Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D58F6/56BE0C7CA6B211E9AACFB45BC4F9AE02/C0743AE8A6B611E9AB731B69C4F9AE02.roa
File: C0743AE8A6B611E9AB731B69C4F9AE02.roa (raw, json)
Hash identifier: Wqabe9w2Uqip6TelVZ+NxYToXtXUdZ2r3Jhmi1abvwc=
Subject key identifier: 65:39:CD:21:8E:84:1E:9B:C4:45:9E:52:FB:29:20:F6:E6:11:DB:ED
Certificate issuer: /CN=A91D58F6/serialNumber=65D9190FFC869C94F582190FAAD40F0514A5BA4E
Certificate serial: 0D82
Authority key identifier: 65:D9:19:0F:FC:86:9C:94:F5:82:19:0F:AA:D4:0F:05:14:A5:BA:4E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZdkZD_yGnJT1ghkPqtQPBRSluk4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D58F6/56BE0C7CA6B211E9AACFB45BC4F9AE02/C0743AE8A6B611E9AB731B69C4F9AE02.roa
Signing time: Tue 18 Jun 2024 19:02:04 +0000
ROA not before: Tue 18 Jun 2024 19:02:04 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 23881
IP address blocks: 45.121.196.0/24 maxlen: 24
45.121.197.0/24 maxlen: 24
45.121.198.0/24 maxlen: 24
45.121.199.0/24 maxlen: 24
103.15.196.0/24 maxlen: 24
103.15.197.0/24 maxlen: 24
103.15.198.0/24 maxlen: 24
103.15.199.0/24 maxlen: 24
103.19.24.0/24 maxlen: 24
103.19.25.0/24 maxlen: 24
103.19.26.0/24 maxlen: 24
103.19.27.0/24 maxlen: 24
203.135.128.0/24 maxlen: 24
203.135.129.0/24 maxlen: 24
203.135.130.0/24 maxlen: 24
203.135.131.0/24 maxlen: 24
203.135.132.0/24 maxlen: 24
203.135.133.0/24 maxlen: 24
203.135.134.0/24 maxlen: 24
203.135.135.0/24 maxlen: 24
203.135.136.0/24 maxlen: 24
203.135.137.0/24 maxlen: 24
203.135.138.0/24 maxlen: 24
203.135.139.0/24 maxlen: 24
203.135.140.0/24 maxlen: 24
203.135.141.0/24 maxlen: 24
203.135.142.0/24 maxlen: 24
203.135.143.0/24 maxlen: 24
203.135.144.0/24 maxlen: 24
203.135.145.0/24 maxlen: 24
203.135.146.0/24 maxlen: 24
203.135.147.0/24 maxlen: 24
203.135.148.0/24 maxlen: 24
203.135.149.0/24 maxlen: 24
203.135.150.0/24 maxlen: 24
203.135.151.0/24 maxlen: 24
203.135.152.0/24 maxlen: 24
203.135.153.0/24 maxlen: 24
203.135.154.0/24 maxlen: 24
203.135.155.0/24 maxlen: 24
203.135.156.0/24 maxlen: 24
203.135.157.0/24 maxlen: 24
203.135.158.0/24 maxlen: 24
203.135.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D58F6/56BE0C7CA6B211E9AACFB45BC4F9AE02/ZdkZD_yGnJT1ghkPqtQPBRSluk4.crl
rsync://rpki.apnic.net/member_repository/A91D58F6/56BE0C7CA6B211E9AACFB45BC4F9AE02/ZdkZD_yGnJT1ghkPqtQPBRSluk4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZdkZD_yGnJT1ghkPqtQPBRSluk4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 17:49:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3458 (0xd82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D58F6/serialNumber=65D9190FFC869C94F582190FAAD40F0514A5BA4E
Validity
Not Before: Jun 18 19:02:04 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6671d9ac-4566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a5:87:04:c8:c1:14:e8:b8:18:f3:cc:9e:58:
ca:e8:98:cf:03:b6:97:f5:40:80:2f:e5:f6:4e:23:
fd:ac:bd:18:cc:bd:36:d3:f3:03:ba:db:19:ac:c8:
f6:f5:5f:a2:bc:b8:90:9a:8c:eb:fd:9a:aa:4c:d2:
93:b9:34:c3:29:4c:f9:72:dd:17:cf:33:d0:98:cf:
8b:3d:8e:89:cc:f1:dc:3d:3d:3f:be:c0:f5:2e:ab:
16:be:fa:11:29:0d:f1:88:53:15:d2:8d:f4:a0:5f:
ee:81:89:63:72:02:ef:be:e1:08:7e:db:46:f2:d8:
70:2b:db:ef:08:15:c8:36:f6:3d:9a:b6:f9:4c:08:
80:84:f9:e7:c3:cb:c7:1a:80:d5:6a:cc:27:ce:37:
03:af:75:e6:9c:c2:fc:d5:39:13:e2:f4:92:e7:2a:
b3:78:0f:6a:e8:40:c7:93:ce:b7:63:0d:d8:24:aa:
8b:8b:91:e5:b5:a4:ae:11:4d:1d:b4:84:e8:9d:5c:
a8:f4:d0:9e:d7:4c:02:8c:c5:8c:7f:1e:d0:31:47:
14:3f:c2:f8:80:4a:1b:4f:9b:4f:35:f1:04:34:d8:
11:36:18:c4:5d:b9:97:00:12:c9:bb:8c:92:a5:2e:
d4:8f:05:4b:09:52:10:00:e4:30:83:1d:b1:aa:c7:
a9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:39:CD:21:8E:84:1E:9B:C4:45:9E:52:FB:29:20:F6:E6:11:DB:ED
X509v3 Authority Key Identifier:
keyid:65:D9:19:0F:FC:86:9C:94:F5:82:19:0F:AA:D4:0F:05:14:A5:BA:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D58F6/56BE0C7CA6B211E9AACFB45BC4F9AE02/ZdkZD_yGnJT1ghkPqtQPBRSluk4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZdkZD_yGnJT1ghkPqtQPBRSluk4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D58F6/56BE0C7CA6B211E9AACFB45BC4F9AE02/C0743AE8A6B611E9AB731B69C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.121.196.0/22
103.15.196.0/22
103.19.24.0/22
203.135.128.0/19
Signature Algorithm: sha256WithRSAEncryption
44:7a:5e:d2:27:cf:75:5b:6a:72:19:6c:cc:ac:13:b3:b6:cf:
60:82:f0:97:3f:7b:a1:ed:6e:9b:57:67:3c:54:13:53:30:0b:
23:fe:12:6c:d6:cb:5d:2a:cd:37:e9:07:df:ce:75:8c:4c:18:
a7:82:1d:1c:2e:94:8a:bd:2e:c9:ac:4e:f9:14:67:b7:0c:08:
6f:aa:d6:1c:b9:17:ea:41:97:75:5f:ba:5e:07:ff:ba:ff:94:
cf:6d:91:c1:dd:32:6d:e3:fb:34:d1:3b:a3:ac:32:d0:ab:f6:
aa:7f:d1:f1:2e:67:92:43:b6:20:07:2c:55:89:ea:68:bc:44:
1a:35:77:f8:71:24:e5:04:4d:b1:06:2f:e0:14:41:1c:df:12:
15:af:35:25:25:5c:18:61:33:7f:0b:10:54:06:0a:30:3b:fe:
41:03:98:da:ca:5d:8b:a8:2d:57:a8:f7:90:8d:8c:2c:d7:f9:
df:67:c7:48:f3:d4:02:80:27:86:f3:0d:21:4f:2c:94:4c:c7:
2c:c3:a1:c6:68:0b:64:de:3a:ae:aa:63:89:77:e1:ed:4b:36:
6b:30:39:79:f4:05:25:8e:9a:9c:58:e0:2d:e3:5c:a8:9d:06:
63:33:af:ae:a0:ca:c9:60:36:ab:05:44:12:30:bc:da:ad:cf:
4a:08:74:6d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICDYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDU4RjYxMTAvBgNVBAUTKDY1RDkxOTBGRkM4NjlDOTRGNTgyMTkwRkFBRDQwRjA1
MTRBNUJBNEUwHhcNMjQwNjE4MTkwMjA0WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjcxZDlhYy00NTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4aWHBMjBFOi4GPPMnljK6JjPA7aX9UCAL+X2TiP9rL0YzL020/MDutsZrMj2
9V+ivLiQmozr/ZqqTNKTuTTDKUz5ct0XzzPQmM+LPY6JzPHcPT0/vsD1LqsWvvoR
KQ3xiFMV0o30oF/ugYljcgLvvuEIfttG8thwK9vvCBXINvY9mrb5TAiAhPnnw8vH
GoDVaswnzjcDr3XmnML81TkT4vSS5yqzeA9q6EDHk863Yw3YJKqLi5HltaSuEU0d
tITonVyo9NCe10wCjMWMfx7QMUcUP8L4gEobT5tPNfEENNgRNhjEXbmXABLJu4yS
pS7UjwVLCVIQAOQwgx2xqsepgwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFGU5zSGO
hB6bxEWeUvspIPbmEdvtMB8GA1UdIwQYMBaAFGXZGQ/8hpyU9YIZD6rUDwUUpbpO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENThGNi81NkJFMEM3Q0E2
QjIxMUU5QUFDRkI0NUJDNEY5QUUwMi9aZGtaRF95R25KVDFnaGtQcXRRUEJSU2x1
azQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pka1pEX3lHbkpUMWdoa1BxdFFQQlJTbHVrNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDU4RjYvNTZCRTBDN0NBNkIyMTFFOUFBQ0ZCNDVCQzRGOUFFMDIvQzA3NDNBRThB
NkI2MTFFOUFCNzMxQjY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAItecQDBAJnD8QDBAJnExgDBAXLh4AwDQYJKoZIhvcNAQEL
BQADggEBAER6XtInz3VbanIZbMysE7O2z2CC8Jc/e6HtbptXZzxUE1MwCyP+EmzW
y10qzTfpB9/OdYxMGKeCHRwulIq9LsmsTvkUZ7cMCG+q1hy5F+pBl3Vful4H/7r/
lM9tkcHdMm3j+zTRO6OsMtCr9qp/0fEuZ5JDtiAHLFWJ6mi8RBo1d/hxJOUETbEG
L+AUQRzfEhWvNSUlXBhhM38LEFQGCjA7/kEDmNrKXYuoLVeo95CNjCzX+d9nx0jz
1AKAJ4bzDSFPLJRMxyzDocZoC2TeOq6qY4l34e1LNmswOXn0BSWOmpxY4C3jXKid
BmMzr66gyslgNqsFRBIwvNqtz0oIdG0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:45:03 2024 by rpki-client on console-fra.rpki-client.org