Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/0EA44D4E5ADD11EBB9CEE568C4F9AE02.roa
File: 0EA44D4E5ADD11EBB9CEE568C4F9AE02.roa (raw, json)
Hash identifier: 544CGw77adzKZSVB6a/EsmcNRdkcJyyJICXTpEPCpPk=
Subject key identifier: 0E:2C:4F:EE:23:2E:24:97:A1:ED:3B:79:06:6F:FC:C8:F2:AA:46:FF
Certificate issuer: /CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6
Certificate serial: 0A15
Authority key identifier: 43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/0EA44D4E5ADD11EBB9CEE568C4F9AE02.roa
Signing time: Sat 22 Jun 2024 21:14:07 +0000
ROA not before: Sat 22 Jun 2024 21:14:07 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 9381
IP address blocks: 14.136.0.0/16 maxlen: 24
14.198.0.0/17 maxlen: 24
14.198.128.0/18 maxlen: 24
14.198.192.0/19 maxlen: 24
14.198.224.0/20 maxlen: 24
14.199.0.0/16 maxlen: 24
43.224.232.0/22 maxlen: 24
58.176.0.0/15 maxlen: 15
58.176.0.0/16 maxlen: 24
58.177.0.0/16 maxlen: 24
59.148.0.0/15 maxlen: 15
59.148.0.0/16 maxlen: 24
59.149.0.0/16 maxlen: 24
61.92.0.0/15 maxlen: 15
61.92.0.0/16 maxlen: 24
61.93.0.0/16 maxlen: 24
61.238.0.0/15 maxlen: 15
61.238.0.0/16 maxlen: 24
61.239.0.0/16 maxlen: 24
61.244.0.0/16 maxlen: 24
103.243.0.0/22 maxlen: 24
110.235.0.0/17 maxlen: 24
119.246.0.0/15 maxlen: 15
119.246.0.0/16 maxlen: 24
119.247.0.0/16 maxlen: 24
123.202.0.0/15 maxlen: 15
123.202.0.0/16 maxlen: 24
123.203.0.0/16 maxlen: 24
124.244.0.0/16 maxlen: 24
183.178.0.0/15 maxlen: 15
183.178.0.0/16 maxlen: 24
183.179.0.0/16 maxlen: 24
202.77.4.0/22 maxlen: 24
202.77.24.0/21 maxlen: 24
202.77.32.0/19 maxlen: 24
203.80.64.0/18 maxlen: 24
203.80.192.0/18 maxlen: 24
203.185.0.0/18 maxlen: 24
203.186.0.0/16 maxlen: 24
210.6.0.0/16 maxlen: 24
2401:f400::/32 maxlen: 32
2403:f500::/32 maxlen: 32
2403:f500::/35 maxlen: 35
2403:f500:2000::/35 maxlen: 35
2403:f500:6000::/35 maxlen: 35
2403:f500:8000::/35 maxlen: 35
2403:f500:a000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl
rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 19:56:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2581 (0xa15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6
Validity
Not Before: Jun 22 21:14:07 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66773e9f-cd9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:52:d2:b9:84:f1:f6:24:48:86:bf:5d:30:5f:
21:87:d4:68:c9:d0:9d:37:f3:99:3a:15:6d:ce:16:
64:07:96:f9:1b:61:17:2d:22:fb:e3:5a:7f:e2:fc:
6d:58:ee:cf:e6:cd:a5:6b:04:5c:0f:09:3f:ec:8a:
ff:90:37:a4:68:b0:37:b7:8c:23:82:81:5f:0d:82:
a4:cd:96:60:ee:2a:18:16:5b:fa:ee:1c:05:4f:7c:
c3:87:90:ff:5d:f5:b8:30:01:01:65:fe:4c:ba:66:
6d:18:97:34:00:92:03:51:91:0b:38:8e:03:23:d3:
c6:71:1e:48:28:c1:b8:7c:20:60:4e:00:a8:5b:46:
54:f3:9b:33:9c:0b:5d:b0:cc:e0:62:1c:29:fa:51:
ba:fc:01:7a:a2:0f:79:62:44:dc:05:6c:19:45:e9:
8f:1d:46:01:d4:41:1c:3a:50:b3:82:8c:0c:cb:59:
3f:65:6c:78:0e:ab:94:f7:da:59:fa:08:4a:14:a9:
05:6d:9a:86:3a:9e:d2:b0:a4:05:9a:46:6b:3a:b0:
78:6e:c8:b2:fe:e6:85:9a:fe:5b:a4:93:0f:a1:60:
04:66:f5:35:15:58:de:24:1c:dd:70:05:ae:1d:4f:
c8:6a:d5:da:73:8d:70:fb:cd:8f:67:22:f8:d6:45:
24:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2C:4F:EE:23:2E:24:97:A1:ED:3B:79:06:6F:FC:C8:F2:AA:46:FF
X509v3 Authority Key Identifier:
keyid:43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/0EA44D4E5ADD11EBB9CEE568C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.136.0.0/16
14.198.0.0-14.198.239.255
14.199.0.0/16
43.224.232.0/22
58.176.0.0/15
59.148.0.0/15
61.92.0.0/15
61.238.0.0/15
61.244.0.0/16
103.243.0.0/22
110.235.0.0/17
119.246.0.0/15
123.202.0.0/15
124.244.0.0/16
183.178.0.0/15
202.77.4.0/22
202.77.24.0-202.77.63.255
203.80.64.0/18
203.80.192.0/18
203.185.0.0/18
203.186.0.0/16
210.6.0.0/16
IPv6:
2401:f400::/32
2403:f500::/32
Signature Algorithm: sha256WithRSAEncryption
4a:87:ae:5a:36:57:88:f1:ab:1d:7a:1a:c4:c1:18:fc:65:72:
36:86:b9:c8:f3:bb:fd:59:c4:de:2e:db:33:a7:82:d3:c3:7d:
c5:69:0f:37:8f:04:08:0d:f3:16:3a:a0:58:2f:3f:69:b9:48:
b8:16:5e:d5:f0:e5:e9:a7:2b:61:00:b5:7b:df:86:69:32:0e:
2f:62:f8:a3:8a:c7:7c:eb:ce:03:56:d1:ce:c1:35:ee:13:ea:
64:d6:14:f8:02:80:8e:45:4c:99:16:61:a6:c5:f1:2c:a1:c1:
70:85:d4:1a:96:fe:8e:37:23:2f:a1:2a:7d:2a:3d:cc:aa:8b:
7c:f5:53:b1:ad:d8:77:6d:fb:3b:31:f7:3d:c9:41:a1:01:04:
2e:85:e7:ec:c8:72:9e:ff:a1:6d:f6:0a:9d:0d:4d:8a:5e:2b:
95:52:c2:03:16:b1:d7:0c:aa:a0:9c:ff:56:57:bf:f3:e4:0a:
de:9b:59:ef:cc:15:e2:3a:5a:c8:66:d6:5c:f2:ab:92:24:c1:
e8:6a:d4:ca:16:7d:77:5a:c0:2f:43:ff:17:ab:7d:a6:27:05:
88:95:b9:0a:70:4e:3c:ca:91:f7:16:d7:d3:c0:d5:c8:24:a0:
ff:49:5f:dd:f5:fc:66:35:d5:c0:42:5c:80:79:c9:54:71:d3:
7b:42:28:f5
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgICChUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY0N0MxMTAvBgNVBAUTKDQzNkIyQzVGMDNGOTFDQTc0MUM2QTI0OURDMDE1QTZE
NTQ0QTYyQTYwHhcNMjQwNjIyMjExNDA3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc3M2U5Zi1jZDliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz1LSuYTx9iRIhr9dMF8hh9RoydCdN/OZOhVtzhZkB5b5G2EXLSL741p/4vxt
WO7P5s2lawRcDwk/7Ir/kDekaLA3t4wjgoFfDYKkzZZg7ioYFlv67hwFT3zDh5D/
XfW4MAEBZf5MumZtGJc0AJIDUZELOI4DI9PGcR5IKMG4fCBgTgCoW0ZU85sznAtd
sMzgYhwp+lG6/AF6og95YkTcBWwZRemPHUYB1EEcOlCzgowMy1k/ZWx4DquU99pZ
+ghKFKkFbZqGOp7SsKQFmkZrOrB4bsiy/uaFmv5bpJMPoWAEZvU1FVjeJBzdcAWu
HU/IatXac41w+82PZyL41kUkbQIDAQABo4IDMDCCAywwHQYDVR0OBBYEFA4sT+4j
LiSXoe07eQZv/Mjyqkb/MB8GA1UdIwQYMBaAFENrLF8D+RynQcaiSdwBWm1USmKm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjQ3Qy80MzdDQzQwNjg1
MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhLZEJ4cUpKM0FGYWJWUktZ
cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Eyc3NYd1A1SEtkQnhxSkozQUZhYlZSS1lxWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY0N0MvNDM3Q0M0MDY4NTEzMTFFQUFBMEIwQTdGQzRGOUFFMDIvMEVBNDRENEU1
QUREMTFFQkI5Q0VFNTY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbkGCCsGAQUFBwEHAQH/
BIGpMIGmMIGNBAIAATCBhgMDAA6IMAsDAwEOxgMEBA7G4AMDAA7HAwQCK+DoAwMB
OrADAwE7lAMDAT1cAwMBPe4DAwA99AMEAmfzAAMEB27rAAMDAXf2AwMBe8oDAwB8
9AMDAbeyAwQCyk0EMAwDBAPKTRgDBAbKTQADBAbLUEADBAbLUMADBAbLuQADAwDL
ugMDANIGMBQEAgACMA4DBQAkAfQAAwUAJAP1ADANBgkqhkiG9w0BAQsFAAOCAQEA
SoeuWjZXiPGrHXoaxMEY/GVyNoa5yPO7/VnE3i7bM6eC08N9xWkPN48ECA3zFjqg
WC8/ablIuBZe1fDl6acrYQC1e9+GaTIOL2L4o4rHfOvOA1bRzsE17hPqZNYU+AKA
jkVMmRZhpsXxLKHBcIXUGpb+jjcjL6EqfSo9zKqLfPVTsa3Yd237OzH3PclBoQEE
LoXn7Mhynv+hbfYKnQ1Nil4rlVLCAxax1wyqoJz/Vle/8+QK3ptZ78wV4jpayGbW
XPKrkiTB6GrUyhZ9d1rAL0P/F6t9picFiJW5CnBOPMqR9xbX08DVyCSg/0lf3fX8
ZjXVwEJcgHnJVHHTe0Io9Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:05:26 2024 by rpki-client on console-fra.rpki-client.org