Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/744D8A1005EE11EF851FA42FC4F9AE02.roa
File: 744D8A1005EE11EF851FA42FC4F9AE02.roa (raw, json)
Hash identifier: g7/I1107TKCwjJnWd7arEQMGj8EBr7MRJOF1ZUaFXNI=
Subject key identifier: A2:DF:7F:08:65:D0:92:B6:62:34:11:B3:C3:9F:E9:30:2C:49:1D:98
Certificate issuer: /CN=A91847C2/serialNumber=3885F9D2FD0860283B55381F1C4F4A5A3A1EEF3F
Certificate serial: 65
Authority key identifier: 38:85:F9:D2:FD:08:60:28:3B:55:38:1F:1C:4F:4A:5A:3A:1E:EF:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIX50v0IYCg7VTgfHE9KWjoe7z8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/744D8A1005EE11EF851FA42FC4F9AE02.roa
Signing time: Thu 07 Nov 2024 05:18:34 +0000
ROA not before: Thu 07 Nov 2024 05:18:34 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 7131
IP address blocks: 45.117.196.0/22 maxlen: 22
45.117.196.0/24 maxlen: 24
45.117.197.0/24 maxlen: 24
45.117.198.0/24 maxlen: 24
45.117.199.0/24 maxlen: 24
103.1.96.0/22 maxlen: 22
103.1.96.0/24 maxlen: 24
103.1.97.0/24 maxlen: 24
103.1.98.0/24 maxlen: 24
103.1.99.0/24 maxlen: 24
103.57.232.0/22 maxlen: 22
103.57.232.0/24 maxlen: 24
103.57.233.0/24 maxlen: 24
103.57.234.0/24 maxlen: 24
103.57.235.0/24 maxlen: 24
202.88.64.0/20 maxlen: 20
202.88.64.0/24 maxlen: 24
202.88.65.0/24 maxlen: 24
202.88.66.0/24 maxlen: 24
202.88.67.0/24 maxlen: 24
202.88.68.0/24 maxlen: 24
202.88.69.0/24 maxlen: 24
202.88.70.0/24 maxlen: 24
202.88.71.0/24 maxlen: 24
202.88.72.0/24 maxlen: 24
202.88.73.0/24 maxlen: 24
202.88.74.0/24 maxlen: 24
202.88.75.0/24 maxlen: 24
202.88.76.0/24 maxlen: 24
202.88.77.0/24 maxlen: 24
202.88.78.0/24 maxlen: 24
202.88.79.0/24 maxlen: 24
202.88.80.0/20 maxlen: 20
202.88.80.0/24 maxlen: 24
202.88.81.0/24 maxlen: 24
202.88.82.0/24 maxlen: 24
202.88.83.0/24 maxlen: 24
202.88.84.0/24 maxlen: 24
202.88.85.0/24 maxlen: 24
202.88.86.0/24 maxlen: 24
202.88.87.0/24 maxlen: 24
202.88.88.0/24 maxlen: 24
202.88.89.0/24 maxlen: 24
202.88.90.0/24 maxlen: 24
202.88.91.0/24 maxlen: 24
202.88.92.0/24 maxlen: 24
202.88.93.0/24 maxlen: 24
202.88.94.0/24 maxlen: 24
202.88.95.0/24 maxlen: 24
210.23.80.0/20 maxlen: 20
210.23.80.0/24 maxlen: 24
210.23.81.0/24 maxlen: 24
210.23.82.0/24 maxlen: 24
210.23.83.0/24 maxlen: 24
210.23.84.0/24 maxlen: 24
210.23.85.0/24 maxlen: 24
210.23.86.0/24 maxlen: 24
210.23.87.0/24 maxlen: 24
210.23.88.0/24 maxlen: 24
210.23.89.0/24 maxlen: 24
210.23.90.0/24 maxlen: 24
210.23.91.0/24 maxlen: 24
210.23.92.0/24 maxlen: 24
210.23.93.0/24 maxlen: 24
210.23.94.0/24 maxlen: 24
210.23.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.crl
rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIX50v0IYCg7VTgfHE9KWjoe7z8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101 (0x65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91847C2/serialNumber=3885F9D2FD0860283B55381F1C4F4A5A3A1EEF3F
Validity
Not Before: Nov 7 05:18:34 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=672c4daa-8421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:be:46:61:d2:24:6f:7f:fb:4a:a9:92:d8:87:
cc:88:4b:a5:c1:d4:41:6d:14:11:e3:07:83:1f:e0:
14:76:16:fa:04:16:3f:06:f4:07:bd:e8:cb:f4:b5:
47:79:b1:c7:e7:18:bc:29:e9:e3:3d:23:e5:91:73:
90:4e:76:e7:05:59:92:e6:ce:e9:5a:05:97:3f:ba:
81:9a:89:ed:5a:43:3f:5b:53:b3:52:66:46:02:cd:
16:58:49:c2:72:51:0a:df:3f:55:90:23:90:19:3f:
29:f3:15:be:fc:c5:e2:4b:71:e3:36:4f:2c:89:da:
7e:01:f4:d6:b9:b7:f6:bd:8b:db:11:80:ab:6e:f1:
64:b1:12:d5:76:43:cc:2d:21:f8:63:c7:2d:6f:da:
b1:7f:dc:c3:5b:15:49:7c:b7:fb:53:1a:ca:5e:49:
f4:13:de:bb:0e:58:49:5c:fc:20:28:31:35:c1:0c:
4a:e5:57:5c:ff:4e:0b:32:35:3f:7a:6e:8a:dd:89:
d2:8e:55:4f:3d:8a:8b:53:5a:98:9f:71:d3:2d:2c:
1f:fd:5c:07:3d:a9:ca:37:dd:9e:68:2d:c3:23:9c:
be:78:6a:02:aa:94:e1:74:74:da:db:95:6c:19:71:
ab:28:10:33:e4:e9:aa:12:3b:cc:30:e2:94:8a:57:
8b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:DF:7F:08:65:D0:92:B6:62:34:11:B3:C3:9F:E9:30:2C:49:1D:98
X509v3 Authority Key Identifier:
keyid:38:85:F9:D2:FD:08:60:28:3B:55:38:1F:1C:4F:4A:5A:3A:1E:EF:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/OIX50v0IYCg7VTgfHE9KWjoe7z8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OIX50v0IYCg7VTgfHE9KWjoe7z8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847C2/B92BFAD405EB11EF956BD643C4F9AE02/744D8A1005EE11EF851FA42FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.196.0/22
103.1.96.0/22
103.57.232.0/22
202.88.64.0/19
210.23.80.0/20
Signature Algorithm: sha256WithRSAEncryption
1d:f3:d4:9b:ea:57:f9:58:29:52:4f:2a:53:c0:ae:ae:94:b1:
ce:08:4d:c9:fc:31:2e:7b:4c:05:3d:99:d8:38:8a:d8:ab:c0:
f0:91:1e:c9:ee:e1:b6:03:a6:4f:11:93:4d:27:f4:13:63:6b:
d7:4b:7e:8c:40:ec:ec:f7:eb:e0:e7:b6:f9:23:2d:d0:26:be:
90:be:61:e4:e1:94:6d:0a:15:d4:02:c7:4c:cd:c1:ee:66:96:
45:fd:a8:e4:4f:9f:6b:60:7c:f0:44:d0:6b:4b:51:1f:97:df:
5e:76:9a:6c:83:36:58:90:08:5a:20:ee:36:81:1f:5f:a6:0f:
83:36:b9:b2:cf:2c:c6:9f:e6:4d:91:2c:9d:70:26:72:11:a2:
07:75:58:aa:2c:ea:32:cc:5e:d6:3a:06:13:87:86:13:84:2e:
f8:11:d7:bc:df:ab:10:8c:92:69:7d:50:3b:87:99:4a:7f:e2:
67:8a:09:1e:8b:8f:49:87:e6:6d:13:e2:b7:ee:51:ca:0e:0d:
ce:c0:e1:f9:20:3d:49:42:1b:c1:50:00:92:63:97:44:3d:0e:
4c:d6:db:e0:53:9f:2e:6c:b6:8d:b0:ff:de:f4:56:de:0f:33:
c7:3b:5e:2b:b5:40:1e:36:88:3a:a2:f1:c6:a0:b7:40:33:6d:
76:c9:75:14
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBZTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NDdDMjExMC8GA1UEBRMoMzg4NUY5RDJGRDA4NjAyODNCNTUzODFGMUM0RjRBNUEz
QTFFRUYzRjAeFw0yNDExMDcwNTE4MzRaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MmM0ZGFhLTg0MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQvkZh0iRvf/tKqZLYh8yIS6XB1EFtFBHjB4Mf4BR2FvoEFj8G9Ae96Mv0tUd5
scfnGLwp6eM9I+WRc5BOducFWZLmzulaBZc/uoGaie1aQz9bU7NSZkYCzRZYScJy
UQrfP1WQI5AZPynzFb78xeJLceM2TyyJ2n4B9Na5t/a9i9sRgKtu8WSxEtV2Q8wt
Ifhjxy1v2rF/3MNbFUl8t/tTGspeSfQT3rsOWElc/CAoMTXBDErlV1z/TgsyNT96
bordidKOVU89iotTWpifcdMtLB/9XAc9qco33Z5oLcMjnL54agKqlOF0dNrblWwZ
casoEDPk6aoSO8ww4pSKV4svAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQUot9/CGXQ
krZiNBGzw5/pMCxJHZgwHwYDVR0jBBgwFoAUOIX50v0IYCg7VTgfHE9KWjoe7z8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg0N0MyL0I5MkJGQUQ0MDVF
QjExRUY5NTZCRDY0M0M0RjlBRTAyL09JWDUwdjBJWUNnN1ZUZ2ZIRTlLV2pvZTd6
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvT0lYNTB2MElZQ2c3VlRnZkhFOUtXam9lN3o4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NDdDMi9COTJCRkFENDA1RUIxMUVGOTU2QkQ2NDNDNEY5QUUwMi83NDREOEExMDA1
RUUxMUVGODUxRkE0MkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQo
MCYwJAQCAAEwHgMEAi11xAMEAmcBYAMEAmc56AMEBcpYQAMEBNIXUDANBgkqhkiG
9w0BAQsFAAOCAQEAHfPUm+pX+VgpUk8qU8CurpSxzghNyfwxLntMBT2Z2DiK2KvA
8JEeye7htgOmTxGTTSf0E2Nr10t+jEDs7Pfr4Oe2+SMt0Ca+kL5h5OGUbQoV1ALH
TM3B7maWRf2o5E+fa2B88ETQa0tRH5ffXnaabIM2WJAIWiDuNoEfX6YPgza5ss8s
xp/mTZEsnXAmchGiB3VYqizqMsxe1joGE4eGE4Qu+BHXvN+rEIySaX1QO4eZSn/i
Z4oJHouPSYfmbRPit+5Ryg4NzsDh+SA9SUIbwVAAkmOXRD0OTNbb4FOfLmy2jbD/
3vRW3g8zxzteK7VAHjaIOqLxxqC3QDNtdsl1FA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:40:07 2024 by rpki-client on console-ams.rpki-client.org