Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/CBCD905AA6E811EFB43BBB4EC4F9AE02.roa
File: CBCD905AA6E811EFB43BBB4EC4F9AE02.roa (raw, json)
Hash identifier: 5xyOynEgqDMhag5EGZQN5c/BseZmGpYeCMWkUJIxh/0=
Subject key identifier: D1:94:59:62:5A:DE:82:DD:B5:FC:FF:CB:EA:ED:A4:79:6B:4A:04:EB
Certificate issuer: /CN=A91D9785/serialNumber=7EDEFAD656FD88326F6DFAE2487010580402A35F
Certificate serial: 19AA
Authority key identifier: 7E:DE:FA:D6:56:FD:88:32:6F:6D:FA:E2:48:70:10:58:04:02:A3:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ft761lb9iDJvbfriSHAQWAQCo18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/CBCD905AA6E811EFB43BBB4EC4F9AE02.roa
Signing time: Wed 20 Nov 2024 02:40:25 +0000
ROA not before: Wed 20 Nov 2024 02:40:25 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 17726
IP address blocks: 45.127.152.0/22 maxlen: 22
45.127.152.0/24 maxlen: 24
45.127.153.0/24 maxlen: 24
45.127.154.0/24 maxlen: 24
45.127.155.0/24 maxlen: 24
103.6.8.0/22 maxlen: 22
103.6.8.0/24 maxlen: 24
103.6.9.0/24 maxlen: 24
103.6.10.0/24 maxlen: 24
103.6.11.0/24 maxlen: 24
103.101.156.0/22 maxlen: 22
103.101.156.0/24 maxlen: 24
103.101.157.0/24 maxlen: 24
103.101.158.0/24 maxlen: 24
103.101.159.0/24 maxlen: 24
103.248.40.0/22 maxlen: 22
103.248.40.0/24 maxlen: 24
103.248.41.0/24 maxlen: 24
103.248.42.0/24 maxlen: 24
103.248.43.0/24 maxlen: 24
202.150.8.0/24 maxlen: 24
202.150.9.0/24 maxlen: 24
202.150.10.0/24 maxlen: 24
202.150.11.0/24 maxlen: 24
203.223.32.0/20 maxlen: 20
203.223.32.0/24 maxlen: 24
203.223.33.0/24 maxlen: 24
203.223.34.0/24 maxlen: 24
203.223.35.0/24 maxlen: 24
203.223.36.0/24 maxlen: 24
203.223.37.0/24 maxlen: 24
203.223.38.0/24 maxlen: 24
203.223.39.0/24 maxlen: 24
203.223.40.0/24 maxlen: 24
203.223.41.0/24 maxlen: 24
203.223.42.0/24 maxlen: 24
203.223.43.0/24 maxlen: 24
203.223.44.0/24 maxlen: 24
203.223.45.0/24 maxlen: 24
203.223.46.0/24 maxlen: 24
203.223.47.0/24 maxlen: 24
2401:a700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/ft761lb9iDJvbfriSHAQWAQCo18.crl
rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/ft761lb9iDJvbfriSHAQWAQCo18.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ft761lb9iDJvbfriSHAQWAQCo18.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 16:24:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6570 (0x19aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D9785/serialNumber=7EDEFAD656FD88326F6DFAE2487010580402A35F
Validity
Not Before: Nov 20 02:40:25 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=673d4c19-c5a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:97:50:71:e6:6f:98:d5:80:01:ae:67:7d:6e:
af:87:ea:33:8a:f6:21:20:2c:83:69:c6:16:70:b1:
a3:f2:de:c3:74:c4:16:dc:33:af:61:39:20:01:81:
19:22:7f:d6:89:f1:b7:47:cf:4e:5c:e5:e3:94:42:
c6:d6:be:9b:6c:8c:5e:12:b6:0f:d2:ca:5c:74:e4:
f4:1e:ed:5c:96:3f:70:24:59:e0:06:3b:79:03:05:
d4:13:47:43:d2:12:e3:e4:2c:42:8a:3f:80:01:1e:
08:02:a5:e1:60:ab:36:c9:5a:6b:f2:a9:1c:9c:56:
d2:0b:a2:94:2b:3c:e6:ee:13:bb:23:47:e1:e9:6f:
24:dd:4b:b3:74:f4:7e:c3:23:8c:8e:e9:ed:c9:94:
c5:b6:c6:c6:72:06:0d:27:75:6f:7b:3a:d1:be:b4:
11:dd:79:7f:42:ab:b7:11:68:da:cc:24:03:bc:11:
47:d8:21:1c:69:6f:bd:70:37:2a:2c:da:e5:ad:83:
21:c5:26:85:a7:3d:06:c5:dc:1c:97:0a:e9:30:25:
94:b1:cf:52:e2:01:22:17:40:95:4e:16:f1:9c:33:
a9:94:3f:3b:e8:61:37:a3:39:3a:ca:5a:10:a5:5e:
cb:39:d9:56:71:76:7a:e8:3e:d6:b1:0f:26:84:e7:
ea:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:94:59:62:5A:DE:82:DD:B5:FC:FF:CB:EA:ED:A4:79:6B:4A:04:EB
X509v3 Authority Key Identifier:
keyid:7E:DE:FA:D6:56:FD:88:32:6F:6D:FA:E2:48:70:10:58:04:02:A3:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/ft761lb9iDJvbfriSHAQWAQCo18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ft761lb9iDJvbfriSHAQWAQCo18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9785/47DF9CEC56EC11E7BAD48D3BC4F9AE02/CBCD905AA6E811EFB43BBB4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.127.152.0/22
103.6.8.0/22
103.101.156.0/22
103.248.40.0/22
202.150.8.0/22
203.223.32.0/20
IPv6:
2401:a700::/32
Signature Algorithm: sha256WithRSAEncryption
c0:38:ee:34:f5:85:ef:a5:8f:b2:9d:15:e3:3e:66:33:35:26:
1f:c4:91:48:16:ed:aa:45:89:aa:c2:37:1b:71:d3:07:34:01:
37:c3:b5:24:91:39:e6:ec:3c:99:2b:45:cf:82:7f:05:0a:11:
f4:c9:6f:a4:e1:9d:f2:ad:79:aa:9e:63:52:05:b0:63:d6:e3:
65:72:5f:03:0f:f4:31:7b:4e:07:d0:3c:08:b9:25:b4:21:87:
36:99:dc:3f:e1:45:a5:7e:3e:7a:ab:bb:5b:43:9a:4e:d8:4c:
34:70:d3:8e:b5:6c:94:cf:ab:55:62:b4:83:7d:90:d6:22:ff:
db:f0:ca:32:1a:fa:a4:8b:a2:65:72:8c:93:2c:14:f6:9d:9b:
29:ae:b6:74:ad:e5:b3:15:57:4d:9d:89:bc:8b:6d:61:d8:b5:
61:18:1b:95:6f:47:f9:07:b9:48:40:60:82:95:b1:c9:d5:a3:
31:27:a3:34:05:88:db:1c:fa:31:2c:01:df:ad:ce:06:a5:39:
46:41:46:55:93:b7:88:ce:fa:46:c6:fa:4d:31:2b:84:05:be:
84:d8:1f:79:b3:7e:9c:81:af:19:2c:85:51:52:29:9f:cd:df:
e6:67:e0:df:ba:84:1c:17:5e:8f:be:49:7a:ff:cd:9c:32:1f:
09:24:5b:ba
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICGaowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDk3ODUxMTAvBgNVBAUTKDdFREVGQUQ2NTZGRDg4MzI2RjZERkFFMjQ4NzAxMDU4
MDQwMkEzNUYwHhcNMjQxMTIwMDI0MDI1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNkNGMxOS1jNWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvJdQceZvmNWAAa5nfW6vh+ozivYhICyDacYWcLGj8t7DdMQW3DOvYTkgAYEZ
In/WifG3R89OXOXjlELG1r6bbIxeErYP0spcdOT0Hu1clj9wJFngBjt5AwXUE0dD
0hLj5CxCij+AAR4IAqXhYKs2yVpr8qkcnFbSC6KUKzzm7hO7I0fh6W8k3UuzdPR+
wyOMjuntyZTFtsbGcgYNJ3VvezrRvrQR3Xl/Qqu3EWjazCQDvBFH2CEcaW+9cDcq
LNrlrYMhxSaFpz0GxdwclwrpMCWUsc9S4gEiF0CVThbxnDOplD876GE3ozk6yloQ
pV7LOdlWcXZ66D7WsQ8mhOfqzQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFNGUWWJa
3oLdtfz/y+rtpHlrSgTrMB8GA1UdIwQYMBaAFH7e+tZW/Ygyb2364khwEFgEAqNf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTc4NS80N0RGOUNFQzU2
RUMxMUU3QkFENDhEM0JDNEY5QUUwMi9mdDc2MWxiOWlESnZiZnJpU0hBUVdBUUNv
MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Z0NzYxbGI5aURKdmJmcmlTSEFRV0FRQ28xOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDk3ODUvNDdERjlDRUM1NkVDMTFFN0JBRDQ4RDNCQzRGOUFFMDIvQ0JDRDkwNUFB
NkU4MTFFRkI0M0JCQjRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAItf5gDBAJnBggDBAJnZZwDBAJn+CgDBALKlggDBATL3yAw
DQQCAAIwBwMFACQBpwAwDQYJKoZIhvcNAQELBQADggEBAMA47jT1he+lj7KdFeM+
ZjM1Jh/EkUgW7apFiarCNxtx0wc0ATfDtSSROebsPJkrRc+CfwUKEfTJb6ThnfKt
eaqeY1IFsGPW42VyXwMP9DF7TgfQPAi5JbQhhzaZ3D/hRaV+Pnqru1tDmk7YTDRw
0461bJTPq1VitIN9kNYi/9vwyjIa+qSLomVyjJMsFPadmymutnSt5bMVV02dibyL
bWHYtWEYG5VvR/kHuUhAYIKVscnVozEnozQFiNsc+jEsAd+tzgalOUZBRlWTt4jO
+kbG+k0xK4QFvoTYH3mzfpyBrxkshVFSKZ/N3+Zn4N+6hBwXXo++SXr/zZwyHwkk
W7o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:56:21 2024 by rpki-client on console-fra.rpki-client.org