Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/59F4A758BD2F11EBB84EE532C4F9AE02.roa
File: 59F4A758BD2F11EBB84EE532C4F9AE02.roa (raw, json)
Hash identifier: jfVy48uCBZNO9oC5aYAYEOjdj8Yg2pIdpVohIflK4tw=
Subject key identifier: F9:B2:CF:30:61:1A:F7:5C:4F:C8:01:4A:8A:04:7E:C4:90:AF:C2:F9
Certificate issuer: /CN=A91EA958/serialNumber=FD1607186373E81F44D137B2A0E96957E62AB8A1
Certificate serial: 3357
Authority key identifier: FD:16:07:18:63:73:E8:1F:44:D1:37:B2:A0:E9:69:57:E6:2A:B8:A1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_RYHGGNz6B9E0TeyoOlpV-YquKE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/59F4A758BD2F11EBB84EE532C4F9AE02.roa
Signing time: Sun 02 Jul 2023 15:20:47 +0000
ROA not before: Sun 02 Jul 2023 15:20:47 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 131207
IP address blocks: 43.245.202.0/23 maxlen: 23
43.245.202.0/24 maxlen: 24
43.245.203.0/24 maxlen: 24
103.14.248.0/23 maxlen: 23
103.14.248.0/24 maxlen: 24
103.14.249.0/24 maxlen: 24
103.14.250.0/23 maxlen: 23
103.14.250.0/24 maxlen: 24
103.14.251.0/24 maxlen: 24
180.178.126.0/23 maxlen: 23
180.178.126.0/24 maxlen: 24
180.178.127.0/24 maxlen: 24
203.217.168.0/23 maxlen: 23
203.217.168.0/24 maxlen: 24
203.217.169.0/24 maxlen: 24
203.217.170.0/23 maxlen: 23
203.217.170.0/24 maxlen: 24
203.217.171.0/24 maxlen: 24
2404:b300:1::/48 maxlen: 48
2404:b300:2::/48 maxlen: 48
2404:b300:11::/48 maxlen: 48
2404:b300:12::/48 maxlen: 48
2404:b300:100::/48 maxlen: 48
2404:b300:101::/48 maxlen: 48
2404:b300:133::/48 maxlen: 48
2404:b300:400::/48 maxlen: 48
2404:b300:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/_RYHGGNz6B9E0TeyoOlpV-YquKE.crl
rsync://rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/_RYHGGNz6B9E0TeyoOlpV-YquKE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_RYHGGNz6B9E0TeyoOlpV-YquKE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 15:15:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13143 (0x3357)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA958/serialNumber=FD1607186373E81F44D137B2A0E96957E62AB8A1
Validity
Not Before: Jul 2 15:20:47 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64a195cf-70b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4f:a2:1d:81:05:81:88:ef:ee:59:ac:84:d8:
ab:fb:a0:67:b2:11:23:1c:e6:69:d7:0a:59:d1:fc:
26:52:07:01:2a:f4:2d:ed:b8:f2:ee:ab:fa:68:1e:
c1:04:29:18:a9:fe:e7:61:a0:9f:cc:d8:dd:1a:50:
10:6f:89:54:54:1f:ca:cf:4e:c4:d0:60:0f:6e:1d:
d8:f6:ff:88:62:b4:92:c8:8c:57:69:c0:25:66:2c:
37:a4:0a:57:53:a1:4e:27:25:1a:5a:53:0f:00:a5:
13:e6:72:59:25:be:ea:83:2a:8b:8a:53:53:19:75:
8d:bf:6f:ac:9d:41:81:c2:90:1a:f7:bd:ca:41:7c:
01:07:f2:b1:c8:64:17:cc:cc:e6:41:2b:c8:1b:d9:
52:3e:00:4c:82:2c:d8:aa:ad:e5:e0:da:e5:c7:1b:
90:36:4b:ee:4d:1d:f1:5f:74:b3:02:18:6a:fc:30:
7f:db:21:1a:45:a8:4a:6a:a9:f0:f3:1f:72:e8:80:
f1:e4:45:dc:ff:6c:a6:c4:85:86:c6:25:24:c7:21:
8e:81:44:98:e0:b3:a7:05:5c:f9:35:ec:4e:e9:43:
d7:bc:92:15:34:56:b5:6e:0d:00:99:91:88:63:42:
1e:23:3d:6f:10:17:15:e8:e9:fe:37:0e:71:2c:1d:
b7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B2:CF:30:61:1A:F7:5C:4F:C8:01:4A:8A:04:7E:C4:90:AF:C2:F9
X509v3 Authority Key Identifier:
keyid:FD:16:07:18:63:73:E8:1F:44:D1:37:B2:A0:E9:69:57:E6:2A:B8:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/_RYHGGNz6B9E0TeyoOlpV-YquKE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_RYHGGNz6B9E0TeyoOlpV-YquKE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA958/5AE197F41D9F11E2BCBFF78F08B02CD2/59F4A758BD2F11EBB84EE532C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.202.0/23
103.14.248.0/22
180.178.126.0/23
203.217.168.0/22
IPv6:
2404:b300:1::-2404:b300:2:ffff:ffff:ffff:ffff:ffff
2404:b300:11::-2404:b300:12:ffff:ffff:ffff:ffff:ffff
2404:b300:100::/47
2404:b300:133::/48
2404:b300:400::/48
2404:b300:1000::/48
Signature Algorithm: sha256WithRSAEncryption
b2:74:2d:a6:e7:3d:68:c4:b5:01:0e:5f:55:51:79:c6:55:2d:
ab:64:56:a0:b2:3f:a1:4c:10:21:63:04:47:f2:00:d1:f1:bb:
22:64:16:9d:a0:bc:69:10:59:52:82:3d:59:db:bb:60:9c:fa:
dc:65:af:bf:f9:84:57:65:59:45:df:66:ec:7d:23:49:88:58:
c0:3a:60:a2:89:0f:e1:8e:d1:e0:34:77:21:e1:1f:11:6a:5d:
9e:7b:31:3b:93:73:47:b7:41:4b:19:a6:3c:71:28:c8:39:f5:
fb:2a:97:3b:61:12:9c:59:48:18:ff:78:4e:1b:44:40:7d:18:
92:d8:e6:a9:ac:8f:7b:f9:f5:8b:38:d8:34:43:f9:ee:95:36:
9a:3c:25:2e:5c:c1:78:a0:24:5d:cc:a3:83:b9:9b:61:cb:45:
7b:4e:2d:f4:df:ae:08:dd:8d:0b:b9:1e:13:b9:9a:6c:93:2b:
cd:9b:fb:4b:85:25:85:3d:5f:e1:38:5c:3d:62:e4:fe:ff:94:
06:ae:31:dc:e8:c4:db:92:43:1e:99:46:88:ca:6a:c0:e7:ef:
ce:56:c7:8a:1e:4b:83:62:0a:7f:f8:6f:a2:de:76:0f:95:e1:
80:80:a9:c2:06:aa:2d:fd:14:ec:bc:f5:26:58:c4:6c:4b:5e:
b6:41:17:d8
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgICM1cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5NTgxMTAvBgNVBAUTKEZEMTYwNzE4NjM3M0U4MUY0NEQxMzdCMkEwRTk2OTU3
RTYyQUI4QTEwHhcNMjMwNzAyMTUyMDQ3WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGExOTVjZi03MGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApE+iHYEFgYjv7lmshNir+6BnshEjHOZp1wpZ0fwmUgcBKvQt7bjy7qv6aB7B
BCkYqf7nYaCfzNjdGlAQb4lUVB/Kz07E0GAPbh3Y9v+IYrSSyIxXacAlZiw3pApX
U6FOJyUaWlMPAKUT5nJZJb7qgyqLilNTGXWNv2+snUGBwpAa973KQXwBB/KxyGQX
zMzmQSvIG9lSPgBMgizYqq3l4NrlxxuQNkvuTR3xX3SzAhhq/DB/2yEaRahKaqnw
8x9y6IDx5EXc/2ymxIWGxiUkxyGOgUSY4LOnBVz5NexO6UPXvJIVNFa1bg0AmZGI
Y0IeIz1vEBcV6On+Nw5xLB23+wIDAQABo4IC/DCCAvgwHQYDVR0OBBYEFPmyzzBh
GvdcT8gBSooEfsSQr8L5MB8GA1UdIwQYMBaAFP0WBxhjc+gfRNE3sqDpaVfmKrih
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTk1OC81QUUxOTdGNDFE
OUYxMUUyQkNCRkY3OEYwOEIwMkNEMi9fUllIR0dOejZCOUUwVGV5b09scFYtWXF1
S0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19SWUhHR056NkI5RTBUZXlvT2xwVi1ZcXVLRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5NTgvNUFFMTk3RjQxRDlGMTFFMkJDQkZGNzhGMDhCMDJDRDIvNTlGNEE3NThC
RDJGMTFFQkI4NEVFNTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYUGCCsGAQUFBwEHAQH/
BHYwdDAeBAIAATAYAwQBK/XKAwQCZw74AwQBtLJ+AwQCy9moMFIEAgACMEwwEgMH
ACQEswAAAQMHACQEswAAAjASAwcAJASzAAARAwcAJASzAAASAwcBJASzAAEAAwcA
JASzAAEzAwcAJASzAAQAAwcAJASzABAAMA0GCSqGSIb3DQEBCwUAA4IBAQCydC2m
5z1oxLUBDl9VUXnGVS2rZFagsj+hTBAhYwRH8gDR8bsiZBadoLxpEFlSgj1Z27tg
nPrcZa+/+YRXZVlF32bsfSNJiFjAOmCiiQ/hjtHgNHch4R8Ral2eezE7k3NHt0FL
GaY8cSjIOfX7Kpc7YRKcWUgY/3hOG0RAfRiS2OaprI97+fWLONg0Q/nulTaaPCUu
XMF4oCRdzKODuZthy0V7Ti30364I3Y0LuR4TuZpskyvNm/tLhSWFPV/hOFw9YuT+
/5QGrjHc6MTbkkMemUaIymrA5+/OVseKHkuDYgp/+G+i3nYPleGAgKnCBqot/RTs
vPUmWMRsS162QRfY
-----END CERTIFICATE-----
Generated at Fri May 31 17:44:53 2024 by rpki-client on console-fra.rpki-client.org