Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/BEB0F47E878211EEAE0BD437C4F9AE02.roa
File: BEB0F47E878211EEAE0BD437C4F9AE02.roa (raw, json)
Hash identifier: g7dH7dbdQ1lQq1sfWBZ5H+rmh8uDZsvwW4ydwCirp9w=
Subject key identifier: FF:13:FE:0D:6B:33:64:D2:B6:CE:7D:3B:37:4A:AF:13:40:C8:22:3F
Certificate issuer: /CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Certificate serial: 2314
Authority key identifier: 7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/BEB0F47E878211EEAE0BD437C4F9AE02.roa
Signing time: Mon 20 Nov 2023 09:00:02 +0000
ROA not before: Mon 20 Nov 2023 09:00:02 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 45352
IP address blocks: 14.102.144.0/22 maxlen: 24
14.102.148.0/24 maxlen: 24
14.102.149.0/24 maxlen: 24
14.102.150.0/24 maxlen: 24
14.102.151.0/24 maxlen: 24
14.192.65.0/24 maxlen: 24
43.252.152.0/23 maxlen: 23
43.252.154.0/23 maxlen: 23
43.252.154.0/24 maxlen: 24
43.252.155.0/24 maxlen: 24
45.64.168.0/22 maxlen: 22
45.64.168.0/23 maxlen: 23
45.64.168.0/24 maxlen: 24
45.64.169.0/24 maxlen: 24
45.64.170.0/24 maxlen: 24
45.64.171.0/24 maxlen: 24
58.84.8.0/22 maxlen: 22
58.84.8.0/24 maxlen: 24
58.84.9.0/24 maxlen: 24
58.84.10.0/24 maxlen: 24
58.84.11.0/24 maxlen: 24
103.3.172.0/24 maxlen: 24
103.3.173.0/24 maxlen: 24
103.3.174.0/23 maxlen: 24
103.10.156.0/23 maxlen: 24
103.10.158.0/23 maxlen: 24
118.107.200.0/21 maxlen: 24
118.107.208.0/24 maxlen: 24
118.107.209.0/24 maxlen: 24
118.107.210.0/24 maxlen: 24
118.107.211.0/24 maxlen: 24
118.107.232.0/24 maxlen: 24
118.107.233.0/24 maxlen: 24
118.107.234.0/23 maxlen: 23
118.107.235.0/24 maxlen: 24
118.107.236.0/24 maxlen: 24
118.107.237.0/24 maxlen: 24
118.107.238.0/24 maxlen: 24
118.107.239.0/24 maxlen: 24
118.107.240.0/24 maxlen: 24
118.107.241.0/24 maxlen: 24
118.107.242.0/24 maxlen: 24
118.107.243.0/24 maxlen: 24
183.81.160.0/21 maxlen: 24
192.82.56.0/21 maxlen: 21
192.82.56.0/24 maxlen: 24
192.82.57.0/24 maxlen: 24
192.82.58.0/24 maxlen: 24
192.82.59.0/24 maxlen: 24
192.82.60.0/24 maxlen: 24
192.82.61.0/24 maxlen: 24
192.82.62.0/24 maxlen: 24
192.82.63.0/24 maxlen: 24
210.5.40.0/22 maxlen: 24
210.5.44.0/22 maxlen: 24
2401:3400::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.crl
rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 29 May 2024 15:54:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8980 (0x2314)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Validity
Not Before: Nov 20 09:00:02 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=655b2012-d524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1e:68:07:33:29:70:8e:14:5a:f9:e5:87:11:
60:ec:fb:f4:c3:da:a8:90:d9:95:7e:8b:a0:95:3f:
87:5d:5d:8f:21:39:4d:25:58:af:8b:c3:8c:3e:ae:
77:1e:0b:62:c5:fb:63:14:4a:0f:8d:7b:28:b0:65:
f2:1a:e4:f9:ce:86:73:43:96:0e:61:03:d1:f5:e4:
b6:2b:07:46:d8:a7:80:79:e0:dd:75:e6:f2:4a:35:
b4:36:80:64:78:51:46:6e:b9:c7:7d:79:a8:ed:b3:
93:1e:42:c3:1d:0c:44:3f:a3:92:f0:57:f9:3a:69:
1a:fc:39:5e:ae:b7:96:16:0b:d2:f0:5e:24:1f:be:
1f:8c:77:bb:95:51:b9:33:6a:5f:b3:16:8c:a3:bc:
ac:e0:8b:1d:15:24:d0:f1:71:f1:e6:70:04:d3:70:
82:7d:7d:6a:8e:e0:b2:37:dd:fe:09:2d:82:59:98:
58:4c:1b:c9:dd:77:4b:aa:28:ea:e9:1b:76:80:84:
66:fa:b9:6b:f5:5d:ea:fe:4d:3f:00:b0:dc:e1:38:
71:2c:c8:cb:d9:63:22:09:c3:ab:c5:88:c0:a5:96:
89:8b:c3:4c:fa:40:fd:78:83:e8:af:ec:9d:e0:5c:
b7:50:a1:56:1b:5b:6b:2b:e7:a7:d2:37:76:80:67:
5f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:13:FE:0D:6B:33:64:D2:B6:CE:7D:3B:37:4A:AF:13:40:C8:22:3F
X509v3 Authority Key Identifier:
keyid:7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/BEB0F47E878211EEAE0BD437C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.144.0/21
14.192.65.0/24
43.252.152.0/22
45.64.168.0/22
58.84.8.0/22
103.3.172.0/22
103.10.156.0/22
118.107.200.0-118.107.211.255
118.107.232.0-118.107.243.255
183.81.160.0/21
192.82.56.0/21
210.5.40.0/21
IPv6:
2401:3400::/32
Signature Algorithm: sha256WithRSAEncryption
4d:b6:7d:c3:0c:c8:d8:e5:f3:19:7e:81:50:58:d5:be:65:dc:
af:f6:02:42:5c:3e:0b:a6:cd:1b:fc:15:84:57:6b:e3:81:b7:
17:35:46:c5:28:fb:95:76:91:1b:e9:af:d8:e5:14:c8:9b:0f:
52:2d:8f:33:bc:0e:7c:c7:1d:cd:d2:7a:2a:61:3e:f6:08:ad:
00:61:c6:c7:20:31:ae:33:b8:ba:12:61:16:98:60:43:bf:71:
f7:0d:7e:72:63:75:24:d3:c5:de:45:43:b9:2e:70:da:37:0e:
71:d9:b2:c2:c0:f0:29:6b:12:1e:86:61:f4:b1:bf:a8:59:27:
93:61:06:03:87:5b:3e:e8:4e:c8:dd:74:0a:b0:d0:1d:fe:7f:
99:c9:62:05:a9:f9:3b:8b:ad:98:4c:6f:ff:3c:d2:a7:06:53:
65:d1:9a:41:bb:89:ad:c9:bf:2a:24:89:f2:69:26:d0:73:0a:
c8:a3:10:37:98:05:c4:98:25:16:8b:d6:6f:d4:ca:dc:4b:23:
21:0b:0b:4f:c4:60:67:11:f6:23:9a:2a:05:a7:13:bb:e8:28:
ca:41:15:eb:90:7e:9c:93:b7:bc:53:1d:47:fd:94:ff:ca:1e:
8d:81:47:36:a4:39:93:c7:95:55:c5:01:b2:4e:8a:7d:4b:f1:
e1:7d:cc:8e
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgICIxQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE2OTExMTAvBgNVBAUTKDdBQzBDMDBGMEZDQTQ3OUVFNDY1RTRGN0Y1NDVFOEM5
NDk5M0Q2MUMwHhcNMjMxMTIwMDkwMDAyWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTViMjAxMi1kNTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsR5oBzMpcI4UWvnlhxFg7Pv0w9qokNmVfouglT+HXV2PITlNJVivi8OMPq53
HgtixftjFEoPjXsosGXyGuT5zoZzQ5YOYQPR9eS2KwdG2KeAeeDddebySjW0NoBk
eFFGbrnHfXmo7bOTHkLDHQxEP6OS8Ff5Omka/DlerreWFgvS8F4kH74fjHe7lVG5
M2pfsxaMo7ys4IsdFSTQ8XHx5nAE03CCfX1qjuCyN93+CS2CWZhYTBvJ3XdLqijq
6Rt2gIRm+rlr9V3q/k0/ALDc4ThxLMjL2WMiCcOrxYjApZaJi8NM+kD9eIPor+yd
4Fy3UKFWG1trK+en0jd2gGdfJwIDAQABo4IC9zCCAvMwHQYDVR0OBBYEFP8T/g1r
M2TSts59OzdKrxNAyCI/MB8GA1UdIwQYMBaAFHrAwA8Pykee5GXk9/VF6MlJk9Yc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTY5MS81QUZDMjY5MjY1
MkIxMUU1OTdBODY4ODFDNEY5QUUwMi9lc0RBRHdfS1I1N2taZVQzOVVYb3lVbVQx
aHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VzREFEd19LUjU3a1plVDM5VVhveVVtVDFody5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE2OTEvNUFGQzI2OTI2NTJCMTFFNTk3QTg2ODgxQzRGOUFFMDIvQkVCMEY0N0U4
NzgyMTFFRUFFMEJENDM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYAGCCsGAQUFBwEHAQH/
BHEwbzBeBAIAATBYAwQDDmaQAwQADsBBAwQCK/yYAwQCLUCoAwQCOlQIAwQCZwOs
AwQCZwqcMAwDBAN2a8gDBAJ2a9AwDAMEA3Zr6AMEAnZr8AMEA7dRoAMEA8BSOAME
A9IFKDANBAIAAjAHAwUAJAE0ADANBgkqhkiG9w0BAQsFAAOCAQEATbZ9wwzI2OXz
GX6BUFjVvmXcr/YCQlw+C6bNG/wVhFdr44G3FzVGxSj7lXaRG+mv2OUUyJsPUi2P
M7wOfMcdzdJ6KmE+9gitAGHGxyAxrjO4uhJhFphgQ79x9w1+cmN1JNPF3kVDuS5w
2jcOcdmywsDwKWsSHoZh9LG/qFknk2EGA4dbPuhOyN10CrDQHf5/mcliBan5O4ut
mExv/zzSpwZTZdGaQbuJrcm/KiSJ8mkm0HMKyKMQN5gFxJglFovWb9TK3EsjIQsL
T8RgZxH2I5oqBacTu+goykEV65B+nJO3vFMdR/2U/8oejYFHNqQ5k8eVVcUBsk6K
fUvx4X3Mjg==
-----END CERTIFICATE-----
Generated at Wed May 22 16:49:34 2024 by rpki-client on console-fra.rpki-client.org