Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A8219/EC0A70F8EA8011E78B42A432C4F9AE02/314E917C651E11E8A8903D42C4F9AE02.roa
File: 314E917C651E11E8A8903D42C4F9AE02.roa (raw, json)
Hash identifier: RnPGEfV6shc3FzcBRmER7fg9U9kjWKrlb9yCQ0fI2KE=
Subject key identifier: 22:EC:CF:24:8A:B9:0C:AA:1B:5A:E1:33:C0:0E:9B:47:B2:50:23:32
Certificate issuer: /CN=A91A8219/serialNumber=6553C3C2180B97E2EB37CB71F6A1CEAA7B95CA47
Certificate serial: 1621
Authority key identifier: 65:53:C3:C2:18:0B:97:E2:EB:37:CB:71:F6:A1:CE:AA:7B:95:CA:47
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZVPDwhgLl-LrN8tx9qHOqnuVykc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A8219/EC0A70F8EA8011E78B42A432C4F9AE02/314E917C651E11E8A8903D42C4F9AE02.roa
Signing time: Mon 04 Mar 2024 17:35:01 +0000
ROA not before: Mon 04 Mar 2024 17:35:01 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 38883
IP address blocks: 103.29.200.0/22 maxlen: 24
115.146.64.0/20 maxlen: 20
115.146.64.0/24 maxlen: 24
115.146.65.0/24 maxlen: 24
115.146.66.0/24 maxlen: 24
115.146.67.0/24 maxlen: 24
115.146.68.0/24 maxlen: 24
115.146.69.0/24 maxlen: 24
115.146.70.0/24 maxlen: 24
115.146.71.0/24 maxlen: 24
115.146.72.0/24 maxlen: 24
115.146.73.0/24 maxlen: 24
115.146.74.0/24 maxlen: 24
115.146.75.0/24 maxlen: 24
115.146.76.0/24 maxlen: 24
115.146.78.0/24 maxlen: 24
115.146.79.0/24 maxlen: 24
119.63.216.0/21 maxlen: 21
119.63.216.0/24 maxlen: 24
119.63.217.0/24 maxlen: 24
119.63.218.0/24 maxlen: 24
119.63.219.0/24 maxlen: 24
119.63.220.0/24 maxlen: 24
119.63.221.0/24 maxlen: 24
119.63.222.0/24 maxlen: 24
119.63.223.0/24 maxlen: 24
2402:7400::/32 maxlen: 32
2402:7400::/36 maxlen: 36
2402:7400:2000::/36 maxlen: 36
2402:7400:5000::/36 maxlen: 36
2402:7400:6000::/36 maxlen: 36
2402:7400:7000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A8219/EC0A70F8EA8011E78B42A432C4F9AE02/ZVPDwhgLl-LrN8tx9qHOqnuVykc.crl
rsync://rpki.apnic.net/member_repository/A91A8219/EC0A70F8EA8011E78B42A432C4F9AE02/ZVPDwhgLl-LrN8tx9qHOqnuVykc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZVPDwhgLl-LrN8tx9qHOqnuVykc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 16:41:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5665 (0x1621)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A8219/serialNumber=6553C3C2180B97E2EB37CB71F6A1CEAA7B95CA47
Validity
Not Before: Mar 4 17:35:01 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65e60645-5620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c5:ce:90:47:5e:b4:00:3e:2d:c7:2f:12:7b:
09:b5:09:c5:56:11:89:c4:a2:cf:9a:21:29:34:4c:
7e:5b:41:2c:de:7e:9e:dc:5b:29:64:37:e8:da:6b:
3c:e6:a9:b3:92:c7:31:c5:81:20:32:cb:c2:9a:e4:
5a:b4:c2:54:b6:8c:42:d0:52:c6:09:02:03:55:94:
a0:43:ed:ba:63:22:44:94:18:e5:4d:16:56:a8:bd:
09:d0:90:7d:10:e8:5a:17:45:f9:dd:e4:45:4c:3f:
4f:14:2e:b1:eb:57:60:3e:19:80:58:fa:d3:c1:01:
2b:a6:37:56:ea:97:ec:e1:96:88:ba:dd:0f:68:30:
a9:29:8d:f8:5b:8b:e2:11:c7:35:13:01:39:8a:a9:
c0:7d:1e:6b:f7:6f:f1:bb:95:ca:da:0b:ce:fa:54:
df:28:bb:48:68:11:24:3c:08:05:26:38:77:af:58:
60:db:d9:dc:ad:9d:af:92:8c:fd:cf:60:1f:df:31:
46:ea:9c:2c:ab:04:2b:7f:6f:dc:92:4c:2b:22:5d:
5a:0b:95:0f:f3:4d:1b:96:5d:31:87:4b:6f:67:37:
99:5e:41:4a:d0:a3:2e:65:ec:b7:de:65:5a:09:04:
8d:60:f8:f3:c2:d4:50:a4:f2:ea:0a:4c:63:1b:fb:
8d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:EC:CF:24:8A:B9:0C:AA:1B:5A:E1:33:C0:0E:9B:47:B2:50:23:32
X509v3 Authority Key Identifier:
keyid:65:53:C3:C2:18:0B:97:E2:EB:37:CB:71:F6:A1:CE:AA:7B:95:CA:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A8219/EC0A70F8EA8011E78B42A432C4F9AE02/ZVPDwhgLl-LrN8tx9qHOqnuVykc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZVPDwhgLl-LrN8tx9qHOqnuVykc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A8219/EC0A70F8EA8011E78B42A432C4F9AE02/314E917C651E11E8A8903D42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.29.200.0/22
115.146.64.0/20
119.63.216.0/21
IPv6:
2402:7400::/32
Signature Algorithm: sha256WithRSAEncryption
7b:b3:fd:02:37:70:55:aa:d9:c1:f2:42:0d:23:2c:22:d3:7b:
1d:12:a0:f1:8e:1d:24:f4:e9:e2:82:0f:15:bc:3e:04:2f:d1:
dd:f6:0b:87:fb:f1:0d:96:76:0f:b3:5f:eb:18:cb:c9:c1:34:
74:b2:08:1c:2b:33:5f:01:5f:24:d0:1d:60:b3:4d:2e:47:36:
b8:f5:36:20:46:90:53:0a:cb:53:7c:1b:08:98:51:30:fd:22:
6b:e5:94:26:55:70:94:b0:1a:65:77:70:30:4b:5a:b5:52:ac:
97:96:17:21:3c:f1:99:ef:22:0a:e1:92:73:c4:2c:00:1f:a0:
cd:bb:f3:aa:23:c8:94:81:2b:18:f9:be:b2:16:93:2f:a5:78:
2b:32:75:5a:d8:f3:ac:d8:58:89:2f:7b:1a:f1:45:32:b0:10:
77:91:8f:6e:e1:eb:7b:15:f6:17:f6:86:e6:09:f0:a0:58:b7:
49:d4:38:f4:45:78:b1:1b:dc:d3:a5:2e:19:d6:60:04:47:3e:
53:1a:c5:72:42:df:86:f4:04:47:a8:bd:8a:98:64:01:fc:30:
e8:5f:18:0e:7d:da:90:f1:bd:8c:65:56:c9:2a:ce:4b:38:3b:
f2:76:d4:ad:30:26:e7:f7:94:f2:cc:51:77:2f:c8:29:94:5e:
a1:a4:bc:69
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICFiEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTgyMTkxMTAvBgNVBAUTKDY1NTNDM0MyMTgwQjk3RTJFQjM3Q0I3MUY2QTFDRUFB
N0I5NUNBNDcwHhcNMjQwMzA0MTczNTAxWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWU2MDY0NS01NjIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs8XOkEdetAA+LccvEnsJtQnFVhGJxKLPmiEpNEx+W0Es3n6e3FspZDfo2ms8
5qmzkscxxYEgMsvCmuRatMJUtoxC0FLGCQIDVZSgQ+26YyJElBjlTRZWqL0J0JB9
EOhaF0X53eRFTD9PFC6x61dgPhmAWPrTwQErpjdW6pfs4ZaIut0PaDCpKY34W4vi
Ecc1EwE5iqnAfR5r92/xu5XK2gvO+lTfKLtIaBEkPAgFJjh3r1hg29ncrZ2vkoz9
z2Af3zFG6pwsqwQrf2/ckkwrIl1aC5UP800bll0xh0tvZzeZXkFK0KMuZey33mVa
CQSNYPjzwtRQpPLqCkxjG/uNLQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFCLszySK
uQyqG1rhM8AOm0eyUCMyMB8GA1UdIwQYMBaAFGVTw8IYC5fi6zfLcfahzqp7lcpH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBODIxOS9FQzBBNzBGOEVB
ODAxMUU3OEI0MkE0MzJDNEY5QUUwMi9aVlBEd2hnTGwtTHJOOHR4OXFIT3FudVZ5
a2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pWUER3aGdMbC1Mck44dHg5cUhPcW51VnlrYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTgyMTkvRUMwQTcwRjhFQTgwMTFFNzhCNDJBNDMyQzRGOUFFMDIvMzE0RTkxN0M2
NTFFMTFFOEE4OTAzRDQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAJnHcgDBARzkkADBAN3P9gwDQQCAAIwBwMFACQCdAAwDQYJ
KoZIhvcNAQELBQADggEBAHuz/QI3cFWq2cHyQg0jLCLTex0SoPGOHST06eKCDxW8
PgQv0d32C4f78Q2Wdg+zX+sYy8nBNHSyCBwrM18BXyTQHWCzTS5HNrj1NiBGkFMK
y1N8GwiYUTD9ImvllCZVcJSwGmV3cDBLWrVSrJeWFyE88ZnvIgrhknPELAAfoM27
86ojyJSBKxj5vrIWky+leCsydVrY86zYWIkvexrxRTKwEHeRj27h63sV9hf2huYJ
8KBYt0nUOPRFeLEb3NOlLhnWYARHPlMaxXJC34b0BEeovYqYZAH8MOhfGA592pDx
vYxlVskqzks4O/J21K0wJuf3lPLMUXcvyCmUXqGkvGk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:15 2024 by rpki-client on console-ams.rpki-client.org