.196.0/24 maxlen: 24
45.117.197.0/24 maxlen: 24
45.117.198.0/24 maxlen: 24
45.117.199.0/24 maxlen: 24
103.1.96.0/22 maxlen: 22
103.1.96.0/24 maxlen: 24
103.1.97.0/24 maxlen: 24
103.1.98.0/24 maxlen: 24
103.1.99.0/24 maxlen: 24
103.57.232.0/22 maxlen: 22
103.57.232.0/24 maxlen: 24
103.57.233.0/24 maxlen: 24
103.57.234.0/24 maxlen: 24
103.57.235.0/24 maxlen: 24
202.88.64.0/20 maxlen: 20
202.88.64.0/24 maxlen: 24
202.88.65.0/24 maxlen: 24
202.88.66.0/24 maxlen: 24
202.88.67.0/24 maxlen: 24
202.88.68.0/24 maxlen: 24
202.88.69.0/24 maxlen: 24
202.88.70.0/24 maxlen: 24
202.88.71.0/24 maxlen: 24
202.88.72.0/24 maxlen: 24
202.88.73.0/24 maxlen: 24
202.88.74.0/24 maxlen: 24
202.88.75.0/24 maxlen: 24
202.88.76.0/24 maxlen: 24
202.88.77.0/24 maxlen: 24
202.88.78.0/24 maxlen: 24
202.88.79.0/24 maxlen: 24
202.88.80.0/20 maxlen: 20
202.88.80.0/24 maxlen: 24
202.88.81.0/24 maxlen: 24
202.88.82.0/24 maxlen: 24
202.88.83.0/24 maxlen: 24
202.88.84.0/24 maxlen: 24
202.88.85.0/24 maxlen: 24
202.88.86.0/24 maxlen: 24
202.88.87.0/24 maxlen: 24
202.88.88.0/24 maxlen: 24
202.88.89.0/24 maxlen: 24
202.88.90.0/24 maxlen: 24
202.88.91.0/24 maxlen: 24
202.88.92.0/24 maxlen: 24
202.88.93.0/24 maxlen: 24
202.88.94.0/24 maxlen: 24
202.88.95.0/24 maxlen: 24
210.23.80.0/20 maxlen: 20
210.23.80.0/24 maxlen: 24
210.23.81.0/24 maxlen: 24
210.23.82.0/24 maxlen: 24
210.23.83.0/24 maxlen: 24
210.23.84.0/24 maxlen: 24
210.23.85.0/24 maxlen: 24
210.23.86.0/24 maxlen: 24
210.23.87.0/24 maxlen: 24
210.23.88.0/24 maxlen: 24
210.23.89.0/24 maxlen: 24
210.23.90.0/24 maxlen: 24
210.23.91.0/24 maxlen: 24
210.23.92.0/24 maxlen: 24
210.23.93.0/24 maxlen: 24
210.23.94.0/24 maxlen: 24
210.23.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.crl
rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIX50v0IYCg7VTgfHE9KWjoe7z8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 02 Jul 2024 07:35:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91847C2/serialNumber=3885F9D2FD0860283B55381F1C4F4A5A3A1EEF3F
Validity
Not Before: Apr 29 06:05:18 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=662f389e-6aa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:df:24:7a:0f:c0:da:d3:60:72:08:4e:00:6f:
3c:d9:2d:83:42:9c:0e:bd:b0:61:5c:f1:d6:79:a9:
f0:7b:05:3f:f2:9b:d5:8c:4b:2c:44:42:f5:db:57:
18:d4:02:cd:f6:35:59:c8:09:ac:4f:d6:40:eb:39:
76:64:5b:34:9c:1c:c1:cc:2a:ac:15:87:68:e0:24:
8e:8c:aa:88:b8:9e:ab:8d:e0:cc:f7:e4:14:bc:4a:
38:42:7f:f4:a1:3a:c4:a4:5f:dd:04:94:2e:de:d1:
c5:c4:fd:0b:e1:e1:74:e7:85:1f:a5:27:1c:61:09:
69:f8:8d:30:4d:61:5f:bf:90:08:0f:a6:97:47:90:
a7:fd:88:50:db:43:53:eb:59:9d:bc:9d:01:4c:a7:
88:2c:d7:ff:63:3d:f8:38:5f:e4:7a:99:32:04:72:
bd:42:29:20:de:e8:56:ae:c9:4c:d0:14:cf:7d:8e:
af:cf:8c:06:05:65:d5:ae:ee:1f:ba:12:b4:e3:08:
42:dd:bf:ec:dd:c6:de:4a:dd:29:68:20:16:22:c2:
b3:76:98:c0:97:39:f0:25:2d:28:8e:f8:b4:01:c2:
df:46:fe:84:d2:3f:28:1f:df:ad:5b:b3:e9:2c:21:
25:dc:2e:0d:b9:dc:57:04:fc:94:b6:65:8f:a8:a0:
07:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:4D:61:CD:4B:A3:7A:EC:90:71:41:3E:0D:56:37:FB:50:80:A5:96
X509v3 Authority Key Identifier:
keyid:38:85:F9:D2:FD:08:60:28:3B:55:38:1F:1C:4F:4A:5A:3A:1E:EF:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIX50v0IYCg7VTgfHE9KWjoe7z8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/744D8A1005EE11EF851FA42FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.196.0/22
103.1.96.0/22
103.57.232.0/22
202.88.64.0/19
210.23.80.0/20
Signature Algorithm: sha256WithRSAEncryption
16:f2:28:7a:3b:4f:91:57:25:24:ff:f0:73:f1:9c:58:ec:23:
07:87:7c:50:a0:7b:e3:9b:2a:ec:e3:0a:85:ef:f2:bb:f7:29:
ae:3d:2d:7e:7d:26:71:bb:3f:78:e6:1a:c2:fe:a9:6a:9d:d2:
da:e9:b4:74:5e:60:d1:7b:bf:ff:61:83:32:48:e1:bb:12:06:
bf:52:fd:34:00:7c:37:0d:d1:28:f3:16:e0:3a:7e:a1:7d:1b:
c5:21:a5:e6:dd:2e:c6:e0:5a:1b:8a:c6:b6:a7:aa:22:0c:ba:
42:b9:df:81:37:f3:4f:03:19:d1:70:f3:c2:86:9c:75:e7:aa:
6a:d8:b0:77:0f:f7:62:b5:d5:45:06:c5:7e:72:54:99:a2:0d:
d1:4c:ae:11:cd:8b:46:81:01:66:59:86:be:92:20:83:33:21:
00:fc:c6:77:9f:aa:6a:6e:e9:12:dc:d7:f1:70:7b:1d:d1:e3:
01:6d:52:b4:00:d1:2d:a3:5d:1c:5d:95:2d:c9:7c:5a:ac:c5:
e9:1c:df:58:8a:93:79:ca:28:0e:44:53:77:e4:12:76:4d:3a:
de:fa:52:5c:e0:9f:c3:ea:3c:e8:78:3c:1d:2d:0f:00:af:49:
69:de:a9:f6:ee:99:5e:df:76:43:51:97:db:6f:a9:7b:5b:53:
6f:98:fe:4e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NDdDMjExMC8GA1UEBRMoMzg4NUY5RDJGRDA4NjAyODNCNTUzODFGMUM0RjRBNUEz
QTFFRUYzRjAeFw0yNDA0MjkwNjA1MThaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MmYzODllLTZhYTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCk3yR6D8Da02ByCE4AbzzZLYNCnA69sGFc8dZ5qfB7BT/ym9WMSyxEQvXbVxjU
As32NVnICaxP1kDrOXZkWzScHMHMKqwVh2jgJI6Mqoi4nquN4Mz35BS8SjhCf/Sh
OsSkX90ElC7e0cXE/Qvh4XTnhR+lJxxhCWn4jTBNYV+/kAgPppdHkKf9iFDbQ1Pr
WZ28nQFMp4gs1/9jPfg4X+R6mTIEcr1CKSDe6FauyUzQFM99jq/PjAYFZdWu7h+6
ErTjCELdv+zdxt5K3SloIBYiwrN2mMCXOfAlLSiO+LQBwt9G/oTSPygf361bs+ks
ISXcLg253FcE/JS2ZY+ooAeHAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQU3U1hzUuj
euyQcUE+DVY3+1CApZYwHwYDVR0jBBgwFoAUOIX50v0IYCg7VTgfHE9KWjoe7z8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg0N0MyL0I5MkJGQUQ0MDVF
QjExRUY5NTZCRDY0M0M0RjlBRTAyL09JWDUwdjBJWUNnN1ZUZ2ZIRTlLV2pvZTd6
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvT0lYNTB2MElZQ2c3VlRnZkhFOUtXam9lN3o4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NDdDMi9COTJCRkFENDA1RUIxMUVGOTU2QkQ2NDNDNEY5QUUwMi83NDREOEExMDA1
RUUxMUVGODUxRkE0MkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQo
MCYwJAQCAAEwHgMEAi11xAMEAmcBYAMEAmc56AMEBcpYQAMEBNIXUDANBgkqhkiG
9w0BAQsFAAOCAQEAFvIoejtPkVclJP/wc/GcWOwjB4d8UKB745sq7OMKhe/yu/cp
rj0tfn0mcbs/eOYawv6pap3S2um0dF5g0Xu//2GDMkjhuxIGv1L9NAB8Nw3RKPMW
4Dp+oX0bxSGl5t0uxuBaG4rGtqeqIgy6QrnfgTfzTwMZ0XDzwoacdeeqatiwdw/3
YrXVRQbFfnJUmaIN0UyuEc2LRoEBZlmGvpIggzMhAPzGd5+qam7pEtzX8XB7HdHj
AW1StADRLaNdHF2VLcl8WqzF6RzfWIqTecooDkRTd+QSdk063vpSXOCfw+o86Hg8
HS0PAK9Jad6p9u6ZXt92Q1GX22+pe1tTb5j+Tg==
-----END CERTIFICATE-----
Generated at Tue Jun 25 10:52:15 2024 by rpki-client on console-ams.rpki-client.org