Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
File: 956DEFE80CDB11EAB14B9162C4F9AE02.roa (raw, json)
Hash identifier: R8KJDJxlQWb8ndwOjrL7Ucl8gCWXIPBfXSkLlfNAWuo=
Subject key identifier: 66:16:CD:C4:D6:A5:D5:A8:CF:12:2D:AE:32:D8:06:28:E8:78:57:69
Certificate issuer: /CN=A919EAAD/serialNumber=25099046EB59D645D419A428FC701A57353FBF2C
Certificate serial: 0BE0
Authority key identifier: 25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
Signing time: Thu 14 Nov 2024 04:35:34 +0000
ROA not before: Thu 14 Nov 2024 04:35:34 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 133385
IP address blocks: 45.120.84.0/22 maxlen: 22
45.120.84.0/24 maxlen: 24
45.120.85.0/24 maxlen: 24
45.120.86.0/24 maxlen: 24
45.120.87.0/24 maxlen: 24
103.255.172.0/22 maxlen: 22
103.255.172.0/24 maxlen: 24
103.255.172.64/26 maxlen: 26
103.255.172.128/25 maxlen: 25
103.255.173.0/24 maxlen: 24
103.255.174.0/24 maxlen: 24
103.255.175.0/24 maxlen: 24
2400:8480:1000::/48 maxlen: 48
2400:8480:1100::/48 maxlen: 48
2400:8480:2010::/44 maxlen: 44
2400:8480:2020::/44 maxlen: 44
2400:8480:2030::/44 maxlen: 44
2400:8480:2040::/44 maxlen: 44
2400:8480:2110::/44 maxlen: 44
2400:8480:2120::/44 maxlen: 44
2400:8480:2130::/44 maxlen: 44
2400:8480:2140::/44 maxlen: 44
2400:8480:3010::/44 maxlen: 44
2400:8480:3020::/44 maxlen: 44
2400:8480:3030::/44 maxlen: 44
2400:8480:3040::/44 maxlen: 44
2400:8480:3110::/44 maxlen: 44
2400:8480:3120::/44 maxlen: 44
2400:8480:3130::/44 maxlen: 44
2400:8480:3140::/44 maxlen: 44
2400:8480:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.crl
rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 18:33:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3040 (0xbe0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919EAAD/serialNumber=25099046EB59D645D419A428FC701A57353FBF2C
Validity
Not Before: Nov 14 04:35:34 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=67357e15-18bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:73:b1:b7:7f:a1:ab:b1:ef:9c:44:43:e8:06:
6d:99:73:10:e8:00:54:a1:30:d6:b4:24:97:c1:40:
bc:66:ce:ed:19:23:bc:d3:b1:aa:3d:69:16:ba:6a:
41:eb:f0:df:1e:22:0f:5b:da:4b:23:ff:b3:69:99:
9a:ba:00:63:78:08:e3:34:4b:9b:5b:33:04:5b:5f:
fa:2f:d0:e4:73:16:f3:fb:45:8c:fd:e5:23:a2:5d:
8f:65:aa:af:33:90:71:7f:e1:3a:83:3e:8a:7e:f3:
07:40:b9:17:7c:27:91:f6:b1:71:b4:bd:00:7f:4a:
70:1d:f6:d9:4d:88:45:f2:92:c4:23:60:d0:ec:77:
ad:93:19:5a:e5:20:58:80:5e:e3:e7:48:4c:2c:d1:
2c:61:cd:b4:4e:8f:4a:51:c0:b1:c8:35:c0:f5:b3:
f8:4b:b9:8e:c2:31:7e:c1:b7:8b:95:93:36:3d:a5:
ab:de:b1:02:db:dc:58:95:dd:87:ca:f8:a0:f5:87:
26:24:79:d4:55:73:ec:2f:7b:27:50:9c:79:c7:9d:
ad:2a:71:77:d5:82:9e:81:0b:0c:85:b1:e2:76:9d:
12:3d:c7:22:2b:fb:00:98:29:a2:58:6c:84:4f:b1:
5b:18:e8:cf:d2:a0:8c:7b:d1:4e:4a:44:55:d0:68:
56:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:16:CD:C4:D6:A5:D5:A8:CF:12:2D:AE:32:D8:06:28:E8:78:57:69
X509v3 Authority Key Identifier:
keyid:25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/956DEFE80CDB11EAB14B9162C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.120.84.0/22
103.255.172.0/22
IPv6:
2400:8480:1000::/48
2400:8480:1100::/48
2400:8480:2010::-2400:8480:204f:ffff:ffff:ffff:ffff:ffff
2400:8480:2110::-2400:8480:214f:ffff:ffff:ffff:ffff:ffff
2400:8480:3010::-2400:8480:304f:ffff:ffff:ffff:ffff:ffff
2400:8480:3110::-2400:8480:314f:ffff:ffff:ffff:ffff:ffff
2400:8480:5000::/36
Signature Algorithm: sha256WithRSAEncryption
9e:3b:9c:0d:1e:43:f0:39:c7:83:80:7f:51:c3:5d:25:28:90:
fb:4a:be:9b:05:bd:42:a1:02:19:ff:da:ad:b5:22:09:56:da:
55:7b:0a:12:ab:46:20:52:d1:9d:34:1a:94:af:b2:0b:bc:2c:
cb:0f:81:e3:76:21:cc:93:53:21:49:f8:fb:66:5d:d3:cd:ce:
a4:a4:12:18:c4:30:d0:39:54:85:bf:8c:e2:9b:b8:f4:93:b2:
5a:53:f1:d8:7d:9e:ca:83:11:07:c2:19:6b:99:ad:ab:97:34:
b6:27:88:6b:45:96:b0:84:77:46:99:54:2f:36:f7:4d:08:4b:
12:bd:f9:d8:b9:22:7a:c3:1b:e4:db:be:85:46:3f:fb:d1:fb:
7e:24:88:1a:43:33:96:c2:d8:ed:21:7b:d9:a5:c4:de:2f:ec:
0c:7c:6d:b6:eb:c4:09:b9:f5:51:f6:05:89:91:98:75:00:93:
66:62:32:39:12:6c:0a:0c:ce:6c:28:98:bd:cf:85:ad:6c:72:
ad:e3:41:6b:5f:5b:23:bd:3c:bd:21:f9:54:7e:63:29:38:a4:
86:80:ad:7e:fa:c9:63:7a:a5:84:9d:06:23:b6:be:ef:35:b4:
8b:9d:81:94:48:d5:6d:bd:b5:4e:e8:e0:a6:b6:cd:d4:a0:99:
86:ac:06:d9
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgICC+AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUVBQUQxMTAvBgNVBAUTKDI1MDk5MDQ2RUI1OUQ2NDVENDE5QTQyOEZDNzAxQTU3
MzUzRkJGMkMwHhcNMjQxMTE0MDQzNTM0WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzM1N2UxNS0xOGJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7XOxt3+hq7HvnERD6AZtmXMQ6ABUoTDWtCSXwUC8Zs7tGSO807GqPWkWumpB
6/DfHiIPW9pLI/+zaZmaugBjeAjjNEubWzMEW1/6L9Dkcxbz+0WM/eUjol2PZaqv
M5Bxf+E6gz6KfvMHQLkXfCeR9rFxtL0Af0pwHfbZTYhF8pLEI2DQ7Hetkxla5SBY
gF7j50hMLNEsYc20To9KUcCxyDXA9bP4S7mOwjF+wbeLlZM2PaWr3rEC29xYld2H
yvig9YcmJHnUVXPsL3snUJx5x52tKnF31YKegQsMhbHidp0SPcciK/sAmCmiWGyE
T7FbGOjP0qCMe9FOSkRV0GhWFQIDAQABo4IDEDCCAwwwHQYDVR0OBBYEFGYWzcTW
pdWozxItrjLYBijoeFdpMB8GA1UdIwQYMBaAFCUJkEbrWdZF1BmkKPxwGlc1P78s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFBRC83N0Q5NTBGMjA5
RDUxMUVBQjc2QzczMTdDNEY5QUUwMi9KUW1RUnV0WjFrWFVHYVFvX0hBYVZ6VV92
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pRbVFSdXRaMWtYVUdhUW9fSEFhVnpVX3Z5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBQUQvNzdEOTUwRjIwOUQ1MTFFQUI3NkM3MzE3QzRGOUFFMDIvOTU2REVGRTgw
Q0RCMTFFQUIxNEI5MTYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZkGCCsGAQUFBwEHAQH/
BIGJMIGGMBIEAgABMAwDBAIteFQDBAJn/6wwcAQCAAIwagMHACQAhIAQAAMHACQA
hIARADASAwcEJACEgCAQAwcEJACEgCBAMBIDBwQkAISAIRADBwQkAISAIUAwEgMH
BCQAhIAwEAMHBCQAhIAwQDASAwcEJACEgDEQAwcEJACEgDFAAwYEJACEgFAwDQYJ
KoZIhvcNAQELBQADggEBAJ47nA0eQ/A5x4OAf1HDXSUokPtKvpsFvUKhAhn/2q21
IglW2lV7ChKrRiBS0Z00GpSvsgu8LMsPgeN2IcyTUyFJ+PtmXdPNzqSkEhjEMNA5
VIW/jOKbuPSTslpT8dh9nsqDEQfCGWuZrauXNLYniGtFlrCEd0aZVC82900ISxK9
+di5InrDG+TbvoVGP/vR+34kiBpDM5bC2O0he9mlxN4v7Ax8bbbrxAm59VH2BYmR
mHUAk2ZiMjkSbAoMzmwomL3Pha1scq3jQWtfWyO9PL0h+VR+Yyk4pIaArX76yWN6
pYSdBiO2vu81tIudgZRI1W29tU7o4Ka2zdSgmYasBtk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:14 2024 by rpki-client on console-ams.rpki-client.org