Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/84559BB01D4611EDBB06705BC4F9AE02.roa
File: 84559BB01D4611EDBB06705BC4F9AE02.roa (raw, json)
Hash identifier: 9a54487kU30HvjlYE5xfFjhvD+XqzxTj4eHbx1+NhvU=
Subject key identifier: 82:14:71:58:66:02:C4:2C:75:65:D7:B5:74:C6:D5:75:C7:A0:E0:24
Certificate issuer: /CN=A91D462A/serialNumber=CF712CB389EE84DA19CA981DE630F509FF44CD45
Certificate serial: 18FC
Authority key identifier: CF:71:2C:B3:89:EE:84:DA:19:CA:98:1D:E6:30:F5:09:FF:44:CD:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/84559BB01D4611EDBB06705BC4F9AE02.roa
Signing time: Mon 16 Oct 2023 17:04:09 +0000
ROA not before: Mon 16 Oct 2023 17:04:09 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 9484
IP address blocks: 45.117.32.0/22 maxlen: 22
45.117.32.0/24 maxlen: 24
45.117.33.0/24 maxlen: 24
45.117.34.0/24 maxlen: 24
45.117.35.0/24 maxlen: 24
202.21.96.0/19 maxlen: 19
202.21.96.0/24 maxlen: 24
202.21.97.0/24 maxlen: 24
202.21.98.0/24 maxlen: 24
202.21.99.0/24 maxlen: 24
202.21.100.0/24 maxlen: 24
202.21.101.0/24 maxlen: 24
202.21.102.0/24 maxlen: 24
202.21.103.0/24 maxlen: 24
202.21.104.0/24 maxlen: 24
202.21.105.0/24 maxlen: 24
202.21.106.0/24 maxlen: 24
202.21.107.0/24 maxlen: 24
202.21.108.0/24 maxlen: 24
202.21.109.0/24 maxlen: 24
202.21.110.0/24 maxlen: 24
202.21.111.0/24 maxlen: 24
202.21.112.0/24 maxlen: 24
202.21.113.0/24 maxlen: 24
202.21.114.0/24 maxlen: 24
202.21.115.0/24 maxlen: 24
202.21.116.0/24 maxlen: 24
202.21.117.0/24 maxlen: 24
202.21.118.0/24 maxlen: 24
202.21.119.0/24 maxlen: 24
202.21.120.0/24 maxlen: 24
202.21.121.0/24 maxlen: 24
202.21.122.0/23 maxlen: 24
202.21.124.0/22 maxlen: 22
202.21.124.0/24 maxlen: 24
202.21.125.0/24 maxlen: 24
202.21.126.0/24 maxlen: 24
202.21.127.0/24 maxlen: 24
202.126.92.0/22 maxlen: 24
202.131.224.0/19 maxlen: 19
202.131.224.0/24 maxlen: 24
202.131.225.0/24 maxlen: 24
202.131.226.0/24 maxlen: 24
202.131.227.0/24 maxlen: 24
202.131.228.0/24 maxlen: 24
202.131.229.0/24 maxlen: 24
202.131.230.0/24 maxlen: 24
202.131.231.0/24 maxlen: 24
202.131.232.0/24 maxlen: 24
202.131.233.0/24 maxlen: 24
202.131.234.0/24 maxlen: 24
202.131.235.0/24 maxlen: 24
202.131.236.0/24 maxlen: 24
202.131.237.0/24 maxlen: 24
202.131.238.0/24 maxlen: 24
202.131.239.0/24 maxlen: 24
202.131.240.0/24 maxlen: 24
202.131.241.0/24 maxlen: 24
202.131.242.0/24 maxlen: 24
202.131.243.0/24 maxlen: 24
202.131.244.0/24 maxlen: 24
202.131.245.0/24 maxlen: 24
202.131.246.0/24 maxlen: 24
202.131.247.0/24 maxlen: 24
202.131.248.0/24 maxlen: 24
202.131.249.0/24 maxlen: 24
202.131.250.0/24 maxlen: 24
202.131.251.0/24 maxlen: 24
202.131.252.0/24 maxlen: 24
202.131.253.0/24 maxlen: 24
202.131.254.0/24 maxlen: 24
202.131.255.0/24 maxlen: 24
2407:6400::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.crl
rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 17:02:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6396 (0x18fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D462A/serialNumber=CF712CB389EE84DA19CA981DE630F509FF44CD45
Validity
Not Before: Oct 16 17:04:09 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=652d6d09-5ef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3e:bc:25:bc:a3:56:5b:6b:d6:a3:da:de:d8:
21:ca:c8:a3:8f:a8:e4:67:72:38:51:35:57:ef:4a:
9f:7e:46:e8:88:33:e8:5d:9b:fc:03:ae:14:a0:66:
67:5b:be:7e:56:f6:46:6f:9b:85:66:c6:8f:f6:eb:
f6:d5:54:9c:94:8b:fb:5c:4c:40:6c:10:b5:ae:60:
31:a3:b5:51:7b:7b:03:d3:46:6c:0b:67:e6:87:89:
1e:5c:77:c7:77:ab:9e:fd:fe:52:1d:ad:c2:53:d0:
2d:66:45:ed:b9:5d:e5:43:a5:5f:bf:fe:7d:f3:f6:
c3:75:31:4b:7a:76:a2:ab:92:75:55:c4:46:2f:5e:
30:22:8b:bd:e4:20:ac:41:a9:f0:12:06:6a:b8:bf:
7c:e6:b3:66:55:e9:2c:1e:b5:ff:e5:eb:2e:a1:ad:
cf:c0:02:28:7a:77:e0:d5:76:13:cb:ce:bf:85:0e:
6e:f9:d6:74:95:b1:bd:07:5a:c6:92:f8:35:5d:c4:
f8:c5:3d:f3:57:2b:fb:f1:2a:45:6d:37:4c:42:9c:
48:61:8d:93:07:27:a6:5d:69:7d:4e:52:af:7a:f7:
a6:f7:46:40:7c:e1:ca:e1:6d:8c:24:f1:b9:ef:be:
44:04:de:f5:9c:c5:28:a7:54:46:0e:4f:f4:6f:c7:
25:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:14:71:58:66:02:C4:2C:75:65:D7:B5:74:C6:D5:75:C7:A0:E0:24
X509v3 Authority Key Identifier:
keyid:CF:71:2C:B3:89:EE:84:DA:19:CA:98:1D:E6:30:F5:09:FF:44:CD:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/84559BB01D4611EDBB06705BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.32.0/22
202.21.96.0/19
202.126.92.0/22
202.131.224.0/19
IPv6:
2407:6400::/32
Signature Algorithm: sha256WithRSAEncryption
cc:d7:d0:5d:88:4c:54:97:07:54:6d:e3:c7:f2:4d:a2:82:c0:
6a:8f:52:c8:de:cb:aa:49:5d:ef:ec:13:8f:7a:d1:d6:63:eb:
0b:39:75:85:c8:f5:5b:8e:82:bc:be:b2:68:4b:3d:cf:b2:de:
9f:80:4e:fb:d7:be:4a:f7:e1:01:d1:17:cb:d6:54:5e:99:a1:
1f:df:8b:c5:d1:a5:06:81:7b:af:3e:0d:1d:f4:75:f3:63:4e:
b9:e9:61:fd:30:af:74:dd:27:17:1b:d5:be:94:0d:ae:be:b7:
75:e4:ee:ce:62:21:cb:8b:fc:2f:82:23:8e:c6:29:c8:56:20:
2f:d5:4e:d3:e4:90:d0:07:c6:cb:0b:aa:ea:3e:49:1d:ac:62:
03:8a:e5:fb:d9:e4:f7:b6:40:ca:90:62:57:38:4f:f6:0b:45:
82:5b:f2:65:aa:e6:f5:37:95:33:d0:6c:d9:cf:f6:2b:39:c7:
2c:fe:a6:d8:de:0e:e8:17:21:77:52:1f:2b:5e:40:b6:95:93:
57:e1:79:13:42:b3:d3:ae:6b:c7:55:a9:4b:cc:cf:ae:ed:ae:
c6:43:e7:43:86:6f:aa:db:b2:11:f6:54:3d:0c:2f:47:5d:59:
82:3d:b2:94:9a:10:5b:91:bb:90:c3:0f:19:f1:16:72:70:55:
84:21:be:a7
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICGPwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQ2MkExMTAvBgNVBAUTKENGNzEyQ0IzODlFRTg0REExOUNBOTgxREU2MzBGNTA5
RkY0NENENDUwHhcNMjMxMDE2MTcwNDA5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTJkNmQwOS01ZWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApD68JbyjVltr1qPa3tghysijj6jkZ3I4UTVX70qffkboiDPoXZv8A64UoGZn
W75+VvZGb5uFZsaP9uv21VSclIv7XExAbBC1rmAxo7VRe3sD00ZsC2fmh4keXHfH
d6ue/f5SHa3CU9AtZkXtuV3lQ6Vfv/598/bDdTFLenaiq5J1VcRGL14wIou95CCs
QanwEgZquL985rNmVeksHrX/5esuoa3PwAIoenfg1XYTy86/hQ5u+dZ0lbG9B1rG
kvg1XcT4xT3zVyv78SpFbTdMQpxIYY2TByemXWl9TlKvevem90ZAfOHK4W2MJPG5
775EBN71nMUop1RGDk/0b8clgwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFIIUcVhm
AsQsdWXXtXTG1XXHoOAkMB8GA1UdIwQYMBaAFM9xLLOJ7oTaGcqYHeYw9Qn/RM1F
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDYyQS80Q0JEM0Y4NDUw
RDUxMUU3OTMxM0FFMTJDNEY5QUUwMi96M0VzczRudWhOb1p5cGdkNWpEMUNmOUV6
VVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ozRXNzNG51aE5vWnlwZ2Q1akQxQ2Y5RXpVVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQ2MkEvNENCRDNGODQ1MEQ1MTFFNzkzMTNBRTEyQzRGOUFFMDIvODQ1NTlCQjAx
RDQ2MTFFREJCMDY3MDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAItdSADBAXKFWADBALKflwDBAXKg+AwDQQCAAIwBwMFACQH
ZAAwDQYJKoZIhvcNAQELBQADggEBAMzX0F2ITFSXB1Rt48fyTaKCwGqPUsjey6pJ
Xe/sE4960dZj6ws5dYXI9VuOgry+smhLPc+y3p+ATvvXvkr34QHRF8vWVF6ZoR/f
i8XRpQaBe68+DR30dfNjTrnpYf0wr3TdJxcb1b6UDa6+t3Xk7s5iIcuL/C+CI47G
KchWIC/VTtPkkNAHxssLquo+SR2sYgOK5fvZ5Pe2QMqQYlc4T/YLRYJb8mWq5vU3
lTPQbNnP9is5xyz+ptjeDugXIXdSHyteQLaVk1fheRNCs9Oua8dVqUvMz67trsZD
50OGb6rbshH2VD0ML0ddWYI9spSaEFuRu5DDDxnxFnJwVYQhvqc=
-----END CERTIFICATE-----
Generated at Fri May 31 20:34:17 2024 by rpki-client on console-ams.rpki-client.org