Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/0526730C2C4811EEAC2E4D46C4F9AE02.roa
File: 0526730C2C4811EEAC2E4D46C4F9AE02.roa (raw, json)
Hash identifier: colPM8HZ1vvIi6XidfSQJiOmkoAqKV69tfTn2aphAGs=
Subject key identifier: C8:DF:76:F7:32:71:F9:42:3A:B7:71:5A:7F:4B:67:B2:CD:EE:D0:D5
Certificate issuer: /CN=A913900D/serialNumber=C603786D55A904124E7592EED2899EF578921100
Certificate serial: 7CE4
Authority key identifier: C6:03:78:6D:55:A9:04:12:4E:75:92:EE:D2:89:9E:F5:78:92:11:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/0526730C2C4811EEAC2E4D46C4F9AE02.roa
Signing time: Mon 16 Sep 2024 17:24:58 +0000
ROA not before: Mon 16 Sep 2024 17:24:58 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 139760
IP address blocks: 118.127.67.0/29 maxlen: 29
118.127.72.32/29 maxlen: 29
118.127.89.112/29 maxlen: 29
202.9.114.12/30 maxlen: 30
202.9.114.28/30 maxlen: 30
202.9.114.32/28 maxlen: 28
202.9.114.48/28 maxlen: 28
202.9.114.96/28 maxlen: 28
202.9.114.112/29 maxlen: 29
202.9.114.128/27 maxlen: 27
202.9.114.160/29 maxlen: 29
202.9.114.168/29 maxlen: 29
202.9.114.176/28 maxlen: 28
202.9.114.192/27 maxlen: 27
202.9.114.224/28 maxlen: 28
202.9.114.240/29 maxlen: 29
202.9.115.32/28 maxlen: 28
202.9.115.96/27 maxlen: 27
202.9.115.240/28 maxlen: 28
203.4.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.crl
rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 16:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31972 (0x7ce4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913900D/serialNumber=C603786D55A904124E7592EED2899EF578921100
Validity
Not Before: Sep 16 17:24:58 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66e869e9-b453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d9:01:36:66:b0:92:b7:20:18:45:f9:cd:bf:
e2:e4:87:3e:d0:f0:a4:c3:fe:30:8f:0a:90:fc:0d:
e5:ef:14:ae:c9:cc:1d:11:66:6e:44:bf:29:10:45:
21:ef:5a:14:a3:70:47:20:cc:26:e6:69:2d:d9:46:
73:69:f7:89:0f:4b:43:93:46:ed:f9:3a:83:8d:b5:
90:dc:05:c6:10:76:36:87:2d:cc:a6:30:70:e7:e1:
6b:fc:56:47:bd:d3:f6:71:40:b2:42:54:2d:20:25:
d7:e7:0a:1e:c3:78:c2:92:a1:c1:02:62:ef:61:25:
f8:75:6b:3b:e0:89:2a:b2:e9:a6:5b:9a:70:bd:14:
e5:cd:86:eb:f7:e8:01:18:72:1f:c9:e5:f7:59:a1:
27:78:30:06:fe:56:5f:0b:6f:3e:da:db:ec:8a:ae:
4f:38:a5:b1:1b:36:a2:9c:1a:5d:c1:9b:2c:42:87:
34:a5:77:e7:b5:18:5c:cd:88:e2:64:1d:b2:ad:49:
bd:92:06:f2:e1:a8:02:d4:11:b6:29:20:fb:2f:7a:
f1:9f:3c:0a:7c:ae:f5:98:91:4d:56:66:14:21:5d:
39:51:49:87:39:67:da:40:46:e8:e8:91:77:6c:f7:
a4:63:0a:b1:8b:8f:1a:86:53:47:14:cb:ac:75:85:
a9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DF:76:F7:32:71:F9:42:3A:B7:71:5A:7F:4B:67:B2:CD:EE:D0:D5
X509v3 Authority Key Identifier:
keyid:C6:03:78:6D:55:A9:04:12:4E:75:92:EE:D2:89:9E:F5:78:92:11:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/xgN4bVWpBBJOdZLu0ome9XiSEQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xgN4bVWpBBJOdZLu0ome9XiSEQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913900D/FCDCD3A0AC9D11E892CDAD0DC4F9AE02/0526730C2C4811EEAC2E4D46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.127.67.0/29
118.127.72.32/29
118.127.89.112/29
202.9.114.12/30
202.9.114.28-202.9.114.63
202.9.114.96-202.9.114.119
202.9.114.128-202.9.114.247
202.9.115.32/28
202.9.115.96/27
202.9.115.240/28
203.4.212.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:b6:d3:95:49:f9:4c:d1:a2:d0:b0:b4:be:fc:92:36:c9:28:
59:1f:e7:bb:f6:c8:90:fc:91:1f:3a:38:cd:38:57:3e:c0:ec:
90:37:01:90:d5:16:83:d9:41:8f:2e:f0:26:38:07:45:0d:a8:
c3:64:b7:88:00:fa:96:34:42:26:23:2b:b7:5e:7d:7d:51:a7:
d7:d1:1b:de:e1:c0:23:69:d0:4b:51:9a:c3:3d:a6:c2:da:01:
d0:ce:f7:2f:a6:fb:91:31:7d:50:ef:4a:7b:c7:60:6b:12:5e:
b4:6d:7a:ad:f4:01:ff:41:8a:b3:4e:68:06:da:ad:d8:4d:b0:
53:fb:bb:f3:f0:3f:d7:cc:f7:6d:03:de:15:f5:21:e5:e4:f2:
f9:f0:ab:ee:dc:d5:71:ea:d3:d6:42:be:43:d5:d5:0f:be:40:
35:ac:9a:8c:41:f1:6d:ef:ef:a1:5b:59:89:70:51:e0:99:1d:
df:de:1e:ca:b8:5f:e7:ac:ec:41:df:4b:b5:e3:28:2d:01:fb:
bb:de:e9:d2:21:e1:a1:31:32:7b:b6:c6:24:d4:09:e1:38:0f:
8d:66:12:c5:9c:4a:7c:01:6e:3d:4f:04:fc:ad:33:96:dd:44:
a0:ab:52:aa:3f:81:fb:4e:0c:47:db:f3:d8:76:f2:fa:23:cf:
6c:3e:5a:ba
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgICfOQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkwMEQxMTAvBgNVBAUTKEM2MDM3ODZENTVBOTA0MTI0RTc1OTJFRUQyODk5RUY1
Nzg5MjExMDAwHhcNMjQwOTE2MTcyNDU4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmU4NjllOS1iNDUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzNkBNmawkrcgGEX5zb/i5Ic+0PCkw/4wjwqQ/A3l7xSuycwdEWZuRL8pEEUh
71oUo3BHIMwm5mkt2UZzafeJD0tDk0bt+TqDjbWQ3AXGEHY2hy3MpjBw5+Fr/FZH
vdP2cUCyQlQtICXX5woew3jCkqHBAmLvYSX4dWs74IkqsummW5pwvRTlzYbr9+gB
GHIfyeX3WaEneDAG/lZfC28+2tvsiq5POKWxGzainBpdwZssQoc0pXfntRhczYji
ZB2yrUm9kgby4agC1BG2KSD7L3rxnzwKfK71mJFNVmYUIV05UUmHOWfaQEbo6JF3
bPekYwqxi48ahlNHFMusdYWpxwIDAQABo4IC9zCCAvMwHQYDVR0OBBYEFMjfdvcy
cflCOrdxWn9LZ7LN7tDVMB8GA1UdIwQYMBaAFMYDeG1VqQQSTnWS7tKJnvV4khEA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTAwRC9GQ0RDRDNBMEFD
OUQxMUU4OTJDREFEMERDNEY5QUUwMi94Z040YlZXcEJCSk9kWkx1MG9tZTlYaVNF
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hnTjRiVldwQkJKT2RaTHUwb21lOVhpU0VRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkwMEQvRkNEQ0QzQTBBQzlEMTFFODkyQ0RBRDBEQzRGOUFFMDIvMDUyNjczMEMy
QzQ4MTFFRUFDMkU0RDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYAGCCsGAQUFBwEHAQH/
BHEwbzBtBAIAATBnAwUDdn9DAAMFA3Z/SCADBQN2f1lwAwUCyglyDDAOAwUCygly
HAMFBsoJcgAwDgMFBcoJcmADBQPKCXJwMA4DBQfKCXKAAwUDygly8AMFBMoJcyAD
BQXKCXNgAwUEyglz8AMEAssE1DANBgkqhkiG9w0BAQsFAAOCAQEAHrbTlUn5TNGi
0LC0vvySNskoWR/nu/bIkPyRHzo4zThXPsDskDcBkNUWg9lBjy7wJjgHRQ2ow2S3
iAD6ljRCJiMrt159fVGn19Eb3uHAI2nQS1Gawz2mwtoB0M73L6b7kTF9UO9Ke8dg
axJetG16rfQB/0GKs05oBtqt2E2wU/u78/A/18z3bQPeFfUh5eTy+fCr7tzVcerT
1kK+Q9XVD75ANayajEHxbe/voVtZiXBR4Jkd394eyrhf56zsQd9LteMoLQH7u97p
0iHhoTEye7bGJNQJ4TgPjWYSxZxKfAFuPU8E/K0zlt1EoKtSqj+B+04MR9vz2Hby
+iPPbD5aug==
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:36:18 2024 by rpki-client on console-fra.rpki-client.org