Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/7EFB8A6E885311E6BDE50A80C4F9AE02.roa
File: 7EFB8A6E885311E6BDE50A80C4F9AE02.roa (raw, json)
Hash identifier: TImxH9JTLcXW5IxN9KJ3rWqoq711teMsa+dHA5TQbng=
Subject key identifier: 7C:C3:F1:A8:47:F9:69:09:10:0D:AE:17:CC:2E:CF:73:3C:5F:8C:3D
Certificate issuer: /CN=A915AE5F/serialNumber=AFE727E4209DCDF82762574B5E33C8083787A18F
Certificate serial: 1D4B
Authority key identifier: AF:E7:27:E4:20:9D:CD:F8:27:62:57:4B:5E:33:C8:08:37:87:A1:8F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-cn5CCdzfgnYldLXjPICDeHoY8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/7EFB8A6E885311E6BDE50A80C4F9AE02.roa
Signing time: Tue 28 Nov 2023 16:43:22 +0000
ROA not before: Tue 28 Nov 2023 16:43:22 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 24392
IP address blocks: 202.179.64.0/19 maxlen: 19
202.179.64.0/24 maxlen: 24
202.179.65.0/24 maxlen: 24
202.179.66.0/24 maxlen: 24
202.179.67.0/24 maxlen: 24
202.179.68.0/24 maxlen: 24
202.179.69.0/24 maxlen: 24
202.179.70.0/24 maxlen: 24
202.179.71.0/24 maxlen: 24
202.179.72.0/24 maxlen: 24
202.179.73.0/24 maxlen: 24
202.179.74.0/24 maxlen: 24
202.179.75.0/24 maxlen: 24
202.179.76.0/24 maxlen: 24
202.179.77.0/24 maxlen: 24
202.179.78.0/24 maxlen: 24
202.179.79.0/24 maxlen: 24
202.179.80.0/24 maxlen: 24
202.179.81.0/24 maxlen: 24
202.179.82.0/24 maxlen: 24
202.179.83.0/24 maxlen: 24
202.179.84.0/24 maxlen: 24
202.179.85.0/24 maxlen: 24
202.179.86.0/24 maxlen: 24
202.179.87.0/24 maxlen: 24
202.179.88.0/24 maxlen: 24
202.179.89.0/24 maxlen: 24
202.179.90.0/24 maxlen: 24
202.179.91.0/24 maxlen: 24
202.179.92.0/24 maxlen: 24
202.179.93.0/24 maxlen: 24
202.179.94.0/24 maxlen: 24
202.179.95.0/24 maxlen: 24
2407:5c00:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/r-cn5CCdzfgnYldLXjPICDeHoY8.crl
rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/r-cn5CCdzfgnYldLXjPICDeHoY8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-cn5CCdzfgnYldLXjPICDeHoY8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 16:40:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7499 (0x1d4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915AE5F/serialNumber=AFE727E4209DCDF82762574B5E33C8083787A18F
Validity
Not Before: Nov 28 16:43:22 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=656618aa-7d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1a:54:50:2c:c9:e0:8d:20:0c:13:6a:c4:90:
7d:16:e6:00:6b:e7:1d:07:1d:94:65:a6:c4:2d:4d:
86:c6:1d:4e:10:9c:07:78:bf:cd:88:bb:a4:cb:ec:
5b:b3:0f:fb:e1:2b:7d:b0:01:6b:ce:54:16:f9:af:
81:24:18:9c:5c:41:f7:3c:43:ca:4d:de:48:a4:e6:
19:da:43:ca:ef:55:85:3f:80:89:d9:18:21:3c:6e:
41:50:e9:13:0b:4f:05:23:07:47:41:fd:c2:90:77:
fc:fe:63:45:32:70:48:bd:b1:23:16:4e:37:b0:4b:
87:71:08:5a:69:6d:be:5f:11:58:61:5f:25:e6:97:
69:dc:a9:81:30:1b:22:15:4c:c3:41:f7:c0:54:4f:
d4:13:ae:e5:4a:5b:26:67:50:f4:13:7e:e8:31:6a:
37:cd:de:51:e2:e4:d8:73:21:30:c0:1c:2d:62:f1:
ad:3f:d4:00:de:26:93:63:cc:35:12:2a:35:f1:e4:
61:a7:73:fd:a5:48:cc:c6:3b:b3:48:73:68:0a:b6:
2d:d8:74:ac:02:80:a5:45:7a:28:1a:00:74:d2:7f:
dc:cc:5c:2a:b8:51:1a:fc:04:62:e8:15:df:83:57:
41:19:7c:1f:7a:e8:dc:93:e8:b1:ad:3d:2f:70:3b:
52:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C3:F1:A8:47:F9:69:09:10:0D:AE:17:CC:2E:CF:73:3C:5F:8C:3D
X509v3 Authority Key Identifier:
keyid:AF:E7:27:E4:20:9D:CD:F8:27:62:57:4B:5E:33:C8:08:37:87:A1:8F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/r-cn5CCdzfgnYldLXjPICDeHoY8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-cn5CCdzfgnYldLXjPICDeHoY8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915AE5F/8B79B678885111E6A692DE78C4F9AE02/7EFB8A6E885311E6BDE50A80C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.179.64.0/19
IPv6:
2407:5c00:1::/48
Signature Algorithm: sha256WithRSAEncryption
91:17:82:b9:9f:5e:b2:7b:4b:ae:25:33:00:c4:58:58:43:bb:
de:50:64:a0:c1:51:ae:cd:e2:ea:6c:4b:12:43:bc:ba:e4:d3:
da:2d:a2:e7:5c:f4:63:79:46:a1:0b:07:74:03:cf:05:64:57:
33:d1:c9:31:38:59:20:93:9c:32:f6:0e:7a:b9:ae:9d:90:16:
d9:12:49:a0:c3:59:82:02:71:1e:28:48:7c:40:ff:f1:35:b7:
f4:1d:87:4a:64:a6:5b:ef:bf:ec:4b:17:dd:25:e7:7f:ec:45:
ec:4b:7e:b7:1d:e7:34:88:58:c4:32:43:91:47:10:c0:2c:29:
75:20:8a:68:67:d2:d1:81:0f:c8:fc:ec:c1:f9:05:85:f5:73:
17:72:82:0f:73:d3:5e:0c:38:5b:26:60:ce:d0:3e:1f:ba:5a:
80:46:91:3d:4b:ed:33:aa:37:f4:4c:19:b3:9b:5d:74:ac:74:
d6:b9:85:b9:f9:70:35:04:40:89:9a:b3:e6:d0:09:da:4e:fc:
b9:aa:d7:f3:57:1b:31:68:6f:43:e0:22:5d:e5:e3:52:8a:77:
00:4b:3f:90:bb:3c:44:34:33:a6:49:9d:41:80:be:c8:b5:34:
f1:65:05:f2:ef:0f:9c:b1:80:a0:66:d2:6c:0e:ec:a9:5a:9e:
22:1f:cd:25
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICHUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUFFNUYxMTAvBgNVBAUTKEFGRTcyN0U0MjA5RENERjgyNzYyNTc0QjVFMzNDODA4
Mzc4N0ExOEYwHhcNMjMxMTI4MTY0MzIyWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY2MThhYS03ZDA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoxpUUCzJ4I0gDBNqxJB9FuYAa+cdBx2UZabELU2Gxh1OEJwHeL/NiLuky+xb
sw/74St9sAFrzlQW+a+BJBicXEH3PEPKTd5IpOYZ2kPK71WFP4CJ2RghPG5BUOkT
C08FIwdHQf3CkHf8/mNFMnBIvbEjFk43sEuHcQhaaW2+XxFYYV8l5pdp3KmBMBsi
FUzDQffAVE/UE67lSlsmZ1D0E37oMWo3zd5R4uTYcyEwwBwtYvGtP9QA3iaTY8w1
Eio18eRhp3P9pUjMxjuzSHNoCrYt2HSsAoClRXooGgB00n/czFwquFEa/ARi6BXf
g1dBGXwfeujck+ixrT0vcDtS8QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHzD8ahH
+WkJEA2uF8wuz3M8X4w9MB8GA1UdIwQYMBaAFK/nJ+Qgnc34J2JXS14zyAg3h6GP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QUU1Ri84Qjc5QjY3ODg4
NTExMUU2QTY5MkRFNzhDNEY5QUUwMi9yLWNuNUNDZHpmZ25ZbGRMWGpQSUNEZUhv
WTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ItY241Q0NkemZnbllsZExYalBJQ0RlSG9ZOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUFFNUYvOEI3OUI2Nzg4ODUxMTFFNkE2OTJERTc4QzRGOUFFMDIvN0VGQjhBNkU4
ODUzMTFFNkJERTUwQTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAXKs0AwDwQCAAIwCQMHACQHXAAAATANBgkqhkiG9w0BAQsF
AAOCAQEAkReCuZ9esntLriUzAMRYWEO73lBkoMFRrs3i6mxLEkO8uuTT2i2i51z0
Y3lGoQsHdAPPBWRXM9HJMThZIJOcMvYOermunZAW2RJJoMNZggJxHihIfED/8TW3
9B2HSmSmW++/7EsX3SXnf+xF7Et+tx3nNIhYxDJDkUcQwCwpdSCKaGfS0YEPyPzs
wfkFhfVzF3KCD3PTXgw4WyZgztA+H7pagEaRPUvtM6o39EwZs5tddKx01rmFuflw
NQRAiZqz5tAJ2k78uarX81cbMWhvQ+AiXeXjUop3AEs/kLs8RDQzpkmdQYC+yLU0
8WUF8u8PnLGAoGbSbA7sqVqeIh/NJQ==
-----END CERTIFICATE-----
Generated at Fri May 31 17:44:24 2024 by rpki-client on console-fra.rpki-client.org