Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/0F5C892289B011EE886DD13CC4F9AE02.roa
File: 0F5C892289B011EE886DD13CC4F9AE02.roa (raw, json)
Hash identifier: eSJpcn2qjSZfqcdfPMrWHv5Yecrbb3L9WuvIWFZhl/c=
Subject key identifier: E8:5B:2D:AC:B6:75:63:BA:26:5E:42:23:4E:6D:C5:4D:A4:96:AA:45
Certificate issuer: /CN=A91C9D76/serialNumber=1E5A6321B11AA0846FA89BF139BCECDBAD38BE37
Certificate serial: 33DC
Authority key identifier: 1E:5A:63:21:B1:1A:A0:84:6F:A8:9B:F1:39:BC:EC:DB:AD:38:BE:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlpjIbEaoIRvqJvxObzs2604vjc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/0F5C892289B011EE886DD13CC4F9AE02.roa
Signing time: Thu 23 Nov 2023 03:30:13 +0000
ROA not before: Thu 23 Nov 2023 03:30:13 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 198949
IP address blocks: 45.119.92.0/24 maxlen: 24
45.119.93.0/24 maxlen: 24
45.119.94.0/24 maxlen: 24
45.119.95.0/24 maxlen: 24
45.127.0.0/24 maxlen: 24
45.127.1.0/24 maxlen: 24
45.127.2.0/24 maxlen: 24
45.127.3.0/24 maxlen: 24
202.128.224.0/24 maxlen: 24
202.128.225.0/24 maxlen: 24
202.128.227.0/24 maxlen: 24
202.128.228.0/24 maxlen: 24
202.128.229.0/24 maxlen: 24
202.128.230.0/24 maxlen: 24
202.128.231.0/24 maxlen: 24
202.128.234.0/24 maxlen: 24
202.128.235.0/24 maxlen: 24
202.128.236.0/24 maxlen: 24
202.128.237.0/24 maxlen: 24
202.128.238.0/24 maxlen: 24
202.128.239.0/24 maxlen: 24
202.128.240.0/24 maxlen: 24
202.128.241.0/24 maxlen: 24
202.128.242.0/24 maxlen: 24
202.128.243.0/24 maxlen: 24
202.128.244.0/24 maxlen: 24
202.128.245.0/24 maxlen: 24
202.128.246.0/24 maxlen: 24
202.128.247.0/24 maxlen: 24
202.128.248.0/24 maxlen: 24
202.128.249.0/24 maxlen: 24
202.128.250.0/24 maxlen: 24
202.128.251.0/24 maxlen: 24
202.128.252.0/24 maxlen: 24
202.128.253.0/24 maxlen: 24
202.128.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/HlpjIbEaoIRvqJvxObzs2604vjc.crl
rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/HlpjIbEaoIRvqJvxObzs2604vjc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlpjIbEaoIRvqJvxObzs2604vjc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 May 2024 14:16:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13276 (0x33dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9D76/serialNumber=1E5A6321B11AA0846FA89BF139BCECDBAD38BE37
Validity
Not Before: Nov 23 03:30:13 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=655ec745-c3cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:de:27:dc:16:53:4a:62:e9:1d:bb:b4:b7:a1:
a5:f8:28:d1:a2:ab:31:fc:df:0a:57:1d:a5:92:a7:
51:cd:cc:8f:3d:66:aa:a4:1e:33:43:f1:71:49:17:
32:d1:4a:5c:4e:0b:d0:47:82:bf:7d:09:3d:92:96:
fb:2a:5a:ce:fa:7a:93:e1:ba:65:e7:eb:7b:66:72:
84:85:64:8a:b9:73:6d:10:84:8d:e0:46:6f:72:7b:
6b:08:82:fb:90:1d:ae:05:47:8f:b8:92:f3:78:41:
8f:c6:8a:44:c9:db:2c:d8:36:69:12:7f:53:a2:9b:
31:7f:a8:3b:e3:5a:f3:b6:45:63:14:7b:23:a4:08:
7a:e1:b7:f7:9b:dd:00:42:be:37:10:96:a4:a3:74:
29:b4:d6:77:58:94:57:34:d4:f5:9e:af:98:5c:ff:
fc:fc:d6:a7:ab:8b:b3:cb:d5:1c:3f:23:06:0b:96:
9b:14:d9:00:3d:a6:e8:2c:d1:50:e9:fd:5a:79:70:
38:0b:28:38:fd:9d:15:be:dc:08:2a:02:3c:9b:9f:
be:5e:d5:33:25:63:be:60:2c:b0:29:13:a5:6c:6c:
e3:e7:18:92:94:06:10:d1:9d:dc:48:2a:99:f8:3e:
a4:fc:72:53:bb:71:c5:7c:fe:db:db:1b:ac:10:2a:
bb:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:5B:2D:AC:B6:75:63:BA:26:5E:42:23:4E:6D:C5:4D:A4:96:AA:45
X509v3 Authority Key Identifier:
keyid:1E:5A:63:21:B1:1A:A0:84:6F:A8:9B:F1:39:BC:EC:DB:AD:38:BE:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/HlpjIbEaoIRvqJvxObzs2604vjc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HlpjIbEaoIRvqJvxObzs2604vjc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9D76/6287A1141D6911E288ABA9A608B02CD2/0F5C892289B011EE886DD13CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.119.92.0/22
45.127.0.0/22
202.128.224.0/23
202.128.227.0-202.128.231.255
202.128.234.0-202.128.254.255
Signature Algorithm: sha256WithRSAEncryption
91:7a:7f:d9:64:d1:e4:23:df:0a:0e:f8:27:38:e3:ac:1d:46:
e1:2e:01:5a:25:82:54:74:58:bc:41:80:b1:ff:13:78:88:c4:
5c:4c:c5:83:e1:0f:bf:d1:f3:a9:91:e6:bb:b5:c6:32:57:79:
07:f1:2c:3e:10:21:1c:83:07:4b:0c:92:a4:8f:03:29:5c:00:
44:3e:80:ef:0f:bf:f6:cd:39:1f:7f:bf:67:69:20:a4:5f:db:
bb:29:61:71:4a:52:ea:63:91:ec:88:3a:27:66:25:62:ad:c3:
89:0a:5d:82:c0:1c:c7:c4:e8:19:3d:84:fe:27:b9:1d:b5:f2:
5d:83:dd:99:88:b6:53:b3:64:0e:d7:28:5e:b8:aa:be:70:e5:
a4:79:ac:d7:c4:41:94:59:18:46:70:af:6c:c3:6e:e2:04:c7:
c2:4a:f6:17:98:84:7d:9a:17:ef:e0:53:82:2a:00:25:6b:07:
81:fc:c3:af:a4:9a:69:f9:6e:62:a0:da:bb:1b:10:4b:7a:6e:
58:91:a2:b4:4e:71:dd:64:f7:e1:89:d8:9d:d3:7b:5b:ef:76:
b5:1f:d1:39:f1:ec:2d:b2:5a:bc:c8:f3:33:1e:52:25:a0:76:
48:b8:8f:a3:0e:71:33:b8:57:34:bb:1c:15:85:2c:16:84:a0:
2f:3b:70:01
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICM9wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzlENzYxMTAvBgNVBAUTKDFFNUE2MzIxQjExQUEwODQ2RkE4OUJGMTM5QkNFQ0RC
QUQzOEJFMzcwHhcNMjMxMTIzMDMzMDEzWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVlYzc0NS1jM2NmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2t4n3BZTSmLpHbu0t6Gl+CjRoqsx/N8KVx2lkqdRzcyPPWaqpB4zQ/FxSRcy
0UpcTgvQR4K/fQk9kpb7KlrO+nqT4bpl5+t7ZnKEhWSKuXNtEISN4EZvcntrCIL7
kB2uBUePuJLzeEGPxopEydss2DZpEn9Topsxf6g741rztkVjFHsjpAh64bf3m90A
Qr43EJako3QptNZ3WJRXNNT1nq+YXP/8/Nanq4uzy9UcPyMGC5abFNkAPaboLNFQ
6f1aeXA4Cyg4/Z0VvtwIKgI8m5++XtUzJWO+YCywKROlbGzj5xiSlAYQ0Z3cSCqZ
+D6k/HJTu3HFfP7b2xusECq79QIDAQABo4ICvTCCArkwHQYDVR0OBBYEFOhbLay2
dWO6Jl5CI05txU2klqpFMB8GA1UdIwQYMBaAFB5aYyGxGqCEb6ib8Tm87NutOL43
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUQ3Ni82Mjg3QTExNDFE
NjkxMUUyODhBQkE5QTYwOEIwMkNEMi9IbHBqSWJFYW9JUnZxSnZ4T2J6czI2MDR2
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hscGpJYkVhb0lSdnFKdnhPYnpzMjYwNHZqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzlENzYvNjI4N0ExMTQxRDY5MTFFMjg4QUJBOUE2MDhCMDJDRDIvMEY1Qzg5MjI4
OUIwMTFFRTg4NkREMTNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MDQEAgABMC4DBAItd1wDBAItfwADBAHKgOAwDAMEAMqA4wMEA8qA4DAMAwQB
yoDqAwQAyoD+MA0GCSqGSIb3DQEBCwUAA4IBAQCRen/ZZNHkI98KDvgnOOOsHUbh
LgFaJYJUdFi8QYCx/xN4iMRcTMWD4Q+/0fOpkea7tcYyV3kH8Sw+ECEcgwdLDJKk
jwMpXABEPoDvD7/2zTkff79naSCkX9u7KWFxSlLqY5HsiDonZiVircOJCl2CwBzH
xOgZPYT+J7kdtfJdg92ZiLZTs2QO1yheuKq+cOWkeazXxEGUWRhGcK9sw27iBMfC
SvYXmIR9mhfv4FOCKgAlaweB/MOvpJpp+W5ioNq7GxBLem5YkaK0TnHdZPfhidid
03tb73a1H9E58ewtslq8yPMzHlIloHZIuI+jDnEzuFc0uxwVhSwWhKAvO3AB
-----END CERTIFICATE-----
Generated at Sat May 4 15:45:49 2024 by rpki-client on console-fra.rpki-client.org