Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/39574A98960D11ECAAC81D60C4F9AE02.roa
File: 39574A98960D11ECAAC81D60C4F9AE02.roa (raw, json)
Hash identifier: 2N56kFgApjf7qIYT6IwxnOYom7Jlq6/P84ID+wKdJxY=
Subject key identifier: CE:25:28:6C:19:C1:8F:5A:96:87:1C:B4:76:0D:70:95:6F:5C:96:41
Certificate issuer: /CN=A91E504E/serialNumber=A3F272752EC5D9E129E4DFCA080B88D39B794944
Certificate serial: 031A
Authority key identifier: A3:F2:72:75:2E:C5:D9:E1:29:E4:DF:CA:08:0B:88:D3:9B:79:49:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/39574A98960D11ECAAC81D60C4F9AE02.roa
Signing time: Fri 19 Jul 2024 02:24:14 +0000
ROA not before: Fri 19 Jul 2024 02:24:14 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 133199
IP address blocks: 43.240.28.0/22 maxlen: 22
43.240.28.0/24 maxlen: 24
43.240.29.0/24 maxlen: 24
43.240.30.0/24 maxlen: 24
43.240.31.0/24 maxlen: 24
43.242.32.0/22 maxlen: 22
43.242.32.0/24 maxlen: 24
43.242.33.0/24 maxlen: 24
43.242.34.0/24 maxlen: 24
43.242.35.0/24 maxlen: 24
45.119.96.0/24 maxlen: 24
45.119.97.0/24 maxlen: 24
45.119.98.0/24 maxlen: 24
45.119.99.0/24 maxlen: 24
103.59.144.0/24 maxlen: 24
103.59.145.0/24 maxlen: 24
103.59.146.0/24 maxlen: 24
103.59.147.0/24 maxlen: 24
103.249.108.0/24 maxlen: 24
103.249.109.0/24 maxlen: 24
103.249.110.0/24 maxlen: 24
103.249.111.0/24 maxlen: 24
103.254.148.0/24 maxlen: 24
103.254.149.0/24 maxlen: 24
103.254.150.0/24 maxlen: 24
103.254.151.0/24 maxlen: 24
2404:da80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.crl
rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 20:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 794 (0x31a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E504E/serialNumber=A3F272752EC5D9E129E4DFCA080B88D39B794944
Validity
Not Before: Jul 19 02:24:14 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6699ce4e-fec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:68:94:d7:f9:84:4c:95:c8:5b:ae:b7:07:ea:
d7:03:a1:f3:b7:59:51:bb:4f:ff:83:61:72:e3:21:
66:36:99:66:cc:62:a3:4f:a6:cc:ab:16:41:63:1d:
1b:86:26:d6:aa:22:03:b8:a1:f7:f8:b9:8e:cd:a3:
98:95:5c:fe:3c:cb:8d:bd:38:0e:48:73:fe:e9:11:
87:3d:04:28:00:c8:2a:4b:95:ac:4c:50:87:bb:b5:
8e:5d:ca:b1:86:9c:45:9f:7c:94:d9:52:1b:ff:77:
33:df:c2:14:c9:13:3e:16:f8:67:38:93:64:bb:38:
59:b8:be:7d:69:58:15:69:07:6f:8a:00:53:d7:52:
62:76:6c:06:41:4d:ea:55:de:dc:83:bc:8b:96:48:
24:e8:f4:6a:0a:3a:b1:2b:24:bb:5b:09:4d:fb:bd:
36:96:9a:1f:36:24:9b:10:1b:9b:78:7d:02:7c:83:
3c:78:c0:69:23:f4:4f:df:e9:4c:f2:f3:01:0e:fe:
88:d0:a2:a8:80:38:0c:8e:5f:b8:6f:82:ef:e3:f7:
c7:63:a3:6a:f4:61:d3:e4:80:2d:e8:06:9e:da:2b:
60:8a:01:5d:ac:0f:3d:ea:9a:95:75:95:f0:8c:de:
5f:dd:1a:a9:65:38:77:5b:d1:04:45:15:77:e0:ee:
66:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:25:28:6C:19:C1:8F:5A:96:87:1C:B4:76:0D:70:95:6F:5C:96:41
X509v3 Authority Key Identifier:
keyid:A3:F2:72:75:2E:C5:D9:E1:29:E4:DF:CA:08:0B:88:D3:9B:79:49:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/39574A98960D11ECAAC81D60C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.28.0/22
43.242.32.0/22
45.119.96.0/22
103.59.144.0/22
103.249.108.0/22
103.254.148.0/22
IPv6:
2404:da80::/32
Signature Algorithm: sha256WithRSAEncryption
0f:38:e3:b9:cd:90:07:e0:18:32:31:56:05:dc:ee:4b:22:3c:
d0:e8:66:03:fb:13:b4:c6:4b:d7:f2:91:a3:dd:ea:01:6b:26:
ee:45:7a:fa:7c:36:f7:19:40:7b:c9:88:03:e0:b3:c9:6a:21:
6f:bc:d7:cc:b0:b6:0c:85:a7:9e:15:32:e7:95:68:05:24:1f:
4e:19:46:af:d3:9a:33:9d:26:a9:f8:95:71:06:2b:69:a1:8e:
af:fd:0b:12:a9:98:73:38:43:b6:d9:9e:ca:da:1b:2b:66:54:
30:e8:98:9b:73:43:4f:ce:48:4b:d2:c6:1f:5a:8b:f8:a9:76:
24:c1:96:a0:e5:e8:5d:e5:cc:80:c1:a7:e5:70:df:dc:4d:8e:
1b:fa:7f:1b:e9:73:05:73:b5:3e:7d:00:e0:c7:66:77:7a:35:
a4:a3:19:8d:c9:4e:9b:24:1a:09:9e:0d:77:0a:b1:83:49:59:
77:32:b3:d5:d4:95:22:6e:ca:fc:e9:c1:80:70:57:9a:14:da:
78:eb:b4:50:0e:93:24:99:86:bb:34:40:ca:63:44:c7:36:aa:
d6:9f:0b:28:23:c8:ae:76:83:a0:76:55:16:90:39:d3:ab:41:
14:07:64:06:92:c7:71:ce:87:51:10:9c:91:20:5f:2b:f6:6a:
4d:ed:24:50
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICAxowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTUwNEUxMTAvBgNVBAUTKEEzRjI3Mjc1MkVDNUQ5RTEyOUU0REZDQTA4MEI4OEQz
OUI3OTQ5NDQwHhcNMjQwNzE5MDIyNDE0WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njk5Y2U0ZS1mZWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9GiU1/mETJXIW663B+rXA6Hzt1lRu0//g2Fy4yFmNplmzGKjT6bMqxZBYx0b
hibWqiIDuKH3+LmOzaOYlVz+PMuNvTgOSHP+6RGHPQQoAMgqS5WsTFCHu7WOXcqx
hpxFn3yU2VIb/3cz38IUyRM+FvhnOJNkuzhZuL59aVgVaQdvigBT11JidmwGQU3q
Vd7cg7yLlkgk6PRqCjqxKyS7WwlN+702lpofNiSbEBubeH0CfIM8eMBpI/RP3+lM
8vMBDv6I0KKogDgMjl+4b4Lv4/fHY6Nq9GHT5IAt6Aae2itgigFdrA896pqVdZXw
jN5f3RqpZTh3W9EERRV34O5m1QIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFM4lKGwZ
wY9alocctHYNcJVvXJZBMB8GA1UdIwQYMBaAFKPycnUuxdnhKeTfyggLiNObeUlE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTA0RS81OTA5NDk5MDk2
MDgxMUVDQTA0QTAwODZDNEY5QUUwMi9vX0p5ZFM3RjJlRXA1Tl9LQ0F1STA1dDVT
VVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29fSnlkUzdGMmVFcDVOX0tDQXVJMDV0NVNVUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTUwNEUvNTkwOTQ5OTA5NjA4MTFFQ0EwNEEwMDg2QzRGOUFFMDIvMzk1NzRBOTg5
NjBEMTFFQ0FBQzgxRDYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAIr8BwDBAIr8iADBAItd2ADBAJnO5ADBAJn+WwDBAJn/pQw
DQQCAAIwBwMFACQE2oAwDQYJKoZIhvcNAQELBQADggEBAA8447nNkAfgGDIxVgXc
7ksiPNDoZgP7E7TGS9fykaPd6gFrJu5Fevp8NvcZQHvJiAPgs8lqIW+818ywtgyF
p54VMueVaAUkH04ZRq/TmjOdJqn4lXEGK2mhjq/9CxKpmHM4Q7bZnsraGytmVDDo
mJtzQ0/OSEvSxh9ai/ipdiTBlqDl6F3lzIDBp+Vw39xNjhv6fxvpcwVztT59AODH
Znd6NaSjGY3JTpskGgmeDXcKsYNJWXcys9XUlSJuyvzpwYBwV5oU2njrtFAOkySZ
hrs0QMpjRMc2qtafCygjyK52g6B2VRaQOdOrQRQHZAaSx3HOh1EQnJEgXyv2ak3t
JFA=
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:26:06 2024 by rpki-client on console-ams.rpki-client.org