Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914A8CB/C8B0F4F221C111E7954E8717C4F9AE02/90C8D27021C211E786829418C4F9AE02.roa
File: 90C8D27021C211E786829418C4F9AE02.roa (raw, json)
Hash identifier: LAyDzMwa+0p5sRd95KyHExi3C3Z0niccQY6hw3OgiYs=
Subject key identifier: 93:BA:D3:F2:5B:48:62:03:02:59:91:FF:9D:44:5C:2E:55:AD:24:76
Certificate issuer: /CN=A914A8CB/serialNumber=FF3278A3AD58B18A546E3FEDCD537840527767A8
Certificate serial: 1A63
Authority key identifier: FF:32:78:A3:AD:58:B1:8A:54:6E:3F:ED:CD:53:78:40:52:77:67:A8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_zJ4o61YsYpUbj_tzVN4QFJ3Z6g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914A8CB/C8B0F4F221C111E7954E8717C4F9AE02/90C8D27021C211E786829418C4F9AE02.roa
Signing time: Wed 22 May 2024 16:54:30 +0000
ROA not before: Wed 22 May 2024 16:54:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45766
IP address blocks: 45.127.48.0/22 maxlen: 22
45.127.48.0/22 maxlen: 24
45.127.48.0/23 maxlen: 23
45.127.48.0/24 maxlen: 24
45.127.49.0/24 maxlen: 24
45.127.50.0/23 maxlen: 23
45.127.50.0/24 maxlen: 24
45.127.51.0/24 maxlen: 24
103.40.226.0/23 maxlen: 23
103.40.226.0/23 maxlen: 24
103.40.226.0/24 maxlen: 24
103.40.227.0/24 maxlen: 24
103.51.2.0/23 maxlen: 23
103.51.2.0/23 maxlen: 24
103.51.2.0/24 maxlen: 24
103.51.3.0/24 maxlen: 24
113.21.228.0/22 maxlen: 22
113.21.228.0/22 maxlen: 24
113.21.228.0/23 maxlen: 23
113.21.228.0/24 maxlen: 24
113.21.229.0/24 maxlen: 24
113.21.230.0/23 maxlen: 23
113.21.230.0/24 maxlen: 24
113.21.231.0/24 maxlen: 24
2400:f940::/32 maxlen: 32
2400:f940::/32 maxlen: 34
2400:f940::/33 maxlen: 33
2400:f940::/34 maxlen: 34
2400:f940::/48 maxlen: 48
2400:f940:10::/48 maxlen: 48
2400:f940:11::/48 maxlen: 48
2400:f940:12::/48 maxlen: 48
2400:f940:4000::/34 maxlen: 34
2400:f940:8000::/33 maxlen: 33
2400:f940:8000::/34 maxlen: 34
2400:f940:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914A8CB/C8B0F4F221C111E7954E8717C4F9AE02/_zJ4o61YsYpUbj_tzVN4QFJ3Z6g.crl
rsync://rpki.apnic.net/member_repository/A914A8CB/C8B0F4F221C111E7954E8717C4F9AE02/_zJ4o61YsYpUbj_tzVN4QFJ3Z6g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_zJ4o61YsYpUbj_tzVN4QFJ3Z6g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 01 Jul 2024 16:40:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6755 (0x1a63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914A8CB/serialNumber=FF3278A3AD58B18A546E3FEDCD537840527767A8
Validity
Not Before: May 22 16:54:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=664e2346-4b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e8:d0:34:8b:5d:e9:74:b0:40:40:7d:ca:5e:
f3:04:2d:a6:29:29:c5:a8:e5:2a:8a:5d:bb:95:15:
94:56:0f:dc:ae:9d:bd:33:58:c6:69:66:ed:f6:7f:
d9:41:8e:9a:b2:ff:1b:af:3e:09:38:be:42:96:8f:
9c:35:ae:25:50:c5:40:f4:dd:5a:96:b9:12:bc:98:
76:4b:f2:bf:b8:0d:21:dc:ba:c1:95:35:01:11:59:
bd:f8:1a:e9:09:aa:b2:16:d0:47:c8:72:4c:a4:86:
68:63:eb:83:78:fd:36:ab:32:9b:02:a2:59:f4:4e:
ae:15:0b:9a:f3:98:15:9e:b5:8d:dc:22:ed:b5:de:
0b:78:e3:f9:ea:ff:d7:d2:84:fa:bd:3f:95:e4:2b:
3c:9d:8c:31:2b:2b:9b:ca:4d:9b:83:4a:41:5e:5e:
8c:88:ad:b0:1f:ae:ea:d8:7b:d4:40:a6:fb:d1:dd:
5e:83:1d:28:79:d2:c6:cb:6d:65:0c:75:1e:ff:96:
2c:e4:de:ca:b8:ed:5f:5e:f2:11:f4:0d:71:0e:68:
a1:ae:21:6a:d1:62:7b:b0:35:14:7e:29:28:e9:9b:
1a:28:2f:31:7d:97:6e:a2:1e:d7:f2:4d:80:04:68:
56:b6:00:cb:76:6d:f5:b3:94:c6:7e:3d:83:2f:e1:
78:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:BA:D3:F2:5B:48:62:03:02:59:91:FF:9D:44:5C:2E:55:AD:24:76
X509v3 Authority Key Identifier:
keyid:FF:32:78:A3:AD:58:B1:8A:54:6E:3F:ED:CD:53:78:40:52:77:67:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914A8CB/C8B0F4F221C111E7954E8717C4F9AE02/_zJ4o61YsYpUbj_tzVN4QFJ3Z6g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_zJ4o61YsYpUbj_tzVN4QFJ3Z6g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A8CB/C8B0F4F221C111E7954E8717C4F9AE02/90C8D27021C211E786829418C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.127.48.0/22
103.40.226.0/23
103.51.2.0/23
113.21.228.0/22
IPv6:
2400:f940::/32
Signature Algorithm: sha256WithRSAEncryption
97:80:98:0c:12:73:80:80:f8:25:7d:7d:f1:a7:8a:9f:2f:72:
f2:94:14:1c:e9:9f:d8:91:6b:dd:4c:68:5f:41:20:13:75:c5:
ec:20:5b:03:85:70:89:a6:90:ae:c3:d7:a6:02:0f:ec:00:1e:
fe:38:73:b3:38:a3:1c:eb:67:9e:92:e1:0c:1c:8a:24:6d:99:
f5:ae:8a:df:99:6e:6a:f6:08:ac:69:a6:38:93:6b:5d:a6:b7:
3e:14:db:41:d6:c5:20:8b:3c:06:76:e8:04:6d:e0:e3:df:2c:
0c:ee:f3:53:a7:0f:e6:e5:e0:67:90:b9:9b:09:71:97:44:a7:
bf:29:05:f2:dd:76:93:9a:55:3a:2d:64:09:85:c6:70:79:bd:
eb:2c:b1:d7:61:5c:dc:32:1c:e3:f3:2a:a8:4c:da:f0:46:8c:
ba:26:db:9b:b2:bc:3c:cc:fb:8b:03:95:4b:ad:dc:23:39:f6:
53:67:16:6e:cf:9e:45:6a:75:56:b8:a9:f3:21:8a:da:4b:52:
c7:7f:4d:44:9f:50:8a:19:2a:47:19:2c:07:59:ac:07:b6:5d:
2d:57:11:ac:a1:a6:65:20:8b:e9:4d:73:3e:de:04:2f:ea:74:
5e:61:c3:42:46:e6:14:b4:6a:b8:78:20:5a:0b:b8:57:09:15:
c2:af:d3:90
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICGmMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEE4Q0IxMTAvBgNVBAUTKEZGMzI3OEEzQUQ1OEIxOEE1NDZFM0ZFRENENTM3ODQw
NTI3NzY3QTgwHhcNMjQwNTIyMTY1NDMwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRlMjM0Ni00Yjc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu+jQNItd6XSwQEB9yl7zBC2mKSnFqOUqil27lRWUVg/crp29M1jGaWbt9n/Z
QY6asv8brz4JOL5Clo+cNa4lUMVA9N1alrkSvJh2S/K/uA0h3LrBlTUBEVm9+Brp
CaqyFtBHyHJMpIZoY+uDeP02qzKbAqJZ9E6uFQua85gVnrWN3CLttd4LeOP56v/X
0oT6vT+V5Cs8nYwxKyubyk2bg0pBXl6MiK2wH67q2HvUQKb70d1egx0oedLGy21l
DHUe/5Ys5N7KuO1fXvIR9A1xDmihriFq0WJ7sDUUfiko6ZsaKC8xfZduoh7X8k2A
BGhWtgDLdm31s5TGfj2DL+F4RQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFJO60/Jb
SGIDAlmR/51EXC5VrSR2MB8GA1UdIwQYMBaAFP8yeKOtWLGKVG4/7c1TeEBSd2eo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QThDQi9DOEIwRjRGMjIx
QzExMUU3OTU0RTg3MTdDNEY5QUUwMi9feko0bzYxWXNZcFVial90elZONFFGSjNa
NmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL196SjRvNjFZc1lwVWJqX3R6Vk40UUZKM1o2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEE4Q0IvQzhCMEY0RjIyMUMxMTFFNzk1NEU4NzE3QzRGOUFFMDIvOTBDOEQyNzAy
MUMyMTFFNzg2ODI5NDE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAItfzADBAFnKOIDBAFnMwIDBAJxFeQwDQQCAAIwBwMFACQA
+UAwDQYJKoZIhvcNAQELBQADggEBAJeAmAwSc4CA+CV9ffGnip8vcvKUFBzpn9iR
a91MaF9BIBN1xewgWwOFcImmkK7D16YCD+wAHv44c7M4oxzrZ56S4QwciiRtmfWu
it+Zbmr2CKxppjiTa12mtz4U20HWxSCLPAZ26ARt4OPfLAzu81OnD+bl4GeQuZsJ
cZdEp78pBfLddpOaVTotZAmFxnB5vesssddhXNwyHOPzKqhM2vBGjLom25uyvDzM
+4sDlUut3CM59lNnFm7PnkVqdVa4qfMhitpLUsd/TUSfUIoZKkcZLAdZrAe2XS1X
EayhpmUgi+lNcz7eBC/qdF5hw0JG5hS0arh4IFoLuFcJFcKv05A=
-----END CERTIFICATE-----
Generated at Mon Jun 24 18:31:55 2024 by rpki-client on console-fra.rpki-client.org