Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/A460738A366311EEB376DC3AC4F9AE02.roa
File: A460738A366311EEB376DC3AC4F9AE02.roa (raw, json)
Hash identifier: 8Vd2nw8iyArkhofZ3yrDyBgpNjqv1gMKVl8roKAGYeA=
Subject key identifier: 63:FA:75:1E:9E:F1:86:54:66:17:73:FE:4E:62:82:5B:FE:4A:5D:80
Certificate issuer: /CN=A919536C/serialNumber=488970506264EF96D81EC12E6ABD256DB30FDCFA
Certificate serial: 0B
Authority key identifier: 48:89:70:50:62:64:EF:96:D8:1E:C1:2E:6A:BD:25:6D:B3:0F:DC:FA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/A460738A366311EEB376DC3AC4F9AE02.roa
Signing time: Wed 09 Aug 2023 03:20:45 +0000
ROA not before: Wed 09 Aug 2023 03:20:45 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 132280
IP address blocks: 45.250.176.0/22 maxlen: 22
45.250.176.0/24 maxlen: 24
103.14.8.0/24 maxlen: 24
119.110.192.0/18 maxlen: 19
119.110.192.0/21 maxlen: 22
119.110.196.0/24 maxlen: 24
119.110.197.0/24 maxlen: 24
119.110.198.0/24 maxlen: 24
119.110.199.0/24 maxlen: 24
119.110.200.0/21 maxlen: 22
119.110.201.0/24 maxlen: 24
119.110.208.0/21 maxlen: 22
119.110.208.0/24 maxlen: 24
119.110.216.0/21 maxlen: 22
119.110.220.0/24 maxlen: 24
119.110.223.0/24 maxlen: 24
119.110.224.0/21 maxlen: 22
119.110.228.0/24 maxlen: 24
119.110.232.0/21 maxlen: 22
119.110.236.0/22 maxlen: 23
119.110.240.0/21 maxlen: 22
119.110.246.0/24 maxlen: 24
119.110.248.0/21 maxlen: 22
119.110.248.0/23 maxlen: 23
119.110.252.0/24 maxlen: 24
119.110.254.0/24 maxlen: 24
119.110.255.0/24 maxlen: 24
2400:6280:4::/48 maxlen: 48
2400:6280:5::/48 maxlen: 48
2400:6280:6::/48 maxlen: 48
2400:6280:7::/48 maxlen: 48
2400:6280:8::/48 maxlen: 48
2400:6280:9::/48 maxlen: 48
2400:6280:a::/48 maxlen: 48
2400:6280:15::/48 maxlen: 48
2400:6280:16::/48 maxlen: 48
2400:6280:17::/48 maxlen: 48
2400:6280:129::/48 maxlen: 48
2400:6280:13c::/48 maxlen: 48
2400:6280:140::/48 maxlen: 48
2400:6280:144::/48 maxlen: 48
2400:6280:148::/48 maxlen: 48
2400:6280:149::/48 maxlen: 48
2400:6280:150::/48 maxlen: 48
2400:6280:155::/48 maxlen: 48
2400:6280:158::/48 maxlen: 48
2400:6280:178::/48 maxlen: 48
2400:6280:6280::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.crl
rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 08 Jun 2024 07:43:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11 (0xb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919536C/serialNumber=488970506264EF96D81EC12E6ABD256DB30FDCFA
Validity
Not Before: Aug 9 03:20:45 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64d3060c-1f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:7d:84:9c:68:98:2d:2d:59:0c:0e:36:5b:b1:
24:4f:52:be:2e:74:2a:89:b2:36:74:32:c1:d9:18:
fa:41:d8:91:f7:67:25:d4:1d:84:30:8c:aa:71:bb:
1f:98:e0:13:63:19:ae:14:2c:21:ae:bc:43:f6:5c:
64:3b:72:5b:5a:ac:b8:6f:ef:54:c5:1b:b1:1c:6a:
e3:69:b2:59:bc:2f:b1:00:3b:ce:fa:e3:49:07:c4:
7c:4d:ce:c1:62:be:28:33:38:fd:52:50:b3:7f:30:
fb:df:2e:52:9a:d6:fd:3f:60:16:cb:a0:80:80:d4:
92:d9:23:83:a2:2d:3a:de:09:1a:23:3d:e1:da:5b:
35:bc:cc:fd:bb:90:43:29:89:6f:fd:bc:e0:62:ae:
7b:2b:ba:a3:6e:00:c1:7c:cb:71:58:b9:c3:53:78:
4a:12:27:26:bc:47:a7:ce:c3:25:34:a2:da:7f:b8:
bf:73:f4:80:0e:ea:71:b6:be:76:13:82:b7:c8:b2:
b2:69:c3:b3:ab:95:8e:3c:b5:a2:ec:a1:ef:2f:f4:
80:3a:15:dc:24:4d:75:e5:fa:e0:fa:e3:52:13:79:
de:01:90:38:a8:05:57:cd:df:cf:00:5d:2d:5f:3c:
81:6b:58:b4:84:e1:88:63:4b:b9:9e:e5:d5:b2:39:
de:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:FA:75:1E:9E:F1:86:54:66:17:73:FE:4E:62:82:5B:FE:4A:5D:80
X509v3 Authority Key Identifier:
keyid:48:89:70:50:62:64:EF:96:D8:1E:C1:2E:6A:BD:25:6D:B3:0F:DC:FA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/SIlwUGJk75bYHsEuar0lbbMP3Po.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SIlwUGJk75bYHsEuar0lbbMP3Po.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919536C/7E4D8460366011EE88E0F530C4F9AE02/A460738A366311EEB376DC3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.250.176.0/22
103.14.8.0/24
119.110.192.0/18
IPv6:
2400:6280:4::-2400:6280:a:ffff:ffff:ffff:ffff:ffff
2400:6280:15::-2400:6280:17:ffff:ffff:ffff:ffff:ffff
2400:6280:129::/48
2400:6280:13c::/48
2400:6280:140::/48
2400:6280:144::/48
2400:6280:148::/47
2400:6280:150::/48
2400:6280:155::/48
2400:6280:158::/48
2400:6280:178::/48
2400:6280:6280::/48
Signature Algorithm: sha256WithRSAEncryption
20:e5:62:95:3d:c4:c7:3b:e2:d0:12:c3:03:e3:d1:64:9b:66:
03:c8:5f:ef:32:62:be:bc:50:69:66:a1:01:14:1f:7a:0e:42:
05:7a:49:b3:6a:eb:85:5f:ff:87:98:b6:62:10:d8:c1:ed:30:
ed:57:26:c0:9d:bd:e1:2c:93:cf:ba:bf:99:84:6f:a3:c5:e6:
e7:cb:83:16:d6:4b:f5:e3:44:fd:fc:7d:da:48:20:37:8e:54:
9b:34:96:87:19:16:0e:2f:64:fb:e2:7d:ab:75:0d:3f:9a:20:
18:d6:f6:fb:f9:e3:c1:f9:3e:c9:85:2d:23:8a:36:21:68:23:
4f:ac:d3:0f:52:1c:60:75:74:ea:83:21:c5:90:b0:cb:43:e5:
f2:91:6f:aa:af:df:d2:61:9d:68:4f:16:aa:fe:97:92:43:d0:
d4:e7:1d:df:9c:a5:fb:b9:9e:6c:2a:25:9d:39:d8:d4:86:a3:
e4:db:2a:41:91:7a:cc:9b:b6:7c:7c:33:b8:f4:e2:47:07:0c:
9c:1a:da:72:be:04:2f:63:53:7e:1f:ee:cc:ee:cc:6d:7a:cd:
d7:64:11:20:e5:d6:b9:f3:e5:b7:40:17:48:65:64:87:9c:19:
9d:36:ce:77:32:d1:cb:ab:d6:74:49:15:c8:99:a5:03:a0:4c:
06:7a:1e:82
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgIBCzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NTM2QzExMC8GA1UEBRMoNDg4OTcwNTA2MjY0RUY5NkQ4MUVDMTJFNkFCRDI1NkRC
MzBGRENGQTAeFw0yMzA4MDkwMzIwNDVaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZDMwNjBjLTFmNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDzfYScaJgtLVkMDjZbsSRPUr4udCqJsjZ0MsHZGPpB2JH3ZyXUHYQwjKpxux+Y
4BNjGa4ULCGuvEP2XGQ7cltarLhv71TFG7EcauNpslm8L7EAO87640kHxHxNzsFi
vigzOP1SULN/MPvfLlKa1v0/YBbLoICA1JLZI4OiLTreCRojPeHaWzW8zP27kEMp
iW/9vOBirnsruqNuAMF8y3FYucNTeEoSJya8R6fOwyU0otp/uL9z9IAO6nG2vnYT
grfIsrJpw7OrlY48taLsoe8v9IA6FdwkTXXl+uD641ITed4BkDioBVfN388AXS1f
PIFrWLSE4YhjS7me5dWyOd6TAgMBAAGjggMwMIIDLDAdBgNVHQ4EFgQUY/p1Hp7x
hlRmF3P+TmKCW/5KXYAwHwYDVR0jBBgwFoAUSIlwUGJk75bYHsEuar0lbbMP3Pow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1MzZDLzdFNEQ4NDYwMzY2
MDExRUU4OEUwRjUzMEM0RjlBRTAyL1NJbHdVR0prNzViWUhzRXVhcjBsYmJNUDNQ
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU0lsd1VHSms3NWJZSHNFdWFyMGxiYk1QM1BvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NTM2Qy83RTREODQ2MDM2NjAxMUVFODhFMEY1MzBDNEY5QUUwMi9BNDYwNzM4QTM2
NjMxMUVFQjM3NkRDM0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCBuQYIKwYBBQUHAQcBAf8E
gakwgaYwGAQCAAEwEgMEAi36sAMEAGcOCAMEBnduwDCBiQQCAAIwgYIwEgMHAiQA
YoAABAMHACQAYoAACjASAwcAJABigAAVAwcDJABigAAQAwcAJABigAEpAwcAJABi
gAE8AwcAJABigAFAAwcAJABigAFEAwcBJABigAFIAwcAJABigAFQAwcAJABigAFV
AwcAJABigAFYAwcAJABigAF4AwcAJABigGKAMA0GCSqGSIb3DQEBCwUAA4IBAQAg
5WKVPcTHO+LQEsMD49Fkm2YDyF/vMmK+vFBpZqEBFB96DkIFekmzauuFX/+HmLZi
ENjB7TDtVybAnb3hLJPPur+ZhG+jxebny4MW1kv140T9/H3aSCA3jlSbNJaHGRYO
L2T74n2rdQ0/miAY1vb7+ePB+T7JhS0jijYhaCNPrNMPUhxgdXTqgyHFkLDLQ+Xy
kW+qr9/SYZ1oTxaq/peSQ9DU5x3fnKX7uZ5sKiWdOdjUhqPk2ypBkXrMm7Z8fDO4
9OJHBwycGtpyvgQvY1N+H+7M7sxtes3XZBEg5da58+W3QBdIZWSHnBmdNs53MtHL
q9Z0SRXImaUDoEwGeh6C
-----END CERTIFICATE-----
Generated at Sat Jun 1 09:10:35 2024 by rpki-client on console-fra.rpki-client.org