Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C1B25DB4182E11EB955AA35EC4F9AE02.roa
File: C1B25DB4182E11EB955AA35EC4F9AE02.roa (raw, json)
Hash identifier: qEzu8+I6YjiSLDhCGox4UfiSMVQw32hV4wPmTwu7McA=
Subject key identifier: A0:85:65:40:1D:29:F2:00:EE:7D:67:2A:35:E1:D9:96:81:8F:ED:A4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 86EF
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C1B25DB4182E11EB955AA35EC4F9AE02.roa
Signing time: Wed 01 May 2024 08:01:14 +0000
ROA not before: Wed 01 May 2024 08:01:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17625
IP address blocks: 14.102.160.0/22 maxlen: 24
36.255.8.0/22 maxlen: 24
43.252.192.0/22 maxlen: 24
45.64.196.0/22 maxlen: 24
45.64.204.0/22 maxlen: 24
45.114.56.0/22 maxlen: 24
45.114.64.0/22 maxlen: 24
45.114.212.0/22 maxlen: 24
103.19.196.0/22 maxlen: 24
103.54.12.0/22 maxlen: 24
103.54.20.0/22 maxlen: 24
103.54.188.0/22 maxlen: 24
103.91.132.0/22 maxlen: 24
103.206.56.0/22 maxlen: 24
103.208.224.0/22 maxlen: 24
103.254.32.0/22 maxlen: 24
103.254.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 24 May 2024 12:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34543 (0x86ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 1 08:01:14 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6631f6ca-6fe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5b:18:4e:7b:41:0d:04:34:3c:bf:a4:01:13:
57:03:7b:e6:25:f9:4e:5b:2d:e0:dd:bf:53:79:a1:
05:cf:16:60:87:19:2f:f4:0e:df:97:40:41:02:37:
5f:a5:58:12:10:65:da:22:43:8a:bc:d3:c4:f6:2a:
f9:09:82:e2:fc:55:ae:93:81:bf:9a:1e:88:eb:b5:
47:7a:bf:8c:6d:5a:7a:92:92:d8:41:a0:56:9a:d0:
1e:62:63:9f:b5:15:42:44:f7:2b:fe:e0:db:55:11:
8f:22:21:6c:f0:33:13:1a:bd:07:fe:0c:cf:71:40:
b4:85:19:c5:28:be:fb:72:82:da:9f:ae:bb:59:b7:
29:81:72:e8:57:d0:a2:95:3e:cb:89:5f:fd:0e:8b:
7b:8e:0a:e7:e6:b2:c7:50:1b:47:05:70:3d:2d:bd:
65:82:62:d5:10:1c:b7:aa:f2:4a:58:56:c7:86:f5:
59:92:e1:8a:ec:51:0a:15:e5:bb:5c:82:ae:dc:dd:
11:f4:c2:b7:24:59:08:c1:8a:50:46:d4:80:7b:2b:
c9:9b:b3:de:79:df:86:9e:a7:39:58:4d:c1:41:4d:
ad:98:51:5d:20:ec:18:60:96:5b:2d:00:f9:9b:69:
3e:95:62:3b:e0:7b:2f:fc:fe:7d:b5:39:b7:d8:57:
87:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:85:65:40:1D:29:F2:00:EE:7D:67:2A:35:E1:D9:96:81:8F:ED:A4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C1B25DB4182E11EB955AA35EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.160.0/22
36.255.8.0/22
43.252.192.0/22
45.64.196.0/22
45.64.204.0/22
45.114.56.0/22
45.114.64.0/22
45.114.212.0/22
103.19.196.0/22
103.54.12.0/22
103.54.20.0/22
103.54.188.0/22
103.91.132.0/22
103.206.56.0/22
103.208.224.0/22
103.254.32.0/22
103.254.244.0/22
Signature Algorithm: sha256WithRSAEncryption
47:c2:95:e9:56:f6:f0:08:f4:6f:48:cf:2d:f0:3d:08:4d:f6:
38:d1:c4:54:6a:df:9c:6e:3f:37:fb:71:b8:d6:de:86:4c:01:
72:21:61:28:38:16:10:37:10:bd:a7:6a:22:c6:1e:81:34:cb:
b6:cb:1a:70:c3:d1:01:23:9b:c5:87:1c:c1:65:60:5d:8f:92:
f9:7d:02:9a:24:d6:ae:e1:a7:7c:f8:09:80:cd:be:02:08:60:
ac:a9:71:e9:db:5a:93:15:6c:11:c2:e9:83:84:4b:20:af:c0:
f0:b3:95:a9:e1:25:31:7e:8c:21:d0:5c:4b:d1:b6:ce:a4:a3:
cd:64:b2:15:4e:30:04:78:49:b3:4b:4c:ba:0a:4d:ff:18:63:
44:5a:cd:e1:e7:2b:eb:04:0a:59:70:fa:05:4a:c3:70:6b:66:
88:c0:11:f6:4d:a0:a5:8b:e9:63:f9:15:e2:b8:43:dc:12:96:
4d:90:7b:76:b1:f8:3f:54:9b:b9:8d:12:85:d6:7e:17:cc:58:
4b:84:66:d0:2b:59:03:af:83:05:dc:8f:ed:f7:40:f8:f8:34:
04:c9:f6:94:2e:ed:b3:1a:79:d5:ab:1a:5e:b3:a7:11:9d:4b:
9b:74:cb:46:a5:1f:1e:aa:c2:8a:46:19:5c:66:0e:1a:7e:96:
89:6a:15:41
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgIDAIbvMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUwMTA4MDExNFoXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjYzMWY2Y2EtNmZlNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOlbGE57QQ0ENDy/pAETVwN75iX5Tlst4N2/U3mhBc8WYIcZL/QO35dAQQI3
X6VYEhBl2iJDirzTxPYq+QmC4vxVrpOBv5oeiOu1R3q/jG1aepKS2EGgVprQHmJj
n7UVQkT3K/7g21URjyIhbPAzExq9B/4Mz3FAtIUZxSi++3KC2p+uu1m3KYFy6FfQ
opU+y4lf/Q6Le44K5+ayx1AbRwVwPS29ZYJi1RAct6rySlhWx4b1WZLhiuxRChXl
u1yCrtzdEfTCtyRZCMGKUEbUgHsryZuz3nnfhp6nOVhNwUFNrZhRXSDsGGCWWy0A
+ZtpPpViO+B7L/z+fbU5t9hXh8kCAwEAAaOCAvUwggLxMB0GA1UdDgQWBBSghWVA
HSnyAO59Zyo14dmWgY/tpDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0MxQjI1REI0
MTgyRTExRUI5NTVBQTM1RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMH8GCCsGAQUFBwEHAQH/
BHAwbjBsBAIAATBmAwQCDmagAwQCJP8IAwQCK/zAAwQCLUDEAwQCLUDMAwQCLXI4
AwQCLXJAAwQCLXLUAwQCZxPEAwQCZzYMAwQCZzYUAwQCZza8AwQCZ1uEAwQCZ844
AwQCZ9DgAwQCZ/4gAwQCZ/70MA0GCSqGSIb3DQEBCwUAA4IBAQBHwpXpVvbwCPRv
SM8t8D0ITfY40cRUat+cbj83+3G41t6GTAFyIWEoOBYQNxC9p2oixh6BNMu2yxpw
w9EBI5vFhxzBZWBdj5L5fQKaJNau4ad8+AmAzb4CCGCsqXHp21qTFWwRwumDhEsg
r8Dws5Wp4SUxfowh0FxL0bbOpKPNZLIVTjAEeEmzS0y6Ck3/GGNEWs3h5yvrBApZ
cPoFSsNwa2aIwBH2TaCli+lj+RXiuEPcEpZNkHt2sfg/VJu5jRKF1n4XzFhLhGbQ
K1kDr4MF3I/t90D4+DQEyfaULu2zGnnVqxpes6cRnUubdMtGpR8eqsKKRhlcZg4a
fpaJahVB
-----END CERTIFICATE-----
Generated at Fri May 17 15:23:07 2024 by rpki-client on console-ams.rpki-client.org