Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/8470E428A2E711EFA6A5B91AC4F9AE02.roa
File: 8470E428A2E711EFA6A5B91AC4F9AE02.roa (raw, json)
Hash identifier: Qzh8TQ2GRv1hV5Z2tOdP3Q91J/hGe65NAQC6LGoZleg=
Subject key identifier: A4:0C:A3:CB:71:A6:24:9C:DA:CA:6F:79:DD:35:3B:57:3D:78:A5:CF
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 3694
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/8470E428A2E711EFA6A5B91AC4F9AE02.roa
Signing time: Fri 15 Nov 2024 02:17:49 +0000
ROA not before: Fri 15 Nov 2024 02:17:49 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 216425
IP address blocks: 101.53.67.0/24 maxlen: 24
101.53.73.0/24 maxlen: 24
101.53.76.0/24 maxlen: 24
101.53.77.0/24 maxlen: 24
101.53.79.0/24 maxlen: 24
101.53.80.0/24 maxlen: 24
101.53.81.0/24 maxlen: 24
101.53.82.0/24 maxlen: 24
101.53.83.0/24 maxlen: 24
101.53.84.0/24 maxlen: 24
101.53.85.0/24 maxlen: 24
101.53.86.0/24 maxlen: 24
101.53.87.0/24 maxlen: 24
101.53.88.0/24 maxlen: 24
101.53.89.0/24 maxlen: 24
101.53.90.0/24 maxlen: 24
101.53.95.0/24 maxlen: 24
103.9.130.0/24 maxlen: 24
175.176.133.0/24 maxlen: 24
175.176.136.0/24 maxlen: 24
175.176.138.0/24 maxlen: 24
175.176.139.0/24 maxlen: 24
175.176.141.0/24 maxlen: 24
175.176.143.0/24 maxlen: 24
182.237.41.0/24 maxlen: 24
182.237.42.0/24 maxlen: 24
182.237.50.0/24 maxlen: 24
182.237.51.0/24 maxlen: 24
182.237.53.0/24 maxlen: 24
182.237.54.0/24 maxlen: 24
182.237.56.0/24 maxlen: 24
182.237.57.0/24 maxlen: 24
182.237.58.0/24 maxlen: 24
182.237.59.0/24 maxlen: 24
203.173.110.0/24 maxlen: 24
210.4.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 14:21:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13972 (0x3694)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Validity
Not Before: Nov 15 02:17:49 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6736af4d-78c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:59:9b:eb:bb:21:88:3a:46:e6:fc:5a:61:17:
58:d9:d7:7d:e9:cf:80:a5:1f:d2:df:4e:74:a8:d5:
92:bb:3d:20:b2:ef:ba:bb:94:82:a2:e8:5d:2c:1f:
76:86:50:ca:39:f4:bf:69:24:74:0a:bc:91:ff:f9:
8d:95:54:ad:43:2a:90:1d:fe:fb:cf:78:1e:2f:14:
ed:fd:28:0a:47:da:62:49:7a:2d:67:5e:e1:ea:ee:
df:80:a5:7f:33:68:c0:96:75:c0:bc:93:7a:fe:f1:
41:c4:43:84:e8:4e:07:aa:c9:8a:38:f7:33:7b:9a:
8d:85:9c:6e:1e:cc:8a:6c:25:04:c4:62:9d:a2:13:
8f:80:d0:8b:2b:fb:10:1d:af:3d:dc:09:98:40:03:
43:ea:8a:72:39:91:2a:14:59:99:29:f8:82:e8:54:
de:e7:9c:90:74:aa:d7:cb:1c:b7:70:19:97:59:f0:
92:2b:d6:36:2a:8f:79:6f:0f:b1:05:bf:c2:47:b4:
87:72:77:6c:25:ea:af:d4:e3:ff:60:2e:74:36:67:
23:fa:b2:f3:b2:a5:f7:83:76:97:5f:81:6e:1b:7d:
6a:74:0d:6f:83:b3:f6:06:e1:32:71:e0:a1:b9:08:
8b:55:e0:c6:30:5f:57:d8:61:c8:98:a4:e7:9e:f0:
87:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0C:A3:CB:71:A6:24:9C:DA:CA:6F:79:DD:35:3B:57:3D:78:A5:CF
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/8470E428A2E711EFA6A5B91AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.53.67.0/24
101.53.73.0/24
101.53.76.0/23
101.53.79.0-101.53.90.255
101.53.95.0/24
103.9.130.0/24
175.176.133.0/24
175.176.136.0/24
175.176.138.0/23
175.176.141.0/24
175.176.143.0/24
182.237.41.0-182.237.42.255
182.237.50.0/23
182.237.53.0-182.237.54.255
182.237.56.0/22
203.173.110.0/24
210.4.92.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:0d:43:92:c9:30:6c:c7:ce:4c:30:d2:88:b7:58:8c:b5:a5:
5b:0c:a8:cd:36:0f:e8:1c:0a:65:94:07:8c:4a:48:7b:50:b4:
cd:6e:ef:97:b0:1e:8b:c7:56:f6:bb:43:70:28:04:a6:1c:6c:
1c:2d:3f:e5:af:92:a7:54:27:ef:ca:02:ea:84:8c:e8:25:a0:
ae:29:b5:72:07:c2:73:37:f4:56:d8:c1:ae:db:fa:4d:71:26:
fd:2e:92:f5:7b:de:e5:3d:b4:bd:b4:ba:56:8f:a8:c4:79:71:
30:42:09:b7:4f:b7:fc:2e:05:f9:32:65:20:c5:7b:34:5d:b2:
04:42:ee:31:d0:d7:06:9c:9e:56:59:3e:61:d0:ca:7d:f7:63:
d8:ef:dc:c2:17:86:99:f2:a5:49:57:f1:f6:48:e4:1a:18:a6:
ce:ed:8b:5f:4c:0d:fd:d9:4b:86:a9:4f:05:ff:da:1b:e1:bd:
f5:3b:e4:d6:57:a4:b3:05:91:ca:5f:7b:c9:bb:47:a1:d8:1f:
36:46:fe:32:c0:a0:30:70:6a:15:5a:b5:21:fe:a9:f8:5d:78:
72:82:e0:d8:95:a1:de:73:42:1c:0f:54:d1:e4:e1:7d:fd:e9:
25:31:21:01:9c:aa:cd:f4:d0:20:2d:4c:eb:1e:bc:7e:e0:2c:
1c:f4:3f:fd
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgICNpQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjQxMTE1MDIxNzQ5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzM2YWY0ZC03OGM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArVmb67shiDpG5vxaYRdY2dd96c+ApR/S3050qNWSuz0gsu+6u5SCouhdLB92
hlDKOfS/aSR0CryR//mNlVStQyqQHf77z3geLxTt/SgKR9piSXotZ17h6u7fgKV/
M2jAlnXAvJN6/vFBxEOE6E4HqsmKOPcze5qNhZxuHsyKbCUExGKdohOPgNCLK/sQ
Ha893AmYQAND6opyOZEqFFmZKfiC6FTe55yQdKrXyxy3cBmXWfCSK9Y2Ko95bw+x
Bb/CR7SHcndsJeqv1OP/YC50Nmcj+rLzsqX3g3aXX4FuG31qdA1vg7P2BuEyceCh
uQiLVeDGMF9X2GHImKTnnvCHIwIDAQABo4IDETCCAw0wHQYDVR0OBBYEFKQMo8tx
piSc2spved01O1c9eKXPMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvODQ3MEU0MjhB
MkU3MTFFRkE2QTVCOTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZoGCCsGAQUFBwEHAQH/
BIGKMIGHMIGEBAIAATB+AwQAZTVDAwQAZTVJAwQBZTVMMAwDBABlNU8DBABlNVoD
BABlNV8DBABnCYIDBACvsIUDBACvsIgDBAGvsIoDBACvsI0DBACvsI8wDAMEALbt
KQMEALbtKgMEAbbtMjAMAwQAtu01AwQAtu02AwQCtu04AwQAy61uAwQA0gRcMA0G
CSqGSIb3DQEBCwUAA4IBAQDODUOSyTBsx85MMNKIt1iMtaVbDKjNNg/oHApllAeM
Skh7ULTNbu+XsB6Lx1b2u0NwKASmHGwcLT/lr5KnVCfvygLqhIzoJaCuKbVyB8Jz
N/RW2MGu2/pNcSb9LpL1e97lPbS9tLpWj6jEeXEwQgm3T7f8LgX5MmUgxXs0XbIE
Qu4x0NcGnJ5WWT5h0Mp992PY79zCF4aZ8qVJV/H2SOQaGKbO7YtfTA392UuGqU8F
/9ob4b31O+TWV6SzBZHKX3vJu0eh2B82Rv4ywKAwcGoVWrUh/qn4XXhyguDYlaHe
c0IcD1TR5OF9/eklMSEBnKrN9NAgLUzrHrx+4Cwc9D/9
-----END CERTIFICATE-----
Generated at Sun Nov 24 17:20:03 2024 by rpki-client on console-fra.rpki-client.org