Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/485D694A454911EEB8718378C4F9AE02.roa
File: 485D694A454911EEB8718378C4F9AE02.roa (raw, json)
Hash identifier: HR3nRfisYSDKZvt9Zn5nDd8WaOUGmkOPBRh02Z+ySnk=
Subject key identifier: 24:69:FA:40:F1:5E:63:48:FB:77:6C:46:A2:95:B6:CB:A5:71:56:C9
Certificate issuer: /CN=A9125C22/serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E
Certificate serial: 0549
Authority key identifier: C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/485D694A454911EEB8718378C4F9AE02.roa
Signing time: Fri 10 Nov 2023 23:51:22 +0000
ROA not before: Fri 10 Nov 2023 23:51:22 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 133771
IP address blocks: 207.174.176.0/20 maxlen: 20
207.174.176.0/22 maxlen: 22
207.174.176.0/24 maxlen: 24
207.174.177.0/24 maxlen: 24
207.174.178.0/24 maxlen: 24
207.174.179.0/24 maxlen: 24
207.174.180.0/22 maxlen: 22
207.174.180.0/24 maxlen: 24
207.174.181.0/24 maxlen: 24
207.174.182.0/24 maxlen: 24
207.174.183.0/24 maxlen: 24
207.174.184.0/22 maxlen: 22
207.174.184.0/24 maxlen: 24
207.174.185.0/24 maxlen: 24
207.174.186.0/24 maxlen: 24
207.174.187.0/24 maxlen: 24
207.174.188.0/22 maxlen: 22
207.174.188.0/24 maxlen: 24
207.174.189.0/24 maxlen: 24
207.174.190.0/24 maxlen: 24
207.174.191.0/24 maxlen: 24
216.108.240.0/20 maxlen: 20
216.108.240.0/22 maxlen: 24
216.108.244.0/22 maxlen: 22
216.108.244.0/24 maxlen: 24
216.108.245.0/24 maxlen: 24
216.108.246.0/24 maxlen: 24
216.108.247.0/24 maxlen: 24
216.108.248.0/22 maxlen: 22
216.108.248.0/24 maxlen: 24
216.108.249.0/24 maxlen: 24
216.108.250.0/24 maxlen: 24
216.108.251.0/24 maxlen: 24
216.108.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl
rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 18:32:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1353 (0x549)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125C22/serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E
Validity
Not Before: Nov 10 23:51:22 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=654ec1fa-9ea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:bc:44:5a:f9:ab:95:75:da:45:9a:a7:02:8a:
a7:d3:b3:a6:54:a6:f1:7b:03:7d:d9:e6:4a:c1:0c:
62:3a:40:a9:61:f5:c4:ea:24:fa:b2:28:56:a5:5c:
00:a7:7d:9d:18:d6:8d:f4:a8:86:9b:00:71:0e:89:
e0:0a:13:dc:51:04:a4:77:c5:04:c3:67:db:8f:3e:
10:88:55:4c:97:0a:5f:2a:f5:79:1b:86:94:ec:04:
24:c6:f1:1b:cd:87:44:a9:5c:4a:62:69:ef:9d:ad:
d9:99:d6:0d:5d:47:3e:a4:4a:7f:02:c9:14:92:f2:
69:fb:f3:18:78:f3:7e:36:83:e0:3d:43:a1:7e:5d:
9d:65:13:02:d0:37:e8:09:ac:92:d0:17:75:68:4c:
29:07:45:da:e0:ee:dd:d1:39:f7:2e:15:34:68:7e:
25:17:36:8c:04:26:05:71:43:89:05:f2:32:6c:a3:
1a:1a:d6:da:ca:86:bf:05:90:4a:5c:01:19:dc:75:
77:15:69:48:6b:a2:98:e4:9c:c3:18:62:17:e5:39:
c3:95:a6:35:08:fd:80:9e:7e:e3:68:dd:67:d4:e6:
bd:82:6b:67:02:7a:eb:cb:ff:a7:90:28:be:5e:54:
1f:b4:bf:1e:f4:5d:7b:df:68:3d:46:78:7a:af:ce:
27:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:69:FA:40:F1:5E:63:48:FB:77:6C:46:A2:95:B6:CB:A5:71:56:C9
X509v3 Authority Key Identifier:
keyid:C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/485D694A454911EEB8718378C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
207.174.176.0/20
216.108.240.0/20
Signature Algorithm: sha256WithRSAEncryption
31:cc:eb:fe:bc:a8:0a:c3:ce:db:f0:83:03:be:52:37:3b:fe:
d4:89:fa:bd:b3:e6:09:5a:01:88:cf:a2:9b:d9:d6:26:3e:b5:
5d:23:67:73:af:43:ae:4f:e7:ac:2b:71:d0:0e:50:c6:cc:a8:
20:f0:9d:6b:41:1a:d1:48:ab:ee:36:60:9a:b9:f4:28:4e:75:
73:dc:40:bf:32:30:54:c2:62:86:a2:5e:74:d8:d0:3d:a7:8f:
51:4a:10:86:35:26:c1:f2:2e:04:24:54:82:3a:24:d0:2b:79:
f4:0b:8b:2e:a7:39:21:ae:a1:48:f0:6f:27:0d:ff:e9:50:3b:
82:6f:4a:d4:53:9e:35:8c:02:87:8b:bb:59:94:99:80:ce:a9:
ca:20:1f:2f:3e:bb:fd:f7:10:1b:51:fe:7c:2c:61:a5:b5:26:
60:8c:dd:0f:9d:61:ec:62:5e:ab:36:0a:18:d2:c5:6e:8f:5d:
13:4c:ad:88:91:d6:20:24:55:06:5d:b9:50:28:8d:3b:fa:2f:
e7:1f:66:be:15:b1:df:74:99:f6:12:96:7f:e0:a6:9c:66:0c:
e9:08:dd:0a:3a:60:9d:15:df:54:67:e2:63:09:c9:a8:1f:7e:
38:4f:9b:ea:72:87:99:93:c4:29:b8:a3:b6:2e:ac:e0:b1:36:
a3:76:d0:4a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBUkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjVDMjIxMTAvBgNVBAUTKEM3MEI0RTA0N0NBQTczNzcyNEI4OUQ1ODREQjVDMEMx
QTg1OEQyOEUwHhcNMjMxMTEwMjM1MTIyWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRlYzFmYS05ZWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz7xEWvmrlXXaRZqnAoqn07OmVKbxewN92eZKwQxiOkCpYfXE6iT6sihWpVwA
p32dGNaN9KiGmwBxDongChPcUQSkd8UEw2fbjz4QiFVMlwpfKvV5G4aU7AQkxvEb
zYdEqVxKYmnvna3ZmdYNXUc+pEp/AskUkvJp+/MYePN+NoPgPUOhfl2dZRMC0Dfo
CayS0Bd1aEwpB0Xa4O7d0Tn3LhU0aH4lFzaMBCYFcUOJBfIybKMaGtbayoa/BZBK
XAEZ3HV3FWlIa6KY5JzDGGIX5TnDlaY1CP2Ann7jaN1n1Oa9gmtnAnrry/+nkCi+
XlQftL8e9F1732g9Rnh6r84nnQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCRp+kDx
XmNI+3dsRqKVtsulcVbJMB8GA1UdIwQYMBaAFMcLTgR8qnN3JLidWE21wMGoWNKO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMyMi9GQUNDQkM1QzdG
QUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMzY2t1SjFZVGJYQXdhaFkw
bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3h3dE9CSHlxYzNja3VKMVlUYlhBd2FoWTBvNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjVDMjIvRkFDQ0JDNUM3RkFEMTFFQjk3N0I1MzM1QzRGOUFFMDIvNDg1RDY5NEE0
NTQ5MTFFRUI4NzE4Mzc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBATPrrADBATYbPAwDQYJKoZIhvcNAQELBQADggEBADHM6/68
qArDztvwgwO+Ujc7/tSJ+r2z5glaAYjPopvZ1iY+tV0jZ3OvQ65P56wrcdAOUMbM
qCDwnWtBGtFIq+42YJq59ChOdXPcQL8yMFTCYoaiXnTY0D2nj1FKEIY1JsHyLgQk
VII6JNArefQLiy6nOSGuoUjwbycN/+lQO4JvStRTnjWMAoeLu1mUmYDOqcogHy8+
u/33EBtR/nwsYaW1JmCM3Q+dYexiXqs2ChjSxW6PXRNMrYiR1iAkVQZduVAojTv6
L+cfZr4Vsd90mfYSln/gppxmDOkI3Qo6YJ0V31Rn4mMJyagffjhPm+pyh5mTxCm4
o7YurOCxNqN20Eo=
-----END CERTIFICATE-----
Generated at Sat Jun 1 01:41:43 2024 by rpki-client on console-fra.rpki-client.org