Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/553170245AC511EBA052F663C4F9AE02.roa
File: 553170245AC511EBA052F663C4F9AE02.roa (raw, json)
Hash identifier: QGnpgaIGy5AOir91I7lncP9FpImJiqaLPZ1wopdnD1I=
Subject key identifier: 21:42:03:9F:25:E3:89:0B:68:CF:01:A1:89:61:9E:2A:41:AE:54:68
Certificate issuer: /CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6
Certificate serial: 0945
Authority key identifier: 43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/553170245AC511EBA052F663C4F9AE02.roa
Signing time: Thu 22 Jun 2023 21:52:41 +0000
ROA not before: Thu 22 Jun 2023 21:52:41 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 9269
IP address blocks: 14.136.0.0/16 maxlen: 24
14.198.0.0/17 maxlen: 24
14.198.128.0/18 maxlen: 24
14.198.192.0/19 maxlen: 24
14.198.224.0/20 maxlen: 24
14.199.0.0/16 maxlen: 24
43.224.232.0/22 maxlen: 24
58.176.0.0/15 maxlen: 15
58.176.0.0/16 maxlen: 24
58.177.0.0/16 maxlen: 24
59.148.0.0/15 maxlen: 15
59.148.0.0/16 maxlen: 24
59.149.0.0/16 maxlen: 24
61.92.0.0/15 maxlen: 15
61.92.0.0/16 maxlen: 24
61.93.0.0/16 maxlen: 24
61.238.0.0/15 maxlen: 15
61.238.0.0/16 maxlen: 24
61.239.0.0/16 maxlen: 24
61.244.0.0/16 maxlen: 24
103.243.0.0/22 maxlen: 24
110.235.0.0/17 maxlen: 24
119.246.0.0/15 maxlen: 15
119.246.0.0/16 maxlen: 24
119.247.0.0/16 maxlen: 24
123.202.0.0/15 maxlen: 15
123.202.0.0/16 maxlen: 24
123.203.0.0/16 maxlen: 24
124.244.0.0/16 maxlen: 24
183.178.0.0/15 maxlen: 15
183.178.0.0/16 maxlen: 24
183.179.0.0/16 maxlen: 24
202.77.4.0/22 maxlen: 24
202.77.24.0/21 maxlen: 24
202.77.32.0/19 maxlen: 24
203.80.64.0/18 maxlen: 24
203.80.192.0/18 maxlen: 24
203.185.0.0/18 maxlen: 24
203.186.0.0/16 maxlen: 24
210.6.0.0/16 maxlen: 24
2401:f400::/32 maxlen: 32
2403:f500::/32 maxlen: 32
2403:f500::/35 maxlen: 35
2403:f500:2000::/35 maxlen: 35
2403:f500:6000::/35 maxlen: 35
2403:f500:8000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl
rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 20:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2373 (0x945)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6
Validity
Not Before: Jun 22 21:52:41 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=6494c2a9-81de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e1:0a:32:59:76:53:e9:39:3c:20:dd:58:7b:
85:9c:64:63:5e:76:b6:dc:75:07:4a:17:2c:fe:a7:
4c:d0:3a:97:f1:15:de:1e:dd:fd:e8:3a:5e:98:44:
89:e0:5f:4a:d7:ae:d7:2e:39:39:e6:03:09:e7:2f:
e6:97:3d:75:e7:47:1a:ac:21:b6:cf:19:6c:1c:ec:
38:ef:88:09:a2:f8:ed:65:e2:6b:50:d1:01:20:f4:
7b:39:bf:06:9b:b0:29:00:50:76:76:67:d3:f7:60:
56:9b:53:c8:6c:2f:0b:98:57:40:05:9f:d4:4f:f7:
f8:72:7c:d6:2f:97:50:72:06:bc:ea:9c:2e:e1:07:
b1:c4:7b:76:a9:91:e5:d6:29:0e:6f:13:ab:24:a2:
e8:32:f5:89:cb:5a:8c:29:69:09:3b:c0:77:33:ec:
dc:00:fc:36:17:cf:5c:6f:3b:f4:99:39:30:ba:d9:
51:39:2e:93:ab:2b:d0:7b:30:03:6c:aa:13:b8:72:
02:8c:16:df:bf:4e:b5:25:da:65:11:65:76:72:e6:
b7:7c:91:0f:a1:c5:5e:d5:1f:ba:28:43:f3:3c:18:
2e:df:c7:f9:81:01:6a:0c:f5:27:16:f9:a4:1a:31:
05:0c:26:26:c1:88:fc:b1:82:06:eb:78:31:b2:22:
ac:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:42:03:9F:25:E3:89:0B:68:CF:01:A1:89:61:9E:2A:41:AE:54:68
X509v3 Authority Key Identifier:
keyid:43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/553170245AC511EBA052F663C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.136.0.0/16
14.198.0.0-14.198.239.255
14.199.0.0/16
43.224.232.0/22
58.176.0.0/15
59.148.0.0/15
61.92.0.0/15
61.238.0.0/15
61.244.0.0/16
103.243.0.0/22
110.235.0.0/17
119.246.0.0/15
123.202.0.0/15
124.244.0.0/16
183.178.0.0/15
202.77.4.0/22
202.77.24.0-202.77.63.255
203.80.64.0/18
203.80.192.0/18
203.185.0.0/18
203.186.0.0/16
210.6.0.0/16
IPv6:
2401:f400::/32
2403:f500::/32
Signature Algorithm: sha256WithRSAEncryption
d4:79:01:01:a6:d3:7a:b4:ce:17:90:72:da:f1:47:5c:b9:27:
d0:b5:0e:c0:c0:d1:fb:71:a4:f8:ec:8b:19:c3:38:9d:fc:24:
8d:aa:d5:a6:e9:a8:da:1d:d2:e4:91:ec:5b:58:25:ca:bb:76:
0d:98:f6:f1:15:04:04:df:67:d1:94:88:db:d4:8d:92:cd:40:
34:95:e7:fb:7d:5d:c1:34:f6:54:54:f7:02:10:21:39:40:f3:
ef:8a:8c:08:bd:da:97:9f:25:bc:b1:ec:5e:c4:fe:9f:45:ea:
c1:e7:c5:5d:6b:10:eb:44:71:9a:9c:aa:89:17:fe:cc:73:0b:
53:91:b4:ef:28:1a:fc:a9:09:b6:b5:74:38:4f:32:98:4b:d4:
a8:ee:50:a9:c2:7e:e9:db:18:13:1d:30:a3:de:06:69:fb:aa:
a4:99:5a:2a:2d:1b:c3:8f:bc:d9:ea:66:ff:ed:7f:08:5a:fa:
b9:73:bd:87:5f:7b:5d:5d:99:6f:ca:2a:7d:b9:8d:ea:fd:8b:
68:cb:df:28:6f:a7:0d:97:2d:e5:d2:53:22:45:a3:aa:21:00:
87:fd:af:37:b0:93:70:53:14:a6:a2:52:d1:4e:9a:d6:ff:79:
d5:97:0f:d6:26:22:50:92:c3:04:14:e2:e1:fe:34:47:b7:7c:
00:b6:18:06
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgICCUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY0N0MxMTAvBgNVBAUTKDQzNkIyQzVGMDNGOTFDQTc0MUM2QTI0OURDMDE1QTZE
NTQ0QTYyQTYwHhcNMjMwNjIyMjE1MjQxWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDk0YzJhOS04MWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1OEKMll2U+k5PCDdWHuFnGRjXna23HUHShcs/qdM0DqX8RXeHt396DpemESJ
4F9K167XLjk55gMJ5y/mlz1150carCG2zxlsHOw474gJovjtZeJrUNEBIPR7Ob8G
m7ApAFB2dmfT92BWm1PIbC8LmFdABZ/UT/f4cnzWL5dQcga86pwu4QexxHt2qZHl
1ikObxOrJKLoMvWJy1qMKWkJO8B3M+zcAPw2F89cbzv0mTkwutlROS6TqyvQezAD
bKoTuHICjBbfv061JdplEWV2cua3fJEPocVe1R+6KEPzPBgu38f5gQFqDPUnFvmk
GjEFDCYmwYj8sYIG63gxsiKsowIDAQABo4IDMDCCAywwHQYDVR0OBBYEFCFCA58l
44kLaM8BoYlhnipBrlRoMB8GA1UdIwQYMBaAFENrLF8D+RynQcaiSdwBWm1USmKm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjQ3Qy80MzdDQzQwNjg1
MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhLZEJ4cUpKM0FGYWJWUktZ
cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Eyc3NYd1A1SEtkQnhxSkozQUZhYlZSS1lxWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY0N0MvNDM3Q0M0MDY4NTEzMTFFQUFBMEIwQTdGQzRGOUFFMDIvNTUzMTcwMjQ1
QUM1MTFFQkEwNTJGNjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbkGCCsGAQUFBwEHAQH/
BIGpMIGmMIGNBAIAATCBhgMDAA6IMAsDAwEOxgMEBA7G4AMDAA7HAwQCK+DoAwMB
OrADAwE7lAMDAT1cAwMBPe4DAwA99AMEAmfzAAMEB27rAAMDAXf2AwMBe8oDAwB8
9AMDAbeyAwQCyk0EMAwDBAPKTRgDBAbKTQADBAbLUEADBAbLUMADBAbLuQADAwDL
ugMDANIGMBQEAgACMA4DBQAkAfQAAwUAJAP1ADANBgkqhkiG9w0BAQsFAAOCAQEA
1HkBAabTerTOF5By2vFHXLkn0LUOwMDR+3Gk+OyLGcM4nfwkjarVpumo2h3S5JHs
W1glyrt2DZj28RUEBN9n0ZSI29SNks1ANJXn+31dwTT2VFT3AhAhOUDz74qMCL3a
l58lvLHsXsT+n0XqwefFXWsQ60RxmpyqiRf+zHMLU5G07yga/KkJtrV0OE8ymEvU
qO5QqcJ+6dsYEx0wo94GafuqpJlaKi0bw4+82epm/+1/CFr6uXO9h197XV2Zb8oq
fbmN6v2LaMvfKG+nDZct5dJTIkWjqiEAh/2vN7CTcFMUpqJS0U6a1v951ZcP1iYi
UJLDBBTi4f40R7d8ALYYBg==
-----END CERTIFICATE-----
Generated at Thu May 16 22:23:36 2024 by rpki-client on console-fra.rpki-client.org