Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/0D491000A64811EA939A7F67C4F9AE02.roa
File: 0D491000A64811EA939A7F67C4F9AE02.roa (raw, json)
Hash identifier: OA6Ay1bXyUAJq+KfCYl3CuSq1KvT2rPbVpCqhvkc99A=
Subject key identifier: 64:B7:12:3A:FF:5A:7B:21:E4:BB:AB:42:A3:1A:CF:E5:5E:20:25:08
Certificate issuer: /CN=A9118D0F/serialNumber=43E1E8C4261CE07D4F8E4CFB7A3F833FBB46B88C
Certificate serial: 08D7
Authority key identifier: 43:E1:E8:C4:26:1C:E0:7D:4F:8E:4C:FB:7A:3F:83:3F:BB:46:B8:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/0D491000A64811EA939A7F67C4F9AE02.roa
Signing time: Fri 08 Nov 2024 20:28:46 +0000
ROA not before: Fri 08 Nov 2024 20:28:46 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 59268
IP address blocks: 49.128.64.0/24 maxlen: 24
49.128.65.0/24 maxlen: 24
49.128.66.0/24 maxlen: 24
49.128.67.0/24 maxlen: 24
49.128.68.0/24 maxlen: 24
49.128.69.0/24 maxlen: 24
49.128.70.0/24 maxlen: 24
49.128.71.0/24 maxlen: 24
49.128.72.0/24 maxlen: 24
49.128.73.0/24 maxlen: 24
49.128.75.0/24 maxlen: 24
49.128.76.0/24 maxlen: 24
49.128.77.0/24 maxlen: 24
49.128.78.0/24 maxlen: 24
49.128.79.0/24 maxlen: 24
49.128.80.0/24 maxlen: 24
49.128.81.0/24 maxlen: 24
49.128.82.0/24 maxlen: 24
49.128.83.0/24 maxlen: 24
49.128.84.0/24 maxlen: 24
49.128.85.0/24 maxlen: 24
49.128.86.0/24 maxlen: 24
49.128.87.0/24 maxlen: 24
49.128.88.0/24 maxlen: 24
49.128.89.0/24 maxlen: 24
49.128.90.0/24 maxlen: 24
49.128.91.0/24 maxlen: 24
49.128.92.0/24 maxlen: 24
49.128.93.0/24 maxlen: 24
49.128.94.0/24 maxlen: 24
49.128.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.crl
rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:15:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2263 (0x8d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9118D0F/serialNumber=43E1E8C4261CE07D4F8E4CFB7A3F833FBB46B88C
Validity
Not Before: Nov 8 20:28:46 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=672e747d-3a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:78:21:63:d9:58:b6:d2:41:69:e4:62:2d:ff:
5e:e8:f2:98:d4:a0:6b:2d:03:66:56:04:28:f2:1b:
73:1b:4b:fa:40:d7:76:5b:98:0f:55:7a:8e:0b:74:
87:7f:ca:21:c0:b9:48:f2:ba:bc:7e:60:16:db:99:
ca:61:1c:18:b1:f4:b0:bc:12:1c:cd:b9:2b:ce:7f:
2f:7f:e9:ea:9a:75:b9:3f:d6:e7:23:56:10:07:ba:
31:9b:49:73:44:a7:31:29:18:6d:b3:7c:81:f2:09:
59:d1:9b:13:cd:af:c1:55:e1:cf:07:4b:18:15:13:
1e:66:fe:5d:fd:0c:f9:89:05:9b:a1:12:5d:63:14:
bf:72:ea:92:32:d9:45:6e:f8:29:ac:b2:da:62:16:
95:92:b7:f4:5f:64:14:de:50:32:3f:c2:cd:34:60:
46:7b:2f:11:51:ac:24:d6:71:22:58:1f:fc:73:4e:
be:e0:2c:89:aa:13:1c:70:1b:e4:8d:37:5f:7d:c3:
0a:48:aa:28:9b:7d:bf:38:e4:e9:c3:db:69:30:e5:
6f:ae:4f:a4:0b:6e:c3:d5:eb:b6:b1:9d:67:74:1b:
de:04:eb:44:15:49:fe:29:fb:19:34:bc:d3:60:87:
4e:67:2f:8d:da:1e:14:73:1c:c3:ac:c5:bd:de:3f:
8e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B7:12:3A:FF:5A:7B:21:E4:BB:AB:42:A3:1A:CF:E5:5E:20:25:08
X509v3 Authority Key Identifier:
keyid:43:E1:E8:C4:26:1C:E0:7D:4F:8E:4C:FB:7A:3F:83:3F:BB:46:B8:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/0D491000A64811EA939A7F67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.128.64.0-49.128.73.255
49.128.75.0-49.128.95.255
Signature Algorithm: sha256WithRSAEncryption
51:45:41:d6:3d:21:99:5b:c6:32:17:1f:65:eb:d9:9d:7e:68:
a8:3a:fa:be:d9:a7:f4:46:fe:37:33:c0:43:ae:d3:b0:66:7a:
e1:dc:7e:77:40:67:d0:64:6a:8d:e7:6f:c4:4f:a2:f4:7c:4c:
3f:cb:bf:6d:f9:5e:d0:90:d7:6e:bf:58:7c:6c:8d:1b:8d:b6:
4c:28:37:e1:66:08:0a:f5:16:1d:6a:8f:c1:7b:3f:94:a4:07:
51:70:73:0a:9e:b4:52:b0:db:43:af:a8:a3:05:76:88:40:28:
cb:2b:dc:75:45:a4:d6:a0:e6:0e:03:fc:35:5c:cb:30:98:ec:
5e:9e:2d:76:1b:df:99:e8:2a:0f:47:16:0d:a5:06:eb:02:6c:
25:3e:a4:6a:24:55:c7:db:73:a4:af:bb:8c:7a:5e:4a:b5:df:
35:9b:cb:1a:a9:2c:da:8e:1d:48:08:78:bf:01:3a:18:62:1d:
45:66:69:de:30:6e:11:cc:38:97:2d:e8:cd:a4:f6:21:43:2f:
a3:24:cb:8b:13:cb:ee:8f:6c:a9:b2:4e:bb:d8:7c:27:c9:2a:
e0:c6:3a:b1:18:6d:15:d3:95:dc:8e:54:f6:0d:92:96:0d:06:
fc:93:18:70:82:20:6b:15:7d:ed:3a:5e:2e:cd:50:5e:04:7c:
c2:91:85:3d
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICCNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MThEMEYxMTAvBgNVBAUTKDQzRTFFOEM0MjYxQ0UwN0Q0RjhFNENGQjdBM0Y4MzNG
QkI0NkI4OEMwHhcNMjQxMTA4MjAyODQ2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJlNzQ3ZC0zYTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmnghY9lYttJBaeRiLf9e6PKY1KBrLQNmVgQo8htzG0v6QNd2W5gPVXqOC3SH
f8ohwLlI8rq8fmAW25nKYRwYsfSwvBIczbkrzn8vf+nqmnW5P9bnI1YQB7oxm0lz
RKcxKRhts3yB8glZ0ZsTza/BVeHPB0sYFRMeZv5d/Qz5iQWboRJdYxS/cuqSMtlF
bvgprLLaYhaVkrf0X2QU3lAyP8LNNGBGey8RUawk1nEiWB/8c06+4CyJqhMccBvk
jTdffcMKSKoom32/OOTpw9tpMOVvrk+kC27D1eu2sZ1ndBveBOtEFUn+KfsZNLzT
YIdOZy+N2h4UcxzDrMW93j+OnwIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGS3Ejr/
Wnsh5LurQqMaz+VeICUIMB8GA1UdIwQYMBaAFEPh6MQmHOB9T45M+3o/gz+7RriM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOEQwRi83RDIyNzNCNEE2
NDYxMUVBQUY5RTkxNjJDNEY5QUUwMi9RLUhveENZYzRIMVBqa3o3ZWotRFA3dEd1
SXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1EtSG94Q1ljNEgxUGprejdlai1EUDd0R3VJdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MThEMEYvN0QyMjczQjRBNjQ2MTFFQUFGOUU5MTYyQzRGOUFFMDIvMEQ0OTEwMDBB
NjQ4MTFFQTkzOUE3RjY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwwDAMEBjGAQAMEATGASDAMAwQAMYBLAwQFMYBAMA0GCSqGSIb3
DQEBCwUAA4IBAQBRRUHWPSGZW8YyFx9l69mdfmioOvq+2af0Rv43M8BDrtOwZnrh
3H53QGfQZGqN52/ET6L0fEw/y79t+V7QkNduv1h8bI0bjbZMKDfhZggK9RYdao/B
ez+UpAdRcHMKnrRSsNtDr6ijBXaIQCjLK9x1RaTWoOYOA/w1XMswmOxeni12G9+Z
6CoPRxYNpQbrAmwlPqRqJFXH23Okr7uMel5Ktd81m8saqSzajh1ICHi/AToYYh1F
ZmneMG4RzDiXLejNpPYhQy+jJMuLE8vuj2ypsk672HwnySrgxjqxGG0V05XcjlT2
DZKWDQb8kxhwgiBrFX3tOl4uzVBeBHzCkYU9
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:21 2024 by rpki-client on console-ams.rpki-client.org