Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192210/5CA373D8127811EBA8592412C4F9AE02/955B70D2A8C111EC82C6CD3AC4F9AE02.roa
File: 955B70D2A8C111EC82C6CD3AC4F9AE02.roa (raw, json)
Hash identifier: XN7Hg+IUpOPmqlqDvxsi4aWx0G9FXaRRB0MCA+S5kT4=
Subject key identifier: 50:D7:C0:6E:8B:72:50:BD:E2:AD:AE:B3:B5:A2:97:6E:74:89:C0:A5
Certificate issuer: /CN=A9192210/serialNumber=781F95B0C8AB2EF7FD73CF8FC10D2FA86ECCDC4A
Certificate serial: 061E
Authority key identifier: 78:1F:95:B0:C8:AB:2E:F7:FD:73:CF:8F:C1:0D:2F:A8:6E:CC:DC:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eB-VsMirLvf9c8-PwQ0vqG7M3Eo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192210/5CA373D8127811EBA8592412C4F9AE02/955B70D2A8C111EC82C6CD3AC4F9AE02.roa
Signing time: Sat 27 May 2023 00:36:36 +0000
ROA not before: Sat 27 May 2023 00:36:36 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 38803
IP address blocks: 1.0.4.0/22 maxlen: 22
1.0.4.0/24 maxlen: 24
1.0.5.0/24 maxlen: 24
1.0.6.0/24 maxlen: 24
1.0.7.0/24 maxlen: 24
43.252.108.0/22 maxlen: 22
43.252.108.0/24 maxlen: 24
43.252.109.0/24 maxlen: 24
43.252.110.0/24 maxlen: 24
43.252.111.0/24 maxlen: 24
45.124.164.0/22 maxlen: 22
45.124.164.0/24 maxlen: 24
45.124.165.0/24 maxlen: 24
45.124.166.0/24 maxlen: 24
45.124.167.0/24 maxlen: 24
103.2.176.0/22 maxlen: 22
103.26.60.0/22 maxlen: 22
103.26.60.0/24 maxlen: 24
103.26.61.0/24 maxlen: 24
103.26.62.0/24 maxlen: 24
103.26.63.0/24 maxlen: 24
103.29.76.0/22 maxlen: 22
103.29.76.0/24 maxlen: 24
103.29.77.0/24 maxlen: 24
103.29.78.0/24 maxlen: 24
103.29.79.0/24 maxlen: 24
103.58.216.0/22 maxlen: 22
103.145.116.0/23 maxlen: 23
103.145.116.0/24 maxlen: 24
103.145.117.0/24 maxlen: 24
118.107.184.0/21 maxlen: 21
118.107.184.0/24 maxlen: 24
118.107.185.0/24 maxlen: 24
118.107.186.0/24 maxlen: 24
118.107.187.0/24 maxlen: 24
118.107.188.0/24 maxlen: 24
118.107.189.0/24 maxlen: 24
118.107.190.0/24 maxlen: 24
118.107.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9192210/5CA373D8127811EBA8592412C4F9AE02/eB-VsMirLvf9c8-PwQ0vqG7M3Eo.crl
rsync://rpki.apnic.net/member_repository/A9192210/5CA373D8127811EBA8592412C4F9AE02/eB-VsMirLvf9c8-PwQ0vqG7M3Eo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eB-VsMirLvf9c8-PwQ0vqG7M3Eo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 19:51:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1566 (0x61e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192210/serialNumber=781F95B0C8AB2EF7FD73CF8FC10D2FA86ECCDC4A
Validity
Not Before: May 27 00:36:36 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64715093-97a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:73:25:b5:b0:15:39:a4:c2:e5:3f:c8:92:22:
6f:78:22:cf:ed:0b:b1:07:43:4e:11:ee:20:64:33:
13:f0:dc:fc:1c:a4:7a:14:72:e4:7a:fc:a5:48:9a:
2d:c9:3c:8f:d9:89:38:39:5e:3d:d3:bd:2e:a2:87:
6a:39:07:81:79:af:d5:29:10:e1:c7:c2:29:a0:15:
6d:f3:d9:98:4b:d9:b0:38:9d:d3:47:f8:d8:4d:cc:
f2:64:a1:53:cc:f5:ae:a6:27:fd:45:3e:13:87:d8:
f2:a4:db:73:85:73:1d:42:56:c7:63:40:81:a2:31:
5f:f3:e0:49:c9:ab:37:0e:11:0c:1a:e2:91:27:0a:
56:c7:20:1b:a2:58:c3:4d:44:df:30:53:41:32:02:
87:11:5c:d7:de:57:3e:93:b1:94:7b:e2:8c:ca:7a:
c7:22:3a:54:12:05:d2:c9:1a:27:af:54:66:ca:19:
72:0a:d8:5a:d8:f7:d5:6d:8c:7f:d5:4b:56:48:75:
25:cd:17:01:6e:09:a8:39:63:bd:d0:a2:10:50:85:
40:1b:b2:bf:cd:92:f6:0b:95:11:6b:63:f1:76:41:
b9:f6:23:d9:be:a8:a5:e2:76:a5:fc:36:c9:eb:b6:
8a:66:39:59:f9:4d:cc:24:6f:74:62:bd:5a:55:29:
cd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D7:C0:6E:8B:72:50:BD:E2:AD:AE:B3:B5:A2:97:6E:74:89:C0:A5
X509v3 Authority Key Identifier:
keyid:78:1F:95:B0:C8:AB:2E:F7:FD:73:CF:8F:C1:0D:2F:A8:6E:CC:DC:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192210/5CA373D8127811EBA8592412C4F9AE02/eB-VsMirLvf9c8-PwQ0vqG7M3Eo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eB-VsMirLvf9c8-PwQ0vqG7M3Eo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192210/5CA373D8127811EBA8592412C4F9AE02/955B70D2A8C111EC82C6CD3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.0.4.0/22
43.252.108.0/22
45.124.164.0/22
103.2.176.0/22
103.26.60.0/22
103.29.76.0/22
103.58.216.0/22
103.145.116.0/23
118.107.184.0/21
Signature Algorithm: sha256WithRSAEncryption
8b:b3:fb:c6:55:ee:20:d1:78:fd:f9:a3:2b:93:15:8c:ea:3a:
f5:1a:e2:8e:51:9e:3f:34:22:ca:3c:f1:92:86:ed:c7:55:95:
e9:59:eb:e9:33:13:7a:15:27:ac:d5:a7:c4:04:17:ab:65:c4:
cd:9a:fb:8c:86:e7:9b:dc:26:21:d8:64:e0:ba:0b:ea:c1:f2:
12:fe:1f:d9:01:c9:f6:08:3d:f9:ee:d7:2d:1b:cd:10:2a:58:
04:1f:34:3c:5b:6c:2e:95:d8:91:4a:d6:24:10:99:c2:0c:02:
56:f8:55:9e:c2:f7:68:a9:1a:41:f4:a4:78:ca:69:40:37:8f:
7f:4e:0b:c9:94:7e:8c:fa:2a:f7:57:64:59:db:cb:82:74:ac:
51:1f:e6:4d:40:f8:84:4a:57:80:97:ab:40:07:0d:0f:11:b7:
ea:60:f1:73:be:1a:1c:f6:d7:9e:ab:c3:09:3e:48:65:bc:fc:
41:65:ce:a6:52:a1:e5:ed:e5:35:24:14:36:3b:03:49:c5:08:
f7:08:14:ef:7d:3d:89:c0:65:6f:01:00:7f:f2:be:04:f4:a3:
3c:a3:1d:ed:7e:4e:f7:0b:7c:69:15:84:54:bf:06:22:b9:c7:
c7:8b:e0:8c:79:bb:f1:5a:e8:b7:a6:0f:ca:7d:a7:0a:cf:e7:
82:9d:53:5e
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICBh4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTIyMTAxMTAvBgNVBAUTKDc4MUY5NUIwQzhBQjJFRjdGRDczQ0Y4RkMxMEQyRkE4
NkVDQ0RDNEEwHhcNMjMwNTI3MDAzNjM2WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDcxNTA5My05N2E1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4HMltbAVOaTC5T/IkiJveCLP7QuxB0NOEe4gZDMT8Nz8HKR6FHLkevylSJot
yTyP2Yk4OV49070uoodqOQeBea/VKRDhx8IpoBVt89mYS9mwOJ3TR/jYTczyZKFT
zPWupif9RT4Th9jypNtzhXMdQlbHY0CBojFf8+BJyas3DhEMGuKRJwpWxyAboljD
TUTfMFNBMgKHEVzX3lc+k7GUe+KMynrHIjpUEgXSyRonr1RmyhlyCtha2PfVbYx/
1UtWSHUlzRcBbgmoOWO90KIQUIVAG7K/zZL2C5URa2PxdkG59iPZvqil4nal/DbJ
67aKZjlZ+U3MJG90Yr1aVSnN0QIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFFDXwG6L
clC94q2us7Wil250icClMB8GA1UdIwQYMBaAFHgflbDIqy73/XPPj8ENL6huzNxK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MjIxMC81Q0EzNzNEODEy
NzgxMUVCQTg1OTI0MTJDNEY5QUUwMi9lQi1Wc01pckx2ZjljOC1Qd1EwdnFHN00z
RW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VCLVZzTWlyTHZmOWM4LVB3UTB2cUc3TTNFby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTIyMTAvNUNBMzczRDgxMjc4MTFFQkE4NTkyNDEyQzRGOUFFMDIvOTU1QjcwRDJB
OEMxMTFFQzgyQzZDRDNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MDwEAgABMDYDBAIBAAQDBAIr/GwDBAItfKQDBAJnArADBAJnGjwDBAJnHUwD
BAJnOtgDBAFnkXQDBAN2a7gwDQYJKoZIhvcNAQELBQADggEBAIuz+8ZV7iDReP35
oyuTFYzqOvUa4o5Rnj80Iso88ZKG7cdVlelZ6+kzE3oVJ6zVp8QEF6tlxM2a+4yG
55vcJiHYZOC6C+rB8hL+H9kByfYIPfnu1y0bzRAqWAQfNDxbbC6V2JFK1iQQmcIM
Alb4VZ7C92ipGkH0pHjKaUA3j39OC8mUfoz6KvdXZFnby4J0rFEf5k1A+IRKV4CX
q0AHDQ8Rt+pg8XO+Ghz2156rwwk+SGW8/EFlzqZSoeXt5TUkFDY7A0nFCPcIFO99
PYnAZW8BAH/yvgT0ozyjHe1+TvcLfGkVhFS/BiK5x8eL4Ix5u/Fa6LemD8p9pwrP
54KdU14=
-----END CERTIFICATE-----
Generated at Sun May 19 00:16:17 2024 by rpki-client on console-fra.rpki-client.org