Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/AB549D62125711EF94D14874C4F9AE02.roa
File: AB549D62125711EF94D14874C4F9AE02.roa (raw, json)
Hash identifier: 7u2tPWvB312w4cQ7LNuAKQdY34Bf1MbZPEt4wkYYHWg=
Subject key identifier: 6F:C6:89:D6:7F:A3:29:47:68:C8:8B:A1:BD:EA:51:81:B5:23:DF:F4
Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Certificate serial: 1DFC
Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/AB549D62125711EF94D14874C4F9AE02.roa
Signing time: Wed 15 May 2024 01:08:42 +0000
ROA not before: Wed 15 May 2024 01:08:42 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 45102
IP address blocks: 14.1.112.0/22 maxlen: 24
43.0.0.0/9 maxlen: 15
43.91.0.0/16 maxlen: 24
43.96.0.0/16 maxlen: 24
43.97.0.0/16 maxlen: 24
43.98.0.0/16 maxlen: 24
43.99.0.0/16 maxlen: 24
43.100.0.0/16 maxlen: 24
43.101.0.0/16 maxlen: 24
43.102.0.0/16 maxlen: 24
43.103.0.0/16 maxlen: 24
43.104.0.0/16 maxlen: 24
43.105.0.0/16 maxlen: 24
43.106.0.0/16 maxlen: 24
43.107.0.0/16 maxlen: 16
43.107.0.0/16 maxlen: 24
43.108.0.0/16 maxlen: 24
43.109.0.0/16 maxlen: 24
43.110.0.0/16 maxlen: 24
43.111.0.0/16 maxlen: 16
43.111.0.0/16 maxlen: 24
43.112.0.0/16 maxlen: 16
43.112.0.0/16 maxlen: 24
43.113.0.0/16 maxlen: 24
43.114.0.0/16 maxlen: 24
43.115.0.0/16 maxlen: 24
43.116.0.0/16 maxlen: 24
43.117.0.0/16 maxlen: 24
43.118.0.0/16 maxlen: 24
43.119.0.0/16 maxlen: 24
43.120.0.0/16 maxlen: 24
43.121.0.0/16 maxlen: 24
43.122.0.0/16 maxlen: 24
43.123.0.0/16 maxlen: 24
43.124.0.0/16 maxlen: 24
43.125.0.0/16 maxlen: 24
43.126.0.0/16 maxlen: 24
43.127.0.0/16 maxlen: 24
103.206.40.0/22 maxlen: 24
2404:2280::/32 maxlen: 48
240b:4000::/22 maxlen: 31
240b:4000::/32 maxlen: 40
240b:4001::/32 maxlen: 40
240b:4002::/32 maxlen: 48
240b:4003::/32 maxlen: 48
240b:4004::/32 maxlen: 48
240b:4005::/32 maxlen: 48
240b:4006::/32 maxlen: 48
240b:4007::/32 maxlen: 48
240b:4008::/32 maxlen: 48
240b:4009::/32 maxlen: 48
240b:400a::/32 maxlen: 48
240b:400b::/32 maxlen: 48
240b:400c::/32 maxlen: 48
240b:400d::/32 maxlen: 48
240b:400e::/32 maxlen: 48
240b:400f::/32 maxlen: 48
240b:4010::/32 maxlen: 48
240b:4011::/32 maxlen: 48
240b:4012::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 16:07:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7676 (0x1dfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Validity
Not Before: May 15 01:08:42 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66440b1a-ed5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a9:df:46:60:b5:30:3b:ac:f8:ff:0f:d9:8f:
2e:77:25:b5:20:80:d4:b7:e4:a8:76:9f:3b:c7:f7:
8c:df:0a:83:0d:30:08:04:27:78:3a:35:fd:41:70:
c8:c9:da:ce:15:21:f8:01:02:9c:89:53:60:a6:fc:
02:02:0a:11:6b:a4:db:4e:25:41:bf:a3:64:e3:f2:
42:d7:e5:93:e1:c9:d9:4b:57:3e:47:fb:f6:23:d8:
d3:fe:ee:72:9f:8c:5d:38:e5:10:68:54:a3:f3:03:
69:2d:c3:bd:f9:fd:7f:79:0d:13:e1:3e:bf:ea:05:
f3:53:2c:d9:91:75:2c:a8:c6:dc:20:9c:e8:24:30:
18:6c:e5:b4:99:cf:9a:b4:8c:2d:1b:bd:4b:58:ba:
02:9a:84:38:8e:6b:25:96:a7:d7:26:d4:eb:51:06:
61:f4:4f:68:09:7e:5c:6e:03:db:3a:e1:36:e5:48:
a9:6b:40:bd:d7:f7:83:e3:a5:d3:38:2d:ff:81:7d:
40:a3:8a:d6:3e:f1:96:94:06:0b:5a:77:d3:80:22:
9c:79:f5:e8:63:67:f9:93:4d:13:34:bf:dd:07:48:
57:53:4c:74:d4:ed:03:bb:81:1a:fe:18:50:7b:a6:
01:a2:01:47:6f:e1:b5:65:62:4c:79:8c:8d:9b:bb:
0c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C6:89:D6:7F:A3:29:47:68:C8:8B:A1:BD:EA:51:81:B5:23:DF:F4
X509v3 Authority Key Identifier:
keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/AB549D62125711EF94D14874C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.112.0/22
43.0.0.0/9
103.206.40.0/22
IPv6:
2404:2280::/32
240b:4000::/22
Signature Algorithm: sha256WithRSAEncryption
89:6f:7b:35:f2:bb:4a:6c:77:47:c6:89:83:ea:79:01:cc:a4:
f3:f6:c4:fe:ce:d4:63:55:c6:f6:3f:1a:5d:fa:79:d6:a4:84:
f9:11:8a:0e:7d:59:da:f1:19:74:8a:bd:63:df:da:3f:fe:5f:
98:93:af:53:c0:76:8b:e1:6b:8f:12:02:98:e3:34:af:60:14:
66:d3:38:a6:d7:ff:c5:c4:96:f6:8b:5b:0d:2e:aa:2c:66:8e:
df:9e:ff:ff:31:b4:0f:7c:50:40:ca:c5:9d:51:51:d8:3a:75:
50:d3:1b:08:5a:15:0b:44:76:00:4e:36:2a:2e:20:8b:95:cb:
22:58:6e:f1:b5:cf:03:a7:a6:fd:b5:88:2b:35:d9:f4:e6:21:
c1:f2:15:f8:06:13:06:44:7f:96:6c:84:99:53:4a:d7:35:72:
e1:bf:f0:42:e2:b3:5d:91:56:bc:4f:af:46:9c:5b:2e:3f:d8:
f1:53:a6:49:b2:e7:4a:6c:e9:2e:fc:b7:d0:e3:4e:c3:7b:5d:
34:f1:0d:4b:a2:62:ee:c4:83:e8:85:f3:de:88:36:9e:a0:3c:
be:3a:7d:09:3d:65:fb:07:db:7d:76:1f:02:a8:44:07:d0:53:
a5:03:eb:37:be:67:46:0d:f0:8b:de:a4:c5:09:83:f8:e5:d6:
58:23:12:fa
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICHfwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG
QkNCQkQ4QkQwHhcNMjQwNTE1MDEwODQyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQ0MGIxYS1lZDVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx6nfRmC1MDus+P8P2Y8udyW1IIDUt+Sodp87x/eM3wqDDTAIBCd4OjX9QXDI
ydrOFSH4AQKciVNgpvwCAgoRa6TbTiVBv6Nk4/JC1+WT4cnZS1c+R/v2I9jT/u5y
n4xdOOUQaFSj8wNpLcO9+f1/eQ0T4T6/6gXzUyzZkXUsqMbcIJzoJDAYbOW0mc+a
tIwtG71LWLoCmoQ4jmsllqfXJtTrUQZh9E9oCX5cbgPbOuE25Uipa0C91/eD46XT
OC3/gX1Ao4rWPvGWlAYLWnfTgCKcefXoY2f5k00TNL/dB0hXU0x01O0Du4Ea/hhQ
e6YBogFHb+G1ZWJMeYyNm7sMEQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFG/GidZ/
oylHaMiLob3qUYG1I9/0MB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC
QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvQUI1NDlENjIx
MjU3MTFFRjk0RDE0ODc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMBcEAgABMBEDBAIOAXADAwcrAAMEAmfOKDATBAIAAjANAwUAJAQigAMEAiQL
QDANBgkqhkiG9w0BAQsFAAOCAQEAiW97NfK7Smx3R8aJg+p5Acyk8/bE/s7UY1XG
9j8aXfp51qSE+RGKDn1Z2vEZdIq9Y9/aP/5fmJOvU8B2i+FrjxICmOM0r2AUZtM4
ptf/xcSW9otbDS6qLGaO357//zG0D3xQQMrFnVFR2Dp1UNMbCFoVC0R2AE42Ki4g
i5XLIlhu8bXPA6em/bWIKzXZ9OYhwfIV+AYTBkR/lmyEmVNK1zVy4b/wQuKzXZFW
vE+vRpxbLj/Y8VOmSbLnSmzpLvy30ONOw3tdNPENS6Ji7sSD6IXz3og2nqA8vjp9
CT1l+wfbfXYfAqhEB9BTpQPrN75nRg3wi96kxQmD+OXWWCMS+g==
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:45:07 2024 by rpki-client on console-fra.rpki-client.org