Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/754A150C7F1411EEBF459226C4F9AE02.roa
File: 754A150C7F1411EEBF459226C4F9AE02.roa (raw, json)
Hash identifier: 6ZqSsst0CeAOCid4G8rBQWf9pWhX0FwaErbMxwRq7Mg=
Subject key identifier: CC:E1:AE:DE:F9:EB:53:9B:91:DE:34:E6:86:12:02:40:47:A4:C2:9B
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 452E
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/754A150C7F1411EEBF459226C4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:31:42 +0000
ROA not before: Thu 05 Sep 2024 03:31:42 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 131353
IP address blocks: 45.117.80.0/22 maxlen: 24
45.117.176.0/24 maxlen: 24
45.117.177.0/24 maxlen: 24
45.117.178.0/24 maxlen: 24
45.117.179.0/24 maxlen: 24
103.28.36.0/22 maxlen: 22
103.57.208.0/24 maxlen: 24
103.57.209.0/24 maxlen: 24
103.57.210.0/24 maxlen: 24
103.57.211.0/24 maxlen: 24
103.101.160.0/24 maxlen: 24
103.101.161.0/24 maxlen: 24
103.101.162.0/24 maxlen: 24
103.101.163.0/24 maxlen: 24
103.124.92.0/22 maxlen: 24
103.159.50.0/23 maxlen: 24
103.170.122.0/23 maxlen: 24
103.176.178.0/23 maxlen: 24
103.179.190.0/23 maxlen: 24
2001:df1:3200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Dec 2024 11:15:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17710 (0x452e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Sep 5 03:31:42 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d9261d-8bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ac:8e:e0:fa:e3:88:5b:07:1c:df:98:6a:97:
10:56:cd:c6:5a:47:d5:e0:7d:86:6b:98:c0:2f:46:
52:cd:d2:73:59:42:bd:3b:9f:93:9b:dd:94:e0:28:
10:b0:47:75:32:a8:1c:12:f3:b8:77:4e:06:4e:fc:
8d:8f:d7:88:23:9f:78:66:cf:4d:9d:94:d2:6b:a0:
92:43:b7:54:f1:67:64:c8:c4:65:a4:83:f2:f8:f5:
f0:94:ee:cb:4b:00:4a:d8:1d:84:a9:15:83:fa:03:
c8:5e:7e:af:28:c5:de:c2:c5:1f:6c:0b:c9:32:a5:
de:f2:de:32:bf:d5:72:9e:3e:21:c7:d4:f5:97:1f:
90:27:00:ab:f5:1f:dd:43:1f:de:d0:b3:d5:5a:89:
3b:66:54:8d:bc:68:57:77:3b:60:eb:9b:2f:10:5f:
af:cb:76:20:18:82:e3:59:c7:5a:c1:1a:14:58:0c:
80:78:e8:0f:4f:f9:14:9e:84:12:1a:0e:7b:f7:e9:
4d:bc:75:7f:4e:2a:79:95:60:71:2a:80:3c:1a:45:
9d:0c:f1:27:50:5b:3b:e2:8d:65:01:c4:af:f2:3d:
ae:b8:3c:28:9c:e1:83:37:63:3f:a5:82:06:fc:92:
c9:04:a4:75:fc:5c:07:de:5c:35:c1:22:76:56:68:
7b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:E1:AE:DE:F9:EB:53:9B:91:DE:34:E6:86:12:02:40:47:A4:C2:9B
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/754A150C7F1411EEBF459226C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.80.0/22
45.117.176.0/22
103.28.36.0/22
103.57.208.0/22
103.101.160.0/22
103.124.92.0/22
103.159.50.0/23
103.170.122.0/23
103.176.178.0/23
103.179.190.0/23
IPv6:
2001:df1:3200::/48
Signature Algorithm: sha256WithRSAEncryption
28:6d:87:a2:a5:13:81:ee:2a:4b:53:8e:9e:4d:6f:bc:d7:43:
ec:53:4b:a6:6c:1d:9f:66:4a:68:d8:65:0c:b1:fb:b8:a1:c6:
69:95:97:92:cd:8b:bd:4c:fa:24:a9:5b:cb:f0:a0:7c:31:ed:
37:ff:0a:f2:24:3e:0e:60:f8:b5:43:6e:58:59:83:46:95:c2:
55:08:b1:21:26:3b:8f:e2:23:8d:1f:d7:4d:f1:90:74:ae:1c:
5f:03:5e:96:5f:02:21:44:59:cd:0d:60:bd:e8:c2:2a:2d:eb:
7e:0b:fe:ac:d0:91:de:fc:d7:c4:83:e0:34:c2:84:cf:50:c1:
c4:78:e1:c6:0a:31:b2:95:1d:ca:2c:1d:a4:b1:b7:ad:9f:91:
59:ee:42:8c:4e:81:66:84:e9:96:08:2d:bc:eb:a9:b7:cd:e6:
74:db:5b:91:63:81:de:50:4c:17:82:dc:49:d4:99:3c:af:ef:
2d:6f:06:e9:17:b3:e8:9b:09:c3:b0:9f:4e:e0:f5:2e:56:e3:
9e:1f:13:e2:4b:a7:8a:d1:90:cb:bc:7c:25:11:aa:0e:33:06:
be:dd:ce:24:75:2a:7f:34:7e:6c:df:bd:ea:81:5a:f8:c3:b7:
80:ee:66:9d:0d:61:b5:88:4f:fd:64:97:ce:09:84:b1:c6:32:
67:7b:fb:d9
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgICRS4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzMTQyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjYxZC04YmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvKyO4PrjiFsHHN+YapcQVs3GWkfV4H2Ga5jAL0ZSzdJzWUK9O5+Tm92U4CgQ
sEd1MqgcEvO4d04GTvyNj9eII594Zs9NnZTSa6CSQ7dU8WdkyMRlpIPy+PXwlO7L
SwBK2B2EqRWD+gPIXn6vKMXewsUfbAvJMqXe8t4yv9Vynj4hx9T1lx+QJwCr9R/d
Qx/e0LPVWok7ZlSNvGhXdztg65svEF+vy3YgGILjWcdawRoUWAyAeOgPT/kUnoQS
Gg579+lNvHV/Tip5lWBxKoA8GkWdDPEnUFs74o1lAcSv8j2uuDwonOGDN2M/pYIG
/JLJBKR1/FwH3lw1wSJ2Vmh7zQIDAQABo4IC3DCCAtgwHQYDVR0OBBYEFMzhrt75
61Obkd405oYSAkBHpMKbMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNzU0QTE1MEM3
RjE0MTFFRUJGNDU5MjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZgYIKwYBBQUHAQcBAf8E
VzBVMEIEAgABMDwDBAItdVADBAItdbADBAJnHCQDBAJnOdADBAJnZaADBAJnfFwD
BAFnnzIDBAFnqnoDBAFnsLIDBAFns74wDwQCAAIwCQMHACABDfEyADANBgkqhkiG
9w0BAQsFAAOCAQEAKG2HoqUTge4qS1OOnk1vvNdD7FNLpmwdn2ZKaNhlDLH7uKHG
aZWXks2LvUz6JKlby/CgfDHtN/8K8iQ+DmD4tUNuWFmDRpXCVQixISY7j+IjjR/X
TfGQdK4cXwNell8CIURZzQ1gvejCKi3rfgv+rNCR3vzXxIPgNMKEz1DBxHjhxgox
spUdyiwdpLG3rZ+RWe5CjE6BZoTplggtvOupt83mdNtbkWOB3lBMF4LcSdSZPK/v
LW8G6Rez6JsJw7CfTuD1Llbjnh8T4kunitGQy7x8JRGqDjMGvt3OJHUqfzR+bN+9
6oFa+MO3gO5mnQ1htYhP/WSXzgmEscYyZ3v72Q==
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:17:32 2024 by rpki-client on console-ams.rpki-client.org