Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F48F2/46D091981DA911E29CFD3EA408B02CD2/579661B0C35411EBB2866C79C4F9AE02.roa
File: 579661B0C35411EBB2866C79C4F9AE02.roa (raw, json)
Hash identifier: hAHBlIc63fjBz7m8D1LH4yeKYVrIacs9IaXPJ3EIcMU=
Subject key identifier: 34:27:8A:A1:59:AF:A7:48:1A:EB:C9:60:E7:11:E5:D1:4C:D5:A6:EB
Certificate issuer: /CN=A91F48F2/serialNumber=EC484A51E463B98AF8E1B02AE22955A1322F1F75
Certificate serial: 3387
Authority key identifier: EC:48:4A:51:E4:63:B9:8A:F8:E1:B0:2A:E2:29:55:A1:32:2F:1F:75
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7EhKUeRjuYr44bAq4ilVoTIvH3U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F48F2/46D091981DA911E29CFD3EA408B02CD2/579661B0C35411EBB2866C79C4F9AE02.roa
Signing time: Sat 28 Oct 2023 15:41:06 +0000
ROA not before: Sat 28 Oct 2023 15:41:06 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 24068
IP address blocks: 45.116.236.0/22 maxlen: 22
45.116.236.0/24 maxlen: 24
45.116.237.0/24 maxlen: 24
45.116.238.0/24 maxlen: 24
45.116.239.0/24 maxlen: 24
103.251.200.0/22 maxlen: 22
103.251.200.0/24 maxlen: 24
103.251.202.0/24 maxlen: 24
103.251.203.0/24 maxlen: 24
202.171.48.0/20 maxlen: 20
202.171.48.0/22 maxlen: 22
202.171.48.0/24 maxlen: 24
202.171.49.0/24 maxlen: 24
202.171.50.0/24 maxlen: 24
202.171.51.0/24 maxlen: 24
202.171.52.0/22 maxlen: 22
202.171.52.0/24 maxlen: 24
202.171.53.0/24 maxlen: 24
202.171.54.0/24 maxlen: 24
202.171.55.0/24 maxlen: 24
202.171.56.0/22 maxlen: 22
202.171.56.0/24 maxlen: 24
202.171.57.0/24 maxlen: 24
202.171.58.0/24 maxlen: 24
202.171.60.0/22 maxlen: 22
202.171.60.0/24 maxlen: 24
202.171.61.0/24 maxlen: 24
202.171.62.0/24 maxlen: 24
202.171.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F48F2/46D091981DA911E29CFD3EA408B02CD2/7EhKUeRjuYr44bAq4ilVoTIvH3U.crl
rsync://rpki.apnic.net/member_repository/A91F48F2/46D091981DA911E29CFD3EA408B02CD2/7EhKUeRjuYr44bAq4ilVoTIvH3U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7EhKUeRjuYr44bAq4ilVoTIvH3U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13191 (0x3387)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F48F2/serialNumber=EC484A51E463B98AF8E1B02AE22955A1322F1F75
Validity
Not Before: Oct 28 15:41:06 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=653d2b91-6801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:04:0d:5a:8e:0f:6b:a1:fd:e5:9e:23:d4:08:
a1:3e:ec:1e:db:d7:db:84:0c:cd:a8:60:20:4d:7f:
08:d2:ac:b6:7d:e6:16:0d:d4:b6:f6:38:8f:59:1c:
af:59:94:1f:c5:83:55:13:35:57:db:84:0f:05:e4:
8f:3f:f2:74:b3:e8:56:7e:1d:e4:97:65:f8:24:92:
cb:d0:27:50:76:c9:eb:a5:a3:56:36:7f:dc:36:1e:
31:8a:31:e5:04:c6:9a:59:26:6f:be:f7:04:d7:56:
ef:20:64:2d:e6:49:46:46:90:04:69:b0:4a:e1:d7:
1a:4c:e9:1e:6d:4a:d3:0f:51:f7:d4:7f:65:ec:86:
d7:c5:a0:81:63:bd:ee:d4:49:40:cd:6d:fa:76:fb:
c8:44:d4:06:a6:00:88:a6:5f:75:be:4f:82:c3:99:
4e:de:01:66:0a:81:3e:e4:77:ac:b4:2f:0f:9e:c5:
d2:5a:0f:90:6a:f8:c1:3a:d1:76:98:ea:3e:2e:55:
81:18:8d:14:0b:d8:13:9e:6f:0e:de:b4:be:f3:7e:
5d:51:6c:f3:a9:85:36:84:41:15:5a:12:bb:12:2a:
21:50:73:a0:c2:07:a7:90:95:37:b0:86:c5:4c:7b:
54:a8:12:78:62:de:85:ea:16:93:ca:13:58:9a:2e:
aa:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:27:8A:A1:59:AF:A7:48:1A:EB:C9:60:E7:11:E5:D1:4C:D5:A6:EB
X509v3 Authority Key Identifier:
keyid:EC:48:4A:51:E4:63:B9:8A:F8:E1:B0:2A:E2:29:55:A1:32:2F:1F:75
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F48F2/46D091981DA911E29CFD3EA408B02CD2/7EhKUeRjuYr44bAq4ilVoTIvH3U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7EhKUeRjuYr44bAq4ilVoTIvH3U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F48F2/46D091981DA911E29CFD3EA408B02CD2/579661B0C35411EBB2866C79C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.116.236.0/22
103.251.200.0/22
202.171.48.0/20
Signature Algorithm: sha256WithRSAEncryption
7e:62:20:24:b7:c7:d2:1d:2f:fa:0c:34:08:93:7a:29:f0:9b:
2c:28:de:20:01:a4:3c:fb:d6:4e:14:6e:81:6e:a3:99:f0:07:
6b:8d:6d:b7:cf:7c:80:3c:27:70:cd:1b:bd:00:ff:8c:0c:64:
a3:05:ed:c9:dd:4e:10:99:a0:a0:95:85:17:a9:71:cd:53:57:
e7:99:93:00:d4:41:42:f9:b8:80:97:91:17:aa:d5:95:aa:0d:
95:ce:cc:25:91:cd:48:95:6c:0a:56:d3:64:64:8b:7e:e0:5f:
13:b6:37:74:df:9b:a2:a3:fd:a3:5f:25:c8:55:58:c2:4c:77:
e1:91:24:32:c8:59:90:08:57:7b:03:35:8e:60:3b:7b:5d:16:
5c:24:2a:64:fc:84:2a:ce:9b:49:b7:a7:82:87:62:10:7b:24:
06:4e:4b:bb:6b:b8:68:81:3d:e3:0a:9e:9f:e3:9c:8e:f2:d8:
59:ba:94:d8:33:39:77:06:0f:8f:04:63:19:2a:14:33:2f:c5:
51:9b:63:00:54:8b:5b:f8:7f:ef:64:93:d5:2e:df:a1:c6:9e:
46:c8:08:2a:ee:fd:62:66:29:2e:d8:8c:8c:f1:c9:f6:b2:31:
17:44:75:0c:81:33:0a:db:da:91:8f:03:19:13:96:04:48:05:
f4:33:08:ff
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICM4cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjQ4RjIxMTAvBgNVBAUTKEVDNDg0QTUxRTQ2M0I5OEFGOEUxQjAyQUUyMjk1NUEx
MzIyRjFGNzUwHhcNMjMxMDI4MTU0MTA2WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTNkMmI5MS02ODAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxgQNWo4Pa6H95Z4j1AihPuwe29fbhAzNqGAgTX8I0qy2feYWDdS29jiPWRyv
WZQfxYNVEzVX24QPBeSPP/J0s+hWfh3kl2X4JJLL0CdQdsnrpaNWNn/cNh4xijHl
BMaaWSZvvvcE11bvIGQt5klGRpAEabBK4dcaTOkebUrTD1H31H9l7IbXxaCBY73u
1ElAzW36dvvIRNQGpgCIpl91vk+Cw5lO3gFmCoE+5HestC8PnsXSWg+QavjBOtF2
mOo+LlWBGI0UC9gTnm8O3rS+835dUWzzqYU2hEEVWhK7EiohUHOgwgenkJU3sIbF
THtUqBJ4Yt6F6haTyhNYmi6q9QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDQniqFZ
r6dIGuvJYOcR5dFM1abrMB8GA1UdIwQYMBaAFOxISlHkY7mK+OGwKuIpVaEyLx91
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNDhGMi80NkQwOTE5ODFE
QTkxMUUyOUNGRDNFQTQwOEIwMkNEMi83RWhLVWVSanVZcjQ0YkFxNGlsVm9USXZI
M1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdFaEtVZVJqdVlyNDRiQXE0aWxWb1RJdkgzVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjQ4RjIvNDZEMDkxOTgxREE5MTFFMjlDRkQzRUE0MDhCMDJDRDIvNTc5NjYxQjBD
MzU0MTFFQkIyODY2Qzc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAItdOwDBAJn+8gDBATKqzAwDQYJKoZIhvcNAQELBQADggEB
AH5iICS3x9IdL/oMNAiTeinwmywo3iABpDz71k4UboFuo5nwB2uNbbfPfIA8J3DN
G70A/4wMZKMF7cndThCZoKCVhRepcc1TV+eZkwDUQUL5uICXkReq1ZWqDZXOzCWR
zUiVbApW02Rki37gXxO2N3Tfm6Kj/aNfJchVWMJMd+GRJDLIWZAIV3sDNY5gO3td
FlwkKmT8hCrOm0m3p4KHYhB7JAZOS7truGiBPeMKnp/jnI7y2Fm6lNgzOXcGD48E
YxkqFDMvxVGbYwBUi1v4f+9kk9Uu36HGnkbICCru/WJmKS7YjIzxyfayMRdEdQyB
Mwrb2pGPAxkTlgRIBfQzCP8=
-----END CERTIFICATE-----
Generated at Sun May 12 17:43:29 2024 by rpki-client on console-fra.rpki-client.org