Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/F4FCC41E648311EC88370386C4F9AE02.roa
File: F4FCC41E648311EC88370386C4F9AE02.roa (raw, json)
Hash identifier: uBd7wqS5FzwlrG48DaxCrdDsP3hHPdjs7eX9N2oc5P0=
Subject key identifier: F7:8A:FB:86:A8:96:0E:FC:14:B5:6C:7E:95:D9:0B:F6:A2:53:50:64
Certificate issuer: /CN=A9182502/serialNumber=8C3CCB4FFB89189C6EF5B34DFDAABE1806A5218A
Certificate serial: 0924
Authority key identifier: 8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/F4FCC41E648311EC88370386C4F9AE02.roa
Signing time: Wed 02 Aug 2023 20:38:03 +0000
ROA not before: Wed 02 Aug 2023 20:38:03 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 149175
IP address blocks: 39.109.67.0/24 maxlen: 24
39.109.68.0/24 maxlen: 24
39.109.69.0/24 maxlen: 24
39.109.70.0/24 maxlen: 24
39.109.71.0/24 maxlen: 24
39.109.72.0/24 maxlen: 24
39.109.73.0/24 maxlen: 24
39.109.74.0/24 maxlen: 24
39.109.75.0/24 maxlen: 24
39.109.76.0/24 maxlen: 24
39.109.78.0/24 maxlen: 24
39.109.79.0/24 maxlen: 24
39.109.80.0/24 maxlen: 24
39.109.82.0/24 maxlen: 24
39.109.84.0/24 maxlen: 24
39.109.85.0/24 maxlen: 24
39.109.88.0/24 maxlen: 24
39.109.89.0/24 maxlen: 24
103.98.14.0/24 maxlen: 24
103.98.15.0/24 maxlen: 24
103.119.132.0/24 maxlen: 24
103.119.133.0/24 maxlen: 24
2403:e840::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.crl
rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Jun 2024 20:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2340 (0x924)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9182502/serialNumber=8C3CCB4FFB89189C6EF5B34DFDAABE1806A5218A
Validity
Not Before: Aug 2 20:38:03 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64cabeab-25ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ae:f9:01:60:bc:01:73:04:b4:0c:91:28:47:
66:05:26:de:29:4e:08:e4:8c:6b:cf:4c:ae:d0:41:
e0:f9:35:ff:df:dd:a0:53:df:b3:8e:26:a1:d5:42:
6e:01:41:5b:65:96:ea:d3:dd:8d:1f:b9:70:d3:d4:
c3:9f:0b:d1:6b:ba:e3:14:99:fe:6a:bb:0b:0a:9d:
df:29:fa:5b:a5:c0:5e:e2:62:86:03:bb:1c:af:75:
94:9e:01:b8:32:c8:70:46:b2:c1:82:1e:00:a3:a0:
9f:d9:67:40:2e:45:a6:64:09:17:53:c4:54:47:02:
c9:66:42:bd:bf:ce:a5:ec:76:f0:d5:c8:ae:9b:cd:
c2:9d:01:ae:92:c8:8f:19:6a:c1:f0:6d:c7:ea:ba:
ed:2c:21:ce:f9:88:c0:fa:cc:0c:cc:00:58:ea:2a:
9d:90:00:e5:3b:3b:7c:6f:6a:82:86:1d:28:12:ae:
b3:2e:25:3f:01:bf:a0:8d:d6:8e:b1:c6:92:4d:56:
53:fe:c4:ef:90:71:e8:25:ca:f9:37:8b:d3:2a:87:
7b:6d:9e:ee:d9:06:5d:2e:02:57:a7:d1:ae:36:3b:
be:8c:ef:41:b8:bd:74:66:37:5b:46:54:ca:ff:5a:
b1:a2:0b:05:ab:7a:74:eb:91:ff:9b:dd:5e:bc:58:
5f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:8A:FB:86:A8:96:0E:FC:14:B5:6C:7E:95:D9:0B:F6:A2:53:50:64
X509v3 Authority Key Identifier:
keyid:8C:3C:CB:4F:FB:89:18:9C:6E:F5:B3:4D:FD:AA:BE:18:06:A5:21:8A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/jDzLT_uJGJxu9bNN_aq-GAalIYo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDzLT_uJGJxu9bNN_aq-GAalIYo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182502/DA16C63A73CC11EAA3995326C4F9AE02/F4FCC41E648311EC88370386C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
39.109.67.0-39.109.76.255
39.109.78.0-39.109.80.255
39.109.82.0/24
39.109.84.0/23
39.109.88.0/23
103.98.14.0/23
103.119.132.0/23
IPv6:
2403:e840::/33
Signature Algorithm: sha256WithRSAEncryption
14:10:4f:1a:54:e1:fb:34:ac:b9:72:70:58:54:6d:87:80:01:
7f:63:ae:9e:c6:72:f2:0a:93:cb:1f:01:a1:1f:7c:0b:43:6a:
72:fb:5c:1e:16:e2:ce:b7:c7:1c:e4:ef:7a:44:65:ba:cb:26:
4d:74:b6:54:71:41:6d:e0:56:ce:85:ad:29:04:61:82:78:85:
1d:76:4b:6f:ce:18:ed:6e:9c:d7:95:93:7e:29:33:a1:ab:23:
e4:af:a5:10:15:fb:6e:98:58:fb:35:22:48:84:ab:71:ef:4c:
7b:a0:90:ec:1f:5b:bf:ca:6a:9a:20:e3:e8:03:34:b1:1c:fb:
13:cc:f9:a4:7b:aa:d8:36:2a:b6:81:d2:a4:2a:df:45:4c:69:
12:0f:51:dd:1f:77:83:39:e9:a1:68:90:00:7a:8f:4e:88:9b:
88:37:18:37:6d:15:d9:a2:69:9a:2e:9c:7f:a1:2b:74:db:d9:
ef:97:94:44:97:2a:70:42:f7:0a:a7:42:2f:7b:82:18:66:b5:
c4:ea:5f:f8:f8:3b:49:30:4a:7b:e0:da:e0:81:0f:b5:74:2e:
e9:e8:76:1a:7e:aa:5d:a6:4b:1f:c1:1b:26:5f:3b:b4:2c:f6:
42:a3:aa:28:68:b3:b6:48:c2:07:71:1d:45:f9:8d:be:ac:db:
e1:e4:74:62
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgICCSQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODI1MDIxMTAvBgNVBAUTKDhDM0NDQjRGRkI4OTE4OUM2RUY1QjM0REZEQUFCRTE4
MDZBNTIxOEEwHhcNMjMwODAyMjAzODAzWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNhYmVhYi0yNWFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8q75AWC8AXMEtAyRKEdmBSbeKU4I5Ixrz0yu0EHg+TX/392gU9+zjiah1UJu
AUFbZZbq092NH7lw09TDnwvRa7rjFJn+arsLCp3fKfpbpcBe4mKGA7scr3WUngG4
MshwRrLBgh4Ao6Cf2WdALkWmZAkXU8RURwLJZkK9v86l7Hbw1cium83CnQGuksiP
GWrB8G3H6rrtLCHO+YjA+swMzABY6iqdkADlOzt8b2qChh0oEq6zLiU/Ab+gjdaO
scaSTVZT/sTvkHHoJcr5N4vTKod7bZ7u2QZdLgJXp9GuNju+jO9BuL10ZjdbRlTK
/1qxogsFq3p065H/m91evFhfswIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFPeK+4ao
lg78FLVsfpXZC/aiU1BkMB8GA1UdIwQYMBaAFIw8y0/7iRicbvWzTf2qvhgGpSGK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MjUwMi9EQTE2QzYzQTcz
Q0MxMUVBQTM5OTUzMjZDNEY5QUUwMi9qRHpMVF91SkdKeHU5Yk5OX2FxLUdBYWxJ
WW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2pEekxUX3VKR0p4dTliTk5fYXEtR0FhbElZby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODI1MDIvREExNkM2M0E3M0NDMTFFQUEzOTk1MzI2QzRGOUFFMDIvRjRGQ0M0MUU2
NDgzMTFFQzg4MzcwMzg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E
VDBSMEAEAgABMDowDAMEACdtQwMEACdtTDAMAwQBJ21OAwQAJ21QAwQAJ21SAwQB
J21UAwQBJ21YAwQBZ2IOAwQBZ3eEMA4EAgACMAgDBgckA+hAADANBgkqhkiG9w0B
AQsFAAOCAQEAFBBPGlTh+zSsuXJwWFRth4ABf2OunsZy8gqTyx8BoR98C0Nqcvtc
HhbizrfHHOTvekRlussmTXS2VHFBbeBWzoWtKQRhgniFHXZLb84Y7W6c15WTfikz
oasj5K+lEBX7bphY+zUiSISrce9Me6CQ7B9bv8pqmiDj6AM0sRz7E8z5pHuq2DYq
toHSpCrfRUxpEg9R3R93gznpoWiQAHqPToibiDcYN20V2aJpmi6cf6ErdNvZ75eU
RJcqcEL3CqdCL3uCGGa1xOpf+Pg7STBKe+Da4IEPtXQu6eh2Gn6qXaZLH8EbJl87
tCz2QqOqKGiztkjCB3EdRfmNvqzb4eR0Yg==
-----END CERTIFICATE-----
Generated at Fri Jun 14 22:02:29 2024 by rpki-client on console-ams.rpki-client.org