Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/754A150C7F1411EEBF459226C4F9AE02.roa
File: 754A150C7F1411EEBF459226C4F9AE02.roa (raw, json)
Hash identifier: qLqzP0mLXayB2PttyWHq9YwemJ+Ze+fpYKqUpMoEs0E=
Subject key identifier: BB:0F:8D:8B:4A:F5:77:E6:0E:5F:6B:05:3B:6B:25:74:2E:0F:E2:65
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4090
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/754A150C7F1411EEBF459226C4F9AE02.roa
Signing time: Thu 16 Nov 2023 04:34:16 +0000
ROA not before: Thu 16 Nov 2023 04:34:16 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 131353
IP address blocks: 45.117.80.0/22 maxlen: 24
45.117.176.0/24 maxlen: 24
45.117.177.0/24 maxlen: 24
45.117.178.0/24 maxlen: 24
45.117.179.0/24 maxlen: 24
103.28.36.0/22 maxlen: 22
103.57.208.0/24 maxlen: 24
103.57.209.0/24 maxlen: 24
103.57.210.0/24 maxlen: 24
103.57.211.0/24 maxlen: 24
103.101.160.0/24 maxlen: 24
103.101.161.0/24 maxlen: 24
103.101.162.0/24 maxlen: 24
103.101.163.0/24 maxlen: 24
103.124.92.0/22 maxlen: 24
103.159.50.0/23 maxlen: 24
103.170.122.0/23 maxlen: 24
103.176.178.0/23 maxlen: 24
103.179.190.0/23 maxlen: 24
2001:df1:3200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Jun 2024 01:59:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16528 (0x4090)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Nov 16 04:34:16 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=65559bc8-4c22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ca:57:d5:fe:26:36:3b:42:be:bb:d8:9c:6f:
1d:fe:37:ad:00:59:d8:b9:cd:5e:30:88:1f:14:84:
0b:31:56:4d:aa:22:cc:07:5a:26:63:34:96:3d:35:
59:c7:72:54:ec:f4:ad:61:97:91:a0:1e:13:c3:b6:
df:64:8a:d5:c7:7f:60:11:64:2a:7e:40:25:4b:56:
7f:77:d3:0b:e0:bc:d5:36:4d:06:d7:ea:3f:f7:2a:
b3:f5:6a:05:b1:3c:d1:e9:3c:8c:2e:d6:6f:13:11:
51:f3:e9:7f:23:f7:7e:65:84:94:77:6e:7f:4a:e3:
bb:dd:26:2a:9e:aa:f4:d9:78:0e:5b:0b:87:29:53:
7d:3a:5d:26:9d:5f:ff:6a:cb:b2:c1:bc:51:84:78:
e2:21:16:f3:bc:96:61:b8:ac:9f:4c:d5:4d:83:54:
06:a2:ea:f2:7a:fd:48:ac:c3:a5:03:5c:e7:7e:1b:
be:ac:9b:2a:56:28:f9:5a:07:1a:36:3b:5b:f8:06:
1d:f4:7b:70:fc:d1:d5:a6:46:fa:5d:1e:4d:c5:2a:
53:96:30:3a:47:a7:d7:ef:86:dc:10:04:48:a0:b7:
1d:ec:aa:a0:7c:54:12:66:06:14:36:98:15:3b:a2:
ca:76:5f:cb:92:de:83:3b:50:5a:2f:67:03:bd:23:
73:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:0F:8D:8B:4A:F5:77:E6:0E:5F:6B:05:3B:6B:25:74:2E:0F:E2:65
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/754A150C7F1411EEBF459226C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.80.0/22
45.117.176.0/22
103.28.36.0/22
103.57.208.0/22
103.101.160.0/22
103.124.92.0/22
103.159.50.0/23
103.170.122.0/23
103.176.178.0/23
103.179.190.0/23
IPv6:
2001:df1:3200::/48
Signature Algorithm: sha256WithRSAEncryption
88:5f:10:6d:e9:d5:df:8d:1d:24:dd:ed:4e:c8:18:c7:bf:f0:
d7:4f:32:47:7a:3f:f6:50:85:de:82:ad:5f:a4:ed:13:21:ad:
f9:55:da:dc:6f:c8:b1:19:cb:f7:19:83:c3:31:e8:72:30:31:
5d:ba:66:cf:6b:fc:61:00:27:51:d7:2d:5b:7e:d8:b3:40:8a:
f4:b8:58:59:8c:77:39:cf:2b:42:f8:f1:6e:01:97:84:f4:93:
70:23:9f:43:67:1b:55:c8:5d:c1:2f:64:a6:4e:0e:01:9b:45:
33:0d:ed:d5:e6:7a:bf:a8:5e:aa:cb:a5:cc:4e:b3:8a:d7:94:
28:29:53:20:85:44:d5:95:95:af:e9:f3:7f:2e:a5:cc:50:30:
07:9a:d3:dc:7b:98:2e:35:ef:59:1b:83:a7:91:34:4b:8b:c4:
67:03:1e:5d:f3:3b:7d:0f:06:46:25:be:66:09:46:d7:f0:e9:
bf:68:58:1a:c7:13:5d:d2:15:22:c6:81:ee:0a:f3:5b:d2:d8:
58:3d:a0:12:72:68:3e:95:e7:13:1e:7c:c7:a0:94:b2:1b:08:
44:ba:b7:f6:ed:ca:d9:63:36:78:8a:19:ab:2f:40:52:e2:69:
64:fb:5f:46:e0:38:35:95:69:90:48:06:ff:61:0e:b5:ea:24:
6b:2e:4f:14
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgICQJAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjMxMTE2MDQzNDE2WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTU1OWJjOC00YzIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz8pX1f4mNjtCvrvYnG8d/jetAFnYuc1eMIgfFIQLMVZNqiLMB1omYzSWPTVZ
x3JU7PStYZeRoB4Tw7bfZIrVx39gEWQqfkAlS1Z/d9ML4LzVNk0G1+o/9yqz9WoF
sTzR6TyMLtZvExFR8+l/I/d+ZYSUd25/SuO73SYqnqr02XgOWwuHKVN9Ol0mnV//
asuywbxRhHjiIRbzvJZhuKyfTNVNg1QGouryev1IrMOlA1znfhu+rJsqVij5Wgca
Njtb+AYd9Htw/NHVpkb6XR5NxSpTljA6R6fX74bcEARIoLcd7KqgfFQSZgYUNpgV
O6LKdl/Lkt6DO1BaL2cDvSNzOwIDAQABo4IC3DCCAtgwHQYDVR0OBBYEFLsPjYtK
9XfmDl9rBTtrJXQuD+JlMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNzU0QTE1MEM3
RjE0MTFFRUJGNDU5MjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZgYIKwYBBQUHAQcBAf8E
VzBVMEIEAgABMDwDBAItdVADBAItdbADBAJnHCQDBAJnOdADBAJnZaADBAJnfFwD
BAFnnzIDBAFnqnoDBAFnsLIDBAFns74wDwQCAAIwCQMHACABDfEyADANBgkqhkiG
9w0BAQsFAAOCAQEAiF8QbenV340dJN3tTsgYx7/w108yR3o/9lCF3oKtX6TtEyGt
+VXa3G/IsRnL9xmDwzHocjAxXbpmz2v8YQAnUdctW37Ys0CK9LhYWYx3Oc8rQvjx
bgGXhPSTcCOfQ2cbVchdwS9kpk4OAZtFMw3t1eZ6v6heqsulzE6ziteUKClTIIVE
1ZWVr+nzfy6lzFAwB5rT3HuYLjXvWRuDp5E0S4vEZwMeXfM7fQ8GRiW+ZglG1/Dp
v2hYGscTXdIVIsaB7grzW9LYWD2gEnJoPpXnEx58x6CUshsIRLq39u3K2WM2eIoZ
qy9AUuJpZPtfRuA4NZVpkEgG/2EOteokay5PFA==
-----END CERTIFICATE-----
Generated at Fri Jun 14 02:48:26 2024 by rpki-client on console-ams.rpki-client.org