Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/E13D8940342E11EF84328672C4F9AE02.roa
File: E13D8940342E11EF84328672C4F9AE02.roa (raw, json)
Hash identifier: dBTJrWbIzncCU9ZZ51jmQQs0RvoHXJHEy38NQsJ0ngQ=
Subject key identifier: 9E:E2:48:3E:78:15:A6:D1:39:5E:89:C3:E1:67:FA:C9:48:56:D8:9A
Certificate issuer: /CN=A91D176D/serialNumber=AA0178EA78511A15B1470EBFC0C5721A70E2769F
Certificate serial: 76
Authority key identifier: AA:01:78:EA:78:51:1A:15:B1:47:0E:BF:C0:C5:72:1A:70:E2:76:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qgF46nhRGhWxRw6_wMVyGnDidp8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/E13D8940342E11EF84328672C4F9AE02.roa
Signing time: Thu 18 Jul 2024 07:09:29 +0000
ROA not before: Thu 18 Jul 2024 07:09:29 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 134078
IP address blocks: 45.112.76.0/22 maxlen: 22
61.13.2.0/24 maxlen: 24
61.13.16.0/20 maxlen: 21
61.13.32.0/21 maxlen: 21
61.13.128.0/22 maxlen: 22
61.13.128.0/24 maxlen: 24
61.13.136.0/23 maxlen: 23
61.13.138.0/23 maxlen: 23
61.14.64.0/19 maxlen: 19
61.14.90.0/24 maxlen: 24
61.14.91.0/24 maxlen: 24
61.14.95.0/24 maxlen: 24
61.16.0.0/22 maxlen: 22
61.16.4.0/22 maxlen: 22
61.16.8.0/22 maxlen: 22
61.16.12.0/22 maxlen: 22
61.16.16.0/22 maxlen: 22
61.16.32.0/22 maxlen: 22
103.51.160.0/22 maxlen: 22
103.51.160.0/24 maxlen: 24
103.51.163.0/24 maxlen: 24
103.227.88.0/22 maxlen: 22
103.227.88.0/23 maxlen: 23
103.227.90.0/23 maxlen: 23
103.250.56.0/22 maxlen: 22
103.250.58.0/24 maxlen: 24
202.52.64.0/23 maxlen: 23
202.52.66.0/23 maxlen: 23
202.52.68.0/22 maxlen: 22
202.52.72.0/21 maxlen: 21
202.52.80.0/21 maxlen: 21
202.52.92.0/22 maxlen: 22
202.52.96.0/19 maxlen: 19
202.52.112.0/20 maxlen: 20
202.136.16.0/20 maxlen: 20
202.148.160.0/20 maxlen: 20
203.31.234.0/24 maxlen: 24
203.149.128.0/24 maxlen: 24
203.149.140.0/22 maxlen: 22
203.149.168.0/22 maxlen: 22
203.149.184.0/21 maxlen: 21
2404:1100::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/qgF46nhRGhWxRw6_wMVyGnDidp8.crl
rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/qgF46nhRGhWxRw6_wMVyGnDidp8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qgF46nhRGhWxRw6_wMVyGnDidp8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118 (0x76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D176D/serialNumber=AA0178EA78511A15B1470EBFC0C5721A70E2769F
Validity
Not Before: Jul 18 07:09:29 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=6698bfa9-47ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9f:7b:45:36:ea:9e:d0:9f:65:c7:d4:b7:1d:
f3:ce:69:da:22:48:c2:7f:43:a7:50:34:eb:ee:2a:
19:5d:8d:c6:94:95:a3:d5:ea:56:ed:05:bd:92:ad:
b6:cb:2d:44:73:53:e4:64:11:d2:83:04:4b:ba:4c:
1f:2f:72:90:59:99:29:3a:d1:86:c2:14:85:53:08:
f8:cb:a7:04:2b:2d:cc:63:6e:44:7e:c3:c1:0d:69:
13:87:46:9b:de:5e:4f:99:ce:e7:70:b6:fb:dc:8a:
da:91:4e:c4:91:e9:a6:9b:57:08:0a:3f:00:8d:66:
d3:07:3d:eb:fd:e3:1a:80:79:b7:fc:1d:ab:83:a1:
8b:28:46:1e:4a:b6:e1:34:e7:6f:64:6f:e9:6c:be:
82:3e:89:db:ec:fc:4b:d9:82:8d:87:f5:59:a4:1e:
34:d6:ad:f6:15:05:73:b7:88:f6:d1:58:1f:e9:3e:
36:9f:09:8f:d3:45:27:85:50:2e:1f:0a:c1:9b:70:
7f:c1:58:52:46:5e:dd:82:b7:99:cc:35:4f:48:1f:
8c:a9:3b:16:c7:6a:f6:9c:f5:47:68:4e:1c:d6:10:
82:c4:31:8e:cb:d8:6d:10:9e:5a:2e:97:1a:10:bf:
90:ba:e5:a4:21:49:27:aa:18:a2:f6:8c:6a:ad:85:
9c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E2:48:3E:78:15:A6:D1:39:5E:89:C3:E1:67:FA:C9:48:56:D8:9A
X509v3 Authority Key Identifier:
keyid:AA:01:78:EA:78:51:1A:15:B1:47:0E:BF:C0:C5:72:1A:70:E2:76:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/qgF46nhRGhWxRw6_wMVyGnDidp8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qgF46nhRGhWxRw6_wMVyGnDidp8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D176D/F02A35E8A91411EEB2712D3FC4F9AE02/E13D8940342E11EF84328672C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.76.0/22
61.13.2.0/24
61.13.16.0-61.13.39.255
61.13.128.0/22
61.13.136.0/22
61.14.64.0/19
61.16.0.0-61.16.19.255
61.16.32.0/22
103.51.160.0/22
103.227.88.0/22
103.250.56.0/22
202.52.64.0-202.52.87.255
202.52.92.0-202.52.127.255
202.136.16.0/20
202.148.160.0/20
203.31.234.0/24
203.149.128.0/24
203.149.140.0/22
203.149.168.0/22
203.149.184.0/21
IPv6:
2404:1100::/32
Signature Algorithm: sha256WithRSAEncryption
34:ad:42:c0:52:c5:ff:cd:c5:57:c5:dd:13:96:21:f0:f6:8c:
31:99:bb:9f:b8:a6:76:37:b2:60:e1:bd:b5:49:ab:ec:30:41:
2f:f0:b8:1e:6d:20:40:3b:a8:93:1f:03:a1:83:2c:28:8c:87:
d3:06:62:46:f8:2b:12:e6:e1:50:a7:18:46:cb:b3:3b:e9:87:
6d:26:05:25:54:0c:9f:6f:c9:7a:7f:3f:40:f3:de:dd:1d:35:
bd:71:69:07:ca:a0:fb:02:63:58:41:2a:3e:42:01:65:f9:eb:
eb:d0:b4:40:d6:d5:e4:e4:d7:32:67:05:31:8f:d8:2d:74:e1:
05:31:18:ec:14:60:10:32:3d:6a:5a:88:1d:94:35:7b:98:1e:
b8:cd:a2:5f:72:81:cd:9f:db:de:09:6a:27:49:ec:a6:df:50:
27:e7:3e:73:79:b6:c7:e9:a0:85:48:bb:fd:3a:4c:63:c3:b3:
e5:cb:94:b5:f5:35:0b:a2:12:a7:99:2d:bb:82:c7:6f:f8:7a:
b3:13:08:da:7c:bf:d5:49:da:40:2d:39:a3:2b:52:78:b8:b5:
6d:8a:7b:66:69:30:36:e6:6b:7a:e6:f9:70:88:5e:96:ec:b0:
3c:53:68:0c:92:a5:21:04:54:8c:a8:06:ce:03:91:97:dd:06:
74:ee:ea:91
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgIBdjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
MTc2RDExMC8GA1UEBRMoQUEwMTc4RUE3ODUxMUExNUIxNDcwRUJGQzBDNTcyMUE3
MEUyNzY5RjAeFw0yNDA3MTgwNzA5MjlaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2OThiZmE5LTQ3ZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCcn3tFNuqe0J9lx9S3HfPOadoiSMJ/Q6dQNOvuKhldjcaUlaPV6lbtBb2SrbbL
LURzU+RkEdKDBEu6TB8vcpBZmSk60YbCFIVTCPjLpwQrLcxjbkR+w8ENaROHRpve
Xk+ZzudwtvvcitqRTsSR6aabVwgKPwCNZtMHPev94xqAebf8HauDoYsoRh5KtuE0
529kb+lsvoI+idvs/EvZgo2H9VmkHjTWrfYVBXO3iPbRWB/pPjafCY/TRSeFUC4f
CsGbcH/BWFJGXt2Ct5nMNU9IH4ypOxbHavac9UdoThzWEILEMY7L2G0QnloulxoQ
v5C65aQhSSeqGKL2jGqthZwDAgMBAAGjggM6MIIDNjAdBgNVHQ4EFgQUnuJIPngV
ptE5XonD4Wf6yUhW2JowHwYDVR0jBBgwFoAUqgF46nhRGhWxRw6/wMVyGnDidp8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQxNzZEL0YwMkEzNUU4QTkx
NDExRUVCMjcxMkQzRkM0RjlBRTAyL3FnRjQ2bmhSR2hXeFJ3Nl93TVZ5R25EaWRw
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcWdGNDZuaFJHaFd4Unc2X3dNVnlHbkRpZHA4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MTc2RC9GMDJBMzVFOEE5MTQxMUVFQjI3MTJEM0ZDNEY5QUUwMi9FMTNEODk0MDM0
MkUxMUVGODQzMjg2NzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCBwwYIKwYBBQUHAQcBAf8E
gbMwgbAwgZ4EAgABMIGXAwQCLXBMAwQAPQ0CMAwDBAQ9DRADBAM9DSADBAI9DYAD
BAI9DYgDBAU9DkAwCwMDBD0QAwQCPRAQAwQCPRAgAwQCZzOgAwQCZ+NYAwQCZ/o4
MAwDBAbKNEADBAPKNFAwDAMEAso0XAMEB8o0AAMEBMqIEAMEBMqUoAMEAMsf6gME
AMuVgAMEAsuVjAMEAsuVqAMEA8uVuDANBAIAAjAHAwUAJAQRADANBgkqhkiG9w0B
AQsFAAOCAQEANK1CwFLF/83FV8XdE5Yh8PaMMZm7n7imdjeyYOG9tUmr7DBBL/C4
Hm0gQDuokx8DoYMsKIyH0wZiRvgrEubhUKcYRsuzO+mHbSYFJVQMn2/Jen8/QPPe
3R01vXFpB8qg+wJjWEEqPkIBZfnr69C0QNbV5OTXMmcFMY/YLXThBTEY7BRgEDI9
alqIHZQ1e5geuM2iX3KBzZ/b3glqJ0nspt9QJ+c+c3m2x+mghUi7/TpMY8Oz5cuU
tfU1C6ISp5ktu4LHb/h6sxMI2ny/1UnaQC05oytSeLi1bYp7ZmkwNuZreub5cIhe
luywPFNoDJKlIQRUjKgGzgORl90GdO7qkQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:13:24 2024 by rpki-client on console-ams.rpki-client.org