Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6E3B2B58070211EB85C3297EC4F9AE02.roa
File: 6E3B2B58070211EB85C3297EC4F9AE02.roa (raw, json)
Hash identifier: GwGesDH4eXe9mvuzhwelqI0UfZnLpEH3rwoetoxc9gk=
Subject key identifier: 7E:A8:E3:9C:CA:16:12:47:DC:18:A2:5F:B4:21:74:F5:A5:30:8D:D5
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 718A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6E3B2B58070211EB85C3297EC4F9AE02.roa
Signing time: Wed 10 May 2023 16:48:45 +0000
ROA not before: Wed 10 May 2023 16:48:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45415
IP address blocks: 27.0.48.0/20 maxlen: 23
27.0.49.0/24 maxlen: 24
27.0.50.0/23 maxlen: 24
27.0.52.0/22 maxlen: 24
27.0.56.0/22 maxlen: 24
27.0.60.0/24 maxlen: 24
27.0.62.0/24 maxlen: 24
43.246.156.0/22 maxlen: 24
45.112.12.0/22 maxlen: 24
45.112.40.0/22 maxlen: 24
45.114.248.0/22 maxlen: 24
103.17.104.0/22 maxlen: 23
103.17.104.0/23 maxlen: 24
103.17.106.0/24 maxlen: 24
103.20.64.0/22 maxlen: 24
103.170.10.0/23 maxlen: 24
103.224.4.0/22 maxlen: 24
103.228.40.0/22 maxlen: 24
103.233.112.0/22 maxlen: 24
103.245.64.0/22 maxlen: 24
115.69.240.0/22 maxlen: 24
115.69.244.0/22 maxlen: 24
115.69.248.0/22 maxlen: 24
115.69.252.0/22 maxlen: 23
115.69.252.0/24 maxlen: 24
115.69.254.0/23 maxlen: 24
150.107.96.0/22 maxlen: 24
2406:ab00::/32 maxlen: 32
2407:8700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29066 (0x718a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:48:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bcaec-823d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:af:a7:ec:4e:51:c7:8b:fd:aa:da:3b:84:d1:
de:da:92:f0:27:8f:bc:bd:96:f9:a9:20:fe:d6:f0:
2d:15:d2:7a:e3:57:c1:eb:b3:7f:a4:24:51:cb:c3:
fc:46:33:d9:c2:e0:29:8f:ee:21:23:60:d9:d1:18:
22:52:ed:74:94:5e:4e:7c:64:4a:82:fa:f2:8a:be:
31:98:73:ee:c3:ea:e2:4e:2f:da:c0:cb:64:88:44:
26:76:04:8c:c5:92:ee:1a:84:d1:31:dd:16:7c:13:
3f:5c:8c:b9:45:4a:15:e9:48:0c:32:00:df:a4:ef:
3b:ca:2f:5a:f6:fb:9e:f5:1b:91:09:2a:90:ce:38:
03:25:67:89:ef:a5:44:10:f4:d6:9d:71:de:67:71:
72:e4:3c:03:63:b7:ee:bb:f4:82:cd:49:35:a4:43:
ae:50:8f:49:a7:69:e6:83:15:41:10:74:83:cc:3b:
0c:ac:38:bb:c0:7f:c0:d9:03:ab:10:1e:bb:f7:7f:
2c:79:c1:38:07:50:32:c0:8b:a7:b3:bb:68:41:d8:
a8:a6:c5:7c:09:82:f7:ba:ef:04:5e:11:3f:3f:07:
3f:fd:6d:49:d7:ce:b5:a6:6c:5f:40:c4:a5:82:ed:
50:eb:39:d0:db:c4:27:d1:1a:bd:0e:27:e9:51:db:
33:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A8:E3:9C:CA:16:12:47:DC:18:A2:5F:B4:21:74:F5:A5:30:8D:D5
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6E3B2B58070211EB85C3297EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.0.48.0/20
43.246.156.0/22
45.112.12.0/22
45.112.40.0/22
45.114.248.0/22
103.17.104.0/22
103.20.64.0/22
103.170.10.0/23
103.224.4.0/22
103.228.40.0/22
103.233.112.0/22
103.245.64.0/22
115.69.240.0/20
150.107.96.0/22
IPv6:
2406:ab00::/32
2407:8700::/32
Signature Algorithm: sha256WithRSAEncryption
33:db:cb:6a:36:0c:71:51:09:fc:87:20:26:ad:95:a4:4b:d1:
d2:78:07:4b:e8:c7:82:95:3b:70:64:2a:36:10:ad:c8:18:12:
3a:2e:24:93:04:8d:a5:44:31:c8:a9:ed:69:05:e9:90:7e:d9:
a1:a5:1e:37:0e:15:74:e1:2a:ff:13:de:64:05:72:56:ec:af:
53:11:7d:7a:0f:7c:08:58:3d:e5:7c:83:ca:0a:c1:2d:89:32:
81:42:f0:da:2c:4c:30:73:f3:20:d1:7b:0a:80:46:05:30:89:
49:5a:e5:38:7d:ca:f5:f8:e5:e4:9d:d6:a3:d7:d7:5c:72:08:
34:41:13:88:e8:59:66:28:01:73:01:e9:95:89:3f:a3:a7:cd:
c6:9f:b9:6f:8d:f5:33:91:2e:49:cc:67:5f:e1:e0:75:60:bd:
e6:d2:fe:d7:e6:85:f6:32:44:f0:5f:29:d2:a0:4e:ab:23:ee:
b7:c8:1f:a2:7e:22:a0:0e:0f:ac:26:ef:7f:78:76:2c:d7:ee:
2a:40:bf:eb:c8:9a:45:87:c6:bd:8d:3e:da:1c:26:85:82:83:
65:78:60:11:73:fb:8e:8f:72:01:33:01:07:ea:ef:c7:04:80:
94:ad:5e:61:b5:d2:c5:fa:4e:81:5a:18:0a:5b:31:57:6e:e3:
36:f5:ba:91
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgICcYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTY0ODQ1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViY2FlYy04MjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1q+n7E5Rx4v9qto7hNHe2pLwJ4+8vZb5qSD+1vAtFdJ641fB67N/pCRRy8P8
RjPZwuApj+4hI2DZ0RgiUu10lF5OfGRKgvryir4xmHPuw+riTi/awMtkiEQmdgSM
xZLuGoTRMd0WfBM/XIy5RUoV6UgMMgDfpO87yi9a9vue9RuRCSqQzjgDJWeJ76VE
EPTWnXHeZ3Fy5DwDY7fuu/SCzUk1pEOuUI9Jp2nmgxVBEHSDzDsMrDi7wH/A2QOr
EB67938secE4B1AywIuns7toQdiopsV8CYL3uu8EXhE/Pwc//W1J1861pmxfQMSl
gu1Q6znQ28Qn0Rq9DifpUdsztQIDAQABo4IC+jCCAvYwHQYDVR0OBBYEFH6o45zK
FhJH3BiiX7QhdPWlMI3VMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNkUzQjJCNTgw
NzAyMTFFQjg1QzMyOTdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYMGCCsGAQUFBwEHAQH/
BHQwcjBaBAIAATBUAwQEGwAwAwQCK/acAwQCLXAMAwQCLXAoAwQCLXL4AwQCZxFo
AwQCZxRAAwQBZ6oKAwQCZ+AEAwQCZ+QoAwQCZ+lwAwQCZ/VAAwQEc0XwAwQClmtg
MBQEAgACMA4DBQAkBqsAAwUAJAeHADANBgkqhkiG9w0BAQsFAAOCAQEAM9vLajYM
cVEJ/IcgJq2VpEvR0ngHS+jHgpU7cGQqNhCtyBgSOi4kkwSNpUQxyKntaQXpkH7Z
oaUeNw4VdOEq/xPeZAVyVuyvUxF9eg98CFg95XyDygrBLYkygULw2ixMMHPzINF7
CoBGBTCJSVrlOH3K9fjl5J3Wo9fXXHIINEETiOhZZigBcwHplYk/o6fNxp+5b431
M5EuScxnX+HgdWC95tL+1+aF9jJE8F8p0qBOqyPut8gfon4ioA4PrCbvf3h2LNfu
KkC/68iaRYfGvY0+2hwmhYKDZXhgEXP7jo9yATMBB+rvxwSAlK1eYbXSxfpOgVoY
ClsxV27jNvW6kQ==
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:19:36 2024 by rpki-client on console-ams.rpki-client.org