Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/FED0B33ED4C111EC9367BF31C4F9AE02.roa
File: FED0B33ED4C111EC9367BF31C4F9AE02.roa (raw, json)
Hash identifier: NBLqEf4Cs12ktShMDVUGgoDyBtgDQP5H9EoEIrLF62k=
Subject key identifier: 32:97:0D:BE:86:1F:DD:3B:A5:99:AC:02:15:B1:4C:98:18:7F:F9:CC
Certificate issuer: /CN=A91D462A/serialNumber=CF712CB389EE84DA19CA981DE630F509FF44CD45
Certificate serial: 18FB
Authority key identifier: CF:71:2C:B3:89:EE:84:DA:19:CA:98:1D:E6:30:F5:09:FF:44:CD:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/FED0B33ED4C111EC9367BF31C4F9AE02.roa
Signing time: Mon 16 Oct 2023 17:04:09 +0000
ROA not before: Mon 16 Oct 2023 17:04:09 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 1299
IP address blocks: 45.117.32.0/24 maxlen: 24
45.117.33.0/24 maxlen: 24
45.117.34.0/24 maxlen: 24
45.117.35.0/24 maxlen: 24
202.21.96.0/24 maxlen: 24
202.21.97.0/24 maxlen: 24
202.21.98.0/24 maxlen: 24
202.21.99.0/24 maxlen: 24
202.21.100.0/24 maxlen: 24
202.21.101.0/24 maxlen: 24
202.21.102.0/24 maxlen: 24
202.21.103.0/24 maxlen: 24
202.21.104.0/24 maxlen: 24
202.21.105.0/24 maxlen: 24
202.21.106.0/24 maxlen: 24
202.21.107.0/24 maxlen: 24
202.21.108.0/24 maxlen: 24
202.21.109.0/24 maxlen: 24
202.21.110.0/24 maxlen: 24
202.21.111.0/24 maxlen: 24
202.21.112.0/24 maxlen: 24
202.21.113.0/24 maxlen: 24
202.21.114.0/24 maxlen: 24
202.21.115.0/24 maxlen: 24
202.21.116.0/24 maxlen: 24
202.21.117.0/24 maxlen: 24
202.21.118.0/24 maxlen: 24
202.21.119.0/24 maxlen: 24
202.21.120.0/24 maxlen: 24
202.21.121.0/24 maxlen: 24
202.21.122.0/24 maxlen: 24
202.21.123.0/24 maxlen: 24
202.21.124.0/24 maxlen: 24
202.21.125.0/24 maxlen: 24
202.21.126.0/24 maxlen: 24
202.21.127.0/24 maxlen: 24
202.126.92.0/24 maxlen: 24
202.126.93.0/24 maxlen: 24
202.126.94.0/24 maxlen: 24
202.126.95.0/24 maxlen: 24
202.131.224.0/24 maxlen: 24
202.131.225.0/24 maxlen: 24
202.131.226.0/24 maxlen: 24
202.131.227.0/24 maxlen: 24
202.131.228.0/24 maxlen: 24
202.131.229.0/24 maxlen: 24
202.131.230.0/24 maxlen: 24
202.131.231.0/24 maxlen: 24
202.131.232.0/24 maxlen: 24
202.131.233.0/24 maxlen: 24
202.131.234.0/24 maxlen: 24
202.131.235.0/24 maxlen: 24
202.131.236.0/24 maxlen: 24
202.131.237.0/24 maxlen: 24
202.131.238.0/24 maxlen: 24
202.131.239.0/24 maxlen: 24
202.131.240.0/24 maxlen: 24
202.131.241.0/24 maxlen: 24
202.131.242.0/24 maxlen: 24
202.131.243.0/24 maxlen: 24
202.131.244.0/24 maxlen: 24
202.131.245.0/24 maxlen: 24
202.131.246.0/24 maxlen: 24
202.131.247.0/24 maxlen: 24
202.131.248.0/24 maxlen: 24
202.131.249.0/24 maxlen: 24
202.131.250.0/24 maxlen: 24
202.131.251.0/24 maxlen: 24
202.131.252.0/24 maxlen: 24
202.131.253.0/24 maxlen: 24
202.131.254.0/24 maxlen: 24
202.131.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.crl
rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 21 May 2024 16:55:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6395 (0x18fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D462A/serialNumber=CF712CB389EE84DA19CA981DE630F509FF44CD45
Validity
Not Before: Oct 16 17:04:09 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=652d6d09-62a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c5:a9:62:64:71:9c:a8:93:41:53:52:8b:f6:
7a:c9:d2:25:6f:03:ea:84:9f:40:5b:fc:8b:85:2f:
39:4e:19:a2:52:01:68:22:62:e0:37:ed:32:26:d7:
79:f3:d6:7b:f0:fc:b8:04:4d:6f:15:db:53:20:4f:
7f:8a:c1:d8:e0:2d:12:78:23:45:58:a9:ba:e5:57:
ba:27:c8:6f:c1:ca:87:75:f8:b0:e7:a0:24:e2:56:
87:63:91:24:f2:b7:00:6a:24:94:69:91:53:4b:74:
f2:17:f5:f6:3d:38:7b:0b:d0:20:09:d4:d4:e7:a9:
46:7a:2d:bc:b5:d1:ad:96:20:49:8f:b5:b3:69:18:
63:2c:03:ec:b7:bc:d0:f6:85:0b:86:3d:8d:b8:5a:
f3:c6:89:97:69:70:b2:37:16:80:37:7a:30:5c:83:
e2:9a:b5:6f:0f:d5:b2:cf:ec:a9:29:e6:51:33:46:
22:ca:e0:e8:b6:2a:c4:e4:02:34:15:2d:ed:7f:19:
37:8c:6f:e8:6b:c8:5f:ce:19:42:aa:0b:1f:68:ec:
be:c2:c3:30:31:75:45:af:36:ad:a1:af:8f:e8:f3:
97:f6:a9:68:e0:0a:64:d1:b3:6a:58:93:63:d8:5b:
72:66:ad:b4:dd:73:e2:fd:94:1f:8c:a4:55:e7:ed:
e1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:97:0D:BE:86:1F:DD:3B:A5:99:AC:02:15:B1:4C:98:18:7F:F9:CC
X509v3 Authority Key Identifier:
keyid:CF:71:2C:B3:89:EE:84:DA:19:CA:98:1D:E6:30:F5:09:FF:44:CD:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/FED0B33ED4C111EC9367BF31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.32.0/22
202.21.96.0/19
202.126.92.0/22
202.131.224.0/19
Signature Algorithm: sha256WithRSAEncryption
b0:11:64:a3:11:f5:3d:e6:ea:c0:57:8d:7e:1d:2c:30:24:a3:
3c:aa:8c:f5:87:ad:83:1a:84:22:2e:44:23:48:0c:3d:d8:39:
55:bc:be:6e:27:e7:9b:8a:02:8a:4c:ae:6e:a0:96:78:d3:31:
c8:04:12:67:61:a9:9a:31:bd:12:7c:19:3d:9e:f1:87:de:e6:
d6:05:b7:f9:ff:27:08:a5:83:60:73:da:51:51:5e:b2:18:0c:
2f:85:63:4b:7a:95:5d:db:ee:8b:20:b1:00:6b:f4:c5:51:6a:
aa:22:e9:10:38:80:82:89:99:f3:65:aa:b0:82:35:ef:2e:d6:
d7:33:37:df:3f:9c:07:b5:3c:fe:35:97:d4:82:48:22:b3:20:
ac:c8:61:89:3c:76:74:73:73:be:b6:04:c9:a1:22:7d:4b:07:
59:25:dd:6b:5e:dd:2b:c8:49:af:1c:04:d3:4f:14:0c:0a:67:
e0:84:d4:14:fa:e0:a9:15:50:51:c9:e2:0c:5f:54:3d:83:4e:
1a:29:45:e7:72:ef:8d:81:96:3e:a7:f6:4d:7c:b1:c5:ee:ac:
ef:7f:1e:c4:ba:f2:17:80:ce:8c:90:35:82:f8:78:82:f1:cf:
f4:38:8f:6f:3c:95:0a:2c:ea:f2:74:09:0d:52:95:1d:e6:9a:
0a:18:64:27
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGPswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQ2MkExMTAvBgNVBAUTKENGNzEyQ0IzODlFRTg0REExOUNBOTgxREU2MzBGNTA5
RkY0NENENDUwHhcNMjMxMDE2MTcwNDA5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTJkNmQwOS02MmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6MWpYmRxnKiTQVNSi/Z6ydIlbwPqhJ9AW/yLhS85ThmiUgFoImLgN+0yJtd5
89Z78Py4BE1vFdtTIE9/isHY4C0SeCNFWKm65Ve6J8hvwcqHdfiw56Ak4laHY5Ek
8rcAaiSUaZFTS3TyF/X2PTh7C9AgCdTU56lGei28tdGtliBJj7WzaRhjLAPst7zQ
9oULhj2NuFrzxomXaXCyNxaAN3owXIPimrVvD9Wyz+ypKeZRM0YiyuDotirE5AI0
FS3tfxk3jG/oa8hfzhlCqgsfaOy+wsMwMXVFrzatoa+P6POX9qlo4Apk0bNqWJNj
2FtyZq203XPi/ZQfjKRV5+3hUwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFDKXDb6G
H907pZmsAhWxTJgYf/nMMB8GA1UdIwQYMBaAFM9xLLOJ7oTaGcqYHeYw9Qn/RM1F
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDYyQS80Q0JEM0Y4NDUw
RDUxMUU3OTMxM0FFMTJDNEY5QUUwMi96M0VzczRudWhOb1p5cGdkNWpEMUNmOUV6
VVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ozRXNzNG51aE5vWnlwZ2Q1akQxQ2Y5RXpVVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQ2MkEvNENCRDNGODQ1MEQ1MTFFNzkzMTNBRTEyQzRGOUFFMDIvRkVEMEIzM0VE
NEMxMTFFQzkzNjdCRjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAItdSADBAXKFWADBALKflwDBAXKg+AwDQYJKoZIhvcNAQEL
BQADggEBALARZKMR9T3m6sBXjX4dLDAkozyqjPWHrYMahCIuRCNIDD3YOVW8vm4n
55uKAopMrm6glnjTMcgEEmdhqZoxvRJ8GT2e8Yfe5tYFt/n/Jwilg2Bz2lFRXrIY
DC+FY0t6lV3b7osgsQBr9MVRaqoi6RA4gIKJmfNlqrCCNe8u1tczN98/nAe1PP41
l9SCSCKzIKzIYYk8dnRzc762BMmhIn1LB1kl3Wte3SvISa8cBNNPFAwKZ+CE1BT6
4KkVUFHJ4gxfVD2DThopRedy742Blj6n9k18scXurO9/HsS68heAzoyQNYL4eILx
z/Q4j288lQos6vJ0CQ1SlR3mmgoYZCc=
-----END CERTIFICATE-----
Generated at Tue May 14 19:55:22 2024 by rpki-client on console-fra.rpki-client.org