Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/553170245AC511EBA052F663C4F9AE02.roa
File: 553170245AC511EBA052F663C4F9AE02.roa (raw, json)
Hash identifier: zZIIEfeakO+43e0JDOBIzAkL5O9TeO1Bv2dEETveidg=
Subject key identifier: DA:C9:3E:74:BD:8D:33:E7:CD:8A:0E:43:44:21:28:0A:AF:00:1A:29
Certificate issuer: /CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6
Certificate serial: 0A14
Authority key identifier: 43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/553170245AC511EBA052F663C4F9AE02.roa
Signing time: Sat 22 Jun 2024 21:14:06 +0000
ROA not before: Sat 22 Jun 2024 21:14:06 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 9269
IP address blocks: 14.136.0.0/16 maxlen: 24
14.198.0.0/17 maxlen: 24
14.198.128.0/18 maxlen: 24
14.198.192.0/19 maxlen: 24
14.198.224.0/20 maxlen: 24
14.199.0.0/16 maxlen: 24
43.224.232.0/22 maxlen: 24
58.176.0.0/15 maxlen: 15
58.176.0.0/16 maxlen: 24
58.177.0.0/16 maxlen: 24
59.148.0.0/15 maxlen: 15
59.148.0.0/16 maxlen: 24
59.149.0.0/16 maxlen: 24
61.92.0.0/15 maxlen: 15
61.92.0.0/16 maxlen: 24
61.93.0.0/16 maxlen: 24
61.238.0.0/15 maxlen: 15
61.238.0.0/16 maxlen: 24
61.239.0.0/16 maxlen: 24
61.244.0.0/16 maxlen: 24
103.243.0.0/22 maxlen: 24
110.235.0.0/17 maxlen: 24
119.246.0.0/15 maxlen: 15
119.246.0.0/16 maxlen: 24
119.247.0.0/16 maxlen: 24
123.202.0.0/15 maxlen: 15
123.202.0.0/16 maxlen: 24
123.203.0.0/16 maxlen: 24
124.244.0.0/16 maxlen: 24
183.178.0.0/15 maxlen: 15
183.178.0.0/16 maxlen: 24
183.179.0.0/16 maxlen: 24
202.77.4.0/22 maxlen: 24
202.77.24.0/21 maxlen: 24
202.77.32.0/19 maxlen: 24
203.80.64.0/18 maxlen: 24
203.80.192.0/18 maxlen: 24
203.185.0.0/18 maxlen: 24
203.186.0.0/16 maxlen: 24
210.6.0.0/16 maxlen: 24
2401:f400::/32 maxlen: 32
2403:f500::/32 maxlen: 32
2403:f500::/35 maxlen: 35
2403:f500:2000::/35 maxlen: 35
2403:f500:6000::/35 maxlen: 35
2403:f500:8000::/35 maxlen: 35
2403:f500:a000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl
rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 19:56:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2580 (0xa14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911647C/serialNumber=436B2C5F03F91CA741C6A249DC015A6D544A62A6
Validity
Not Before: Jun 22 21:14:06 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66773e9e-07dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:ba:b1:b8:cb:1e:5a:00:51:7a:99:60:34:ad:
e7:2e:b5:22:d7:43:cb:3f:46:75:4f:71:a6:06:cc:
e5:a6:bd:9c:79:c1:e6:e7:98:ec:d9:a0:6f:ae:45:
c0:9d:d3:9d:f7:a4:ee:98:43:f2:a8:15:99:57:a0:
08:47:68:3e:a5:de:e8:80:e9:3c:a3:fd:2e:da:74:
37:95:c9:29:5f:44:6f:9d:00:50:bc:b2:d8:ef:46:
d1:83:8a:1b:48:48:dc:21:2a:18:94:14:12:4d:ae:
64:0a:5a:10:d5:3a:fd:70:65:c5:27:1f:d0:a0:42:
8e:70:84:b0:91:92:eb:85:f2:55:f2:b4:e8:ac:e5:
67:42:83:ac:cc:d8:16:11:83:1b:4e:58:64:34:a3:
6d:4f:c9:89:fc:b7:60:0d:ef:8e:8a:1f:80:b1:91:
b7:2d:ac:d1:56:e6:f3:38:13:ad:f1:bd:70:f2:44:
d7:67:39:fb:ee:2f:10:fc:ff:96:0e:b8:fc:a3:04:
3a:41:b5:72:23:13:55:08:3b:56:b8:dd:58:5c:c6:
59:96:3c:c4:e2:5b:2a:cc:5f:01:86:28:75:49:c6:
5b:66:3e:26:19:55:5b:94:da:24:9e:18:27:71:24:
8b:4b:3d:7b:9e:81:61:c1:97:f8:a0:51:cb:b9:20:
6a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C9:3E:74:BD:8D:33:E7:CD:8A:0E:43:44:21:28:0A:AF:00:1A:29
X509v3 Authority Key Identifier:
keyid:43:6B:2C:5F:03:F9:1C:A7:41:C6:A2:49:DC:01:5A:6D:54:4A:62:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2ssXwP5HKdBxqJJ3AFabVRKYqY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911647C/437CC406851311EAAA0B0A7FC4F9AE02/553170245AC511EBA052F663C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.136.0.0/16
14.198.0.0-14.198.239.255
14.199.0.0/16
43.224.232.0/22
58.176.0.0/15
59.148.0.0/15
61.92.0.0/15
61.238.0.0/15
61.244.0.0/16
103.243.0.0/22
110.235.0.0/17
119.246.0.0/15
123.202.0.0/15
124.244.0.0/16
183.178.0.0/15
202.77.4.0/22
202.77.24.0-202.77.63.255
203.80.64.0/18
203.80.192.0/18
203.185.0.0/18
203.186.0.0/16
210.6.0.0/16
IPv6:
2401:f400::/32
2403:f500::/32
Signature Algorithm: sha256WithRSAEncryption
b4:ad:eb:24:1a:53:42:b3:e9:48:de:0e:dc:70:69:05:a8:7f:
74:5e:82:69:23:54:29:4d:db:f9:b7:1d:ab:b5:8d:09:f2:40:
12:53:62:b4:5b:47:e3:ab:68:67:37:e1:e1:a2:3c:18:4b:bf:
3f:92:a4:5d:59:ec:f9:76:03:ca:77:9b:d5:d2:33:c1:b4:3e:
59:8d:38:bb:cd:04:54:6c:6b:42:cc:d7:5e:bc:dd:6f:1b:10:
00:b5:35:0c:3f:ca:70:f2:43:1c:9f:ed:14:ee:1a:bb:9a:51:
6f:88:eb:f1:37:77:0b:14:b2:16:e6:70:37:9f:75:bd:2f:5c:
15:38:7e:1a:05:2c:8d:ff:6a:26:be:49:0a:c4:64:20:d8:2e:
2e:a9:c5:c4:83:d8:b5:69:3a:a7:61:3a:ce:99:63:fa:36:e2:
41:82:d4:11:4a:50:c5:80:d3:5c:33:79:1e:c5:bd:44:3f:9b:
fe:8a:67:72:c1:e7:f5:7e:0b:43:97:9a:97:e2:cf:74:16:21:
96:81:73:58:bb:c2:44:0f:41:00:45:7d:56:fe:6f:23:2b:9e:
48:53:9f:0b:97:a3:c9:2d:74:6c:fe:8d:16:05:4c:68:76:40:
e8:7a:71:15:9f:ed:0f:b4:e2:41:1c:b5:db:99:b1:05:d4:b2:
8d:fe:7c:d2
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgICChQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY0N0MxMTAvBgNVBAUTKDQzNkIyQzVGMDNGOTFDQTc0MUM2QTI0OURDMDE1QTZE
NTQ0QTYyQTYwHhcNMjQwNjIyMjExNDA2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc3M2U5ZS0wN2RjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA77qxuMseWgBReplgNK3nLrUi10PLP0Z1T3GmBszlpr2cecHm55js2aBvrkXA
ndOd96TumEPyqBWZV6AIR2g+pd7ogOk8o/0u2nQ3lckpX0RvnQBQvLLY70bRg4ob
SEjcISoYlBQSTa5kCloQ1Tr9cGXFJx/QoEKOcISwkZLrhfJV8rTorOVnQoOszNgW
EYMbTlhkNKNtT8mJ/LdgDe+Oih+AsZG3LazRVubzOBOt8b1w8kTXZzn77i8Q/P+W
Drj8owQ6QbVyIxNVCDtWuN1YXMZZljzE4lsqzF8Bhih1ScZbZj4mGVVblNoknhgn
cSSLSz17noFhwZf4oFHLuSBqRQIDAQABo4IDMDCCAywwHQYDVR0OBBYEFNrJPnS9
jTPnzYoOQ0QhKAqvABopMB8GA1UdIwQYMBaAFENrLF8D+RynQcaiSdwBWm1USmKm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjQ3Qy80MzdDQzQwNjg1
MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9RMnNzWHdQNUhLZEJ4cUpKM0FGYWJWUktZ
cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1Eyc3NYd1A1SEtkQnhxSkozQUZhYlZSS1lxWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY0N0MvNDM3Q0M0MDY4NTEzMTFFQUFBMEIwQTdGQzRGOUFFMDIvNTUzMTcwMjQ1
QUM1MTFFQkEwNTJGNjYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbkGCCsGAQUFBwEHAQH/
BIGpMIGmMIGNBAIAATCBhgMDAA6IMAsDAwEOxgMEBA7G4AMDAA7HAwQCK+DoAwMB
OrADAwE7lAMDAT1cAwMBPe4DAwA99AMEAmfzAAMEB27rAAMDAXf2AwMBe8oDAwB8
9AMDAbeyAwQCyk0EMAwDBAPKTRgDBAbKTQADBAbLUEADBAbLUMADBAbLuQADAwDL
ugMDANIGMBQEAgACMA4DBQAkAfQAAwUAJAP1ADANBgkqhkiG9w0BAQsFAAOCAQEA
tK3rJBpTQrPpSN4O3HBpBah/dF6CaSNUKU3b+bcdq7WNCfJAElNitFtH46toZzfh
4aI8GEu/P5KkXVns+XYDyneb1dIzwbQ+WY04u80EVGxrQszXXrzdbxsQALU1DD/K
cPJDHJ/tFO4au5pRb4jr8Td3CxSyFuZwN591vS9cFTh+GgUsjf9qJr5JCsRkINgu
LqnFxIPYtWk6p2E6zplj+jbiQYLUEUpQxYDTXDN5HsW9RD+b/opncsHn9X4LQ5ea
l+LPdBYhloFzWLvCRA9BAEV9Vv5vIyueSFOfC5ejyS10bP6NFgVMaHZA6HpxFZ/t
D7TiQRy125mxBdSyjf580g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:05:26 2024 by rpki-client on console-fra.rpki-client.org