Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/CFAE1776E7C811ECA2BF6554C4F9AE02.roa
File: CFAE1776E7C811ECA2BF6554C4F9AE02.roa (raw, json)
Hash identifier: 5i/4+dLE44lXkgUIAVwucw3fJE9dZKimTSLAjpgaaeE=
Subject key identifier: 9E:15:CE:EF:B7:41:59:C2:2B:2A:F9:3A:91:60:CE:BD:B9:C9:97:4A
Certificate issuer: /CN=A9182CFC/serialNumber=8027E0EF54D00B61F7136F09719BFCF4C4533405
Certificate serial: 33BD
Authority key identifier: 80:27:E0:EF:54:D0:0B:61:F7:13:6F:09:71:9B:FC:F4:C4:53:34:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/CFAE1776E7C811ECA2BF6554C4F9AE02.roa
Signing time: Thu 04 Apr 2024 14:50:28 +0000
ROA not before: Thu 04 Apr 2024 14:50:27 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 9892
IP address blocks: 114.129.32.0/22 maxlen: 22
114.129.36.0/22 maxlen: 22
114.129.40.0/23 maxlen: 23
114.129.45.0/24 maxlen: 24
114.129.46.0/24 maxlen: 24
114.129.47.0/24 maxlen: 24
123.100.235.0/24 maxlen: 24
123.100.236.0/22 maxlen: 22
123.100.240.0/22 maxlen: 22
123.100.244.0/24 maxlen: 24
123.100.245.0/24 maxlen: 24
123.100.248.0/21 maxlen: 21
202.157.128.0/19 maxlen: 19
202.157.160.0/20 maxlen: 20
202.160.120.0/24 maxlen: 24
202.160.121.0/24 maxlen: 24
202.160.122.0/24 maxlen: 24
202.160.123.0/24 maxlen: 24
203.83.250.0/24 maxlen: 24
203.142.16.0/21 maxlen: 21
203.142.24.0/23 maxlen: 23
203.142.27.0/24 maxlen: 24
203.169.6.0/24 maxlen: 24
203.169.7.0/24 maxlen: 24
2404:4800::/48 maxlen: 48
2404:4800:1::/48 maxlen: 48
2404:4800:2::/48 maxlen: 48
2404:4800:3::/48 maxlen: 48
2404:4800:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/gCfg71TQC2H3E28JcZv89MRTNAU.crl
rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/gCfg71TQC2H3E28JcZv89MRTNAU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 14:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13245 (0x33bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9182CFC/serialNumber=8027E0EF54D00B61F7136F09719BFCF4C4533405
Validity
Not Before: Apr 4 14:50:27 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=660ebe33-cdf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:76:16:c9:5b:43:55:e4:16:48:9c:f0:76:00:
01:93:ef:01:2f:73:82:95:ba:42:2b:6f:2c:34:cd:
bc:c2:15:67:90:81:70:1f:bf:bf:03:c5:fc:14:05:
c6:d1:f5:27:0e:7f:63:aa:f7:5a:c2:50:64:93:78:
9c:d1:54:b8:30:91:f3:bf:26:a1:bf:51:b1:46:d3:
bb:b9:bc:a7:ac:5d:31:5b:b0:80:a4:db:fa:60:12:
a2:ce:be:3b:57:80:e6:8a:6d:c4:88:d6:26:93:82:
81:c6:26:82:9b:52:20:e7:c2:8b:c9:10:2d:10:e1:
d9:d8:8d:4f:9f:1f:a2:bd:67:58:c7:68:0a:08:1e:
67:7a:02:73:b4:3f:9b:fc:7c:bb:3b:1a:7c:8e:10:
d9:07:c9:53:3b:65:87:7f:b3:3f:ca:29:7f:24:e4:
bd:e3:32:46:09:7b:93:5d:9f:d3:ff:45:1c:5a:25:
06:84:5c:ea:f6:23:58:4a:01:a9:04:36:99:91:39:
57:84:bb:14:7b:72:a6:14:28:3c:34:00:01:54:ad:
6c:eb:6d:ca:b9:7a:bf:00:2b:91:c6:e0:f6:e6:87:
58:fe:27:b6:eb:55:7a:bf:2a:48:6d:85:46:a5:ca:
37:e3:22:5a:87:af:35:a1:54:66:df:fd:6b:b6:7f:
11:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:15:CE:EF:B7:41:59:C2:2B:2A:F9:3A:91:60:CE:BD:B9:C9:97:4A
X509v3 Authority Key Identifier:
keyid:80:27:E0:EF:54:D0:0B:61:F7:13:6F:09:71:9B:FC:F4:C4:53:34:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/gCfg71TQC2H3E28JcZv89MRTNAU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/CFAE1776E7C811ECA2BF6554C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.129.32.0-114.129.41.255
114.129.45.0-114.129.47.255
123.100.235.0-123.100.245.255
123.100.248.0/21
202.157.128.0-202.157.175.255
202.160.120.0/22
203.83.250.0/24
203.142.16.0-203.142.25.255
203.142.27.0/24
203.169.6.0/23
IPv6:
2404:4800::/46
2404:4800:20::/48
Signature Algorithm: sha256WithRSAEncryption
0c:81:eb:a0:c1:cc:a3:6f:5e:79:10:e0:f1:db:f7:d5:83:c3:
36:65:12:54:4a:be:bd:1d:0d:72:5b:c8:16:fd:93:6c:0f:7a:
c9:69:d9:89:d6:15:1f:dd:f1:fb:13:a7:ff:e0:63:a3:fc:0a:
b2:c6:99:89:d8:a9:1b:66:51:c3:21:fc:e7:2f:da:fb:c8:9e:
77:b4:9e:cb:78:eb:bb:df:02:51:39:c1:6c:ed:b2:2b:d0:5e:
8f:b8:a5:09:e7:f4:de:b4:b8:78:2a:00:65:03:f0:af:dd:d8:
aa:ee:4f:6c:b8:a5:75:ea:1e:26:49:eb:17:b0:39:75:2d:0a:
8e:28:2a:e6:b7:2a:b2:4e:c4:e5:6c:25:9d:34:7a:1f:da:48:
f6:85:a5:73:0f:9c:33:2e:0e:f3:84:c5:34:df:43:58:be:4e:
d9:77:ec:98:88:1a:60:6b:63:ca:80:be:d5:6f:5a:af:98:f2:
d2:fa:6f:76:5c:6c:c3:d9:21:cf:0f:6a:14:48:bc:bb:62:21:
e4:12:97:da:63:2f:8f:7c:a3:0a:ff:40:aa:fb:39:d5:66:70:
63:a1:87:24:0a:5e:10:bb:20:57:81:ed:89:88:8c:03:61:28:
e2:1f:50:cf:41:c6:8a:2a:75:1a:95:17:2a:2c:8b:9e:7d:57:
3e:e5:f3:da
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgICM70wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODJDRkMxMTAvBgNVBAUTKDgwMjdFMEVGNTREMDBCNjFGNzEzNkYwOTcxOUJGQ0Y0
QzQ1MzM0MDUwHhcNMjQwNDA0MTQ1MDI3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBlYmUzMy1jZGY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2nYWyVtDVeQWSJzwdgABk+8BL3OClbpCK28sNM28whVnkIFwH7+/A8X8FAXG
0fUnDn9jqvdawlBkk3ic0VS4MJHzvyahv1GxRtO7ubynrF0xW7CApNv6YBKizr47
V4Dmim3EiNYmk4KBxiaCm1Ig58KLyRAtEOHZ2I1Pnx+ivWdYx2gKCB5negJztD+b
/Hy7Oxp8jhDZB8lTO2WHf7M/yil/JOS94zJGCXuTXZ/T/0UcWiUGhFzq9iNYSgGp
BDaZkTlXhLsUe3KmFCg8NAABVK1s623KuXq/ACuRxuD25odY/ie261V6vypIbYVG
pco34yJah681oVRm3/1rtn8RGQIDAQABo4IDEDCCAwwwHQYDVR0OBBYEFJ4Vzu+3
QVnCKyr5OpFgzr25yZdKMB8GA1UdIwQYMBaAFIAn4O9U0Ath9xNvCXGb/PTEUzQF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MkNGQy9CRjg0QjU3NDFE
ODYxMUUyQTc2MzQ0REUwOEIwMkNEMi9nQ2ZnNzFUUUMySDNFMjhKY1p2ODlNUlRO
QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dDZmc3MVRRQzJIM0UyOEpjWnY4OU1SVE5BVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODJDRkMvQkY4NEI1NzQxRDg2MTFFMkE3NjM0NERFMDhCMDJDRDIvQ0ZBRTE3NzZF
N0M4MTFFQ0EyQkY2NTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZkGCCsGAQUFBwEHAQH/
BIGJMIGGMGoEAgABMGQwDAMEBXKBIAMEAXKBKDAMAwQAcoEtAwQEcoEgMAwDBAB7
ZOsDBAF7ZPQDBAN7ZPgwDAMEB8qdgAMEBMqdoAMEAsqgeAMEAMtT+jAMAwQEy44Q
AwQBy44YAwQAy44bAwQBy6kGMBgEAgACMBIDBwIkBEgAAAADBwAkBEgAACAwDQYJ
KoZIhvcNAQELBQADggEBAAyB66DBzKNvXnkQ4PHb99WDwzZlElRKvr0dDXJbyBb9
k2wPeslp2YnWFR/d8fsTp//gY6P8CrLGmYnYqRtmUcMh/Ocv2vvInne0nst467vf
AlE5wWztsivQXo+4pQnn9N60uHgqAGUD8K/d2KruT2y4pXXqHiZJ6xewOXUtCo4o
Kua3KrJOxOVsJZ00eh/aSPaFpXMPnDMuDvOExTTfQ1i+Ttl37JiIGmBrY8qAvtVv
Wq+Y8tL6b3ZcbMPZIc8PahRIvLtiIeQSl9pjL498owr/QKr7OdVmcGOhhyQKXhC7
IFeB7YmIjANhKOIfUM9BxooqdRqVFyosi559Vz7l89o=
-----END CERTIFICATE-----
Generated at Fri May 31 16:40:58 2024 by rpki-client on console-ams.rpki-client.org