Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
File: B902532EFEA211EDB9013076C4F9AE02.roa (raw, json)
Hash identifier: tNwf9pVzGm+FnD7pt0/d40duH3c1/jTiM6sNrpFRZ0M=
Subject key identifier: 66:72:AF:DA:BE:C8:FF:84:93:92:D2:F1:66:1F:B4:6E:F0:F9:82:29
Certificate issuer: /CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Certificate serial: 0493
Authority key identifier: 31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
Signing time: Wed 25 Oct 2023 00:32:50 +0000
ROA not before: Wed 25 Oct 2023 00:32:50 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 63956
IP address blocks: 45.112.244.0/22 maxlen: 24
103.21.108.0/24 maxlen: 24
103.52.116.0/22 maxlen: 24
103.97.52.0/22 maxlen: 22
103.97.52.0/24 maxlen: 24
103.97.53.0/24 maxlen: 24
103.97.54.0/24 maxlen: 24
103.97.55.0/24 maxlen: 24
203.18.194.0/24 maxlen: 24
2402:1b80::/40 maxlen: 40
2402:1b80:10::/48 maxlen: 48
2402:1b80:11::/48 maxlen: 48
2402:1b80:14::/48 maxlen: 48
2402:1b80:103::/48 maxlen: 48
2402:1b80:104::/48 maxlen: 48
2402:1b80:106::/48 maxlen: 48
2402:1b80:203::/48 maxlen: 48
2402:1b80:204::/48 maxlen: 48
2402:1b80:206::/48 maxlen: 48
2402:1b80:300::/40 maxlen: 40
2402:1b80:304::/48 maxlen: 48
2402:1b80:306::/48 maxlen: 48
2402:1b80:403::/48 maxlen: 48
2402:1b80:3000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 19 Jun 2024 22:27:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1171 (0x493)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Validity
Not Before: Oct 25 00:32:50 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65386232-ce32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5a:a6:22:17:d4:af:82:be:5d:c4:c6:d6:38:
5c:0e:2e:2a:a2:2d:72:14:59:da:9a:d2:14:a0:6b:
6b:d4:9f:02:f2:3b:4f:9e:28:3a:e6:f8:7a:ec:5d:
13:94:13:5b:a2:bf:a9:9c:80:04:62:25:1e:5c:7d:
d2:20:e8:3b:0d:5a:5d:18:5b:6e:f2:eb:e3:eb:bb:
5c:fd:b5:49:8a:48:b5:97:5d:d6:01:00:5a:8c:28:
5b:d0:7b:b7:f8:7c:da:e7:d1:94:58:7f:b1:d9:7d:
fe:c8:66:1b:b4:c9:62:c9:d1:91:01:82:8b:d6:20:
d2:e1:8c:4c:14:b6:28:79:2f:cb:61:57:27:3c:62:
28:5a:0b:b3:34:25:5e:cb:95:d3:a8:3d:6c:6e:80:
10:aa:f3:79:b4:36:5b:76:4f:5e:04:46:6c:4f:d4:
21:4d:67:17:89:ff:27:3d:0d:14:10:98:f8:6b:7f:
e5:80:13:a0:32:ec:5d:9d:ca:4d:98:9b:61:5e:79:
a3:b5:fc:1d:39:00:02:d7:dc:97:53:24:43:d3:ab:
15:b1:9b:56:04:a9:47:19:bc:24:30:86:4b:50:f7:
e8:84:1d:8d:56:d5:cc:84:e6:b3:0d:16:0e:85:82:
2c:58:ee:03:77:cc:6c:a7:79:5c:59:47:55:98:2b:
5a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:72:AF:DA:BE:C8:FF:84:93:92:D2:F1:66:1F:B4:6E:F0:F9:82:29
X509v3 Authority Key Identifier:
keyid:31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.244.0/22
103.21.108.0/24
103.52.116.0/22
103.97.52.0/22
203.18.194.0/24
IPv6:
2402:1b80::/40
2402:1b80:103::-2402:1b80:104:ffff:ffff:ffff:ffff:ffff
2402:1b80:106::/48
2402:1b80:203::-2402:1b80:204:ffff:ffff:ffff:ffff:ffff
2402:1b80:206::/48
2402:1b80:300::/40
2402:1b80:403::/48
2402:1b80:3000::/40
Signature Algorithm: sha256WithRSAEncryption
33:90:46:f1:e8:ec:83:8c:a9:b3:3c:52:c5:17:9a:21:fb:3a:
61:e9:f5:d0:3b:b5:f9:05:cf:2e:2c:24:0f:d3:fa:23:0d:2c:
50:8f:a8:b5:a8:b1:03:60:18:74:e5:3a:de:4d:86:44:e9:95:
38:4b:e5:a1:b5:9c:07:de:eb:9a:e1:21:02:22:44:cb:b0:7d:
f8:2f:27:f1:92:05:40:24:01:e2:d1:b1:94:29:c2:f2:34:d4:
80:bb:52:d8:ee:df:4b:b9:cf:1e:af:db:11:a6:5e:08:f0:f9:
a9:42:45:7c:8e:19:5a:c6:a8:39:60:f8:ad:60:66:03:e1:10:
af:c8:52:79:57:60:84:b1:22:54:7c:fe:4b:ab:08:5e:59:f8:
1e:c9:c1:85:7a:a3:de:96:ae:e2:80:ba:a3:84:c0:8e:eb:49:
49:4d:a2:34:aa:ea:9c:40:12:93:57:09:c8:da:ff:89:e2:d0:
a4:aa:29:3e:b9:f9:dc:59:ce:a3:31:49:77:5b:f0:9e:1a:24:
0f:77:4e:c4:b9:9f:80:c2:82:4a:da:ab:55:30:2b:15:72:8f:
69:c5:b1:8d:42:3e:c5:9d:cf:c5:35:fb:e0:a6:5f:cc:0d:b2:
be:fb:c1:e7:2c:82:ef:71:cc:d1:42:27:4c:37:81:44:fa:04:
b2:67:23:f4
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgICBJMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQzRjMxMTAvBgNVBAUTKDMxN0MzMDdGRkM2RUNCNkNGNjU2RjI2QjgyODJGRkI5
RTYyRjkzNjUwHhcNMjMxMDI1MDAzMjUwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTM4NjIzMi1jZTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxFqmIhfUr4K+XcTG1jhcDi4qoi1yFFnamtIUoGtr1J8C8jtPnig65vh67F0T
lBNbor+pnIAEYiUeXH3SIOg7DVpdGFtu8uvj67tc/bVJiki1l13WAQBajChb0Hu3
+Hza59GUWH+x2X3+yGYbtMliydGRAYKL1iDS4YxMFLYoeS/LYVcnPGIoWguzNCVe
y5XTqD1sboAQqvN5tDZbdk9eBEZsT9QhTWcXif8nPQ0UEJj4a3/lgBOgMuxdncpN
mJthXnmjtfwdOQAC19yXUyRD06sVsZtWBKlHGbwkMIZLUPfohB2NVtXMhOazDRYO
hYIsWO4Dd8xsp3lcWUdVmCtaTwIDAQABo4IDEzCCAw8wHQYDVR0OBBYEFGZyr9q+
yP+Ek5LS8WYftG7w+YIpMB8GA1UdIwQYMBaAFDF8MH/8bsts9lbya4KC/7nmL5Nl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDNGMy9CMjU0NDgxQUNB
MzQxMUVCOEM5MEQ5NDFDNEY5QUUwMi9NWHd3Zl94dXkyejJWdkpyZ29MX3VlWXZr
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01Yd3dmX3h1eTJ6MlZ2SnJnb0xfdWVZdmsyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQzRjMvQjI1NDQ4MUFDQTM0MTFFQjhDOTBEOTQxQzRGOUFFMDIvQjkwMjUzMkVG
RUEyMTFFREI5MDEzMDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZwGCCsGAQUFBwEHAQH/
BIGMMIGJMCQEAgABMB4DBAItcPQDBABnFWwDBAJnNHQDBAJnYTQDBADLEsIwYQQC
AAIwWwMGACQCG4AAMBIDBwAkAhuAAQMDBwAkAhuAAQQDBwAkAhuAAQYwEgMHACQC
G4ACAwMHACQCG4ACBAMHACQCG4ACBgMGACQCG4ADAwcAJAIbgAQDAwYAJAIbgDAw
DQYJKoZIhvcNAQELBQADggEBADOQRvHo7IOMqbM8UsUXmiH7OmHp9dA7tfkFzy4s
JA/T+iMNLFCPqLWosQNgGHTlOt5NhkTplThL5aG1nAfe65rhIQIiRMuwffgvJ/GS
BUAkAeLRsZQpwvI01IC7Utju30u5zx6v2xGmXgjw+alCRXyOGVrGqDlg+K1gZgPh
EK/IUnlXYISxIlR8/kurCF5Z+B7JwYV6o96WruKAuqOEwI7rSUlNojSq6pxAEpNX
Ccja/4ni0KSqKT65+dxZzqMxSXdb8J4aJA93TsS5n4DCgkraq1UwKxVyj2nFsY1C
PsWdz8U1++CmX8wNsr77wecsgu9xzNFCJ0w3gUT6BLJnI/Q=
-----END CERTIFICATE-----
Generated at Thu Jun 13 03:15:38 2024 by rpki-client on console-ams.rpki-client.org