Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/FB4F0F9EF90011EDAEA1FC13C4F9AE02.roa
File: FB4F0F9EF90011EDAEA1FC13C4F9AE02.roa (raw, json)
Hash identifier: zSVDYqkWgkMa+aLsCRgndkcVWEmWW6zKnoCgA3mt+Jw=
Subject key identifier: E2:27:7C:C6:C0:90:38:85:84:77:86:1F:9E:39:56:AA:25:C2:F0:66
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 35EA
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/FB4F0F9EF90011EDAEA1FC13C4F9AE02.roa
Signing time: Fri 16 Aug 2024 14:40:18 +0000
ROA not before: Fri 16 Aug 2024 14:40:18 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 10160
IP address blocks: 119.59.24.0/24 maxlen: 24
119.59.25.0/24 maxlen: 24
119.59.26.0/24 maxlen: 24
119.59.27.0/24 maxlen: 24
119.59.28.0/24 maxlen: 24
119.59.29.0/24 maxlen: 24
119.59.30.0/24 maxlen: 24
119.59.31.0/24 maxlen: 24
119.59.32.0/24 maxlen: 24
119.59.33.0/24 maxlen: 24
119.59.34.0/24 maxlen: 24
119.59.35.0/24 maxlen: 24
119.59.36.0/24 maxlen: 24
119.59.37.0/24 maxlen: 24
119.59.38.0/24 maxlen: 24
119.59.39.0/24 maxlen: 24
119.59.40.0/24 maxlen: 24
119.59.41.0/24 maxlen: 24
119.59.42.0/24 maxlen: 24
119.59.43.0/24 maxlen: 24
119.59.44.0/24 maxlen: 24
119.59.45.0/24 maxlen: 24
119.59.46.0/24 maxlen: 24
119.59.47.0/24 maxlen: 24
119.59.48.0/24 maxlen: 24
119.59.49.0/24 maxlen: 24
119.59.50.0/24 maxlen: 24
119.59.51.0/24 maxlen: 24
119.59.52.0/24 maxlen: 24
119.59.53.0/24 maxlen: 24
119.59.54.0/24 maxlen: 24
119.59.55.0/24 maxlen: 24
119.59.56.0/24 maxlen: 24
119.59.57.0/24 maxlen: 24
119.59.58.0/24 maxlen: 24
119.59.59.0/24 maxlen: 24
119.59.60.0/24 maxlen: 24
119.59.61.0/24 maxlen: 24
119.59.62.0/24 maxlen: 24
119.59.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 02:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13802 (0x35ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Validity
Not Before: Aug 16 14:40:18 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66bf64d2-dde1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a7:b4:59:39:18:73:a9:2d:36:2a:8b:25:a1:
31:42:62:72:a6:37:b9:18:16:08:ed:b1:0a:21:57:
02:3d:a5:83:33:d8:ec:51:1a:21:78:8c:26:b5:55:
9d:66:34:af:b0:94:92:90:8d:54:46:d4:17:40:ca:
c6:96:4a:1c:96:15:b4:f3:fc:28:71:19:f2:5c:6f:
a9:44:ba:aa:23:5c:77:e9:fc:f9:60:3a:f8:30:71:
bc:c6:a8:80:c6:d3:4f:4a:be:5c:cf:e3:c1:b7:c8:
04:55:c4:0c:1a:fd:31:08:d8:ec:df:8e:6b:1b:4d:
fe:c7:13:de:a2:04:10:be:9e:19:64:1c:8e:a8:bc:
17:22:3b:8b:47:44:57:6b:2c:56:98:aa:21:8a:85:
5f:c5:05:ee:a5:84:3e:39:92:af:6e:5c:22:20:29:
12:c0:eb:42:64:e4:fb:9e:20:6b:29:f7:00:be:fa:
8f:95:b7:4d:c9:72:77:14:00:2e:90:6e:88:93:a0:
fd:2e:3e:61:14:c5:86:65:55:6e:66:4d:f9:b3:03:
e9:7c:92:a8:19:80:71:72:5c:9b:34:b7:5d:36:15:
26:9b:81:47:8a:c4:92:8b:75:4b:58:6e:f5:8a:a2:
5e:88:94:46:35:44:55:0a:3a:96:38:c9:a2:28:76:
d3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:27:7C:C6:C0:90:38:85:84:77:86:1F:9E:39:56:AA:25:C2:F0:66
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/FB4F0F9EF90011EDAEA1FC13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.59.24.0-119.59.63.255
Signature Algorithm: sha256WithRSAEncryption
d2:c7:67:f2:4f:a3:45:fd:16:cd:fa:68:ed:44:23:57:93:93:
50:02:58:4a:af:da:10:10:f8:2d:03:01:ab:4e:a2:4e:82:5e:
10:9d:f7:22:91:9d:52:62:65:74:60:52:f7:65:e8:79:7f:0f:
48:0c:23:9c:88:89:99:2f:57:be:84:d7:d7:f3:bd:d1:ee:42:
d3:e9:59:7d:22:a7:78:7a:9f:02:17:15:8b:13:4d:d5:31:b8:
f3:db:50:15:83:7e:7c:b1:dc:7e:7d:fc:f4:29:0d:0a:d7:01:
00:8d:ac:c4:83:f5:4e:2e:99:56:7c:70:25:f8:35:a7:a2:6d:
59:b2:da:82:ac:15:f8:c8:6c:c6:81:33:6b:99:b8:db:e0:74:
d8:ac:0f:7a:1e:9d:62:29:85:65:07:d8:bf:77:92:ac:6e:cd:
7a:e3:51:32:50:0a:8b:6e:41:4d:c3:79:a2:54:d8:a1:ec:68:
56:4f:5d:4f:ed:9b:fe:be:ff:75:2c:c6:22:fe:5f:44:01:f9:
c5:c9:b8:97:37:8c:d6:0e:5e:8f:69:02:ac:92:94:68:14:5c:
94:81:80:64:36:99:61:4c:97:d5:37:ce:cb:ad:3d:50:af:59:
90:72:3a:32:f6:ce:21:b6:3f:25:6f:23:45:09:e3:86:b7:ce:
02:65:db:d8
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICNeowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjQwODE2MTQ0MDE4WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJmNjRkMi1kZGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsqe0WTkYc6ktNiqLJaExQmJypje5GBYI7bEKIVcCPaWDM9jsURoheIwmtVWd
ZjSvsJSSkI1URtQXQMrGlkoclhW08/wocRnyXG+pRLqqI1x36fz5YDr4MHG8xqiA
xtNPSr5cz+PBt8gEVcQMGv0xCNjs345rG03+xxPeogQQvp4ZZByOqLwXIjuLR0RX
ayxWmKohioVfxQXupYQ+OZKvblwiICkSwOtCZOT7niBrKfcAvvqPlbdNyXJ3FAAu
kG6Ik6D9Lj5hFMWGZVVuZk35swPpfJKoGYBxclybNLddNhUmm4FHisSSi3VLWG71
iqJeiJRGNURVCjqWOMmiKHbTxwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFOInfMbA
kDiFhHeGH545VqolwvBmMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvRkI0RjBGOUVG
OTAwMTFFREFFQTFGQzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEA3c7GAMEBnc7ADANBgkqhkiG9w0BAQsFAAOCAQEA0sdn
8k+jRf0Wzfpo7UQjV5OTUAJYSq/aEBD4LQMBq06iToJeEJ33IpGdUmJldGBS92Xo
eX8PSAwjnIiJmS9XvoTX1/O90e5C0+lZfSKneHqfAhcVixNN1TG489tQFYN+fLHc
fn389CkNCtcBAI2sxIP1Ti6ZVnxwJfg1p6JtWbLagqwV+MhsxoEza5m42+B02KwP
eh6dYimFZQfYv3eSrG7NeuNRMlAKi25BTcN5olTYoexoVk9dT+2b/r7/dSzGIv5f
RAH5xcm4lzeM1g5ej2kCrJKUaBRclIGAZDaZYUyX1TfOy609UK9ZkHI6MvbOIbY/
JW8jRQnjhrfOAmXb2A==
-----END CERTIFICATE-----
Generated at Sun Nov 24 15:31:14 2024 by rpki-client on console-ams.rpki-client.org