Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/60523BEA0CA411ED96936D79C4F9AE02.roa
File: 60523BEA0CA411ED96936D79C4F9AE02.roa (raw, json)
Hash identifier: 53okBBihrVod9gd5c53/fKO2EZYSA4Bon9/JWGkN+Rg=
Subject key identifier: D0:31:CE:2E:D0:02:8F:45:47:65:23:2B:ED:95:6C:90:AE:82:F9:E4
Certificate issuer: /CN=A91E504E/serialNumber=A3F272752EC5D9E129E4DFCA080B88D39B794944
Certificate serial: 031B
Authority key identifier: A3:F2:72:75:2E:C5:D9:E1:29:E4:DF:CA:08:0B:88:D3:9B:79:49:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/60523BEA0CA411ED96936D79C4F9AE02.roa
Signing time: Fri 19 Jul 2024 02:24:16 +0000
ROA not before: Fri 19 Jul 2024 02:24:16 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 133861
IP address blocks: 43.240.28.0/22 maxlen: 22
43.240.28.0/24 maxlen: 24
43.240.29.0/24 maxlen: 24
43.240.30.0/24 maxlen: 24
43.240.31.0/24 maxlen: 24
43.242.32.0/22 maxlen: 22
43.242.32.0/24 maxlen: 24
43.242.33.0/24 maxlen: 24
43.242.34.0/24 maxlen: 24
43.242.35.0/24 maxlen: 24
45.119.96.0/24 maxlen: 24
45.119.97.0/24 maxlen: 24
45.119.98.0/24 maxlen: 24
45.119.99.0/24 maxlen: 24
103.59.144.0/24 maxlen: 24
103.59.145.0/24 maxlen: 24
103.59.146.0/24 maxlen: 24
103.59.147.0/24 maxlen: 24
103.249.108.0/24 maxlen: 24
103.249.109.0/24 maxlen: 24
103.249.110.0/24 maxlen: 24
103.249.111.0/24 maxlen: 24
103.254.148.0/24 maxlen: 24
103.254.149.0/24 maxlen: 24
103.254.150.0/24 maxlen: 24
103.254.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.crl
rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 20:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 795 (0x31b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E504E/serialNumber=A3F272752EC5D9E129E4DFCA080B88D39B794944
Validity
Not Before: Jul 19 02:24:16 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6699ce4f-9a0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:6c:07:64:15:5d:c1:c2:79:d7:55:7a:f1:42:
02:e9:45:9c:3a:cf:0c:77:ae:a5:44:ce:92:f4:ae:
90:44:96:06:39:52:f6:17:c7:93:f0:80:57:ae:10:
87:4e:1d:57:a9:5e:17:e9:00:c5:2a:8c:4a:27:a7:
8f:97:a2:d6:3c:d0:e1:96:00:c4:22:6e:e0:91:c5:
71:04:81:6d:1c:cc:dd:a7:a4:e3:aa:fb:b4:3d:fb:
9f:2e:5a:29:5b:d5:08:cc:d5:5b:66:3a:49:c4:cb:
6b:95:bf:70:ac:4a:93:07:9a:6c:f4:25:04:d8:b7:
da:ce:a5:1b:c2:e5:38:22:b6:61:52:b5:df:9c:65:
7d:35:e6:32:d7:8a:bd:7c:ab:09:df:3a:1c:b7:16:
bf:6a:ae:3c:1d:7a:71:14:92:26:a0:0d:d3:90:71:
9e:96:d9:de:df:53:5e:d8:18:0d:69:e6:22:79:12:
98:cf:0c:9f:91:50:d2:d2:13:81:77:d8:d6:98:32:
5c:2a:31:71:8c:84:35:16:7f:26:25:b3:bc:9a:43:
4a:f1:60:aa:b6:24:3f:fd:94:74:be:fd:a8:84:18:
5a:fb:a6:0f:cf:1d:cd:3a:58:df:1d:4e:57:38:7c:
bc:d5:17:b7:43:b4:fd:47:fe:83:d3:a0:7b:17:28:
e2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:31:CE:2E:D0:02:8F:45:47:65:23:2B:ED:95:6C:90:AE:82:F9:E4
X509v3 Authority Key Identifier:
keyid:A3:F2:72:75:2E:C5:D9:E1:29:E4:DF:CA:08:0B:88:D3:9B:79:49:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/60523BEA0CA411ED96936D79C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.28.0/22
43.242.32.0/22
45.119.96.0/22
103.59.144.0/22
103.249.108.0/22
103.254.148.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:72:24:8d:1a:55:ac:75:3d:32:30:42:34:e9:e0:5e:38:79:
4c:fb:ce:47:4c:77:6b:ef:66:fe:4d:b7:0a:32:39:f8:dd:27:
48:17:b6:1b:7f:d2:95:7a:34:f3:bc:33:7f:23:24:4a:d7:f7:
cb:df:bb:9c:93:86:53:a1:f7:e2:51:78:58:c6:73:8b:a9:93:
59:88:28:d2:6c:b3:8d:a7:c3:e8:d0:97:07:6d:fd:46:a5:96:
79:d2:e8:6a:74:cf:1d:dc:de:88:a8:8e:b6:fc:1b:9d:8a:9c:
52:75:42:84:6d:2f:54:18:97:6d:60:ab:9a:ba:a2:b2:0b:74:
ed:5c:77:c2:35:3c:37:f7:25:c8:4e:35:18:06:7b:7f:b0:10:
c4:75:e1:8f:e5:ec:49:84:00:55:c1:c4:25:44:2e:f6:ae:9c:
b2:bd:e6:57:ce:d0:c5:ae:9c:38:05:ed:27:2d:24:08:6c:47:
02:e5:c1:a7:41:14:fd:5c:09:21:77:90:52:44:bc:57:4c:62:
46:4d:3e:2b:d1:55:45:e0:f3:9a:22:7d:d6:41:aa:69:af:50:
37:14:ff:a4:13:40:aa:1f:c2:07:f4:c5:f8:c6:d3:80:d3:3b:
0e:06:2f:ca:d5:0c:d4:93:d1:a2:80:f9:72:99:d9:5e:9f:67:
05:8f:30:e6
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICAxswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTUwNEUxMTAvBgNVBAUTKEEzRjI3Mjc1MkVDNUQ5RTEyOUU0REZDQTA4MEI4OEQz
OUI3OTQ5NDQwHhcNMjQwNzE5MDIyNDE2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njk5Y2U0Zi05YTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3WwHZBVdwcJ511V68UIC6UWcOs8Md66lRM6S9K6QRJYGOVL2F8eT8IBXrhCH
Th1XqV4X6QDFKoxKJ6ePl6LWPNDhlgDEIm7gkcVxBIFtHMzdp6Tjqvu0PfufLlop
W9UIzNVbZjpJxMtrlb9wrEqTB5ps9CUE2LfazqUbwuU4IrZhUrXfnGV9NeYy14q9
fKsJ3zoctxa/aq48HXpxFJImoA3TkHGeltne31Ne2BgNaeYieRKYzwyfkVDS0hOB
d9jWmDJcKjFxjIQ1Fn8mJbO8mkNK8WCqtiQ//ZR0vv2ohBha+6YPzx3NOljfHU5X
OHy81Re3Q7T9R/6D06B7FyjioQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFNAxzi7Q
Ao9FR2UjK+2VbJCugvnkMB8GA1UdIwQYMBaAFKPycnUuxdnhKeTfyggLiNObeUlE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTA0RS81OTA5NDk5MDk2
MDgxMUVDQTA0QTAwODZDNEY5QUUwMi9vX0p5ZFM3RjJlRXA1Tl9LQ0F1STA1dDVT
VVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29fSnlkUzdGMmVFcDVOX0tDQXVJMDV0NVNVUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTUwNEUvNTkwOTQ5OTA5NjA4MTFFQ0EwNEEwMDg2QzRGOUFFMDIvNjA1MjNCRUEw
Q0E0MTFFRDk2OTM2RDc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAIr8BwDBAIr8iADBAItd2ADBAJnO5ADBAJn+WwDBAJn/pQw
DQYJKoZIhvcNAQELBQADggEBAHxyJI0aVax1PTIwQjTp4F44eUz7zkdMd2vvZv5N
twoyOfjdJ0gXtht/0pV6NPO8M38jJErX98vfu5yThlOh9+JReFjGc4upk1mIKNJs
s42nw+jQlwdt/UallnnS6Gp0zx3c3oiojrb8G52KnFJ1QoRtL1QYl21gq5q6orIL
dO1cd8I1PDf3JchONRgGe3+wEMR14Y/l7EmEAFXBxCVELvaunLK95lfO0MWunDgF
7SctJAhsRwLlwadBFP1cCSF3kFJEvFdMYkZNPivRVUXg85oifdZBqmmvUDcU/6QT
QKofwgf0xfjG04DTOw4GL8rVDNST0aKA+XKZ2V6fZwWPMOY=
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:26:06 2024 by rpki-client on console-ams.rpki-client.org