Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/B41A20C081D511ED9FFC1F2AC4F9AE02.roa
File: B41A20C081D511ED9FFC1F2AC4F9AE02.roa (raw, json)
Hash identifier: hjyEyOWnSZDCLlERqWjVt9PaVrfS+e/Dg0p6t2k1LYg=
Subject key identifier: AE:7C:50:B7:8A:95:3E:68:F6:D4:DE:C3:CD:33:F2:ED:66:9F:32:FB
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 47A3
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/B41A20C081D511ED9FFC1F2AC4F9AE02.roa
Signing time: Wed 23 Oct 2024 09:58:29 +0000
ROA not before: Wed 23 Oct 2024 09:58:29 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 38732
IP address blocks: 42.96.32.0/24 maxlen: 24
42.96.34.0/23 maxlen: 24
45.122.253.0/24 maxlen: 24
101.99.3.0/24 maxlen: 24
103.21.148.0/22 maxlen: 24
103.63.108.0/23 maxlen: 24
103.152.164.0/23 maxlen: 24
103.173.66.0/24 maxlen: 24
103.252.0.0/22 maxlen: 24
115.146.120.0/21 maxlen: 24
124.158.0.0/21 maxlen: 24
183.91.14.0/24 maxlen: 24
203.205.8.0/24 maxlen: 24
2402:5300:407::/48 maxlen: 48
2402:5300:7000::/40 maxlen: 48
2402:5300:7200::/40 maxlen: 48
2402:5300:7300::/40 maxlen: 48
2402:5300:7400::/40 maxlen: 48
2402:5300:7500::/40 maxlen: 48
2402:5300:7600::/40 maxlen: 48
2402:5300:7700::/40 maxlen: 48
2402:5300:7800::/40 maxlen: 48
2402:5300:7900::/40 maxlen: 48
2402:5300:7a00::/40 maxlen: 48
2402:5300:7b00::/40 maxlen: 48
2406:30c0::/48 maxlen: 48
2407:e3c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Dec 2024 11:15:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18339 (0x47a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Oct 23 09:58:29 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6718c8c4-45c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f9:93:79:bc:c9:fb:d1:56:d5:37:43:40:7d:
1f:cd:46:6f:77:6b:d5:16:f5:5e:f0:ea:6e:de:d3:
82:e6:61:8f:61:56:92:f2:58:81:4a:82:1d:f9:7f:
20:f0:fe:bb:d0:f1:31:9f:26:ff:66:5f:e9:0f:26:
02:2c:9e:01:62:ae:4a:28:92:56:95:d1:3f:89:42:
6b:76:e3:8b:0b:9b:55:7f:53:86:94:f1:15:bf:5f:
dc:c5:f4:b5:a5:11:2a:25:02:1f:fc:5f:48:22:7e:
54:ac:63:c6:3a:71:e2:89:c0:e8:3c:9c:c8:28:69:
fe:4e:03:73:02:59:9c:52:ae:47:11:27:f6:0e:de:
65:2e:bd:03:c5:fd:26:a1:f0:6f:b1:c8:3c:9e:76:
ad:de:f6:7b:46:8f:6d:a1:7e:b2:13:aa:b3:96:6d:
8e:3c:0c:60:12:7c:bc:51:65:95:d7:cc:39:74:06:
32:94:9f:14:1c:6c:3c:d8:b0:f1:cc:16:72:bf:51:
ea:11:2b:a3:3a:c2:8f:15:fc:dc:22:0d:b6:f3:a4:
49:7b:cb:86:10:cc:de:cc:1e:d8:66:12:cd:72:78:
8f:c8:8a:4c:84:d8:86:5f:29:76:5c:ef:5e:46:00:
10:80:7d:3b:9b:37:77:fa:7c:dd:1a:a1:eb:74:0d:
f5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:7C:50:B7:8A:95:3E:68:F6:D4:DE:C3:CD:33:F2:ED:66:9F:32:FB
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/B41A20C081D511ED9FFC1F2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.96.32.0/24
42.96.34.0/23
45.122.253.0/24
101.99.3.0/24
103.21.148.0/22
103.63.108.0/23
103.152.164.0/23
103.173.66.0/24
103.252.0.0/22
115.146.120.0/21
124.158.0.0/21
183.91.14.0/24
203.205.8.0/24
IPv6:
2402:5300:407::/48
2402:5300:7000::/40
2402:5300:7200::-2402:5300:7bff:ffff:ffff:ffff:ffff:ffff
2406:30c0::/48
2407:e3c0::/48
Signature Algorithm: sha256WithRSAEncryption
1a:46:06:c8:b0:ec:8d:3c:4b:fa:9d:b1:6a:69:fe:04:e4:79:
d4:93:21:ca:94:56:e1:8a:71:bc:85:86:6f:79:28:ac:59:ea:
5f:51:9b:91:8c:c0:ac:98:30:d7:0b:24:09:32:89:e1:cd:9e:
01:bb:bc:12:fc:e2:c6:aa:01:7b:18:8f:c8:23:95:df:8c:7c:
05:1e:ff:69:db:94:f6:3e:65:b3:d4:b7:d2:77:44:60:53:32:
73:ef:65:bd:0b:02:b7:bb:f9:d6:0d:f6:b4:c4:83:1d:15:ce:
c7:7b:e6:7c:40:bc:4e:01:01:ea:fb:99:62:02:da:c2:98:68:
30:29:e6:c9:b2:f9:a2:31:0b:b5:da:42:92:9e:4c:68:6c:d5:
b0:1d:9d:49:ef:f5:06:1b:d3:ca:65:ce:53:fe:d8:fd:df:f7:
3d:aa:b3:27:92:32:b4:eb:f7:72:56:30:0f:69:30:04:6e:fd:
a4:80:11:52:ea:62:7a:9a:2a:57:6c:d7:62:b3:fa:c5:df:af:
e2:f6:e9:16:40:d5:75:10:83:45:10:45:96:af:2b:0f:37:fc:
fa:6f:6f:3e:8d:d2:26:58:d7:16:44:8b:82:76:96:c4:11:96:
e9:47:57:ba:93:d3:54:44:6c:4d:29:2d:52:84:34:30:f6:24:
1a:1f:b1:db
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgICR6MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQxMDIzMDk1ODI5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE4YzhjNC00NWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAufmTebzJ+9FW1TdDQH0fzUZvd2vVFvVe8Opu3tOC5mGPYVaS8liBSoId+X8g
8P670PExnyb/Zl/pDyYCLJ4BYq5KKJJWldE/iUJrduOLC5tVf1OGlPEVv1/cxfS1
pREqJQIf/F9IIn5UrGPGOnHiicDoPJzIKGn+TgNzAlmcUq5HESf2Dt5lLr0Dxf0m
ofBvscg8nnat3vZ7Ro9toX6yE6qzlm2OPAxgEny8UWWV18w5dAYylJ8UHGw82LDx
zBZyv1HqESujOsKPFfzcIg2286RJe8uGEMzezB7YZhLNcniPyIpMhNiGXyl2XO9e
RgAQgH07mzd3+nzdGqHrdA312QIDAQABo4IDHTCCAxkwHQYDVR0OBBYEFK58ULeK
lT5o9tTew80z8u1mnzL7MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQjQxQTIwQzA4
MUQ1MTFFRDlGRkMxRjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaYGCCsGAQUFBwEHAQH/
BIGWMIGTMFQEAgABME4DBAAqYCADBAEqYCIDBAAtev0DBABlYwMDBAJnFZQDBAFn
P2wDBAFnmKQDBABnrUIDBAJn/AADBANzkngDBAN8ngADBAC3Ww4DBADLzQgwOwQC
AAIwNQMHACQCUwAEBwMGACQCUwBwMBADBgEkAlMAcgMGAiQCUwB4AwcAJAYwwAAA
AwcAJAfjwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAaRgbIsOyNPEv6nbFqaf4E5HnU
kyHKlFbhinG8hYZveSisWepfUZuRjMCsmDDXCyQJMonhzZ4Bu7wS/OLGqgF7GI/I
I5XfjHwFHv9p25T2PmWz1LfSd0RgUzJz72W9CwK3u/nWDfa0xIMdFc7He+Z8QLxO
AQHq+5liAtrCmGgwKebJsvmiMQu12kKSnkxobNWwHZ1J7/UGG9PKZc5T/tj93/c9
qrMnkjK06/dyVjAPaTAEbv2kgBFS6mJ6mipXbNdis/rF36/i9ukWQNV1EINFEEWW
rysPN/z6b28+jdImWNcWRIuCdpbEEZbpR1e6k9NURGxNKS1ShDQw9iQaH7Hb
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:17:33 2024 by rpki-client on console-ams.rpki-client.org