Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/6D2F20B6ECEB11EE960F5531C4F9AE02.roa
File: 6D2F20B6ECEB11EE960F5531C4F9AE02.roa (raw, json)
Hash identifier: jzNy7x4A9G5VzlGY5wCAjCrkIVxsHqSfyc58PaNx+eI=
Subject key identifier: F1:4B:80:FE:67:29:F6:AA:91:E2:5D:A4:9D:B0:01:C3:95:37:C0:12
Certificate issuer: /CN=A91D5BFB/serialNumber=BFB69BC22576B957BAB5FF336B7E8358DCB70A2A
Certificate serial: 20EC
Authority key identifier: BF:B6:9B:C2:25:76:B9:57:BA:B5:FF:33:6B:7E:83:58:DC:B7:0A:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v7abwiV2uVe6tf8za36DWNy3Cio.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/6D2F20B6ECEB11EE960F5531C4F9AE02.roa
Signing time: Thu 28 Mar 2024 10:11:15 +0000
ROA not before: Thu 28 Mar 2024 10:11:15 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 55915
IP address blocks: 43.231.208.0/22 maxlen: 24
45.64.160.0/22 maxlen: 24
45.123.220.0/22 maxlen: 24
49.236.212.0/22 maxlen: 24
103.1.92.0/22 maxlen: 24
103.51.16.0/22 maxlen: 24
103.192.76.0/22 maxlen: 24
202.94.66.0/24 maxlen: 24
2407:5200::/32 maxlen: 32
2407:5200:1::/48 maxlen: 48
2407:5200:32::/48 maxlen: 48
2407:5200:48::/48 maxlen: 48
2407:5200:49::/48 maxlen: 48
2407:5200:4c::/46 maxlen: 48
2407:5200:50::/46 maxlen: 48
2407:5200:200::/46 maxlen: 48
2407:5200:204::/46 maxlen: 48
2407:5200:300::/46 maxlen: 48
2407:5200:400::/46 maxlen: 48
2407:5200:404::/46 maxlen: 48
2407:5200:600::/46 maxlen: 48
2407:5200:1000::/40 maxlen: 48
2407:5200:1200::/40 maxlen: 48
2407:5200:1300::/40 maxlen: 48
2407:5200:1500::/40 maxlen: 40
2407:5200:4920::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/v7abwiV2uVe6tf8za36DWNy3Cio.crl
rsync://rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/v7abwiV2uVe6tf8za36DWNy3Cio.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v7abwiV2uVe6tf8za36DWNy3Cio.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 16:26:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8428 (0x20ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D5BFB/serialNumber=BFB69BC22576B957BAB5FF336B7E8358DCB70A2A
Validity
Not Before: Mar 28 10:11:15 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66054242-dd07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:98:ef:30:97:cb:01:45:0b:a8:bf:a8:0f:da:
09:39:7a:a0:ef:06:f7:e2:f7:31:d8:18:6c:e8:5c:
b8:d2:eb:65:be:c0:f1:4f:da:4a:b4:7c:53:d5:43:
5c:34:38:2f:02:ac:53:2f:ed:19:c4:5d:9f:ad:51:
e2:45:d0:21:4b:7b:94:3d:73:33:3c:36:39:79:7d:
75:26:e4:1e:e6:63:7b:a8:22:33:fc:24:f5:37:6d:
c6:81:20:eb:9a:55:bc:47:3c:18:78:84:42:76:58:
f9:0e:53:df:d6:58:e0:e8:33:04:cc:bd:9a:d6:d8:
93:75:6b:6e:2c:14:fc:4d:c6:f4:d1:bb:c0:e6:3c:
4f:1b:4b:41:15:10:e8:ae:9d:42:27:f2:2f:10:7d:
64:46:a5:fa:b7:11:71:b1:27:6f:86:14:c2:1f:f2:
f9:47:52:b6:a9:be:02:b0:15:65:22:41:61:fe:34:
67:f3:b2:c0:a7:41:d8:fe:7e:17:a0:aa:c9:1f:b2:
7b:21:25:c3:8c:0b:c6:87:b1:64:ad:b8:ba:5f:97:
96:f0:76:33:d0:60:95:64:f0:eb:9f:31:7a:c9:9d:
2b:21:6f:ce:83:2d:35:f1:fd:59:b5:30:5c:1f:32:
18:46:8a:2b:98:a0:64:2f:fe:60:b7:b4:e9:82:cd:
6f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:4B:80:FE:67:29:F6:AA:91:E2:5D:A4:9D:B0:01:C3:95:37:C0:12
X509v3 Authority Key Identifier:
keyid:BF:B6:9B:C2:25:76:B9:57:BA:B5:FF:33:6B:7E:83:58:DC:B7:0A:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/v7abwiV2uVe6tf8za36DWNy3Cio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v7abwiV2uVe6tf8za36DWNy3Cio.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5BFB/DF2E013ED9FB11E584D11A76C4F9AE02/6D2F20B6ECEB11EE960F5531C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.208.0/22
45.64.160.0/22
45.123.220.0/22
49.236.212.0/22
103.1.92.0/22
103.51.16.0/22
103.192.76.0/22
202.94.66.0/24
IPv6:
2407:5200::/32
Signature Algorithm: sha256WithRSAEncryption
2c:e9:6f:52:1c:81:61:f8:1a:15:88:14:88:5e:3b:79:2f:9b:
40:b6:0b:8b:af:f2:56:6d:9d:16:c1:4c:e6:80:4c:76:44:62:
d0:8c:ea:38:94:05:05:96:34:48:c8:dc:d0:c0:18:11:a9:fa:
91:cb:3b:f0:6a:23:10:bd:71:51:ba:58:3c:08:8a:41:e2:45:
af:16:8c:f1:17:4e:cd:a1:89:2d:73:c5:c9:9d:a3:07:1b:22:
5c:06:e9:62:0e:af:35:e0:c4:d6:6c:f7:16:70:7a:b6:38:64:
1a:d9:4d:49:e3:ac:a9:3d:8c:f0:28:47:3b:d4:18:ae:36:a9:
1f:0e:ac:ca:14:3f:dd:28:98:d4:6e:0c:01:f0:30:3d:7d:a9:
28:2f:e6:e5:18:85:0d:91:5b:0a:06:9b:5a:0a:f8:6d:16:b7:
f9:a3:f8:5a:9b:fa:07:60:5b:26:9e:0c:50:c0:36:a9:61:bf:
5c:7d:fa:18:e6:eb:63:c1:15:e0:89:c8:5b:8c:96:a0:26:0a:
13:7b:1d:fe:28:11:1a:79:30:ef:b8:b0:0b:a9:f6:9d:f4:e9:
dd:43:da:f9:ba:9b:10:78:cf:6b:8a:ae:c8:64:c0:e7:78:b4:
5a:4d:c4:00:c2:61:c2:c9:db:72:4d:08:ed:5f:9b:98:9d:51:
4d:e5:ac:fb
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICIOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDVCRkIxMTAvBgNVBAUTKEJGQjY5QkMyMjU3NkI5NTdCQUI1RkYzMzZCN0U4MzU4
RENCNzBBMkEwHhcNMjQwMzI4MTAxMTE1WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA1NDI0Mi1kZDA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzJjvMJfLAUULqL+oD9oJOXqg7wb34vcx2Bhs6Fy40utlvsDxT9pKtHxT1UNc
NDgvAqxTL+0ZxF2frVHiRdAhS3uUPXMzPDY5eX11JuQe5mN7qCIz/CT1N23GgSDr
mlW8RzwYeIRCdlj5DlPf1ljg6DMEzL2a1tiTdWtuLBT8Tcb00bvA5jxPG0tBFRDo
rp1CJ/IvEH1kRqX6txFxsSdvhhTCH/L5R1K2qb4CsBVlIkFh/jRn87LAp0HY/n4X
oKrJH7J7ISXDjAvGh7Fkrbi6X5eW8HYz0GCVZPDrnzF6yZ0rIW/Ogy018f1ZtTBc
HzIYRoormKBkL/5gt7Tpgs1v+wIDAQABo4ICzjCCAsowHQYDVR0OBBYEFPFLgP5n
KfaqkeJdpJ2wAcOVN8ASMB8GA1UdIwQYMBaAFL+2m8IldrlXurX/M2t+g1jctwoq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUJGQi9ERjJFMDEzRUQ5
RkIxMUU1ODREMTFBNzZDNEY5QUUwMi92N2Fid2lWMnVWZTZ0Zjh6YTM2RFdOeTND
aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Y3YWJ3aVYydVZlNnRmOHphMzZEV055M0Npby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDVCRkIvREYyRTAxM0VEOUZCMTFFNTg0RDExQTc2QzRGOUFFMDIvNkQyRjIwQjZF
Q0VCMTFFRTk2MEY1NTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E
STBHMDYEAgABMDADBAIr59ADBAItQKADBAIte9wDBAIx7NQDBAJnAVwDBAJnMxAD
BAJnwEwDBADKXkIwDQQCAAIwBwMFACQHUgAwDQYJKoZIhvcNAQELBQADggEBACzp
b1IcgWH4GhWIFIheO3kvm0C2C4uv8lZtnRbBTOaATHZEYtCM6jiUBQWWNEjI3NDA
GBGp+pHLO/BqIxC9cVG6WDwIikHiRa8WjPEXTs2hiS1zxcmdowcbIlwG6WIOrzXg
xNZs9xZwerY4ZBrZTUnjrKk9jPAoRzvUGK42qR8OrMoUP90omNRuDAHwMD19qSgv
5uUYhQ2RWwoGm1oK+G0Wt/mj+Fqb+gdgWyaeDFDANqlhv1x9+hjm62PBFeCJyFuM
lqAmChN7Hf4oERp5MO+4sAup9p306d1D2vm6mxB4z2uKrshkwOd4tFpNxADCYcLJ
23JNCO1fm5idUU3lrPs=
-----END CERTIFICATE-----
Generated at Fri May 31 17:44:52 2024 by rpki-client on console-fra.rpki-client.org