Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/E8976FF0928211EF8D2A551EC4F9AE02.roa
File: E8976FF0928211EF8D2A551EC4F9AE02.roa (raw, json)
Hash identifier: hGDNuRCaLXPfG3VUf8vmteJTYysI5vtgD8NptnY3aYI=
Subject key identifier: 2B:A8:26:41:CC:3F:41:89:FE:3F:74:AA:73:E0:1D:E8:FE:E9:2C:4D
Certificate issuer: /CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Certificate serial: 23D2
Authority key identifier: 7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/E8976FF0928211EF8D2A551EC4F9AE02.roa
Signing time: Fri 25 Oct 2024 03:41:33 +0000
ROA not before: Fri 25 Oct 2024 03:41:33 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 45352
IP address blocks: 14.102.144.0/22 maxlen: 24
14.102.148.0/24 maxlen: 24
14.102.149.0/24 maxlen: 24
14.102.150.0/24 maxlen: 24
14.102.151.0/24 maxlen: 24
14.192.65.0/24 maxlen: 24
43.252.152.0/22 maxlen: 24
45.64.168.0/22 maxlen: 22
45.64.168.0/23 maxlen: 23
45.64.168.0/24 maxlen: 24
45.64.169.0/24 maxlen: 24
45.64.170.0/24 maxlen: 24
45.64.171.0/24 maxlen: 24
58.84.8.0/22 maxlen: 22
58.84.8.0/24 maxlen: 24
58.84.9.0/24 maxlen: 24
58.84.10.0/24 maxlen: 24
58.84.11.0/24 maxlen: 24
103.3.172.0/24 maxlen: 24
103.3.173.0/24 maxlen: 24
103.3.174.0/23 maxlen: 24
103.10.156.0/23 maxlen: 24
103.10.158.0/23 maxlen: 24
103.40.204.0/22 maxlen: 24
118.107.200.0/21 maxlen: 24
118.107.208.0/24 maxlen: 24
118.107.209.0/24 maxlen: 24
118.107.210.0/24 maxlen: 24
118.107.211.0/24 maxlen: 24
118.107.232.0/24 maxlen: 24
118.107.233.0/24 maxlen: 24
118.107.234.0/23 maxlen: 23
118.107.235.0/24 maxlen: 24
118.107.236.0/24 maxlen: 24
118.107.237.0/24 maxlen: 24
118.107.238.0/24 maxlen: 24
118.107.239.0/24 maxlen: 24
118.107.240.0/24 maxlen: 24
118.107.241.0/24 maxlen: 24
118.107.242.0/24 maxlen: 24
118.107.243.0/24 maxlen: 24
183.81.160.0/21 maxlen: 24
192.82.56.0/21 maxlen: 21
192.82.56.0/24 maxlen: 24
192.82.57.0/24 maxlen: 24
192.82.58.0/24 maxlen: 24
192.82.59.0/24 maxlen: 24
192.82.60.0/24 maxlen: 24
192.82.61.0/24 maxlen: 24
192.82.62.0/24 maxlen: 24
192.82.63.0/24 maxlen: 24
210.5.40.0/22 maxlen: 24
210.5.44.0/22 maxlen: 24
2401:3400::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.crl
rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 15:22:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9170 (0x23d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1691/serialNumber=7AC0C00F0FCA479EE465E4F7F545E8C94993D61C
Validity
Not Before: Oct 25 03:41:33 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=671b136d-8623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:68:eb:c9:5c:b7:f1:45:10:57:01:97:43:fa:
4f:36:5f:bc:c9:73:e4:b7:6f:15:9d:79:3d:1b:f9:
49:f4:3c:21:c1:29:6f:59:69:21:da:7a:5a:e2:03:
3e:ac:88:7e:f7:88:92:ec:9e:32:e1:8c:32:d1:0e:
02:10:5c:b9:b6:6d:c4:b8:ff:41:1d:55:96:fe:43:
48:e8:06:38:93:d6:83:8a:a2:bf:20:41:ab:2b:1e:
0a:c5:c2:f7:4c:78:ee:18:6a:e1:dc:6d:45:7e:ee:
95:0e:74:76:71:6d:01:9c:dc:7a:fb:e9:08:11:0f:
ae:c6:b3:e9:30:cf:71:21:91:9d:c1:f4:11:f0:40:
6a:70:84:ec:8b:10:bc:4e:32:9b:13:2f:30:c1:88:
55:ee:9e:f4:22:ac:2b:7b:a1:cf:02:e9:c7:cc:af:
4a:d6:4b:16:03:7b:cb:6d:a0:40:a9:38:74:f0:be:
90:7c:88:59:94:bf:a2:c4:5f:8e:4a:35:59:0a:d0:
e3:f6:48:3b:65:69:c5:24:d6:44:9a:d5:53:d8:d3:
a0:2b:3a:cb:19:af:5d:54:60:1b:4e:72:b1:39:15:
38:42:35:b5:ea:f4:9c:5d:1b:d1:67:e6:c8:3e:48:
8b:13:84:7a:f2:fa:20:de:e8:5d:f7:3b:64:62:6a:
75:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:A8:26:41:CC:3F:41:89:FE:3F:74:AA:73:E0:1D:E8:FE:E9:2C:4D
X509v3 Authority Key Identifier:
keyid:7A:C0:C0:0F:0F:CA:47:9E:E4:65:E4:F7:F5:45:E8:C9:49:93:D6:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/esDADw_KR57kZeT39UXoyUmT1hw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/esDADw_KR57kZeT39UXoyUmT1hw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1691/5AFC2692652B11E597A86881C4F9AE02/E8976FF0928211EF8D2A551EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.144.0/21
14.192.65.0/24
43.252.152.0/22
45.64.168.0/22
58.84.8.0/22
103.3.172.0/22
103.10.156.0/22
103.40.204.0/22
118.107.200.0-118.107.211.255
118.107.232.0-118.107.243.255
183.81.160.0/21
192.82.56.0/21
210.5.40.0/21
IPv6:
2401:3400::/32
Signature Algorithm: sha256WithRSAEncryption
60:59:39:81:fc:97:b8:36:6a:52:97:b2:a2:3b:69:73:bf:9d:
f0:1d:69:16:73:e3:fd:a4:d6:20:de:5b:92:21:e3:64:8c:24:
83:99:67:11:2b:fb:2a:f2:b8:f8:a6:4e:69:d3:df:ef:4c:82:
68:d8:f8:1a:82:6d:7e:b5:9d:d1:e9:24:57:24:b7:bf:e1:a0:
2a:6e:0d:c9:1f:bd:03:55:1c:55:e4:f4:13:09:71:b9:8a:e1:
6d:c9:0b:0a:d0:37:0a:d3:94:c6:0f:12:11:69:95:3d:77:29:
1b:05:03:89:db:68:2e:8b:08:fb:dd:25:ed:38:aa:ee:17:85:
74:10:75:58:23:c2:f3:54:e0:14:f4:65:aa:72:d1:0f:3b:49:
b3:bb:14:8a:9f:93:2e:1f:fb:19:f6:31:7e:82:b5:80:9c:1d:
6e:c5:f0:24:a3:02:ec:b9:98:61:17:a2:81:fa:84:d0:b9:9c:
b6:81:57:31:be:9e:c1:15:cb:7f:83:4d:41:e1:25:ac:db:7d:
6e:ad:6a:cd:9f:e7:99:35:30:60:4e:dd:a3:d4:9a:5b:a1:c0:
36:81:94:96:fd:51:e4:46:45:ee:a8:ee:dc:83:e3:e9:1b:86:
d8:b1:f3:25:24:ca:b0:8d:80:6c:28:0a:82:59:8c:ef:0c:a5:
21:fb:28:9f
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgICI9IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE2OTExMTAvBgNVBAUTKDdBQzBDMDBGMEZDQTQ3OUVFNDY1RTRGN0Y1NDVFOEM5
NDk5M0Q2MUMwHhcNMjQxMDI1MDM0MTMzWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzFiMTM2ZC04NjIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoWjryVy38UUQVwGXQ/pPNl+8yXPkt28VnXk9G/lJ9DwhwSlvWWkh2npa4gM+
rIh+94iS7J4y4Ywy0Q4CEFy5tm3EuP9BHVWW/kNI6AY4k9aDiqK/IEGrKx4KxcL3
THjuGGrh3G1Ffu6VDnR2cW0BnNx6++kIEQ+uxrPpMM9xIZGdwfQR8EBqcITsixC8
TjKbEy8wwYhV7p70Iqwre6HPAunHzK9K1ksWA3vLbaBAqTh08L6QfIhZlL+ixF+O
SjVZCtDj9kg7ZWnFJNZEmtVT2NOgKzrLGa9dVGAbTnKxORU4QjW16vScXRvRZ+bI
PkiLE4R68vog3uhd9ztkYmp1awIDAQABo4IC/TCCAvkwHQYDVR0OBBYEFCuoJkHM
P0GJ/j90qnPgHej+6SxNMB8GA1UdIwQYMBaAFHrAwA8Pykee5GXk9/VF6MlJk9Yc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTY5MS81QUZDMjY5MjY1
MkIxMUU1OTdBODY4ODFDNEY5QUUwMi9lc0RBRHdfS1I1N2taZVQzOVVYb3lVbVQx
aHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VzREFEd19LUjU3a1plVDM5VVhveVVtVDFody5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE2OTEvNUFGQzI2OTI2NTJCMTFFNTk3QTg2ODgxQzRGOUFFMDIvRTg5NzZGRjA5
MjgyMTFFRjhEMkE1NTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYYGCCsGAQUFBwEHAQH/
BHcwdTBkBAIAATBeAwQDDmaQAwQADsBBAwQCK/yYAwQCLUCoAwQCOlQIAwQCZwOs
AwQCZwqcAwQCZyjMMAwDBAN2a8gDBAJ2a9AwDAMEA3Zr6AMEAnZr8AMEA7dRoAME
A8BSOAMEA9IFKDANBAIAAjAHAwUAJAE0ADANBgkqhkiG9w0BAQsFAAOCAQEAYFk5
gfyXuDZqUpeyojtpc7+d8B1pFnPj/aTWIN5bkiHjZIwkg5lnESv7KvK4+KZOadPf
70yCaNj4GoJtfrWd0ekkVyS3v+GgKm4NyR+9A1UcVeT0EwlxuYrhbckLCtA3CtOU
xg8SEWmVPXcpGwUDidtoLosI+90l7Tiq7heFdBB1WCPC81TgFPRlqnLRDztJs7sU
ip+TLh/7GfYxfoK1gJwdbsXwJKMC7LmYYReigfqE0LmctoFXMb6ewRXLf4NNQeEl
rNt9bq1qzZ/nmTUwYE7do9SaW6HANoGUlv1R5EZF7qju3IPj6RuG2LHzJSTKsI2A
bCgKglmM7wylIfsonw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:50:04 2024 by rpki-client on console-ams.rpki-client.org