Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/65519ACC506C11EC99354984C4F9AE02.roa
File: 65519ACC506C11EC99354984C4F9AE02.roa (raw, json)
Hash identifier: o9tC3xGk/ryfBi7Xpc0uX9OG3rCVXHi+ADtUKveFW/g=
Subject key identifier: DA:7C:C9:C7:11:35:AC:EA:6C:32:C0:05:49:88:C1:51:C2:D2:E4:0A
Certificate issuer: /CN=A91D298D/serialNumber=FEF2C1C4EA0964477514C1AA946E6C41778D06BF
Certificate serial: 0741
Authority key identifier: FE:F2:C1:C4:EA:09:64:47:75:14:C1:AA:94:6E:6C:41:77:8D:06:BF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/65519ACC506C11EC99354984C4F9AE02.roa
Signing time: Thu 22 Feb 2024 05:48:39 +0000
ROA not before: Thu 22 Feb 2024 05:48:39 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 59257
IP address blocks: 43.243.132.0/22 maxlen: 24
45.116.232.0/22 maxlen: 24
103.255.4.0/22 maxlen: 22
103.255.4.0/23 maxlen: 24
103.255.6.0/23 maxlen: 24
111.119.168.0/21 maxlen: 24
111.119.176.0/20 maxlen: 20
111.119.176.0/21 maxlen: 21
111.119.176.0/22 maxlen: 24
111.119.180.0/22 maxlen: 24
111.119.184.0/21 maxlen: 21
111.119.184.0/22 maxlen: 24
111.119.188.0/22 maxlen: 24
121.91.32.0/19 maxlen: 24
144.48.0.0/22 maxlen: 24
203.189.224.0/22 maxlen: 24
223.123.0.0/17 maxlen: 24
2402:ad80::/36 maxlen: 36
2402:ad80::/44 maxlen: 48
2402:ad80:10::/44 maxlen: 48
2402:ad80:20::/44 maxlen: 48
2402:ad80:60::/44 maxlen: 48
2402:ad80:70::/44 maxlen: 48
2402:ad80:80::/44 maxlen: 48
2402:ad80:90::/44 maxlen: 48
2402:ad80:a0::/44 maxlen: 48
2402:ad80:b0::/44 maxlen: 48
2402:ad80:f0::/44 maxlen: 48
2402:ad80:100::/44 maxlen: 48
2402:ad80:110::/44 maxlen: 48
2402:ad80:120::/44 maxlen: 48
2402:ad80:130::/44 maxlen: 48
2402:ad80:140::/44 maxlen: 48
2402:ad80:1000::/36 maxlen: 36
2402:ad80:2000::/36 maxlen: 36
2402:ad80:3000::/36 maxlen: 36
2402:ad80:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.crl
rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1857 (0x741)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D298D/serialNumber=FEF2C1C4EA0964477514C1AA946E6C41778D06BF
Validity
Not Before: Feb 22 05:48:39 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65d6e037-9c54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e0:c7:d7:38:ec:0e:62:8c:7b:ec:43:6e:f0:
d7:03:c5:a2:44:8a:a0:85:0c:4e:e0:7d:6d:98:1a:
cc:57:b2:fd:6c:d1:6d:b5:1a:ca:05:92:56:71:6d:
25:7c:2e:c2:79:32:8d:08:63:a5:82:d3:84:a9:dd:
e1:aa:6d:3f:d9:18:f0:35:b0:c5:49:ae:52:5d:9b:
de:fa:6a:35:0a:6b:4e:d9:45:7a:7c:cc:08:a2:82:
d1:0a:df:03:25:5a:c1:84:e7:2a:3b:51:70:18:a4:
9b:d9:5a:d6:ad:d3:75:62:e9:d6:5b:f4:0c:c4:23:
fc:41:83:7e:37:1f:ca:e6:d2:ce:c8:2e:6c:82:da:
91:3c:c7:f7:f8:d1:31:41:27:6b:e0:43:15:83:18:
9b:e8:3f:9c:29:52:c7:86:6f:1c:29:82:6d:ed:7a:
1e:93:89:dd:f6:01:c3:6e:40:02:b2:bf:e2:dc:3c:
5c:8a:bf:20:c7:27:d5:66:c5:7b:b1:95:fa:11:f7:
36:14:9f:90:b9:16:b0:7e:16:de:78:42:be:d0:9d:
ae:fb:fa:5b:ff:a1:77:db:79:35:11:ba:90:96:f1:
b8:35:a4:48:c7:8c:be:77:d3:a0:c9:02:9b:50:cd:
0b:56:c7:6e:25:f1:4b:05:fa:d7:b3:9c:81:c8:f9:
48:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7C:C9:C7:11:35:AC:EA:6C:32:C0:05:49:88:C1:51:C2:D2:E4:0A
X509v3 Authority Key Identifier:
keyid:FE:F2:C1:C4:EA:09:64:47:75:14:C1:AA:94:6E:6C:41:77:8D:06:BF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/_vLBxOoJZEd1FMGqlG5sQXeNBr8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_vLBxOoJZEd1FMGqlG5sQXeNBr8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D298D/337A6432F1A611EAB95C0E2FC4F9AE02/65519ACC506C11EC99354984C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.132.0/22
45.116.232.0/22
103.255.4.0/22
111.119.168.0-111.119.191.255
121.91.32.0/19
144.48.0.0/22
203.189.224.0/22
223.123.0.0/17
IPv6:
2402:ad80::-2402:ad80:4fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1a:84:de:de:3c:6f:9f:f3:ac:0e:f6:8b:53:6e:bf:60:49:58:
25:15:64:80:3a:5d:6a:93:e2:2d:0c:db:04:f0:f9:e5:a4:c2:
10:1e:c3:b8:57:a3:65:32:05:e2:5c:29:94:e3:f3:05:b9:d6:
5a:eb:29:2e:54:41:2b:51:21:c5:43:6f:fe:a6:96:2e:80:b5:
84:a9:79:fd:bc:e4:fa:9a:95:09:c0:34:2c:60:85:dc:d0:ac:
e1:65:ce:73:59:4b:d7:74:e2:55:16:2f:66:93:6e:b0:b1:4c:
b1:15:9d:89:bc:46:60:5d:ee:3c:90:ce:d3:e6:b6:2a:ce:84:
7b:11:ac:5c:f2:e0:19:1e:59:a7:bd:b4:76:23:22:15:54:30:
64:1a:02:9c:f0:77:42:7c:ed:20:38:9a:72:90:70:12:8a:bd:
35:90:b4:ae:ee:da:f5:c9:50:2d:b8:12:46:e0:d4:65:c6:a4:
dd:d1:90:ec:3d:26:a1:ab:fe:c3:f5:87:56:30:d2:2a:d5:cc:
da:89:5d:3c:1e:19:34:1a:07:55:1d:86:92:70:cf:94:7f:00:
84:3f:0f:ad:d1:d0:d4:81:c6:9e:9b:3e:48:78:6d:4b:ec:12:
14:5a:17:a7:39:13:15:ac:12:a6:f7:b7:12:b3:e3:c3:45:a6:
ff:c8:c0:cf
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgICB0EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDI5OEQxMTAvBgNVBAUTKEZFRjJDMUM0RUEwOTY0NDc3NTE0QzFBQTk0NkU2QzQx
Nzc4RDA2QkYwHhcNMjQwMjIyMDU0ODM5WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ2ZTAzNy05YzU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwODH1zjsDmKMe+xDbvDXA8WiRIqghQxO4H1tmBrMV7L9bNFttRrKBZJWcW0l
fC7CeTKNCGOlgtOEqd3hqm0/2RjwNbDFSa5SXZve+mo1CmtO2UV6fMwIooLRCt8D
JVrBhOcqO1FwGKSb2VrWrdN1YunWW/QMxCP8QYN+Nx/K5tLOyC5sgtqRPMf3+NEx
QSdr4EMVgxib6D+cKVLHhm8cKYJt7Xoek4nd9gHDbkACsr/i3Dxcir8gxyfVZsV7
sZX6Efc2FJ+QuRawfhbeeEK+0J2u+/pb/6F323k1EbqQlvG4NaRIx4y+d9OgyQKb
UM0LVsduJfFLBfrXs5yByPlICwIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFNp8yccR
NazqbDLABUmIwVHC0uQKMB8GA1UdIwQYMBaAFP7ywcTqCWRHdRTBqpRubEF3jQa/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjk4RC8zMzdBNjQzMkYx
QTYxMUVBQjk1QzBFMkZDNEY5QUUwMi9fdkxCeE9vSlpFZDFGTUdxbEc1c1FYZU5C
cjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL192TEJ4T29KWkVkMUZNR3FsRzVzUVhlTkJyOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDI5OEQvMzM3QTY0MzJGMUE2MTFFQUI5NUMwRTJGQzRGOUFFMDIvNjU1MTlBQ0M1
MDZDMTFFQzk5MzU0OTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E
WzBZMD4EAgABMDgDBAIr84QDBAItdOgDBAJn/wQwDAMEA293qAMEBm93gAMEBXlb
IAMEApAwAAMEAsu94AMEB997ADAXBAIAAjARMA8DBQckAq2AAwYEJAKtgEAwDQYJ
KoZIhvcNAQELBQADggEBABqE3t48b5/zrA72i1Nuv2BJWCUVZIA6XWqT4i0M2wTw
+eWkwhAew7hXo2UyBeJcKZTj8wW51lrrKS5UQStRIcVDb/6mli6AtYSpef285Pqa
lQnANCxghdzQrOFlznNZS9d04lUWL2aTbrCxTLEVnYm8RmBd7jyQztPmtirOhHsR
rFzy4BkeWae9tHYjIhVUMGQaApzwd0J87SA4mnKQcBKKvTWQtK7u2vXJUC24Ekbg
1GXGpN3RkOw9JqGr/sP1h1Yw0irVzNqJXTweGTQaB1UdhpJwz5R/AIQ/D63R0NSB
xp6bPkh4bUvsEhRaF6c5ExWsEqb3txKz48NFpv/IwM8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:24:12 2024 by rpki-client on console-fra.rpki-client.org