Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/39574A98960D11ECAAC81D60C4F9AE02.roa
File: 39574A98960D11ECAAC81D60C4F9AE02.roa (raw, json)
Hash identifier: YIJ5sYo3DcOoEoVS1EI3sWkB/OrMpwPc6liB+UnlFhw=
Subject key identifier: B2:A1:FB:5D:32:01:59:9F:1C:24:FA:29:59:75:3F:21:E1:80:D7:DF
Certificate issuer: /CN=A91E504E/serialNumber=A3F272752EC5D9E129E4DFCA080B88D39B794944
Certificate serial: 025B
Authority key identifier: A3:F2:72:75:2E:C5:D9:E1:29:E4:DF:CA:08:0B:88:D3:9B:79:49:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/39574A98960D11ECAAC81D60C4F9AE02.roa
Signing time: Thu 27 Jul 2023 02:05:01 +0000
ROA not before: Thu 27 Jul 2023 02:05:01 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 133199
IP address blocks: 43.240.28.0/22 maxlen: 22
43.240.28.0/24 maxlen: 24
43.240.29.0/24 maxlen: 24
43.240.30.0/24 maxlen: 24
43.240.31.0/24 maxlen: 24
43.242.32.0/22 maxlen: 22
43.242.32.0/24 maxlen: 24
43.242.33.0/24 maxlen: 24
43.242.34.0/24 maxlen: 24
43.242.35.0/24 maxlen: 24
45.119.96.0/24 maxlen: 24
45.119.97.0/24 maxlen: 24
45.119.98.0/24 maxlen: 24
45.119.99.0/24 maxlen: 24
103.59.144.0/24 maxlen: 24
103.59.145.0/24 maxlen: 24
103.59.146.0/24 maxlen: 24
103.59.147.0/24 maxlen: 24
103.249.108.0/24 maxlen: 24
103.249.109.0/24 maxlen: 24
103.249.110.0/24 maxlen: 24
103.249.111.0/24 maxlen: 24
103.254.148.0/24 maxlen: 24
103.254.149.0/24 maxlen: 24
103.254.150.0/24 maxlen: 24
103.254.151.0/24 maxlen: 24
2404:da80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.crl
rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 May 2024 03:15:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 603 (0x25b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E504E/serialNumber=A3F272752EC5D9E129E4DFCA080B88D39B794944
Validity
Not Before: Jul 27 02:05:01 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64c1d0cc-81b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9a:a9:28:e1:8a:71:c5:3b:99:0a:86:87:73:
eb:57:40:ac:f1:65:be:91:01:d2:72:dd:de:fe:db:
6f:89:98:95:f8:04:c4:1f:a2:b5:1b:27:76:59:2a:
36:55:ad:66:7e:73:7a:c4:c6:89:f9:4f:87:9e:0d:
f6:12:7d:ed:5e:1d:e5:8d:20:de:7a:a7:6e:58:9e:
8e:42:2b:5e:0d:b2:34:3e:f6:e5:89:ea:db:52:94:
c4:cc:12:03:6b:c7:56:a3:88:60:c5:f6:5d:cb:f0:
30:66:72:3a:67:1e:76:a6:ac:43:bf:fe:81:19:0e:
5b:8c:8f:aa:7f:7f:71:77:75:ce:f6:f2:10:83:ad:
6b:50:33:e3:33:de:45:5b:c8:fe:f9:45:a8:9e:18:
10:8f:04:ed:96:26:b1:1f:59:84:16:27:51:29:59:
74:66:93:94:f1:f3:8f:0f:fa:6d:e1:49:65:c8:c5:
7c:74:eb:84:98:b3:c9:4b:33:34:81:01:cd:88:38:
a5:36:d9:29:95:8d:b7:b5:ce:d1:c6:d4:91:ab:8d:
ea:66:25:a0:29:5c:ce:7f:93:f0:83:25:4a:8f:1b:
70:93:d0:61:ae:c5:b4:e8:dd:29:f6:41:a1:96:dc:
0a:25:c2:27:e7:8a:37:95:ae:a0:7c:de:a2:33:b5:
de:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:A1:FB:5D:32:01:59:9F:1C:24:FA:29:59:75:3F:21:E1:80:D7:DF
X509v3 Authority Key Identifier:
keyid:A3:F2:72:75:2E:C5:D9:E1:29:E4:DF:CA:08:0B:88:D3:9B:79:49:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/39574A98960D11ECAAC81D60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.28.0/22
43.242.32.0/22
45.119.96.0/22
103.59.144.0/22
103.249.108.0/22
103.254.148.0/22
IPv6:
2404:da80::/32
Signature Algorithm: sha256WithRSAEncryption
a4:58:fc:ea:ae:14:35:a0:33:bd:0e:07:8d:91:31:a5:d5:1b:
4a:46:72:7a:13:84:c8:aa:b5:f1:b7:03:84:1b:a0:a1:49:fb:
ba:ea:02:f9:98:6b:eb:55:84:27:fb:d8:20:15:d2:c9:24:40:
79:6f:f0:c2:0f:7d:5b:b5:ea:f9:2f:e1:96:6e:1c:d7:19:3e:
20:8f:90:74:9a:26:70:d0:30:49:dd:63:5f:69:8d:78:79:85:
05:bb:f2:89:cf:7a:79:a4:00:41:9f:58:0a:f3:74:0e:78:8c:
35:05:eb:79:6e:48:dc:05:d9:27:c5:d4:ab:76:fc:00:2c:48:
2c:8c:69:2c:95:01:93:a2:77:21:5c:cc:2a:fb:74:68:74:b6:
b8:a7:ac:1b:7b:7d:da:1e:2f:37:12:c8:dc:df:74:18:3a:bc:
c5:ef:1d:5b:59:7a:2b:b5:57:6c:4b:7a:87:f3:d5:e8:fc:17:
ef:b8:44:2f:d8:70:f1:83:86:60:a1:44:0e:4c:38:f5:a9:0f:
d6:8d:17:08:21:d6:26:7d:cc:f8:d8:e5:cb:c3:fe:59:66:bb:
71:2d:47:fa:ac:3d:a4:11:d1:b4:40:af:17:a4:f6:10:1d:68:
ff:db:d7:86:ea:aa:0e:c9:d3:0d:92:f3:35:f5:f1:4b:22:74:
56:51:6a:f8
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICAlswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTUwNEUxMTAvBgNVBAUTKEEzRjI3Mjc1MkVDNUQ5RTEyOUU0REZDQTA4MEI4OEQz
OUI3OTQ5NDQwHhcNMjMwNzI3MDIwNTAxWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGMxZDBjYy04MWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw5qpKOGKccU7mQqGh3PrV0Cs8WW+kQHSct3e/ttviZiV+ATEH6K1Gyd2WSo2
Va1mfnN6xMaJ+U+Hng32En3tXh3ljSDeeqduWJ6OQiteDbI0PvblierbUpTEzBID
a8dWo4hgxfZdy/AwZnI6Zx52pqxDv/6BGQ5bjI+qf39xd3XO9vIQg61rUDPjM95F
W8j++UWonhgQjwTtliaxH1mEFidRKVl0ZpOU8fOPD/pt4UllyMV8dOuEmLPJSzM0
gQHNiDilNtkplY23tc7RxtSRq43qZiWgKVzOf5PwgyVKjxtwk9BhrsW06N0p9kGh
ltwKJcIn54o3la6gfN6iM7XeOQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFLKh+10y
AVmfHCT6KVl1PyHhgNffMB8GA1UdIwQYMBaAFKPycnUuxdnhKeTfyggLiNObeUlE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTA0RS81OTA5NDk5MDk2
MDgxMUVDQTA0QTAwODZDNEY5QUUwMi9vX0p5ZFM3RjJlRXA1Tl9LQ0F1STA1dDVT
VVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29fSnlkUzdGMmVFcDVOX0tDQXVJMDV0NVNVUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTUwNEUvNTkwOTQ5OTA5NjA4MTFFQ0EwNEEwMDg2QzRGOUFFMDIvMzk1NzRBOTg5
NjBEMTFFQ0FBQzgxRDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAIr8BwDBAIr8iADBAItd2ADBAJnO5ADBAJn+WwDBAJn/pQw
DQQCAAIwBwMFACQE2oAwDQYJKoZIhvcNAQELBQADggEBAKRY/OquFDWgM70OB42R
MaXVG0pGcnoThMiqtfG3A4QboKFJ+7rqAvmYa+tVhCf72CAV0skkQHlv8MIPfVu1
6vkv4ZZuHNcZPiCPkHSaJnDQMEndY19pjXh5hQW78onPenmkAEGfWArzdA54jDUF
63luSNwF2SfF1Kt2/AAsSCyMaSyVAZOidyFczCr7dGh0trinrBt7fdoeLzcSyNzf
dBg6vMXvHVtZeiu1V2xLeofz1ej8F++4RC/YcPGDhmChRA5MOPWpD9aNFwgh1iZ9
zPjY5cvD/llmu3EtR/qsPaQR0bRArxek9hAdaP/b14bqqg7J0w2S8zX18UsidFZR
avg=
-----END CERTIFICATE-----
Generated at Thu Apr 25 03:53:12 2024 by rpki-client on console-fra.rpki-client.org