Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/E7DE70DC3D9A11EA9606E13AC4F9AE02.roa
File: E7DE70DC3D9A11EA9606E13AC4F9AE02.roa (raw, json)
Hash identifier: NGLxGe92pXm1WIqG6ZqVRdYnLr6c1sj672KDCyUAMoQ=
Subject key identifier: 7A:18:5B:C2:5C:45:06:10:FB:91:AC:82:30:11:C5:59:27:8A:5E:F8
Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial: 0AF4
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/E7DE70DC3D9A11EA9606E13AC4F9AE02.roa
Signing time: Thu 12 Sep 2024 05:00:19 +0000
ROA not before: Thu 12 Sep 2024 05:00:19 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 15412
IP address blocks: 43.231.188.0/24 maxlen: 24
43.231.190.0/24 maxlen: 24
43.251.184.0/24 maxlen: 24
43.251.186.0/24 maxlen: 24
45.115.32.0/24 maxlen: 24
45.115.34.0/24 maxlen: 24
45.124.60.0/22 maxlen: 22
103.7.116.0/22 maxlen: 22
103.7.208.0/22 maxlen: 22
103.8.84.0/24 maxlen: 24
103.8.86.0/24 maxlen: 24
103.12.52.0/24 maxlen: 24
103.12.54.0/24 maxlen: 24
103.13.16.0/24 maxlen: 24
103.13.18.0/24 maxlen: 24
103.21.104.0/24 maxlen: 24
103.21.106.0/24 maxlen: 24
103.24.160.0/22 maxlen: 22
103.244.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 18:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2804 (0xaf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Validity
Not Before: Sep 12 05:00:19 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66e27563-61d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4a:d4:95:2e:5b:84:39:c8:2f:f3:32:7a:44:
35:d2:73:c4:eb:e7:58:43:8e:3f:6d:a4:ac:3d:99:
73:c3:08:65:af:48:46:41:ae:5f:15:68:64:0e:a4:
d5:75:82:7d:98:25:ed:6b:ed:a0:82:a2:50:e2:9c:
4d:10:0b:1d:b1:4d:cd:8d:5f:0d:0c:53:00:5a:ac:
10:07:5a:ad:27:90:36:8d:42:63:0e:0e:cc:05:aa:
f3:4d:5c:3b:55:bd:2f:64:c7:a6:66:f1:a6:72:a5:
b1:41:52:04:a9:7c:ce:ed:fd:f2:aa:e3:c5:ce:3b:
9e:81:2c:10:a0:d9:48:f7:fe:6b:c5:20:90:e7:4b:
fa:8c:bb:d5:aa:4b:0b:8f:40:9f:1d:90:1d:c1:90:
d8:a5:d8:34:4e:d9:49:fc:87:50:5d:96:2a:03:18:
2c:4b:10:98:0e:ca:ac:b6:07:ff:db:8b:97:eb:2e:
90:a0:26:0b:70:55:1f:99:f3:47:54:d5:b8:50:d8:
6f:0c:1c:9b:d5:2b:45:61:3d:cd:b8:aa:9a:f8:c2:
7d:11:97:95:22:74:a3:8d:31:07:70:ed:c4:e0:aa:
56:c8:85:b5:31:ad:a2:5e:fb:a8:44:0f:78:90:13:
9c:5d:a5:63:54:0f:8d:3b:2f:d2:bc:a1:3a:9d:51:
be:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:18:5B:C2:5C:45:06:10:FB:91:AC:82:30:11:C5:59:27:8A:5E:F8
X509v3 Authority Key Identifier:
keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/E7DE70DC3D9A11EA9606E13AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.188.0/24
43.231.190.0/24
43.251.184.0/24
43.251.186.0/24
45.115.32.0/24
45.115.34.0/24
45.124.60.0/22
103.7.116.0/22
103.7.208.0/22
103.8.84.0/24
103.8.86.0/24
103.12.52.0/24
103.12.54.0/24
103.13.16.0/24
103.13.18.0/24
103.21.104.0/24
103.21.106.0/24
103.24.160.0/22
103.244.208.0/22
Signature Algorithm: sha256WithRSAEncryption
81:ad:b6:38:50:34:92:40:15:91:31:0d:5d:13:cf:15:4f:2a:
3c:37:10:ff:d1:a8:36:2c:76:5d:75:37:e4:01:c8:48:13:b9:
ed:6e:bd:76:ef:20:51:86:1f:fa:2e:be:bd:e5:4c:e4:c1:b3:
0d:ab:de:3e:50:0f:4c:c0:26:f0:a2:40:47:de:58:6b:0e:17:
12:5c:c3:f2:96:04:89:5f:ed:07:e9:d2:90:e0:39:f5:2e:df:
4e:5e:aa:b1:d6:b7:a4:08:4f:2d:d6:e9:2d:14:14:87:38:5c:
ba:41:40:5d:00:c9:57:7e:11:10:95:5d:bd:8b:bb:25:56:a8:
1d:c9:de:2e:c8:54:17:1b:4f:6e:b9:22:75:9c:92:4d:ca:8e:
6d:b8:c3:98:df:06:bd:f3:7c:d4:3e:dc:d6:e9:9e:c3:f9:e6:
61:e3:f1:cf:d6:e8:4c:68:d7:66:18:a3:08:19:75:2e:b5:b5:
aa:d1:c1:e7:a5:0f:9b:42:e8:80:3a:78:1c:00:b9:e3:df:bc:
57:fe:f2:7e:44:f5:07:ed:16:81:a3:47:bc:41:a1:03:7d:e1:
07:e9:46:c9:43:b3:e3:66:da:42:8e:27:76:45:f0:75:b9:2c:
4d:3e:f7:b2:09:2e:83:f0:54:58:f8:51:3e:36:62:57:84:16:
e6:41:50:30
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgICCvQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjQwOTEyMDUwMDE5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmUyNzU2My02MWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtkrUlS5bhDnIL/MyekQ10nPE6+dYQ44/baSsPZlzwwhlr0hGQa5fFWhkDqTV
dYJ9mCXta+2ggqJQ4pxNEAsdsU3NjV8NDFMAWqwQB1qtJ5A2jUJjDg7MBarzTVw7
Vb0vZMemZvGmcqWxQVIEqXzO7f3yquPFzjuegSwQoNlI9/5rxSCQ50v6jLvVqksL
j0CfHZAdwZDYpdg0TtlJ/IdQXZYqAxgsSxCYDsqstgf/24uX6y6QoCYLcFUfmfNH
VNW4UNhvDByb1StFYT3NuKqa+MJ9EZeVInSjjTEHcO3E4KpWyIW1Ma2iXvuoRA94
kBOcXaVjVA+NOy/SvKE6nVG+UQIDAQABo4IDAjCCAv4wHQYDVR0OBBYEFHoYW8Jc
RQYQ+5GsgjARxVknil74MB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvRTdERTcwREMz
RDlBMTFFQTk2MDZFMTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYsGCCsGAQUFBwEHAQH/
BHwwejB4BAIAATByAwQAK+e8AwQAK+e+AwQAK/u4AwQAK/u6AwQALXMgAwQALXMi
AwQCLXw8AwQCZwd0AwQCZwfQAwQAZwhUAwQAZwhWAwQAZww0AwQAZww2AwQAZw0Q
AwQAZw0SAwQAZxVoAwQAZxVqAwQCZxigAwQCZ/TQMA0GCSqGSIb3DQEBCwUAA4IB
AQCBrbY4UDSSQBWRMQ1dE88VTyo8NxD/0ag2LHZddTfkAchIE7ntbr127yBRhh/6
Lr695UzkwbMNq94+UA9MwCbwokBH3lhrDhcSXMPylgSJX+0H6dKQ4Dn1Lt9OXqqx
1rekCE8t1uktFBSHOFy6QUBdAMlXfhEQlV29i7slVqgdyd4uyFQXG09uuSJ1nJJN
yo5tuMOY3wa983zUPtzW6Z7D+eZh4/HP1uhMaNdmGKMIGXUutbWq0cHnpQ+bQuiA
OngcALnj37xX/vJ+RPUH7RaBo0e8QaEDfeEH6UbJQ7PjZtpCjid2RfB1uSxNPvey
CS6D8FRY+FE+NmJXhBbmQVAw
-----END CERTIFICATE-----
Generated at Wed Nov 20 20:07:26 2024 by rpki-client on console-fra.rpki-client.org