Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/0D16F5F4933211EEA5AC155DC4F9AE02.roa
File: 0D16F5F4933211EEA5AC155DC4F9AE02.roa (raw, json)
Hash identifier: nZ1yHEPeiG19plzrBwBsmWUzv4md0N8DTeYNsXYdWYU=
Subject key identifier: 67:9C:11:80:00:5B:CA:3C:75:CD:7A:89:8A:E6:64:19:BA:56:92:C9
Certificate issuer: /CN=A9146B24/serialNumber=3918D80BCB702ECACF84CB7ACA880F878A14FE48
Certificate serial: 4A
Authority key identifier: 39:18:D8:0B:CB:70:2E:CA:CF:84:CB:7A:CA:88:0F:87:8A:14:FE:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ORjYC8twLsrPhMt6yogPh4oU_kg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/0D16F5F4933211EEA5AC155DC4F9AE02.roa
Signing time: Wed 27 Dec 2023 07:18:02 +0000
ROA not before: Wed 27 Dec 2023 07:18:02 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 55832
IP address blocks: 27.123.216.0/22 maxlen: 22
27.123.216.0/24 maxlen: 24
27.123.217.0/24 maxlen: 24
27.123.218.0/24 maxlen: 24
27.123.219.0/24 maxlen: 24
45.64.12.0/24 maxlen: 24
45.64.13.0/24 maxlen: 24
45.64.14.0/24 maxlen: 24
45.64.15.0/24 maxlen: 24
103.4.208.0/22 maxlen: 22
103.4.208.0/24 maxlen: 24
103.4.209.0/24 maxlen: 24
103.4.210.0/24 maxlen: 24
103.4.211.0/24 maxlen: 24
120.88.176.0/20 maxlen: 20
120.88.176.0/24 maxlen: 24
120.88.177.0/24 maxlen: 24
120.88.178.0/24 maxlen: 24
120.88.179.0/24 maxlen: 24
120.88.180.0/24 maxlen: 24
120.88.181.0/24 maxlen: 24
120.88.182.0/23 maxlen: 24
120.88.184.0/24 maxlen: 24
120.88.185.0/24 maxlen: 24
120.88.186.0/24 maxlen: 24
120.88.187.0/24 maxlen: 24
120.88.188.0/24 maxlen: 24
120.88.189.0/24 maxlen: 24
120.88.190.0/24 maxlen: 24
120.88.191.0/24 maxlen: 24
2407:2a00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/ORjYC8twLsrPhMt6yogPh4oU_kg.crl
rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/ORjYC8twLsrPhMt6yogPh4oU_kg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ORjYC8twLsrPhMt6yogPh4oU_kg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 08 Jun 2024 08:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74 (0x4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146B24/serialNumber=3918D80BCB702ECACF84CB7ACA880F878A14FE48
Validity
Not Before: Dec 27 07:18:02 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=658bcfaa-da2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:26:34:08:0c:d6:d5:79:2d:a9:2f:d0:f0:f6:
8e:d2:cf:f0:ce:31:89:f3:9a:48:6a:40:70:55:79:
ee:b5:2b:ad:29:02:2a:d5:0b:ec:0f:27:4b:79:61:
2d:d2:a6:d4:5b:31:e7:37:0b:be:4e:a7:54:bf:f9:
1d:10:b2:c7:f2:76:70:45:4f:99:b8:c2:ce:3f:0c:
a6:b3:91:b0:63:ee:e2:c9:e0:86:6b:ca:df:ea:f5:
4d:d2:97:f1:ad:55:90:15:23:f9:49:3e:60:bf:e5:
2c:4f:ae:65:6f:48:7a:a3:9e:3b:9a:51:41:00:c7:
76:fb:a6:d5:44:a2:b3:ba:c7:b5:18:99:a2:c7:4f:
9d:41:f6:64:46:c2:da:0a:ad:82:b0:a9:da:13:19:
fc:d4:98:7d:35:f0:eb:bd:e6:b5:e6:c5:0e:1b:d0:
90:0c:db:44:98:ed:b7:6d:2e:92:ae:47:94:35:38:
bd:79:8a:cc:b5:dd:18:29:7b:3c:ba:7f:47:f6:17:
ca:bd:c3:8a:fc:a6:f4:c4:c4:7e:29:8b:c9:4c:d2:
b6:80:b0:d2:40:8a:20:25:2f:f9:d5:ec:02:54:ac:
17:9b:57:f7:7f:c2:7b:95:f0:c6:f5:47:d0:95:78:
2f:a7:df:a9:10:c7:76:23:09:90:7a:8e:70:cc:a1:
84:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9C:11:80:00:5B:CA:3C:75:CD:7A:89:8A:E6:64:19:BA:56:92:C9
X509v3 Authority Key Identifier:
keyid:39:18:D8:0B:CB:70:2E:CA:CF:84:CB:7A:CA:88:0F:87:8A:14:FE:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/ORjYC8twLsrPhMt6yogPh4oU_kg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ORjYC8twLsrPhMt6yogPh4oU_kg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146B24/B473C4BE933011EE82308059C4F9AE02/0D16F5F4933211EEA5AC155DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.216.0/22
45.64.12.0/22
103.4.208.0/22
120.88.176.0/20
IPv6:
2407:2a00::/32
Signature Algorithm: sha256WithRSAEncryption
59:51:8b:5c:37:88:ad:07:7e:96:aa:bd:65:4e:71:fe:7e:6f:
7f:43:be:49:7e:09:21:09:fe:59:bc:f2:08:40:02:48:2a:2d:
53:21:1b:1d:3f:ac:bf:c2:2d:a4:d5:f0:de:ff:52:d6:65:63:
ec:9f:40:7f:03:78:3e:ba:54:70:34:b8:d5:3a:27:52:0e:2c:
f0:49:48:62:35:7a:64:68:67:42:7e:69:b9:b6:4c:50:81:b1:
45:28:ed:9c:da:9a:e6:63:d8:77:6c:c4:51:a0:dd:82:7f:89:
42:db:7d:a5:ac:cd:36:7e:6c:e6:57:31:76:80:29:1d:12:f9:
ca:83:4f:99:4f:7b:2d:23:b9:5e:27:2b:cc:c5:f6:c4:36:8c:
7e:84:b3:26:a6:62:4b:ab:a3:71:05:8a:61:e2:13:b6:a0:b0:
66:7a:60:99:b3:45:39:ed:7f:5c:03:e7:06:2a:62:82:df:f4:
85:1b:0e:46:94:53:23:46:2a:2e:ea:97:37:c8:81:0b:cc:5e:
45:9e:e8:b0:32:48:93:dc:8d:39:b0:72:5e:cd:f9:7a:22:79:
f4:e9:28:a4:98:14:9a:e7:c6:a5:c0:e4:68:e7:5c:ab:8d:e7:
d1:ed:e5:4b:df:3a:41:52:a3:da:dc:de:05:11:e0:01:c6:b6:
1a:56:e3:6e
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIBSjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
NkIyNDExMC8GA1UEBRMoMzkxOEQ4MEJDQjcwMkVDQUNGODRDQjdBQ0E4ODBGODc4
QTE0RkU0ODAeFw0yMzEyMjcwNzE4MDJaFw0yNTAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OGJjZmFhLWRhMmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCrJjQIDNbVeS2pL9Dw9o7Sz/DOMYnzmkhqQHBVee61K60pAirVC+wPJ0t5YS3S
ptRbMec3C75Op1S/+R0QssfydnBFT5m4ws4/DKazkbBj7uLJ4IZryt/q9U3Sl/Gt
VZAVI/lJPmC/5SxPrmVvSHqjnjuaUUEAx3b7ptVEorO6x7UYmaLHT51B9mRGwtoK
rYKwqdoTGfzUmH018Ou95rXmxQ4b0JAM20SY7bdtLpKuR5Q1OL15isy13Rgpezy6
f0f2F8q9w4r8pvTExH4pi8lM0raAsNJAiiAlL/nV7AJUrBebV/d/wnuV8Mb1R9CV
eC+n36kQx3YjCZB6jnDMoYSLAgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUZ5wRgABb
yjx1zXqJiuZkGbpWkskwHwYDVR0jBBgwFoAUORjYC8twLsrPhMt6yogPh4oU/kgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ2QjI0L0I0NzNDNEJFOTMz
MDExRUU4MjMwODA1OUM0RjlBRTAyL09SallDOHR3THNyUGhNdDZ5b2dQaDRvVV9r
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvT1JqWUM4dHdMc3JQaE10NnlvZ1BoNG9VX2tnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NkIyNC9CNDczQzRCRTkzMzAxMUVFODIzMDgwNTlDNEY5QUUwMi8wRDE2RjVGNDkz
MzIxMUVFQTVBQzE1NURDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBABggrBgEFBQcBBwEB/wQx
MC8wHgQCAAEwGAMEAht72AMEAi1ADAMEAmcE0AMEBHhYsDANBAIAAjAHAwUAJAcq
ADANBgkqhkiG9w0BAQsFAAOCAQEAWVGLXDeIrQd+lqq9ZU5x/n5vf0O+SX4JIQn+
WbzyCEACSCotUyEbHT+sv8ItpNXw3v9S1mVj7J9AfwN4PrpUcDS41TonUg4s8ElI
YjV6ZGhnQn5pubZMUIGxRSjtnNqa5mPYd2zEUaDdgn+JQtt9pazNNn5s5lcxdoAp
HRL5yoNPmU97LSO5XicrzMX2xDaMfoSzJqZiS6ujcQWKYeITtqCwZnpgmbNFOe1/
XAPnBipigt/0hRsORpRTI0YqLuqXN8iBC8xeRZ7osDJIk9yNObByXs35eiJ59Oko
pJgUmufGpcDkaOdcq43n0e3lS986QVKj2tzeBRHgAca2Glbjbg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:47:11 2024 by rpki-client on console-ams.rpki-client.org