Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/845C3BA698FA11EE8BBC4F59C4F9AE02.roa
File: 845C3BA698FA11EE8BBC4F59C4F9AE02.roa (raw, json)
Hash identifier: CV1wnFrDifQn13P6335ByANUaTCuWdCiW9ZerhkDIq8=
Subject key identifier: C8:66:7D:27:CE:96:C0:26:64:FA:92:10:23:71:93:D3:06:05:EE:38
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 4343
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/845C3BA698FA11EE8BBC4F59C4F9AE02.roa
Signing time: Fri 26 Apr 2024 09:08:53 +0000
ROA not before: Fri 26 Apr 2024 09:08:53 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 135918
IP address blocks: 42.96.0.0/22 maxlen: 22
49.236.208.0/22 maxlen: 22
103.14.224.0/23 maxlen: 23
103.28.32.0/22 maxlen: 22
103.65.234.0/23 maxlen: 23
103.67.196.0/23 maxlen: 23
103.67.198.0/23 maxlen: 23
103.68.84.0/23 maxlen: 23
103.69.86.0/23 maxlen: 23
103.69.96.0/23 maxlen: 23
103.74.100.0/22 maxlen: 22
103.95.196.0/22 maxlen: 22
103.110.32.0/23 maxlen: 23
103.129.126.0/23 maxlen: 23
103.139.154.0/23 maxlen: 23
103.149.252.0/23 maxlen: 23
103.151.52.0/23 maxlen: 23
103.151.238.0/23 maxlen: 23
103.153.64.0/23 maxlen: 23
103.157.204.0/23 maxlen: 23
103.160.2.0/23 maxlen: 23
103.161.96.0/23 maxlen: 23
103.161.112.0/23 maxlen: 23
103.161.118.0/23 maxlen: 23
103.161.180.0/23 maxlen: 23
103.162.24.0/23 maxlen: 24
103.176.22.0/23 maxlen: 23
103.176.24.0/23 maxlen: 23
103.176.250.0/23 maxlen: 24
103.177.34.0/23 maxlen: 23
103.178.230.0/23 maxlen: 23
103.178.232.0/23 maxlen: 23
103.180.138.0/23 maxlen: 23
103.183.120.0/23 maxlen: 23
103.188.82.0/23 maxlen: 23
103.190.120.0/23 maxlen: 23
103.211.200.0/23 maxlen: 23
103.211.206.0/23 maxlen: 23
103.218.122.0/23 maxlen: 23
103.228.36.0/23 maxlen: 23
103.228.74.0/23 maxlen: 23
103.229.52.0/23 maxlen: 23
103.231.248.0/23 maxlen: 23
103.239.66.0/23 maxlen: 23
103.252.92.0/23 maxlen: 23
103.252.94.0/23 maxlen: 23
202.158.244.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 03 Jul 2024 14:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17219 (0x4343)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Apr 26 09:08:53 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=662b6f25-e20b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b2:b6:cf:c2:63:ea:14:2d:04:df:f2:10:bb:
92:f7:6b:4b:b9:7f:77:4d:c2:50:44:8e:91:2f:72:
85:cf:a3:06:47:b9:81:83:60:c5:bf:2c:4e:05:a4:
5c:0b:d2:6e:a0:55:ce:55:1a:ed:9c:b8:de:57:a3:
cd:32:a2:4a:04:ee:9d:88:f5:36:2d:77:cf:69:e9:
d9:6f:7c:4d:6d:b5:4c:c9:08:b6:d4:c6:a9:0a:7d:
6b:96:3d:5d:af:62:12:f5:4f:99:a9:80:6f:1d:88:
6f:a3:91:11:fa:2f:c3:6c:71:4f:d9:85:4e:4a:42:
f4:82:bb:95:a4:fb:85:65:89:ee:15:85:e3:0a:23:
3c:42:bc:55:44:fc:0d:97:46:d2:c8:6b:3c:ca:d3:
f3:93:3e:7b:07:fe:05:2b:49:12:00:9a:7a:a1:9d:
0b:42:6b:cf:0b:b5:ca:d4:e2:d2:f8:91:c0:89:29:
8c:69:06:92:d2:79:4e:af:96:88:16:17:7b:a8:f9:
43:13:b1:9c:17:c5:b1:5a:3a:f0:03:5e:ed:1d:da:
89:55:2b:ab:f4:01:81:22:52:6f:47:99:4e:88:e4:
01:64:f6:8a:ea:be:fc:fd:16:19:4c:7b:2a:57:81:
84:ba:b1:3d:89:71:d9:4c:94:fa:65:bc:4b:fa:a3:
34:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:66:7D:27:CE:96:C0:26:64:FA:92:10:23:71:93:D3:06:05:EE:38
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/845C3BA698FA11EE8BBC4F59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.96.0.0/22
49.236.208.0/22
103.14.224.0/23
103.28.32.0/22
103.65.234.0/23
103.67.196.0/22
103.68.84.0/23
103.69.86.0/23
103.69.96.0/23
103.74.100.0/22
103.95.196.0/22
103.110.32.0/23
103.129.126.0/23
103.139.154.0/23
103.149.252.0/23
103.151.52.0/23
103.151.238.0/23
103.153.64.0/23
103.157.204.0/23
103.160.2.0/23
103.161.96.0/23
103.161.112.0/23
103.161.118.0/23
103.161.180.0/23
103.162.24.0/23
103.176.22.0-103.176.25.255
103.176.250.0/23
103.177.34.0/23
103.178.230.0-103.178.233.255
103.180.138.0/23
103.183.120.0/23
103.188.82.0/23
103.190.120.0/23
103.211.200.0/23
103.211.206.0/23
103.218.122.0/23
103.228.36.0/23
103.228.74.0/23
103.229.52.0/23
103.231.248.0/23
103.239.66.0/23
103.252.92.0/22
202.158.244.0/22
Signature Algorithm: sha256WithRSAEncryption
45:8a:67:df:35:bc:b7:d5:36:77:10:4c:9d:2c:c3:52:94:ff:
d6:43:16:51:71:81:93:b1:96:1d:e1:be:ad:c3:8a:06:c0:54:
c7:8e:54:58:6c:4e:43:4d:f5:a4:fe:9e:bd:ed:4d:8e:e3:9a:
85:45:e8:68:bd:e1:9d:20:b2:22:a9:34:3c:8e:2f:68:3c:5e:
9d:58:72:bc:5f:33:79:7a:15:c3:1c:67:67:da:47:79:5a:b3:
18:e6:58:4f:ba:54:df:e4:8a:f0:19:ae:09:ab:43:44:14:42:
8d:eb:d6:b3:48:6b:b4:98:8a:0d:77:7c:77:1a:15:5f:84:73:
6c:33:d5:49:a1:d2:dc:95:98:1d:b3:94:44:3f:99:a8:ba:16:
1f:a4:06:73:7a:55:6b:6b:4c:bb:43:99:16:92:7b:b6:40:67:
a2:93:04:61:fa:b2:0a:87:06:61:67:ae:13:8a:d5:71:c3:1c:
03:38:ec:ad:3d:c7:e1:fb:92:fe:81:6e:08:39:79:f8:2b:0c:
fe:cd:94:f3:c7:7a:0d:95:90:25:6f:d3:b2:4a:0c:73:81:63:
8a:f9:7f:34:95:d2:ae:25:12:39:86:dc:78:38:e9:36:32:87:
49:98:a1:05:d9:a4:ab:cd:c4:27:c2:8d:2e:c3:5d:a9:67:bf:
d3:0a:6f:87
-----BEGIN CERTIFICATE-----
MIIGhzCCBW+gAwIBAgICQ0MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwNDI2MDkwODUzWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJiNmYyNS1lMjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA47K2z8Jj6hQtBN/yELuS92tLuX93TcJQRI6RL3KFz6MGR7mBg2DFvyxOBaRc
C9JuoFXOVRrtnLjeV6PNMqJKBO6diPU2LXfPaenZb3xNbbVMyQi21MapCn1rlj1d
r2IS9U+ZqYBvHYhvo5ER+i/DbHFP2YVOSkL0gruVpPuFZYnuFYXjCiM8QrxVRPwN
l0bSyGs8ytPzkz57B/4FK0kSAJp6oZ0LQmvPC7XK1OLS+JHAiSmMaQaS0nlOr5aI
Fhd7qPlDE7GcF8WxWjrwA17tHdqJVSur9AGBIlJvR5lOiOQBZPaK6r78/RYZTHsq
V4GEurE9iXHZTJT6ZbxL+qM0nQIDAQABo4IDqzCCA6cwHQYDVR0OBBYEFMhmfSfO
lsAmZPqSECNxk9MGBe44MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvODQ1QzNCQTY5
OEZBMTFFRThCQkM0RjU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEzBggrBgEFBQcBBwEB
/wSCASIwggEeMIIBGgQCAAEwggESAwQCKmAAAwQCMezQAwQBZw7gAwQCZxwgAwQB
Z0HqAwQCZ0PEAwQBZ0RUAwQBZ0VWAwQBZ0VgAwQCZ0pkAwQCZ1/EAwQBZ24gAwQB
Z4F+AwQBZ4uaAwQBZ5X8AwQBZ5c0AwQBZ5fuAwQBZ5lAAwQBZ53MAwQBZ6ACAwQB
Z6FgAwQBZ6FwAwQBZ6F2AwQBZ6G0AwQBZ6IYMAwDBAFnsBYDBAFnsBgDBAFnsPoD
BAFnsSIwDAMEAWey5gMEAWey6AMEAWe0igMEAWe3eAMEAWe8UgMEAWe+eAMEAWfT
yAMEAWfTzgMEAWfaegMEAWfkJAMEAWfkSgMEAWflNAMEAWfn+AMEAWfvQgMEAmf8
XAMEAsqe9DANBgkqhkiG9w0BAQsFAAOCAQEARYpn3zW8t9U2dxBMnSzDUpT/1kMW
UXGBk7GWHeG+rcOKBsBUx45UWGxOQ031pP6eve1NjuOahUXoaL3hnSCyIqk0PI4v
aDxenVhyvF8zeXoVwxxnZ9pHeVqzGOZYT7pU3+SK8BmuCatDRBRCjevWs0hrtJiK
DXd8dxoVX4RzbDPVSaHS3JWYHbOURD+ZqLoWH6QGc3pVa2tMu0OZFpJ7tkBnopME
YfqyCocGYWeuE4rVccMcAzjsrT3H4fuS/oFuCDl5+CsM/s2U88d6DZWQJW/TskoM
c4Fjivl/NJXSriUSOYbceDjpNjKHSZihBdmkq83EJ8KNLsNdqWe/0wpvhw==
-----END CERTIFICATE-----
Generated at Wed Jun 26 16:29:54 2024 by rpki-client on console-fra.rpki-client.org