Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/B070EBECD2E911ED85F0F25BC4F9AE02.roa
File: B070EBECD2E911ED85F0F25BC4F9AE02.roa (raw, json)
Hash identifier: tCujeqJiZMiIaSSXS9NqnaebxFrza2rBPRcI+Qpx4Ws=
Subject key identifier: 39:71:C3:F0:8A:62:7D:6A:9D:2F:34:EC:F8:28:00:63:51:DB:F3:84
Certificate issuer: /CN=A91E28E2/serialNumber=B481987331E1ED408B51CB9FD8EF4A650AC8669A
Certificate serial: 52
Authority key identifier: B4:81:98:73:31:E1:ED:40:8B:51:CB:9F:D8:EF:4A:65:0A:C8:66:9A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/B070EBECD2E911ED85F0F25BC4F9AE02.roa
Signing time: Wed 30 Aug 2023 04:12:04 +0000
ROA not before: Wed 30 Aug 2023 04:12:04 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 45352
IP address blocks: 45.117.120.0/24 maxlen: 24
45.117.121.0/24 maxlen: 24
45.117.122.0/24 maxlen: 24
103.57.188.0/24 maxlen: 24
103.57.189.0/24 maxlen: 24
103.57.190.0/23 maxlen: 24
2403:1cc0::/48 maxlen: 48
2403:1cc0:1000::/48 maxlen: 48
2403:1cc0:1001::/48 maxlen: 48
2403:1cc0:1002::/48 maxlen: 48
2403:1cc0:1003::/48 maxlen: 48
2403:1cc0:1101::/48 maxlen: 48
2403:1cc0:1102::/48 maxlen: 48
2403:1cc0:1128::/48 maxlen: 48
2403:1cc0:1201::/48 maxlen: 48
2403:1cc0:1301::/48 maxlen: 48
2403:1cc0:2000::/48 maxlen: 48
2403:1cc0:2201::/48 maxlen: 48
2403:1cc0:3201::/48 maxlen: 48
2403:1cc0:3202::/48 maxlen: 48
2403:1cc0:5201::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.crl
rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 May 2024 05:34:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82 (0x52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E28E2/serialNumber=B481987331E1ED408B51CB9FD8EF4A650AC8669A
Validity
Not Before: Aug 30 04:12:04 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64eec194-45d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:7e:75:5f:92:ae:c0:25:88:ab:cc:01:b9:7e:
0d:08:00:98:52:48:f8:c9:2f:b9:c5:57:33:1c:c9:
9b:fa:0f:55:18:a1:10:02:78:b9:a1:79:b7:0e:eb:
14:e3:f3:b1:d6:64:fd:81:5a:78:dc:37:ac:b9:09:
2f:7b:60:14:c7:85:c0:e5:e4:ae:08:e0:6e:3c:08:
3f:65:c9:9c:ed:79:3c:5c:5e:48:82:2a:a6:2f:68:
3f:58:28:a0:69:86:dc:e7:89:5e:99:a1:a1:c2:75:
fb:61:57:3c:c3:76:83:12:c3:f8:5e:bc:65:2f:73:
12:c5:71:a4:45:00:4d:82:1a:11:6e:97:71:36:57:
89:7d:cf:98:89:eb:0a:53:47:d7:b1:3c:76:eb:fe:
62:b1:6e:73:c2:38:92:cc:90:bd:28:a7:73:ee:91:
99:67:0d:6a:da:f9:20:f9:f7:37:47:f4:cb:38:34:
fd:fe:81:34:77:83:90:7a:d9:18:01:b6:c5:ef:5b:
2e:56:14:e9:f0:6c:a2:bd:09:73:a2:cd:41:b8:73:
8f:6c:fc:ba:12:a2:a2:18:e0:15:c6:da:6e:36:e3:
e6:97:86:5e:15:a5:c3:63:54:85:52:1b:0f:d9:95:
72:dc:fb:d2:05:e0:49:0f:28:26:5e:89:55:4c:1f:
de:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:71:C3:F0:8A:62:7D:6A:9D:2F:34:EC:F8:28:00:63:51:DB:F3:84
X509v3 Authority Key Identifier:
keyid:B4:81:98:73:31:E1:ED:40:8B:51:CB:9F:D8:EF:4A:65:0A:C8:66:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/tIGYczHh7UCLUcuf2O9KZQrIZpo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tIGYczHh7UCLUcuf2O9KZQrIZpo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E28E2/952FA632D2E611ED9A52D55AC4F9AE02/B070EBECD2E911ED85F0F25BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.120.0-45.117.122.255
103.57.188.0/22
IPv6:
2403:1cc0::/48
2403:1cc0:1000::/46
2403:1cc0:1101::-2403:1cc0:1102:ffff:ffff:ffff:ffff:ffff
2403:1cc0:1128::/48
2403:1cc0:1201::/48
2403:1cc0:1301::/48
2403:1cc0:2000::/48
2403:1cc0:2201::/48
2403:1cc0:3201::-2403:1cc0:3202:ffff:ffff:ffff:ffff:ffff
2403:1cc0:5201::/48
Signature Algorithm: sha256WithRSAEncryption
2f:04:25:ac:ca:aa:ab:0e:d4:92:b8:d5:23:74:1c:aa:58:4f:
7f:64:10:37:fc:be:e4:02:d4:2a:bb:5f:0b:5b:49:3c:3f:a9:
7e:e2:26:6a:e1:99:0c:4b:04:d2:10:ca:29:fe:fb:e8:96:6d:
e1:17:44:23:77:03:df:58:06:1a:e1:7e:14:49:7c:ab:62:b7:
a8:c3:22:7d:87:76:98:df:eb:5f:e7:7b:ae:4b:f7:2b:c8:f1:
0b:8a:ea:72:65:d6:ad:18:1e:9b:47:18:2d:05:b6:5c:9d:d6:
4d:8a:03:8f:15:76:47:90:1a:ab:c3:fc:18:42:0a:50:79:0a:
2b:e2:7d:46:d5:de:87:93:4d:32:b8:74:fb:2e:63:2f:b1:77:
8d:1c:45:72:ad:d3:04:09:46:a1:1e:07:70:fb:6e:a1:28:7a:
5e:b4:2c:ff:b2:c5:c6:4d:db:09:2f:30:d2:41:43:13:04:02:
bf:a3:87:d6:5c:d8:41:e2:9d:13:b1:9c:da:93:76:95:a8:b7:
8e:37:39:3b:b5:d8:f6:18:e9:e8:20:f6:a5:e5:66:a6:d4:ed:
03:61:c4:a7:6f:10:ee:09:71:e8:49:74:3b:ad:ca:5a:38:f7:
25:a4:d0:23:67:be:36:98:0c:ab:a3:c1:95:75:df:53:d2:d9:
ac:49:be:98
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIBUjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MjhFMjExMC8GA1UEBRMoQjQ4MTk4NzMzMUUxRUQ0MDhCNTFDQjlGRDhFRjRBNjUw
QUM4NjY5QTAeFw0yMzA4MzAwNDEyMDRaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ZWVjMTk0LTQ1ZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDffnVfkq7AJYirzAG5fg0IAJhSSPjJL7nFVzMcyZv6D1UYoRACeLmhebcO6xTj
87HWZP2BWnjcN6y5CS97YBTHhcDl5K4I4G48CD9lyZzteTxcXkiCKqYvaD9YKKBp
htzniV6ZoaHCdfthVzzDdoMSw/hevGUvcxLFcaRFAE2CGhFul3E2V4l9z5iJ6wpT
R9exPHbr/mKxbnPCOJLMkL0op3PukZlnDWra+SD59zdH9Ms4NP3+gTR3g5B62RgB
tsXvWy5WFOnwbKK9CXOizUG4c49s/LoSoqIY4BXG2m424+aXhl4VpcNjVIVSGw/Z
lXLc+9IF4EkPKCZeiVVMH95NAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUOXHD8Ipi
fWqdLzTs+CgAY1Hb84QwHwYDVR0jBBgwFoAUtIGYczHh7UCLUcuf2O9KZQrIZpow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUyOEUyLzk1MkZBNjMyRDJF
NjExRUQ5QTUyRDU1QUM0RjlBRTAyL3RJR1ljekhoN1VDTFVjdWYyTzlLWlFySVpw
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdElHWWN6SGg3VUNMVWN1ZjJPOUtaUXJJWnBvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MjhFMi85NTJGQTYzMkQyRTYxMUVEOUE1MkQ1NUFDNEY5QUUwMi9CMDcwRUJFQ0Qy
RTkxMUVEODVGMEYyNUJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDCBpwYIKwYBBQUHAQcBAf8E
gZcwgZQwGgQCAAEwFDAMAwQDLXV4AwQALXV6AwQCZzm8MHYEAgACMHADBwAkAxzA
AAADBwIkAxzAEAAwEgMHACQDHMARAQMHACQDHMARAgMHACQDHMARKAMHACQDHMAS
AQMHACQDHMATAQMHACQDHMAgAAMHACQDHMAiATASAwcAJAMcwDIBAwcAJAMcwDIC
AwcAJAMcwFIBMA0GCSqGSIb3DQEBCwUAA4IBAQAvBCWsyqqrDtSSuNUjdByqWE9/
ZBA3/L7kAtQqu18LW0k8P6l+4iZq4ZkMSwTSEMop/vvolm3hF0QjdwPfWAYa4X4U
SXyrYreowyJ9h3aY3+tf53uuS/cryPELiupyZdatGB6bRxgtBbZcndZNigOPFXZH
kBqrw/wYQgpQeQor4n1G1d6Hk00yuHT7LmMvsXeNHEVyrdMECUahHgdw+26hKHpe
tCz/ssXGTdsJLzDSQUMTBAK/o4fWXNhB4p0TsZzak3aVqLeONzk7tdj2GOnoIPal
5Wam1O0DYcSnbxDuCXHoSXQ7rcpaOPclpNAjZ742mAyro8GVdd9T0tmsSb6Y
-----END CERTIFICATE-----
Generated at Fri May 17 06:46:29 2024 by rpki-client on console-ams.rpki-client.org