Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/FFB3EF94F53C11EEA5B4623BC4F9AE02.roa
File: FFB3EF94F53C11EEA5B4623BC4F9AE02.roa (raw, json)
Hash identifier: ORMQWiZ/8XwKyS2SKGBR2zi5yIlRM5N1PNX7RvJyxpo=
Subject key identifier: C0:B7:A0:46:2F:74:4C:1E:BF:DA:02:9E:47:01:F1:26:13:53:EE:85
Certificate issuer: /CN=A913C627/serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
Certificate serial: 0796
Authority key identifier: 6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/FFB3EF94F53C11EEA5B4623BC4F9AE02.roa
Signing time: Mon 08 Apr 2024 00:14:43 +0000
ROA not before: Mon 08 Apr 2024 00:14:43 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 9738
IP address blocks: 61.14.96.0/19 maxlen: 19
61.14.96.0/23 maxlen: 24
61.14.98.0/23 maxlen: 24
61.14.100.0/24 maxlen: 24
61.14.101.0/24 maxlen: 24
61.14.102.0/23 maxlen: 24
61.14.104.0/24 maxlen: 24
61.14.105.0/24 maxlen: 24
61.14.106.0/24 maxlen: 24
61.14.107.0/24 maxlen: 24
61.14.108.0/24 maxlen: 24
61.14.109.0/24 maxlen: 24
61.14.110.0/24 maxlen: 24
61.14.111.0/24 maxlen: 24
61.14.112.0/24 maxlen: 24
61.14.113.0/24 maxlen: 24
61.14.114.0/24 maxlen: 24
61.14.115.0/24 maxlen: 24
61.14.116.0/24 maxlen: 24
61.14.117.0/24 maxlen: 24
61.14.118.0/24 maxlen: 24
61.14.119.0/24 maxlen: 24
61.14.121.0/24 maxlen: 24
61.14.122.0/24 maxlen: 24
61.14.123.0/24 maxlen: 24
61.14.127.0/24 maxlen: 24
103.28.196.0/23 maxlen: 23
103.28.198.0/23 maxlen: 23
202.148.224.0/21 maxlen: 21
202.148.224.0/24 maxlen: 24
202.148.225.0/24 maxlen: 24
202.148.226.0/24 maxlen: 24
202.148.227.0/24 maxlen: 24
202.148.228.0/24 maxlen: 24
202.148.229.0/24 maxlen: 24
202.148.231.0/24 maxlen: 24
202.148.232.0/24 maxlen: 24
202.148.233.0/24 maxlen: 24
202.148.234.0/23 maxlen: 23
202.148.234.0/24 maxlen: 24
202.148.235.0/24 maxlen: 24
202.148.236.0/22 maxlen: 22
202.148.236.0/23 maxlen: 24
202.148.238.0/24 maxlen: 24
202.148.239.0/24 maxlen: 24
203.19.157.0/24 maxlen: 24
210.18.192.0/22 maxlen: 24
210.18.196.0/24 maxlen: 24
210.18.197.0/24 maxlen: 24
210.18.198.0/24 maxlen: 24
210.18.199.0/24 maxlen: 24
210.18.200.0/24 maxlen: 24
210.18.201.0/24 maxlen: 24
210.18.202.0/23 maxlen: 23
210.18.202.0/24 maxlen: 24
210.18.203.0/24 maxlen: 24
210.18.204.0/22 maxlen: 22
210.18.204.0/24 maxlen: 24
210.18.205.0/24 maxlen: 24
210.18.207.0/24 maxlen: 24
210.18.208.0/20 maxlen: 21
210.18.208.0/23 maxlen: 24
210.18.210.0/23 maxlen: 24
210.18.212.0/23 maxlen: 24
210.18.214.0/23 maxlen: 24
210.18.216.0/21 maxlen: 24
210.18.224.0/20 maxlen: 20
210.18.224.0/21 maxlen: 21
210.18.227.0/24 maxlen: 24
210.18.232.0/24 maxlen: 24
210.18.233.0/24 maxlen: 24
210.18.234.0/23 maxlen: 24
210.18.236.0/22 maxlen: 22
210.18.236.0/24 maxlen: 24
210.18.237.0/24 maxlen: 24
210.18.238.0/24 maxlen: 24
210.18.239.0/24 maxlen: 24
210.18.240.0/24 maxlen: 24
210.18.241.0/24 maxlen: 24
210.18.242.0/24 maxlen: 24
210.18.243.0/24 maxlen: 24
210.18.244.0/22 maxlen: 22
210.18.248.0/23 maxlen: 23
210.18.248.0/24 maxlen: 24
210.18.250.0/23 maxlen: 23
210.18.251.0/24 maxlen: 24
210.18.252.0/24 maxlen: 24
210.18.253.0/24 maxlen: 24
210.18.254.0/24 maxlen: 24
210.18.255.0/24 maxlen: 24
2403:c800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.crl
rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 13 Jun 2024 22:26:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1942 (0x796)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913C627/serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
Validity
Not Before: Apr 8 00:14:43 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=661336f3-d827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ae:84:f0:f7:ea:e8:08:09:c6:37:89:fb:99:
23:b3:4a:13:dc:01:98:2a:fb:6e:6f:e8:f7:ae:b8:
c7:99:7b:79:35:42:62:ee:90:47:38:f2:a8:1e:59:
ae:0b:1a:d0:ce:39:64:bf:d7:58:00:ab:11:cd:51:
14:48:f4:dc:d1:ab:8e:5d:b1:02:d8:88:55:d0:2f:
de:94:73:3c:1d:16:c9:6b:67:bd:be:5f:b7:60:1e:
24:3a:34:9f:be:70:f2:8e:5d:b9:79:d6:51:b7:33:
ea:99:9d:44:5c:4a:15:de:8e:aa:1b:6e:11:a7:c8:
23:9d:64:14:9c:cd:af:4b:1c:ba:5a:21:87:7b:19:
7d:9e:f7:22:ec:10:9c:70:2d:e7:32:f5:b2:c4:79:
19:22:63:bf:28:0e:8e:32:f4:2d:b8:a6:bf:7d:5e:
a2:d8:d8:a6:97:c8:97:83:85:59:c5:c9:85:ca:76:
c9:a2:70:59:1e:94:07:37:d6:2f:ec:f9:d4:b5:18:
dc:14:e2:a6:c5:41:51:50:97:d2:e4:e7:c8:64:18:
2c:8b:bd:26:c2:36:6b:80:e4:d9:d7:73:42:5a:cd:
8c:5f:ec:db:f9:fb:5f:0c:2a:90:9c:88:df:72:8e:
b2:17:07:2f:09:9b:52:69:b7:71:4a:57:84:02:37:
fe:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B7:A0:46:2F:74:4C:1E:BF:DA:02:9E:47:01:F1:26:13:53:EE:85
X509v3 Authority Key Identifier:
keyid:6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/FFB3EF94F53C11EEA5B4623BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.14.96.0/19
103.28.196.0/22
202.148.224.0/20
203.19.157.0/24
210.18.192.0/18
IPv6:
2403:c800::/32
Signature Algorithm: sha256WithRSAEncryption
06:24:44:33:f2:1a:0f:b4:9d:4a:89:8e:57:31:df:86:ce:8e:
c7:00:36:fe:26:5d:43:4b:43:f6:5c:db:36:07:0d:8b:78:cc:
d1:e7:f7:e0:d1:74:10:35:4a:7a:9f:2a:b8:cf:b2:25:f2:01:
66:79:ae:f4:fa:83:5d:3c:40:6f:e9:92:14:3c:e8:00:79:08:
08:9e:33:b0:27:a4:45:cc:85:05:f6:7a:59:e0:4f:52:71:30:
e8:2a:b6:9c:79:93:a9:d0:f9:45:72:8f:23:9c:9c:aa:12:b8:
5c:6a:07:3b:5d:a3:0e:64:58:70:bc:55:09:06:6e:6d:51:cd:
aa:28:86:a0:10:bb:96:ee:d4:d7:62:02:b9:ef:77:ba:f8:cc:
bf:c8:29:27:f2:90:58:01:23:9e:9c:4e:3d:f3:28:18:2b:61:
55:b7:1b:2c:bd:ad:24:06:87:be:5c:c0:07:11:48:ea:31:a4:
43:a1:c3:08:f7:64:82:43:09:ea:23:92:58:b4:42:87:38:36:
89:74:b2:81:98:9e:17:21:e5:fc:4a:9d:b9:fb:ed:9d:10:79:
73:15:ff:9f:02:56:4d:80:ef:07:fe:57:9b:f4:b5:91:5a:ed:
58:b4:fb:8f:54:6d:f0:a1:40:18:04:93:63:56:eb:45:a8:02:
52:69:ad:4c
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICB5YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0M2MjcxMTAvBgNVBAUTKDZGRkE1REIxNTlENDBBM0ExNzJEQkM3NEY1QzMyQjU1
NTE3OTc5QUYwHhcNMjQwNDA4MDAxNDQzWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjEzMzZmMy1kODI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0q6E8Pfq6AgJxjeJ+5kjs0oT3AGYKvtub+j3rrjHmXt5NUJi7pBHOPKoHlmu
CxrQzjlkv9dYAKsRzVEUSPTc0auOXbEC2IhV0C/elHM8HRbJa2e9vl+3YB4kOjSf
vnDyjl25edZRtzPqmZ1EXEoV3o6qG24Rp8gjnWQUnM2vSxy6WiGHexl9nvci7BCc
cC3nMvWyxHkZImO/KA6OMvQtuKa/fV6i2Niml8iXg4VZxcmFynbJonBZHpQHN9Yv
7PnUtRjcFOKmxUFRUJfS5OfIZBgsi70mwjZrgOTZ13NCWs2MX+zb+ftfDCqQnIjf
co6yFwcvCZtSabdxSleEAjf+HQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFMC3oEYv
dEwev9oCnkcB8SYTU+6FMB8GA1UdIwQYMBaAFG/6XbFZ1Ao6Fy28dPXDK1VReXmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzYyNy9DMjY1QzFBNEQw
N0QxMUVBODYwMDk4NkRDNEY5QUUwMi9iX3Bkc1ZuVUNqb1hMYngwOWNNclZWRjVl
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JfcGRzVm5VQ2pvWExieDA5Y01yVlZGNWVhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0M2MjcvQzI2NUMxQTREMDdEMTFFQTg2MDA5ODZEQzRGOUFFMDIvRkZCM0VGOTRG
NTNDMTFFRUE1QjQ2MjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAU9DmADBAJnHMQDBATKlOADBADLE50DBAbSEsAwDQQCAAIw
BwMFACQDyAAwDQYJKoZIhvcNAQELBQADggEBAAYkRDPyGg+0nUqJjlcx34bOjscA
Nv4mXUNLQ/Zc2zYHDYt4zNHn9+DRdBA1SnqfKrjPsiXyAWZ5rvT6g108QG/pkhQ8
6AB5CAieM7AnpEXMhQX2elngT1JxMOgqtpx5k6nQ+UVyjyOcnKoSuFxqBztdow5k
WHC8VQkGbm1RzaoohqAQu5bu1NdiArnvd7r4zL/IKSfykFgBI56cTj3zKBgrYVW3
Gyy9rSQGh75cwAcRSOoxpEOhwwj3ZIJDCeojkli0Qoc4Nol0soGYnhch5fxKnbn7
7Z0QeXMV/58CVk2A7wf+V5v0tZFa7Vi0+49UbfChQBgEk2NW60WoAlJprUw=
-----END CERTIFICATE-----
Generated at Fri Jun 7 00:12:01 2024 by rpki-client on console-ams.rpki-client.org