Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/7D22B44E249D11EFAC24EF6CC4F9AE02.roa
File: 7D22B44E249D11EFAC24EF6CC4F9AE02.roa (raw, json)
Hash identifier: aXxVNzslfoCQu/wScgeDUbouh6GxfJ4WU906uGzs08Q=
Subject key identifier: A0:2B:5D:C0:52:2C:66:11:28:BE:03:F4:B9:C3:FF:44:30:C5:4B:5D
Certificate issuer: /CN=A91E28E2/serialNumber=B481987331E1ED408B51CB9FD8EF4A650AC8669A
Certificate serial: EF
Authority key identifier: B4:81:98:73:31:E1:ED:40:8B:51:CB:9F:D8:EF:4A:65:0A:C8:66:9A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/7D22B44E249D11EFAC24EF6CC4F9AE02.roa
Signing time: Fri 07 Jun 2024 07:13:50 +0000
ROA not before: Fri 07 Jun 2024 07:13:50 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 45352
IP address blocks: 45.117.120.0/24 maxlen: 24
45.117.121.0/24 maxlen: 24
45.117.122.0/24 maxlen: 24
103.57.188.0/24 maxlen: 24
103.57.189.0/24 maxlen: 24
103.57.190.0/23 maxlen: 24
2403:1cc0::/48 maxlen: 48
2403:1cc0:1000::/48 maxlen: 48
2403:1cc0:1001::/48 maxlen: 48
2403:1cc0:1002::/48 maxlen: 48
2403:1cc0:1003::/48 maxlen: 48
2403:1cc0:1101::/48 maxlen: 48
2403:1cc0:1102::/48 maxlen: 48
2403:1cc0:1128::/48 maxlen: 48
2403:1cc0:1201::/48 maxlen: 48
2403:1cc0:1301::/48 maxlen: 48
2403:1cc0:2000::/48 maxlen: 48
2403:1cc0:2201::/48 maxlen: 48
2403:1cc0:3201::/48 maxlen: 48
2403:1cc0:3202::/48 maxlen: 48
2403:1cc0:5201::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.crl
rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 04 Oct 2024 03:33:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 239 (0xef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E28E2/serialNumber=B481987331E1ED408B51CB9FD8EF4A650AC8669A
Validity
Not Before: Jun 7 07:13:50 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6662b32e-ac13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c6:c0:d9:39:eb:a4:68:d8:4a:3e:65:4a:3b:
99:ce:41:50:ab:33:0d:d3:56:79:a2:31:a0:49:6f:
98:46:56:21:78:ff:ac:ec:47:7c:14:47:bb:7b:d6:
e7:f6:1b:ad:9f:76:6a:b9:68:7b:5d:f6:0f:bd:39:
ef:61:fe:15:a2:60:57:95:ad:27:10:1e:fe:e9:a2:
22:a5:73:69:ef:de:71:5f:da:cf:c6:6e:c7:74:59:
77:78:ab:42:4b:89:80:8d:ff:e5:c4:21:5a:40:80:
c1:09:bb:04:a0:e8:4e:48:9a:d9:0d:c6:7b:c8:2f:
27:96:b6:33:87:b5:4d:1f:0d:76:61:f5:91:40:61:
be:b0:3d:ce:7f:9b:02:44:76:92:19:42:08:41:e6:
9f:d6:3b:86:bb:4e:00:fe:91:b0:d9:23:5a:ff:8f:
fa:b2:a6:d2:a7:a6:59:b8:f7:e5:f9:9b:dd:d9:12:
ad:e1:5e:b3:f7:55:db:b8:11:ba:9c:4c:b3:41:c3:
ee:91:e8:f5:f6:87:6b:70:16:d9:6a:b4:ba:e0:aa:
af:e5:36:36:9e:cd:b7:f5:79:fe:23:50:b8:ab:7c:
4d:55:04:60:98:81:bd:6e:1d:cc:4e:6f:d4:df:72:
47:32:24:07:8b:72:f4:fc:35:f0:bf:d8:53:b0:03:
f5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:2B:5D:C0:52:2C:66:11:28:BE:03:F4:B9:C3:FF:44:30:C5:4B:5D
X509v3 Authority Key Identifier:
keyid:B4:81:98:73:31:E1:ED:40:8B:51:CB:9F:D8:EF:4A:65:0A:C8:66:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/7D22B44E249D11EFAC24EF6CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.120.0-45.117.122.255
103.57.188.0/22
IPv6:
2403:1cc0::/48
2403:1cc0:1000::/46
2403:1cc0:1101::-2403:1cc0:1102:ffff:ffff:ffff:ffff:ffff
2403:1cc0:1128::/48
2403:1cc0:1201::/48
2403:1cc0:1301::/48
2403:1cc0:2000::/48
2403:1cc0:2201::/48
2403:1cc0:3201::-2403:1cc0:3202:ffff:ffff:ffff:ffff:ffff
2403:1cc0:5201::/48
Signature Algorithm: sha256WithRSAEncryption
af:ef:29:93:c2:d8:41:06:a5:c4:4f:55:bd:50:f6:51:74:91:
8a:e0:70:fe:d6:ed:e9:87:28:9c:50:52:9f:a2:78:23:82:d8:
ae:80:02:2c:ee:b0:d3:06:32:ac:0d:16:20:81:0e:2d:d0:bd:
64:a3:04:3f:46:c0:c0:41:12:67:b8:97:e3:e6:95:83:e8:6a:
d0:f1:36:9d:6c:19:a6:58:c9:c3:9c:ed:85:55:e0:0d:21:43:
01:12:37:ec:34:e6:bb:09:60:35:20:ed:2c:85:d4:af:d7:ca:
0c:b8:69:a6:cf:62:97:93:3c:f0:6e:b0:da:a6:76:bf:a4:fc:
fc:21:b2:b8:e6:60:a3:97:88:2a:a1:7c:a2:46:7d:0d:89:66:
25:fa:12:a5:26:87:15:67:35:97:1e:75:e9:13:d1:c1:f4:8e:
76:9f:59:1d:2c:7e:57:f7:e6:ac:60:9c:6c:0f:30:4d:fa:57:
30:e1:bd:a5:2d:88:dc:7e:8d:a1:b7:0e:66:ba:18:d4:7f:86:
8b:0a:0d:37:3f:5f:25:f6:19:b4:60:5d:aa:23:c7:7a:b9:da:
03:ae:15:77:f1:00:5c:ab:1f:9e:3e:0e:4e:db:6d:67:8b:eb:
9d:9e:c7:92:ee:31:50:49:69:1b:fb:aa:a1:c1:28:63:5f:0a:
35:45:fa:bc
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgICAO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTI4RTIxMTAvBgNVBAUTKEI0ODE5ODczMzFFMUVENDA4QjUxQ0I5RkQ4RUY0QTY1
MEFDODY2OUEwHhcNMjQwNjA3MDcxMzUwWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYyYjMyZS1hYzEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAusbA2TnrpGjYSj5lSjuZzkFQqzMN01Z5ojGgSW+YRlYheP+s7Ed8FEe7e9bn
9hutn3ZquWh7XfYPvTnvYf4VomBXla0nEB7+6aIipXNp795xX9rPxm7HdFl3eKtC
S4mAjf/lxCFaQIDBCbsEoOhOSJrZDcZ7yC8nlrYzh7VNHw12YfWRQGG+sD3Of5sC
RHaSGUIIQeaf1juGu04A/pGw2SNa/4/6sqbSp6ZZuPfl+Zvd2RKt4V6z91XbuBG6
nEyzQcPukej19odrcBbZarS64Kqv5TY2ns239Xn+I1C4q3xNVQRgmIG9bh3MTm/U
33JHMiQHi3L0/DXwv9hTsAP1UwIDAQABo4IDHjCCAxowHQYDVR0OBBYEFKArXcBS
LGYRKL4D9LnD/0QwxUtdMB8GA1UdIwQYMBaAFLSBmHMx4e1Ai1HLn9jvSmUKyGaa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjhFMi85NTJGQTYzMkQy
RTYxMUVEOUE1MkQ1NUFDNEY5QUUwMi90SUdZY3pIaDdVQ0xVY3VmMk85S1pRckla
cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RJR1ljekhoN1VDTFVjdWYyTzlLWlFySVpwby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTI4RTIvOTUyRkE2MzJEMkU2MTFFRDlBNTJENTVBQzRGOUFFMDIvN0QyMkI0NEUy
NDlEMTFFRkFDMjRFRjZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgacGCCsGAQUFBwEHAQH/
BIGXMIGUMBoEAgABMBQwDAMEAy11eAMEAC11egMEAmc5vDB2BAIAAjBwAwcAJAMc
wAAAAwcCJAMcwBAAMBIDBwAkAxzAEQEDBwAkAxzAEQIDBwAkAxzAESgDBwAkAxzA
EgEDBwAkAxzAEwEDBwAkAxzAIAADBwAkAxzAIgEwEgMHACQDHMAyAQMHACQDHMAy
AgMHACQDHMBSATANBgkqhkiG9w0BAQsFAAOCAQEAr+8pk8LYQQalxE9VvVD2UXSR
iuBw/tbt6YconFBSn6J4I4LYroACLO6w0wYyrA0WIIEOLdC9ZKMEP0bAwEESZ7iX
4+aVg+hq0PE2nWwZpljJw5zthVXgDSFDARI37DTmuwlgNSDtLIXUr9fKDLhpps9i
l5M88G6w2qZ2v6T8/CGyuOZgo5eIKqF8okZ9DYlmJfoSpSaHFWc1lx516RPRwfSO
dp9ZHSx+V/fmrGCcbA8wTfpXMOG9pS2I3H6NobcOZroY1H+GiwoNNz9fJfYZtGBd
qiPHernaA64Vd/EAXKsfnj4OTtttZ4vrnZ7Hku4xUElpG/uqocEoY18KNUX6vA==
-----END CERTIFICATE-----
Generated at Fri Sep 27 06:22:58 2024 by rpki-client on console-ams.rpki-client.org