Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/0D491000A64811EA939A7F67C4F9AE02.roa
File: 0D491000A64811EA939A7F67C4F9AE02.roa (raw, json)
Hash identifier: 9pM/SrMxIFEUbNEKruw9n+KIf/9j0euHGvBK52mAQY8=
Subject key identifier: 4C:85:8A:BF:F4:34:94:15:40:5E:EB:AA:3C:D6:C5:67:0C:8D:74:43
Certificate issuer: /CN=A9118D0F/serialNumber=43E1E8C4261CE07D4F8E4CFB7A3F833FBB46B88C
Certificate serial: 0818
Authority key identifier: 43:E1:E8:C4:26:1C:E0:7D:4F:8E:4C:FB:7A:3F:83:3F:BB:46:B8:8C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/0D491000A64811EA939A7F67C4F9AE02.roa
Signing time: Mon 06 Nov 2023 21:49:17 +0000
ROA not before: Mon 06 Nov 2023 21:49:17 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 59268
IP address blocks: 49.128.64.0/24 maxlen: 24
49.128.65.0/24 maxlen: 24
49.128.66.0/24 maxlen: 24
49.128.67.0/24 maxlen: 24
49.128.68.0/24 maxlen: 24
49.128.69.0/24 maxlen: 24
49.128.70.0/24 maxlen: 24
49.128.71.0/24 maxlen: 24
49.128.72.0/24 maxlen: 24
49.128.73.0/24 maxlen: 24
49.128.75.0/24 maxlen: 24
49.128.76.0/24 maxlen: 24
49.128.77.0/24 maxlen: 24
49.128.78.0/24 maxlen: 24
49.128.79.0/24 maxlen: 24
49.128.80.0/24 maxlen: 24
49.128.81.0/24 maxlen: 24
49.128.82.0/24 maxlen: 24
49.128.83.0/24 maxlen: 24
49.128.84.0/24 maxlen: 24
49.128.85.0/24 maxlen: 24
49.128.86.0/24 maxlen: 24
49.128.87.0/24 maxlen: 24
49.128.88.0/24 maxlen: 24
49.128.89.0/24 maxlen: 24
49.128.90.0/24 maxlen: 24
49.128.91.0/24 maxlen: 24
49.128.92.0/24 maxlen: 24
49.128.93.0/24 maxlen: 24
49.128.94.0/24 maxlen: 24
49.128.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.crl
rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 21 May 2024 21:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2072 (0x818)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9118D0F/serialNumber=43E1E8C4261CE07D4F8E4CFB7A3F833FBB46B88C
Validity
Not Before: Nov 6 21:49:17 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65495f5d-dd22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a2:59:ef:34:ab:e1:dd:31:05:8a:09:23:de:
8f:a5:e3:8b:bb:03:1a:0f:1d:e6:f2:1c:0d:19:22:
cd:27:9a:58:87:34:a1:fd:b0:b6:4d:14:99:8b:26:
dd:93:58:d6:07:cd:4d:65:d5:dc:d3:ee:14:93:1b:
3e:33:47:0c:8e:2b:c1:74:87:9d:f9:34:7c:30:00:
b9:1c:e0:59:c5:db:8b:c6:2d:6b:3a:97:0e:f4:07:
bd:f8:b9:72:d3:25:4c:8c:73:b0:e6:b1:4f:80:d5:
01:a9:dd:5a:c6:89:f7:8e:6d:8b:32:70:14:7c:0e:
84:fb:18:83:bc:b4:47:ca:bc:c9:5a:92:10:17:a5:
73:4c:f8:72:42:2d:2a:af:1a:e8:74:1d:7f:30:d6:
c1:61:da:90:2c:be:e1:8d:c4:bf:2d:26:fb:aa:e4:
93:6f:78:30:c6:21:f8:fc:e5:09:60:c6:6e:06:04:
2f:01:aa:b1:b3:ba:91:27:61:e0:dd:76:2e:c3:bb:
34:b2:d3:2e:3f:ed:c7:52:74:a8:d3:66:1a:cd:08:
ad:76:77:fd:4f:5f:a7:a8:c9:bf:da:29:67:f8:f7:
24:94:d4:4d:ef:5c:34:a9:93:32:34:8b:ed:e5:c8:
d3:d8:5e:56:b7:d4:75:99:89:54:63:b3:af:c6:c4:
3e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:85:8A:BF:F4:34:94:15:40:5E:EB:AA:3C:D6:C5:67:0C:8D:74:43
X509v3 Authority Key Identifier:
keyid:43:E1:E8:C4:26:1C:E0:7D:4F:8E:4C:FB:7A:3F:83:3F:BB:46:B8:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q-HoxCYc4H1Pjkz7ej-DP7tGuIw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118D0F/7D2273B4A64611EAAF9E9162C4F9AE02/0D491000A64811EA939A7F67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.128.64.0-49.128.73.255
49.128.75.0-49.128.95.255
Signature Algorithm: sha256WithRSAEncryption
83:3d:6f:01:92:be:a3:a5:87:de:3a:f7:04:6b:f1:f9:c2:9b:
d4:fe:51:37:df:6d:b4:17:ce:25:a9:77:92:9b:e5:c5:19:72:
77:a4:72:8f:28:3b:65:42:61:e6:45:7e:7d:97:d4:a0:08:4b:
38:31:ef:13:95:6d:3e:d6:f8:37:1d:7a:f2:56:03:15:b8:a1:
3a:d0:b1:83:f5:ec:e4:7c:e7:1c:15:3a:e5:ef:f4:40:cd:09:
07:52:fc:31:64:8b:3e:c4:ed:7e:5e:5b:e1:f2:a8:e3:1d:6a:
b3:a9:57:38:ff:e9:8a:1c:9a:86:a2:df:8f:b2:cb:99:f2:75:
2d:ed:cb:75:84:2c:2b:6f:bb:f5:eb:9f:b8:90:2a:6d:40:e2:
74:fa:d1:87:a2:42:44:3e:3a:54:d6:95:a3:d1:39:cc:ce:fd:
0d:27:b9:8b:21:b0:4f:8e:88:4f:c6:f8:3e:49:0e:90:7e:8b:
04:7f:c6:70:ca:cc:86:c1:11:ff:19:61:d3:fe:90:85:d9:df:
a1:d6:8c:2c:5d:f0:83:6a:01:a4:45:b8:4e:b1:7c:72:00:c8:
5e:4a:44:8b:65:81:49:20:ae:67:5c:de:0f:d0:73:e8:00:67:
c6:51:fa:72:da:5d:fa:d0:18:04:dc:51:d5:6b:b4:73:d8:a9:
91:1e:2c:6a
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICCBgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MThEMEYxMTAvBgNVBAUTKDQzRTFFOEM0MjYxQ0UwN0Q0RjhFNENGQjdBM0Y4MzNG
QkI0NkI4OEMwHhcNMjMxMTA2MjE0OTE3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTQ5NWY1ZC1kZDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvqJZ7zSr4d0xBYoJI96PpeOLuwMaDx3m8hwNGSLNJ5pYhzSh/bC2TRSZiybd
k1jWB81NZdXc0+4Ukxs+M0cMjivBdIed+TR8MAC5HOBZxduLxi1rOpcO9Ae9+Lly
0yVMjHOw5rFPgNUBqd1axon3jm2LMnAUfA6E+xiDvLRHyrzJWpIQF6VzTPhyQi0q
rxrodB1/MNbBYdqQLL7hjcS/LSb7quSTb3gwxiH4/OUJYMZuBgQvAaqxs7qRJ2Hg
3XYuw7s0stMuP+3HUnSo02YazQitdnf9T1+nqMm/2iln+PcklNRN71w0qZMyNIvt
5cjT2F5Wt9R1mYlUY7OvxsQ+PQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFEyFir/0
NJQVQF7rqjzWxWcMjXRDMB8GA1UdIwQYMBaAFEPh6MQmHOB9T45M+3o/gz+7RriM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOEQwRi83RDIyNzNCNEE2
NDYxMUVBQUY5RTkxNjJDNEY5QUUwMi9RLUhveENZYzRIMVBqa3o3ZWotRFA3dEd1
SXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1EtSG94Q1ljNEgxUGprejdlai1EUDd0R3VJdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MThEMEYvN0QyMjczQjRBNjQ2MTFFQUFGOUU5MTYyQzRGOUFFMDIvMEQ0OTEwMDBB
NjQ4MTFFQTkzOUE3RjY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwwDAMEBjGAQAMEATGASDAMAwQAMYBLAwQFMYBAMA0GCSqGSIb3
DQEBCwUAA4IBAQCDPW8Bkr6jpYfeOvcEa/H5wpvU/lE33220F84lqXeSm+XFGXJ3
pHKPKDtlQmHmRX59l9SgCEs4Me8TlW0+1vg3HXryVgMVuKE60LGD9ezkfOccFTrl
7/RAzQkHUvwxZIs+xO1+Xlvh8qjjHWqzqVc4/+mKHJqGot+PssuZ8nUt7ct1hCwr
b7v165+4kCptQOJ0+tGHokJEPjpU1pWj0TnMzv0NJ7mLIbBPjohPxvg+SQ6QfosE
f8ZwysyGwRH/GWHT/pCF2d+h1owsXfCDagGkRbhOsXxyAMheSkSLZYFJIK5nXN4P
0HPoAGfGUfpy2l360BgE3FHVa7Rz2KmRHixq
-----END CERTIFICATE-----
Generated at Tue May 14 22:49:16 2024 by rpki-client on console-ams.rpki-client.org