Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/FDDC1EAECA0711EE9429754DC4F9AE02.roa
File: FDDC1EAECA0711EE9429754DC4F9AE02.roa (raw, json)
Hash identifier: a4R69zqfuBXEkLHoeraLc0Jk3N5of8fejTinTcqxDOM=
Subject key identifier: 30:3B:0C:62:98:28:79:A0:AF:D0:D7:C1:ED:0D:A2:3C:8C:37:86:A1
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 17A5
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/FDDC1EAECA0711EE9429754DC4F9AE02.roa
Signing time: Tue 20 Feb 2024 17:55:43 +0000
ROA not before: Tue 20 Feb 2024 17:55:43 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 9443
IP address blocks: 14.137.64.0/18 maxlen: 18
14.137.192.0/19 maxlen: 19
58.178.0.0/16 maxlen: 16
58.179.0.0/16 maxlen: 16
111.220.0.0/16 maxlen: 16
112.141.0.0/16 maxlen: 16
112.213.128.0/18 maxlen: 18
116.240.0.0/16 maxlen: 16
121.79.126.0/23 maxlen: 23
122.148.0.0/16 maxlen: 16
122.150.0.0/16 maxlen: 16
122.151.0.0/16 maxlen: 16
125.168.0.0/16 maxlen: 16
202.4.64.0/19 maxlen: 19
202.14.191.0/24 maxlen: 24
202.61.12.0/24 maxlen: 24
202.61.13.0/24 maxlen: 24
202.62.128.0/19 maxlen: 19
202.67.64.0/18 maxlen: 18
202.86.113.0/24 maxlen: 24
202.86.114.0/23 maxlen: 23
202.86.116.0/23 maxlen: 23
202.86.118.0/24 maxlen: 24
202.130.195.0/24 maxlen: 24
202.130.205.0/24 maxlen: 24
202.136.32.0/20 maxlen: 20
202.138.0.0/18 maxlen: 18
202.147.128.0/20 maxlen: 20
202.154.64.0/18 maxlen: 18
203.16.9.0/24 maxlen: 24
203.16.170.0/24 maxlen: 24
203.23.116.0/24 maxlen: 24
203.24.100.0/23 maxlen: 23
203.55.252.0/24 maxlen: 24
203.56.5.0/24 maxlen: 24
203.62.135.0/24 maxlen: 24
203.91.224.0/19 maxlen: 19
203.91.224.0/20 maxlen: 20
203.91.240.0/21 maxlen: 21
203.132.224.0/19 maxlen: 19
203.134.0.0/17 maxlen: 17
203.134.128.0/18 maxlen: 18
203.142.128.0/19 maxlen: 19
203.161.160.0/20 maxlen: 20
203.190.192.0/20 maxlen: 20
203.191.160.0/19 maxlen: 19
203.212.128.0/19 maxlen: 19
210.50.0.0/16 maxlen: 16
210.86.240.0/20 maxlen: 20
211.26.0.0/16 maxlen: 16
211.27.0.0/16 maxlen: 16
218.214.0.0/16 maxlen: 16
218.215.0.0/16 maxlen: 16
2403:4800::/32 maxlen: 32
2403:9e00::/32 maxlen: 32
2403:fc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 17:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6053 (0x17a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Feb 20 17:55:43 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65d4e79f-63d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f7:e7:1c:ba:b3:4b:05:98:86:9f:bc:13:40:
9c:bc:b2:de:28:8b:4f:07:2e:2f:36:6e:18:4d:fb:
75:96:c5:0c:6b:8b:b4:a3:d3:1c:84:2f:b0:52:52:
d5:e9:46:32:41:83:6b:b0:57:7c:1b:14:cc:7d:94:
27:69:62:8d:04:55:65:ff:d8:e1:88:2f:85:79:b5:
3d:a2:24:a8:c4:af:52:d1:90:57:65:8a:0c:0d:a8:
4f:18:4e:d7:0c:33:aa:ad:51:09:d4:29:16:2e:16:
86:0d:4d:46:f2:69:75:fa:72:2d:54:45:80:ad:72:
12:4c:e3:6b:e2:ce:ff:a9:ef:bc:54:7c:45:bb:d6:
42:c7:56:96:b7:75:54:1e:8b:d0:24:96:f4:17:df:
0c:96:c0:b3:18:d7:f2:89:75:eb:20:e3:d1:88:64:
85:db:93:d9:03:3a:53:26:e9:08:c9:17:ba:ec:62:
96:f1:08:e7:06:8e:0e:96:05:79:09:80:90:5a:3e:
28:77:12:a7:a0:e5:aa:31:15:f5:eb:7d:2b:a5:97:
73:6a:38:3d:aa:d1:0b:e1:50:12:19:69:bc:ff:0e:
9b:95:e8:7f:1e:76:b7:a3:44:80:b8:2a:f8:98:c5:
9c:11:65:c7:3e:ea:14:5d:19:a1:c0:69:69:86:db:
c9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:3B:0C:62:98:28:79:A0:AF:D0:D7:C1:ED:0D:A2:3C:8C:37:86:A1
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/FDDC1EAECA0711EE9429754DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.137.64.0/18
14.137.192.0/19
58.178.0.0/15
111.220.0.0/16
112.141.0.0/16
112.213.128.0/18
116.240.0.0/16
121.79.126.0/23
122.148.0.0/16
122.150.0.0/15
125.168.0.0/16
202.4.64.0/19
202.14.191.0/24
202.61.12.0/23
202.62.128.0/19
202.67.64.0/18
202.86.113.0-202.86.118.255
202.130.195.0/24
202.130.205.0/24
202.136.32.0/20
202.138.0.0/18
202.147.128.0/20
202.154.64.0/18
203.16.9.0/24
203.16.170.0/24
203.23.116.0/24
203.24.100.0/23
203.55.252.0/24
203.56.5.0/24
203.62.135.0/24
203.91.224.0/19
203.132.224.0/19
203.134.0.0-203.134.191.255
203.142.128.0/19
203.161.160.0/20
203.190.192.0/20
203.191.160.0/19
203.212.128.0/19
210.50.0.0/16
210.86.240.0/20
211.26.0.0/15
218.214.0.0/15
IPv6:
2403:4800::/32
2403:9e00::/32
2403:fc00::/32
Signature Algorithm: sha256WithRSAEncryption
a0:d2:99:8e:ae:05:db:cd:32:60:b7:c6:31:75:cd:dc:87:79:
e9:10:82:9f:b2:68:ee:59:d9:7f:ac:da:b4:22:d1:27:68:47:
12:87:89:e7:47:ba:f5:1e:a5:be:83:4b:f2:04:c9:f0:83:7a:
bd:a5:1a:03:d4:64:4b:58:fd:f5:cc:33:96:83:70:bd:f1:b4:
6b:d2:86:6f:1e:4e:8a:63:40:16:19:cb:73:fd:8c:26:d7:3a:
4a:d6:fe:61:0c:50:d1:df:cd:13:f8:df:5e:45:7f:95:58:27:
bb:85:be:77:78:85:06:d5:cd:fa:e9:be:79:0d:4a:f2:90:3a:
06:91:08:0e:31:81:fe:64:b5:31:00:81:1c:41:6d:ac:32:35:
ef:d4:3f:ad:24:7b:7c:23:4e:b8:20:95:00:6d:92:0e:14:7a:
60:aa:45:1f:cb:77:b8:a3:1f:43:92:70:6d:2d:03:27:b8:96:
2d:41:c8:d1:c7:c7:fe:a8:22:78:64:fe:4d:ac:9b:ad:0e:d3:
31:8d:2d:ad:35:ed:3a:88:fc:a3:d8:43:13:c0:07:3c:dd:84:
7b:e0:bd:84:7d:01:85:21:6f:d6:01:d9:38:7c:d7:6b:c7:7b:
75:2b:68:d8:e1:b6:da:ec:b8:7c:0e:7f:ff:92:67:e4:18:03:
39:b4:36:3d
-----BEGIN CERTIFICATE-----
MIIGkzCCBXugAwIBAgICF6UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjQwMjIwMTc1NTQzWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ0ZTc5Zi02M2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6/fnHLqzSwWYhp+8E0CcvLLeKItPBy4vNm4YTft1lsUMa4u0o9MchC+wUlLV
6UYyQYNrsFd8GxTMfZQnaWKNBFVl/9jhiC+FebU9oiSoxK9S0ZBXZYoMDahPGE7X
DDOqrVEJ1CkWLhaGDU1G8ml1+nItVEWArXISTONr4s7/qe+8VHxFu9ZCx1aWt3VU
HovQJJb0F98MlsCzGNfyiXXrIOPRiGSF25PZAzpTJukIyRe67GKW8QjnBo4OlgV5
CYCQWj4odxKnoOWqMRX1630rpZdzajg9qtEL4VASGWm8/w6bleh/Hna3o0SAuCr4
mMWcEWXHPuoUXRmhwGlphtvJlwIDAQABo4IDtzCCA7MwHQYDVR0OBBYEFDA7DGKY
KHmgr9DXwe0NojyMN4ahMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvRkREQzFFQUVD
QTA3MTFFRTk0Mjk3NTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggE/BggrBgEFBQcBBwEB
/wSCAS4wggEqMIIBCQQCAAEwggEBAwQGDolAAwQFDonAAwMBOrIDAwBv3AMDAHCN
AwQGcNWAAwMAdPADBAF5T34DAwB6lAMDAXqWAwMAfagDBAXKBEADBADKDr8DBAHK
PQwDBAXKPoADBAbKQ0AwDAMEAMpWcQMEAMpWdgMEAMqCwwMEAMqCzQMEBMqIIAME
BsqKAAMEBMqTgAMEBsqaQAMEAMsQCQMEAMsQqgMEAMsXdAMEAcsYZAMEAMs3/AME
AMs4BQMEAMs+hwMEBctb4AMEBcuE4DALAwMBy4YDBAbLhoADBAXLjoADBATLoaAD
BATLvsADBAXLv6ADBAXL1IADAwDSMgMEBNJW8AMDAdMaAwMB2tYwGwQCAAIwFQMF
ACQDSAADBQAkA54AAwUAJAP8ADANBgkqhkiG9w0BAQsFAAOCAQEAoNKZjq4F280y
YLfGMXXN3Id56RCCn7Jo7lnZf6zatCLRJ2hHEoeJ50e69R6lvoNL8gTJ8IN6vaUa
A9RkS1j99cwzloNwvfG0a9KGbx5OimNAFhnLc/2MJtc6Stb+YQxQ0d/NE/jfXkV/
lVgnu4W+d3iFBtXN+um+eQ1K8pA6BpEIDjGB/mS1MQCBHEFtrDI179Q/rSR7fCNO
uCCVAG2SDhR6YKpFH8t3uKMfQ5JwbS0DJ7iWLUHI0cfH/qgieGT+TaybrQ7TMY0t
rTXtOoj8o9hDE8AHPN2Ee+C9hH0BhSFv1gHZOHzXa8d7dSto2OG22uy4fA5//5Jn
5BgDObQ2PQ==
-----END CERTIFICATE-----
Generated at Fri May 31 20:34:19 2024 by rpki-client on console-ams.rpki-client.org