Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/0F5C892289B011EE886DD13CC4F9AE02.roa
File: 0F5C892289B011EE886DD13CC4F9AE02.roa (raw, json)
Hash identifier: xwF7BNgXpkvUF/3MeZLcHrMSrUYkSDjKTRHEQyS6AMU=
Subject key identifier: 9B:DA:B7:7C:09:91:16:08:74:A3:35:EF:87:3F:85:82:A9:0C:BB:7F
Certificate issuer: /CN=A91C9D76/serialNumber=1E5A6321B11AA0846FA89BF139BCECDBAD38BE37
Certificate serial: 3445
Authority key identifier: 1E:5A:63:21:B1:1A:A0:84:6F:A8:9B:F1:39:BC:EC:DB:AD:38:BE:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlpjIbEaoIRvqJvxObzs2604vjc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/0F5C892289B011EE886DD13CC4F9AE02.roa
Signing time: Mon 27 May 2024 04:31:55 +0000
ROA not before: Mon 27 May 2024 04:31:55 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 198949
IP address blocks: 45.119.92.0/24 maxlen: 24
45.119.93.0/24 maxlen: 24
45.119.94.0/24 maxlen: 24
45.119.95.0/24 maxlen: 24
45.127.0.0/24 maxlen: 24
45.127.1.0/24 maxlen: 24
45.127.2.0/24 maxlen: 24
45.127.3.0/24 maxlen: 24
103.214.76.0/24 maxlen: 24
103.214.77.0/24 maxlen: 24
103.214.78.0/24 maxlen: 24
103.214.79.0/24 maxlen: 24
202.128.224.0/24 maxlen: 24
202.128.225.0/24 maxlen: 24
202.128.227.0/24 maxlen: 24
202.128.228.0/24 maxlen: 24
202.128.229.0/24 maxlen: 24
202.128.230.0/24 maxlen: 24
202.128.231.0/24 maxlen: 24
202.128.234.0/24 maxlen: 24
202.128.235.0/24 maxlen: 24
202.128.236.0/24 maxlen: 24
202.128.237.0/24 maxlen: 24
202.128.238.0/24 maxlen: 24
202.128.239.0/24 maxlen: 24
202.128.240.0/24 maxlen: 24
202.128.241.0/24 maxlen: 24
202.128.242.0/24 maxlen: 24
202.128.243.0/24 maxlen: 24
202.128.244.0/24 maxlen: 24
202.128.245.0/24 maxlen: 24
202.128.246.0/24 maxlen: 24
202.128.247.0/24 maxlen: 24
202.128.248.0/24 maxlen: 24
202.128.249.0/24 maxlen: 24
202.128.250.0/24 maxlen: 24
202.128.251.0/24 maxlen: 24
202.128.252.0/24 maxlen: 24
202.128.253.0/24 maxlen: 24
202.128.254.0/24 maxlen: 24
202.181.252.0/24 maxlen: 24
202.181.253.0/24 maxlen: 24
202.181.254.0/24 maxlen: 24
202.181.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/HlpjIbEaoIRvqJvxObzs2604vjc.crl
rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/HlpjIbEaoIRvqJvxObzs2604vjc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlpjIbEaoIRvqJvxObzs2604vjc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 14:16:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13381 (0x3445)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9D76/serialNumber=1E5A6321B11AA0846FA89BF139BCECDBAD38BE37
Validity
Not Before: May 27 04:31:55 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66540cba-5085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ca:6e:ab:88:6c:95:01:50:c4:7f:3b:25:50:
e4:a0:8a:99:12:81:44:a6:72:bf:23:eb:8a:99:64:
bf:6e:c4:89:7d:55:44:03:41:3f:e7:b8:4c:0a:8f:
9c:a9:40:b8:68:58:40:5e:51:eb:57:ed:ac:54:80:
fc:ff:22:de:94:56:2c:94:85:2e:d4:5e:d8:50:cb:
f1:e2:17:b8:23:1d:7a:cc:4e:3b:b7:5a:73:fa:ed:
e6:25:10:6f:85:8c:e0:f1:c5:b1:61:fb:f6:21:a6:
45:9b:66:74:36:78:47:5f:eb:01:dd:8f:a5:89:79:
c7:5f:ca:71:0e:0b:04:e3:d3:4f:2c:cb:86:b1:c6:
86:98:c1:29:33:32:bf:87:e1:ba:cd:e2:76:3f:b9:
e4:69:03:b0:4a:1a:be:55:ae:dd:94:37:65:e9:fe:
87:eb:90:d4:29:d0:85:f7:23:16:9d:c7:a9:a0:f0:
da:70:4c:43:39:ff:57:91:b8:3b:2e:cb:68:9e:05:
69:b1:47:f9:cf:5b:0b:7e:d4:b2:8e:44:c6:cd:34:
bc:84:e0:f2:25:5f:5d:0b:75:57:ec:a8:06:d7:ee:
af:a5:5a:1c:9a:d5:a5:bd:bd:da:4e:41:cd:83:ad:
7c:5b:4a:08:63:df:ab:7f:31:d3:6e:74:42:e7:5d:
ea:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:DA:B7:7C:09:91:16:08:74:A3:35:EF:87:3F:85:82:A9:0C:BB:7F
X509v3 Authority Key Identifier:
keyid:1E:5A:63:21:B1:1A:A0:84:6F:A8:9B:F1:39:BC:EC:DB:AD:38:BE:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/HlpjIbEaoIRvqJvxObzs2604vjc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlpjIbEaoIRvqJvxObzs2604vjc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/0F5C892289B011EE886DD13CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.119.92.0/22
45.127.0.0/22
103.214.76.0/22
202.128.224.0/23
202.128.227.0-202.128.231.255
202.128.234.0-202.128.254.255
202.181.252.0/22
Signature Algorithm: sha256WithRSAEncryption
81:80:18:cd:85:91:30:57:9f:1a:ba:fa:8f:52:78:78:ce:65:
b3:b1:24:97:a2:49:e4:56:5d:e4:ec:5c:79:1d:08:6c:00:17:
60:43:e2:a9:41:52:27:80:7c:56:24:89:bb:1d:11:c5:31:07:
dd:d8:04:67:19:3b:fa:a0:e1:66:36:4a:32:49:a8:2c:c1:42:
a8:e9:8c:41:25:e1:d2:10:a5:f2:47:04:08:fc:7c:70:e7:45:
8a:64:9d:0a:2f:cb:ba:ba:be:6f:fb:a1:de:5d:9f:a6:63:ce:
9f:27:d4:4d:e9:60:82:3e:f6:77:af:4d:7e:e2:90:84:d5:30:
4c:00:c4:8a:e1:ba:b9:ea:7a:2b:d2:0c:44:ab:ad:22:e2:a0:
b5:53:b7:de:df:60:f7:f8:cb:df:f6:41:ad:80:21:74:ac:5d:
a1:3c:31:c2:49:1d:60:a4:0b:38:b4:0c:45:67:aa:20:02:8c:
1f:2e:3d:5e:73:a7:db:ff:ce:ab:e8:88:07:1d:ca:fe:87:40:
90:47:eb:00:ab:7f:89:1e:10:e3:db:54:50:36:d1:25:45:f3:
37:ea:7e:84:b3:29:7a:71:e2:21:cf:c9:4c:b4:b7:e2:83:f7:
01:f7:35:7b:59:ff:73:c2:88:ef:36:9b:b6:94:d9:99:d6:cb:
c6:87:81:9b
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgICNEUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlENzYxMTAvBgNVBAUTKDFFNUE2MzIxQjExQUEwODQ2RkE4OUJGMTM5QkNFQ0RC
QUQzOEJFMzcwHhcNMjQwNTI3MDQzMTU1WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU0MGNiYS01MDg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqspuq4hslQFQxH87JVDkoIqZEoFEpnK/I+uKmWS/bsSJfVVEA0E/57hMCo+c
qUC4aFhAXlHrV+2sVID8/yLelFYslIUu1F7YUMvx4he4Ix16zE47t1pz+u3mJRBv
hYzg8cWxYfv2IaZFm2Z0NnhHX+sB3Y+liXnHX8pxDgsE49NPLMuGscaGmMEpMzK/
h+G6zeJ2P7nkaQOwShq+Va7dlDdl6f6H65DUKdCF9yMWncepoPDacExDOf9Xkbg7
LstongVpsUf5z1sLftSyjkTGzTS8hODyJV9dC3VX7KgG1+6vpVocmtWlvb3aTkHN
g618W0oIY9+rfzHTbnRC513qKQIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFJvat3wJ
kRYIdKM174c/hYKpDLt/MB8GA1UdIwQYMBaAFB5aYyGxGqCEb6ib8Tm87NutOL43
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUQ3Ni82Mjg3QTExNDFE
NjkxMUUyODhBQkE5QTYwOEIwMkNEMi9IbHBqSWJFYW9JUnZxSnZ4T2J6czI2MDR2
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hscGpJYkVhb0lSdnFKdnhPYnpzMjYwNHZqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlENzYvNjI4N0ExMTQxRDY5MTFFMjg4QUJBOUE2MDhCMDJDRDIvMEY1Qzg5MjI4
OUIwMTFFRTg4NkREMTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUwYIKwYBBQUHAQcBAf8E
RDBCMEAEAgABMDoDBAItd1wDBAItfwADBAJn1kwDBAHKgOAwDAMEAMqA4wMEA8qA
4DAMAwQByoDqAwQAyoD+AwQCyrX8MA0GCSqGSIb3DQEBCwUAA4IBAQCBgBjNhZEw
V58auvqPUnh4zmWzsSSXoknkVl3k7Fx5HQhsABdgQ+KpQVIngHxWJIm7HRHFMQfd
2ARnGTv6oOFmNkoySagswUKo6YxBJeHSEKXyRwQI/Hxw50WKZJ0KL8u6ur5v+6He
XZ+mY86fJ9RN6WCCPvZ3r01+4pCE1TBMAMSK4bq56nor0gxEq60i4qC1U7fe32D3
+Mvf9kGtgCF0rF2hPDHCSR1gpAs4tAxFZ6ogAowfLj1ec6fb/86r6IgHHcr+h0CQ
R+sAq3+JHhDj21RQNtElRfM36n6Esyl6ceIhz8lMtLfig/cB9zV7Wf9zwojvNpu2
lNmZ1svGh4Gb
-----END CERTIFICATE-----
Generated at Fri May 31 16:41:43 2024 by rpki-client on console-ams.rpki-client.org