Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/43BD42D8C6FA11EEB1BFF11FC4F9AE02.roa
File: 43BD42D8C6FA11EEB1BFF11FC4F9AE02.roa (raw, json)
Hash identifier: 0a3GL0idAd/Vd/8utkLzz0DPOmg7fwIV+oY0ckaEHqo=
Subject key identifier: BB:15:57:A4:59:D4:7E:CC:B0:15:8D:C0:87:0C:E2:50:68:94:DE:D4
Certificate issuer: /CN=A91A4B9D/serialNumber=EF68BDBC072CAB455B6DA3160EDF8FB6C488DD15
Certificate serial: 33B2
Authority key identifier: EF:68:BD:BC:07:2C:AB:45:5B:6D:A3:16:0E:DF:8F:B6:C4:88:DD:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72i9vAcsq0VbbaMWDt-PtsSI3RU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/43BD42D8C6FA11EEB1BFF11FC4F9AE02.roa
Signing time: Fri 09 Feb 2024 03:21:08 +0000
ROA not before: Fri 09 Feb 2024 03:21:08 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 133159
IP address blocks: 45.124.52.0/22 maxlen: 22
103.1.184.0/22 maxlen: 22
103.16.128.0/22 maxlen: 22
103.17.56.0/24 maxlen: 24
103.17.57.0/24 maxlen: 24
103.100.36.0/22 maxlen: 23
110.232.112.0/22 maxlen: 22
112.213.32.0/21 maxlen: 21
119.42.52.0/23 maxlen: 23
119.42.54.0/23 maxlen: 23
150.107.72.0/22 maxlen: 22
150.107.75.0/24 maxlen: 24
175.45.180.0/22 maxlen: 23
175.45.182.0/23 maxlen: 24
203.18.30.0/24 maxlen: 24
203.29.240.0/22 maxlen: 22
203.57.50.0/23 maxlen: 23
203.57.114.0/23 maxlen: 23
2404:9400::/48 maxlen: 48
2404:9400:1::/48 maxlen: 48
2404:9400:2::/48 maxlen: 48
2404:9400:3::/48 maxlen: 48
2404:9400:4::/48 maxlen: 48
2404:9400:5::/48 maxlen: 48
2404:9400:e::/48 maxlen: 48
2404:9400:f::/48 maxlen: 48
2404:9400:1000::/36 maxlen: 36
2404:9400:2000::/36 maxlen: 36
2404:9400:3000::/36 maxlen: 36
2404:9400:4000::/36 maxlen: 36
2404:9400:5000::/36 maxlen: 36
2404:9400:e000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/72i9vAcsq0VbbaMWDt-PtsSI3RU.crl
rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/72i9vAcsq0VbbaMWDt-PtsSI3RU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72i9vAcsq0VbbaMWDt-PtsSI3RU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 15:12:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13234 (0x33b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4B9D/serialNumber=EF68BDBC072CAB455B6DA3160EDF8FB6C488DD15
Validity
Not Before: Feb 9 03:21:08 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65c59a23-86d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:83:98:e7:84:57:94:de:37:b4:0a:b1:79:9e:
9b:b4:a4:5a:49:03:45:ed:cc:f8:da:9d:35:8c:63:
08:51:29:fb:7c:68:5f:ba:5a:69:21:0e:19:24:cf:
8c:6a:68:45:e0:8c:4d:3a:7b:05:6a:47:80:73:ec:
99:09:56:1a:b7:b3:a7:3c:ea:a1:cc:fd:48:cb:ce:
e9:a4:43:72:ec:bf:d3:ab:9d:f0:8d:3f:4a:3b:fb:
88:81:7c:b8:e4:ad:92:2f:ea:38:90:5e:b0:1b:88:
7b:8b:01:ad:87:63:7d:91:db:b7:7f:10:3c:ec:18:
ec:e9:3e:b2:8f:45:03:12:47:26:3c:93:f5:4c:c6:
e1:38:6f:a9:01:86:ba:08:ed:2c:29:9c:48:bb:cc:
f0:8d:36:4c:fc:51:0e:59:82:b8:b9:1d:ab:e3:f3:
aa:1c:35:1d:15:41:94:60:68:7f:b4:b6:8c:ba:3a:
54:ae:ba:7f:cc:64:a3:35:43:aa:bd:06:cc:2f:0c:
b9:3f:51:55:72:f4:ca:9c:fe:0f:42:43:e7:e2:09:
7e:58:8d:5f:6f:ce:e1:00:1b:ce:77:d5:f5:ed:6f:
fc:ce:1f:36:b4:2d:f6:74:8d:7c:be:23:bf:f0:ce:
3a:a2:8b:c6:37:cb:08:a3:79:55:17:91:e3:d2:84:
f3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:15:57:A4:59:D4:7E:CC:B0:15:8D:C0:87:0C:E2:50:68:94:DE:D4
X509v3 Authority Key Identifier:
keyid:EF:68:BD:BC:07:2C:AB:45:5B:6D:A3:16:0E:DF:8F:B6:C4:88:DD:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/72i9vAcsq0VbbaMWDt-PtsSI3RU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72i9vAcsq0VbbaMWDt-PtsSI3RU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B9D/95AD03881D9E11E2880E868E08B02CD2/43BD42D8C6FA11EEB1BFF11FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.52.0/22
103.1.184.0/22
103.16.128.0/22
103.17.56.0/23
103.100.36.0/22
110.232.112.0/22
112.213.32.0/21
119.42.52.0/22
150.107.72.0/22
175.45.180.0/22
203.18.30.0/24
203.29.240.0/22
203.57.50.0/23
203.57.114.0/23
IPv6:
2404:9400::-2404:9400:5:ffff:ffff:ffff:ffff:ffff
2404:9400:e::/47
2404:9400:1000::-2404:9400:5fff:ffff:ffff:ffff:ffff:ffff
2404:9400:e000::/36
Signature Algorithm: sha256WithRSAEncryption
1e:36:a5:2e:dc:0c:1e:e4:b2:24:a2:ec:c6:2b:1c:37:02:fe:
e8:4a:ef:ca:67:63:83:eb:55:bd:55:50:76:4b:7a:a2:61:d0:
62:e0:a1:c3:ab:bd:6e:aa:2e:97:e5:b5:2d:18:76:a8:50:8d:
a8:de:80:fb:30:88:49:60:56:ab:eb:f2:f6:60:df:38:52:98:
cd:94:b7:96:7f:97:59:dc:e2:9d:8e:7b:bf:76:a8:2f:22:bf:
61:64:10:9d:92:a9:b7:92:30:c4:1f:3e:83:81:0b:af:83:5e:
9b:9e:13:ad:44:fe:fd:9b:0b:9d:8d:f5:d2:72:00:b3:ee:96:
df:58:ec:ab:f4:c6:e5:58:8c:00:46:f4:92:0f:59:58:ad:b3:
f7:d7:a6:11:29:49:24:48:a9:60:33:38:73:29:47:99:5f:e3:
c5:d2:27:2b:47:7e:fb:7d:3a:6f:aa:01:c5:01:6c:61:bd:72:
3f:8c:43:6e:0c:eb:7b:ae:45:2b:2e:9d:b4:c4:ec:ae:e1:a3:
9e:4e:50:05:ba:5c:12:03:b9:6e:00:05:a1:d8:92:bb:d6:12:
4d:8b:93:67:5e:92:20:81:2f:1e:ff:6c:45:87:98:94:10:14:
b8:0f:a8:b8:f2:5f:36:23:91:24:ef:77:4f:9e:08:2b:4b:98:
79:c9:1a:ae
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgICM7IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRCOUQxMTAvBgNVBAUTKEVGNjhCREJDMDcyQ0FCNDU1QjZEQTMxNjBFREY4RkI2
QzQ4OEREMTUwHhcNMjQwMjA5MDMyMTA4WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWM1OWEyMy04NmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvIOY54RXlN43tAqxeZ6btKRaSQNF7cz42p01jGMIUSn7fGhfulppIQ4ZJM+M
amhF4IxNOnsFakeAc+yZCVYat7OnPOqhzP1Iy87ppENy7L/Tq53wjT9KO/uIgXy4
5K2SL+o4kF6wG4h7iwGth2N9kdu3fxA87Bjs6T6yj0UDEkcmPJP1TMbhOG+pAYa6
CO0sKZxIu8zwjTZM/FEOWYK4uR2r4/OqHDUdFUGUYGh/tLaMujpUrrp/zGSjNUOq
vQbMLwy5P1FVcvTKnP4PQkPn4gl+WI1fb87hABvOd9X17W/8zh82tC32dI18viO/
8M46oovGN8sIo3lVF5Hj0oTzMwIDAQABo4IDIjCCAx4wHQYDVR0OBBYEFLsVV6RZ
1H7MsBWNwIcM4lBolN7UMB8GA1UdIwQYMBaAFO9ovbwHLKtFW22jFg7fj7bEiN0V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEI5RC85NUFEMDM4ODFE
OUUxMUUyODgwRTg2OEUwOEIwMkNEMi83Mmk5dkFjc3EwVmJiYU1XRHQtUHRzU0kz
UlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcyaTl2QWNzcTBWYmJhTVdEdC1QdHNTSTNSVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRCOUQvOTVBRDAzODgxRDlFMTFFMjg4MEU4NjhFMDhCMDJDRDIvNDNCRDQyRDhD
NkZBMTFFRUIxQkZGMTFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgasGCCsGAQUFBwEHAQH/
BIGbMIGYMFoEAgABMFQDBAItfDQDBAJnAbgDBAJnEIADBAFnETgDBAJnZCQDBAJu
6HADBANw1SADBAJ3KjQDBAKWa0gDBAKvLbQDBADLEh4DBALLHfADBAHLOTIDBAHL
OXIwOgQCAAIwNDAPAwQCJASUAwcBJASUAAAEAwcBJASUAAAOMBADBgQkBJQAEAMG
BSQElABAAwYEJASUAOAwDQYJKoZIhvcNAQELBQADggEBAB42pS7cDB7ksiSi7MYr
HDcC/uhK78pnY4PrVb1VUHZLeqJh0GLgocOrvW6qLpfltS0YdqhQjajegPswiElg
Vqvr8vZg3zhSmM2Ut5Z/l1nc4p2Oe792qC8iv2FkEJ2SqbeSMMQfPoOBC6+DXpue
E61E/v2bC52N9dJyALPult9Y7Kv0xuVYjABG9JIPWVits/fXphEpSSRIqWAzOHMp
R5lf48XSJytHfvt9Om+qAcUBbGG9cj+MQ24M63uuRSsunbTE7K7ho55OUAW6XBID
uW4ABaHYkrvWEk2Lk2dekiCBLx7/bEWHmJQQFLgPqLjyXzYjkSTvd0+eCCtLmHnJ
Gq4=
-----END CERTIFICATE-----
Generated at Thu May 16 16:14:58 2024 by rpki-client on console-fra.rpki-client.org