Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/44C007B0A0D611EDA2603C4EC4F9AE02.roa
File: 44C007B0A0D611EDA2603C4EC4F9AE02.roa (raw, json)
Hash identifier: yS4hjD1K8PDIQgrwqb69ifH0Xd3CZgdct8yqms8epVM=
Subject key identifier: 64:61:58:84:B9:19:83:A6:D0:E5:9B:20:69:8B:64:1E:F9:21:32:00
Certificate issuer: /CN=A91FE107/serialNumber=5E6B5A0686F56BA0C0F77FB3BF31B38563220824
Certificate serial: 2166
Authority key identifier: 5E:6B:5A:06:86:F5:6B:A0:C0:F7:7F:B3:BF:31:B3:85:63:22:08:24
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/44C007B0A0D611EDA2603C4EC4F9AE02.roa
Signing time: Thu 08 Jun 2023 16:40:35 +0000
ROA not before: Thu 08 Jun 2023 16:40:35 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 55569
IP address blocks: 103.229.140.0/22 maxlen: 22
103.229.140.0/22 maxlen: 24
103.229.140.0/24 maxlen: 24
116.213.20.0/22 maxlen: 22
116.213.20.0/24 maxlen: 24
116.213.21.0/24 maxlen: 24
116.213.22.0/24 maxlen: 24
116.213.23.0/24 maxlen: 24
182.161.72.0/22 maxlen: 22
182.161.72.0/24 maxlen: 24
182.161.73.0/24 maxlen: 24
182.161.74.0/24 maxlen: 24
182.161.75.0/24 maxlen: 24
2406:2600::/32 maxlen: 32
2406:2600::/32 maxlen: 48
2406:2600::/48 maxlen: 48
2406:2600:1::/48 maxlen: 48
2406:2600:2::/48 maxlen: 48
2406:2600:3::/48 maxlen: 48
2406:2600:4::/48 maxlen: 48
2406:2600:5::/48 maxlen: 48
2406:2600:6::/48 maxlen: 48
2406:2600:7::/48 maxlen: 48
2406:2600:8::/48 maxlen: 48
2406:2600:9::/48 maxlen: 48
2406:2600:a::/48 maxlen: 48
2406:2600:b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.crl
rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8550 (0x2166)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE107/serialNumber=5E6B5A0686F56BA0C0F77FB3BF31B38563220824
Validity
Not Before: Jun 8 16:40:35 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64820483-4f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d7:21:2c:67:74:ba:c0:29:76:2d:87:b5:fd:
7e:54:29:3a:a3:3d:b5:f2:bd:16:e3:d4:fd:43:2d:
97:f5:13:c5:f6:bc:2d:3a:53:ee:d7:6b:25:da:6d:
e1:ce:24:c1:da:ba:53:b4:32:25:ce:b3:4f:0f:f1:
fc:1b:34:f3:6b:20:bc:8e:75:de:7b:d8:0f:51:5c:
2c:e1:c3:7f:83:32:d5:1e:d7:3f:7b:43:88:80:e2:
6d:a3:1b:23:4f:ec:cf:4d:e7:0a:a6:0b:ca:4e:2d:
49:da:24:06:31:46:71:3f:04:b9:32:2d:08:a5:2c:
a0:ba:22:0b:fa:3a:e3:43:4a:cd:3c:49:c2:f6:bb:
1c:55:9e:21:cf:b6:1a:c7:1d:e2:3e:41:63:40:09:
68:74:75:62:19:a2:44:fe:70:04:18:02:15:da:6f:
07:12:6c:35:38:0c:e2:1d:78:da:54:fc:14:80:15:
3b:ec:24:f1:c5:34:23:2f:41:b8:70:07:c3:e8:a9:
d2:f6:9f:90:6f:5c:68:89:aa:f8:6a:1a:4c:f4:30:
d4:12:c6:72:3d:78:4f:c3:b3:c4:23:ea:ff:70:3e:
5b:ad:69:d4:9f:d3:f5:7b:26:17:48:21:be:6a:1e:
56:15:1b:03:31:32:34:a2:91:a8:22:a4:aa:7e:bb:
be:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:61:58:84:B9:19:83:A6:D0:E5:9B:20:69:8B:64:1E:F9:21:32:00
X509v3 Authority Key Identifier:
keyid:5E:6B:5A:06:86:F5:6B:A0:C0:F7:7F:B3:BF:31:B3:85:63:22:08:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/44C007B0A0D611EDA2603C4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.229.140.0/22
116.213.20.0/22
182.161.72.0/22
IPv6:
2406:2600::/32
Signature Algorithm: sha256WithRSAEncryption
62:0e:04:5b:76:90:12:73:ea:03:15:5b:84:be:39:b4:c7:da:
c4:38:f2:d5:20:88:8e:88:1f:fd:1b:d0:b2:f1:ad:fb:3f:d9:
85:42:24:df:55:3e:6c:3e:5a:dc:d4:5f:55:c1:9f:e4:90:78:
36:b9:ed:e9:49:49:e1:c6:3f:94:c9:32:8c:f1:48:2e:88:bc:
43:4c:91:5a:b0:e3:22:47:88:95:66:fd:c0:88:c9:56:cc:9d:
40:d8:68:71:a1:19:ec:a4:be:f7:84:8f:85:4e:01:b8:52:18:
10:0d:77:5c:68:8e:d7:fa:1b:5b:7e:5f:57:41:27:f5:1f:a3:
22:3b:7b:f0:3d:31:0b:6c:f4:3f:4a:98:d1:8c:e8:6c:41:b4:
4d:fb:b2:7f:9b:56:f2:1c:7d:cd:d7:29:c3:33:2b:69:88:a2:
9e:6f:fe:41:aa:5b:0c:52:f7:86:2d:51:88:87:93:6b:93:4f:
cd:66:5f:99:6a:2a:e3:17:04:e3:7b:fd:78:5f:d3:2f:4b:91:
90:82:70:a0:47:4a:af:4c:b2:7a:42:ff:f2:aa:fc:4e:b0:3e:
b2:13:3a:77:d7:8b:6b:5e:ca:92:e0:d2:cd:b2:77:5e:1b:c2:
4e:bf:c8:93:63:81:b4:a7:01:08:e0:aa:59:8f:da:a0:94:d6:
a9:ae:1e:49
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICIWYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkUxMDcxMTAvBgNVBAUTKDVFNkI1QTA2ODZGNTZCQTBDMEY3N0ZCM0JGMzFCMzg1
NjMyMjA4MjQwHhcNMjMwNjA4MTY0MDM1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDgyMDQ4My00ZjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5NchLGd0usApdi2Htf1+VCk6oz218r0W49T9Qy2X9RPF9rwtOlPu12sl2m3h
ziTB2rpTtDIlzrNPD/H8GzTzayC8jnXee9gPUVws4cN/gzLVHtc/e0OIgOJtoxsj
T+zPTecKpgvKTi1J2iQGMUZxPwS5Mi0IpSyguiIL+jrjQ0rNPEnC9rscVZ4hz7Ya
xx3iPkFjQAlodHViGaJE/nAEGAIV2m8HEmw1OAziHXjaVPwUgBU77CTxxTQjL0G4
cAfD6KnS9p+Qb1xoiar4ahpM9DDUEsZyPXhPw7PEI+r/cD5brWnUn9P1eyYXSCG+
ah5WFRsDMTI0opGoIqSqfru+TwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFGRhWIS5
GYOm0OWbIGmLZB75ITIAMB8GA1UdIwQYMBaAFF5rWgaG9WugwPd/s78xs4VjIggk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTEwNy9FRTM1QzQ0NjlF
NjQxMUU1OUQ0OEZCNjBDNEY5QUUwMi9YbXRhQm9iMWE2REE5My16dnpHemhXTWlD
Q1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1htdGFCb2IxYTZEQTkzLXp2ekd6aFdNaUNDUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkUxMDcvRUUzNUM0NDY5RTY0MTFFNTlENDhGQjYwQzRGOUFFMDIvNDRDMDA3QjBB
MEQ2MTFFREEyNjAzQzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAJn5YwDBAJ01RQDBAK2oUgwDQQCAAIwBwMFACQGJgAwDQYJ
KoZIhvcNAQELBQADggEBAGIOBFt2kBJz6gMVW4S+ObTH2sQ48tUgiI6IH/0b0LLx
rfs/2YVCJN9VPmw+WtzUX1XBn+SQeDa57elJSeHGP5TJMozxSC6IvENMkVqw4yJH
iJVm/cCIyVbMnUDYaHGhGeykvveEj4VOAbhSGBANd1xojtf6G1t+X1dBJ/UfoyI7
e/A9MQts9D9KmNGM6GxBtE37sn+bVvIcfc3XKcMzK2mIop5v/kGqWwxS94YtUYiH
k2uTT81mX5lqKuMXBON7/Xhf0y9LkZCCcKBHSq9MsnpC//Kq/E6wPrITOnfXi2te
ypLg0s2yd14bwk6/yJNjgbSnAQjgqlmP2qCU1qmuHkk=
-----END CERTIFICATE-----
Generated at Sat May 18 16:57:55 2024 by rpki-client on console-fra.rpki-client.org