Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/60523BEA0CA411ED96936D79C4F9AE02.roa
File: 60523BEA0CA411ED96936D79C4F9AE02.roa (raw, json)
Hash identifier: CLX/342a3JMAuWhx7hI0idArAqPxfekE5e1Orgg5wlY=
Subject key identifier: B9:CD:0C:24:9D:73:95:59:7D:19:D5:5C:C0:BD:C6:FD:B8:B5:BB:0F
Certificate issuer: /CN=A91E504E/serialNumber=A3F272752EC5D9E129E4DFCA080B88D39B794944
Certificate serial: 025C
Authority key identifier: A3:F2:72:75:2E:C5:D9:E1:29:E4:DF:CA:08:0B:88:D3:9B:79:49:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/60523BEA0CA411ED96936D79C4F9AE02.roa
Signing time: Thu 27 Jul 2023 02:05:02 +0000
ROA not before: Thu 27 Jul 2023 02:05:02 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 133861
IP address blocks: 43.240.28.0/22 maxlen: 22
43.240.28.0/24 maxlen: 24
43.240.29.0/24 maxlen: 24
43.240.30.0/24 maxlen: 24
43.240.31.0/24 maxlen: 24
43.242.32.0/22 maxlen: 22
43.242.32.0/24 maxlen: 24
43.242.33.0/24 maxlen: 24
43.242.34.0/24 maxlen: 24
43.242.35.0/24 maxlen: 24
45.119.96.0/24 maxlen: 24
45.119.97.0/24 maxlen: 24
45.119.98.0/24 maxlen: 24
45.119.99.0/24 maxlen: 24
103.59.144.0/24 maxlen: 24
103.59.145.0/24 maxlen: 24
103.59.146.0/24 maxlen: 24
103.59.147.0/24 maxlen: 24
103.249.108.0/24 maxlen: 24
103.249.109.0/24 maxlen: 24
103.249.110.0/24 maxlen: 24
103.249.111.0/24 maxlen: 24
103.254.148.0/24 maxlen: 24
103.254.149.0/24 maxlen: 24
103.254.150.0/24 maxlen: 24
103.254.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.crl
rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 20 May 2024 03:17:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 604 (0x25c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E504E/serialNumber=A3F272752EC5D9E129E4DFCA080B88D39B794944
Validity
Not Before: Jul 27 02:05:02 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64c1d0cd-9f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:f8:b4:23:22:a5:db:11:45:45:37:ce:77:07:
ab:10:9f:56:80:1e:77:b4:9a:5d:6e:2b:19:48:49:
dd:5f:cf:5a:00:84:20:b4:98:12:ca:99:49:5c:4f:
12:93:3a:d1:6a:cd:30:10:88:89:7a:4c:f1:04:c2:
de:d5:4e:54:98:17:0d:18:86:05:a4:39:31:eb:ed:
48:70:b6:c1:f3:8f:3b:12:d0:7f:34:f5:95:d9:5d:
53:df:2d:3b:d3:1c:58:af:25:62:f4:fe:ef:ed:25:
68:03:95:7f:a0:02:66:12:b0:f1:20:e1:41:76:26:
73:74:0b:ae:9f:23:d3:3f:3c:3f:f5:88:6a:e1:a5:
5b:65:c7:49:08:49:de:9c:a5:2b:09:77:7f:8e:f2:
39:39:3f:02:2b:ee:40:7f:85:b8:17:fa:21:11:d3:
1e:e0:3e:b5:66:63:1d:a6:cb:4f:b7:67:3e:78:29:
a1:fc:7f:de:a2:00:ac:36:09:ad:39:e9:fd:f5:d3:
45:14:7f:93:93:f1:5c:56:fd:da:fb:52:5e:f0:8c:
7c:c1:32:52:ab:0c:a8:e5:4f:22:18:ae:ea:06:cf:
ab:42:69:a5:d7:e1:56:d3:98:c3:ac:17:08:1b:d5:
65:49:07:c4:0c:ca:bf:77:c1:41:ad:74:af:83:7b:
60:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:CD:0C:24:9D:73:95:59:7D:19:D5:5C:C0:BD:C6:FD:B8:B5:BB:0F
X509v3 Authority Key Identifier:
keyid:A3:F2:72:75:2E:C5:D9:E1:29:E4:DF:CA:08:0B:88:D3:9B:79:49:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/o_JydS7F2eEp5N_KCAuI05t5SUQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o_JydS7F2eEp5N_KCAuI05t5SUQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E504E/59094990960811ECA04A0086C4F9AE02/60523BEA0CA411ED96936D79C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.28.0/22
43.242.32.0/22
45.119.96.0/22
103.59.144.0/22
103.249.108.0/22
103.254.148.0/22
Signature Algorithm: sha256WithRSAEncryption
98:f7:10:d2:07:e9:22:71:f8:f8:7b:ff:2d:ba:b0:08:ce:08:
35:76:ba:c1:80:73:85:a8:15:fb:0f:ca:5b:05:ff:25:b1:8a:
5f:97:cd:08:ff:db:05:f3:52:a6:e0:c5:ec:4d:9f:2b:1f:73:
e6:21:80:b3:ca:cd:aa:d0:ad:33:56:62:ae:0b:59:8f:e3:37:
ee:6d:6e:19:27:3e:3f:3d:a2:89:31:05:b2:d8:8b:83:53:9e:
5e:ed:f7:de:03:67:1c:c8:08:e4:7b:52:f4:67:f0:cb:c6:ba:
71:23:36:09:e0:b1:76:92:c3:11:20:90:35:94:bb:b8:55:6c:
5d:bd:4a:73:da:4a:f0:69:94:9c:f4:d9:ef:4c:b3:97:30:11:
d4:93:92:d2:ca:c1:6d:57:88:7c:59:d4:bd:ca:a9:14:9d:8b:
f8:e1:34:e0:ac:de:08:fc:5e:33:15:d7:0c:f2:9e:c6:d8:1d:
1c:31:86:42:11:03:db:d7:35:e5:46:ec:ab:12:ee:60:55:6b:
65:da:e6:86:5c:08:3e:13:25:b0:34:de:42:40:f0:c1:4f:da:
c2:3a:10:03:6c:34:45:ae:e2:4d:41:9d:07:84:36:13:79:61:
b4:87:b0:5a:90:7a:58:b9:0b:65:cf:cf:1b:d3:18:5c:da:eb:
b4:09:dd:b1
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICAlwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTUwNEUxMTAvBgNVBAUTKEEzRjI3Mjc1MkVDNUQ5RTEyOUU0REZDQTA4MEI4OEQz
OUI3OTQ5NDQwHhcNMjMwNzI3MDIwNTAyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGMxZDBjZC05ZjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6fi0IyKl2xFFRTfOdwerEJ9WgB53tJpdbisZSEndX89aAIQgtJgSyplJXE8S
kzrRas0wEIiJekzxBMLe1U5UmBcNGIYFpDkx6+1IcLbB8487EtB/NPWV2V1T3y07
0xxYryVi9P7v7SVoA5V/oAJmErDxIOFBdiZzdAuunyPTPzw/9Yhq4aVbZcdJCEne
nKUrCXd/jvI5OT8CK+5Af4W4F/ohEdMe4D61ZmMdpstPt2c+eCmh/H/eogCsNgmt
Oen99dNFFH+Tk/FcVv3a+1Je8Ix8wTJSqwyo5U8iGK7qBs+rQmml1+FW05jDrBcI
G9VlSQfEDMq/d8FBrXSvg3tgZQIDAQABo4ICszCCAq8wHQYDVR0OBBYEFLnNDCSd
c5VZfRnVXMC9xv24tbsPMB8GA1UdIwQYMBaAFKPycnUuxdnhKeTfyggLiNObeUlE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTA0RS81OTA5NDk5MDk2
MDgxMUVDQTA0QTAwODZDNEY5QUUwMi9vX0p5ZFM3RjJlRXA1Tl9LQ0F1STA1dDVT
VVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29fSnlkUzdGMmVFcDVOX0tDQXVJMDV0NVNVUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTUwNEUvNTkwOTQ5OTA5NjA4MTFFQ0EwNEEwMDg2QzRGOUFFMDIvNjA1MjNCRUEw
Q0E0MTFFRDk2OTM2RDc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAIr8BwDBAIr8iADBAItd2ADBAJnO5ADBAJn+WwDBAJn/pQw
DQYJKoZIhvcNAQELBQADggEBAJj3ENIH6SJx+Ph7/y26sAjOCDV2usGAc4WoFfsP
ylsF/yWxil+XzQj/2wXzUqbgxexNnysfc+YhgLPKzarQrTNWYq4LWY/jN+5tbhkn
Pj89ookxBbLYi4NTnl7t994DZxzICOR7UvRn8MvGunEjNgngsXaSwxEgkDWUu7hV
bF29SnPaSvBplJz02e9Ms5cwEdSTktLKwW1XiHxZ1L3KqRSdi/jhNOCs3gj8XjMV
1wzynsbYHRwxhkIRA9vXNeVG7KsS7mBVa2Xa5oZcCD4TJbA03kJA8MFP2sI6EANs
NEWu4k1BnQeENhN5YbSHsFqQeli5C2XPzxvTGFza67QJ3bE=
-----END CERTIFICATE-----
Generated at Mon May 13 04:21:03 2024 by rpki-client on console-ams.rpki-client.org