Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/AC3033FAC35011EE8A0A4819C4F9AE02.roa
File: AC3033FAC35011EE8A0A4819C4F9AE02.roa (raw, json)
Hash identifier: /OBT7LfaLNKCK43gSEXr65RRwwTpkiBa1i6HSuZOLxo=
Subject key identifier: 27:53:19:50:3F:22:8E:F5:E8:FA:D1:1D:F8:B5:40:AB:3F:25:DE:1D
Certificate issuer: /CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A
Certificate serial: 33B1
Authority key identifier: 7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/AC3033FAC35011EE8A0A4819C4F9AE02.roa
Signing time: Sun 04 Feb 2024 14:13:09 +0000
ROA not before: Sun 04 Feb 2024 14:13:09 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 23884
IP address blocks: 210.246.200.0/24 maxlen: 24
210.246.201.0/24 maxlen: 24
210.246.206.0/24 maxlen: 24
210.246.207.0/24 maxlen: 24
210.246.208.0/24 maxlen: 24
210.246.209.0/24 maxlen: 24
210.246.210.0/24 maxlen: 24
210.246.211.0/24 maxlen: 24
210.246.212.0/24 maxlen: 24
210.246.213.0/24 maxlen: 24
210.246.214.0/24 maxlen: 24
210.246.215.0/24 maxlen: 24
210.246.216.0/24 maxlen: 24
210.246.217.0/24 maxlen: 24
210.246.218.0/24 maxlen: 24
210.246.219.0/24 maxlen: 24
210.246.230.0/24 maxlen: 24
210.246.231.0/24 maxlen: 24
210.246.236.0/22 maxlen: 22
210.246.236.0/24 maxlen: 24
210.246.237.0/24 maxlen: 24
210.246.239.0/24 maxlen: 24
210.246.240.0/24 maxlen: 24
210.246.241.0/24 maxlen: 24
210.246.242.0/24 maxlen: 24
210.246.243.0/24 maxlen: 24
210.246.244.0/24 maxlen: 24
210.246.245.0/24 maxlen: 24
210.246.246.0/24 maxlen: 24
210.246.247.0/24 maxlen: 24
210.246.248.0/24 maxlen: 24
210.246.249.0/24 maxlen: 24
210.246.250.0/24 maxlen: 24
210.246.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl
rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 May 2024 14:11:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13233 (0x33b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A
Validity
Not Before: Feb 4 14:13:09 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65bf9b74-47dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:79:8a:21:51:f6:1e:d2:df:3e:0e:38:30:77:
ad:8d:70:ef:b5:e9:a7:53:e5:d7:10:15:20:f9:a6:
68:62:06:0f:de:d2:cd:da:b4:5e:6b:b9:bb:54:5e:
19:c9:22:79:97:79:34:0c:fa:03:0f:48:3f:1a:76:
31:94:fa:00:05:ab:8a:b3:c0:d1:fd:2c:08:4f:42:
ec:88:ba:3d:fd:85:f3:5e:af:2a:c9:ef:26:3d:94:
08:ce:ce:93:0f:0c:7b:1d:9c:6a:0b:ba:7e:2a:be:
40:03:8d:ec:9f:d3:7d:78:ca:16:34:4d:f2:3d:6e:
be:56:f4:23:57:9b:ea:c3:37:c7:5b:94:21:67:3a:
61:b8:e7:2c:52:fa:b6:28:d1:8b:79:93:c7:46:d9:
d0:7f:69:96:e0:52:78:a4:78:0f:b5:19:91:28:df:
c8:d7:d7:dc:72:3c:1c:48:8c:e5:38:1f:04:44:c1:
91:95:21:8a:9b:02:67:fc:3e:ef:87:ce:2c:d8:6d:
e3:8d:1f:b3:e9:5c:63:86:4f:9c:2d:78:d6:2b:03:
30:92:6c:49:38:89:75:6a:f6:4d:7b:87:41:94:e1:
fc:7b:0b:01:4f:b5:5d:7a:f8:50:6e:74:05:44:54:
c2:e0:a3:aa:1e:be:48:2a:46:92:73:37:ed:d5:50:
c9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:53:19:50:3F:22:8E:F5:E8:FA:D1:1D:F8:B5:40:AB:3F:25:DE:1D
X509v3 Authority Key Identifier:
keyid:7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/AC3033FAC35011EE8A0A4819C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.246.200.0/23
210.246.206.0-210.246.219.255
210.246.230.0/23
210.246.236.0-210.246.251.255
Signature Algorithm: sha256WithRSAEncryption
5e:bd:35:4b:79:9a:63:d2:49:55:fe:ef:26:ce:72:63:bc:e0:
fc:ce:b5:80:4b:30:54:50:8c:3f:d4:60:24:e6:25:63:b5:59:
48:51:14:95:05:4a:c8:4c:0c:99:b0:4a:c8:84:c6:4d:da:b3:
c5:6c:64:7c:7f:30:58:79:13:f7:50:2d:e2:3c:eb:bc:dd:9f:
cf:8b:bb:64:db:4a:b8:3e:d6:af:d9:18:e7:7a:8a:73:81:3b:
7f:b8:11:7e:53:98:f9:29:56:67:d2:c4:5c:e7:2d:b3:ea:b1:
0f:0b:a7:0e:ee:7a:78:69:e4:12:ad:78:49:e9:66:18:49:32:
ce:eb:a6:d1:76:77:69:a7:dd:4f:4a:8d:9e:5e:65:a3:2c:85:
9e:f4:97:45:3f:77:5b:c8:b5:6a:b7:70:37:b9:bf:30:5a:44:
79:ae:8a:0c:45:5b:0c:8b:8c:30:b5:12:47:d0:54:3c:14:0c:
6a:1a:22:55:2a:ea:f0:10:44:80:3c:63:65:cb:18:44:20:2c:
b6:58:c9:dc:6e:90:a9:18:fc:10:11:f8:2c:99:34:b6:c3:52:
ff:57:47:34:35:3f:d8:c8:2b:20:ed:ec:76:bc:67:07:a6:fd:
9e:72:67:c9:01:9d:0f:d6:e9:90:9a:72:b1:1a:34:cc:68:6b:
ff:cd:9c:f1
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICM7EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUM1QjAxMTAvBgNVBAUTKDdBOTYxNzY5NTQ5RTBBQUQwQTlCRjk5MjU2ODNCQUVG
NzMzQTJGMUEwHhcNMjQwMjA0MTQxMzA5WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWJmOWI3NC00N2RjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1XmKIVH2HtLfPg44MHetjXDvtemnU+XXEBUg+aZoYgYP3tLN2rRea7m7VF4Z
ySJ5l3k0DPoDD0g/GnYxlPoABauKs8DR/SwIT0LsiLo9/YXzXq8qye8mPZQIzs6T
Dwx7HZxqC7p+Kr5AA43sn9N9eMoWNE3yPW6+VvQjV5vqwzfHW5QhZzphuOcsUvq2
KNGLeZPHRtnQf2mW4FJ4pHgPtRmRKN/I19fccjwcSIzlOB8ERMGRlSGKmwJn/D7v
h84s2G3jjR+z6Vxjhk+cLXjWKwMwkmxJOIl1avZNe4dBlOH8ewsBT7VdevhQbnQF
RFTC4KOqHr5IKkaSczft1VDJEQIDAQABo4ICtzCCArMwHQYDVR0OBBYEFCdTGVA/
Io716PrRHfi1QKs/Jd4dMB8GA1UdIwQYMBaAFHqWF2lUngqtCpv5klaDuu9zOi8a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzVCMC80MEM4RDVBNjFE
ODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNxMEttX21TVm9PNjczTTZM
eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VwWVhhVlNlQ3EwS21fbVNWb082NzNNNkx4by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUM1QjAvNDBDOEQ1QTYxRDgzMTFFMjgyM0E1RkQ4MDhCMDJDRDIvQUMzMDMzRkFD
MzUwMTFFRThBMEE0ODE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMC4EAgABMCgDBAHS9sgwDAMEAdL2zgMEAtL22AMEAdL25jAMAwQC0vbsAwQC
0vb4MA0GCSqGSIb3DQEBCwUAA4IBAQBevTVLeZpj0klV/u8mznJjvOD8zrWASzBU
UIw/1GAk5iVjtVlIURSVBUrITAyZsErIhMZN2rPFbGR8fzBYeRP3UC3iPOu83Z/P
i7tk20q4Ptav2RjneopzgTt/uBF+U5j5KVZn0sRc5y2z6rEPC6cO7np4aeQSrXhJ
6WYYSTLO66bRdndpp91PSo2eXmWjLIWe9JdFP3dbyLVqt3A3ub8wWkR5rooMRVsM
i4wwtRJH0FQ8FAxqGiJVKurwEESAPGNlyxhEICy2WMncbpCpGPwQEfgsmTS2w1L/
V0c0NT/YyCsg7ex2vGcHpv2ecmfJAZ0P1umQmnKxGjTMaGv/zZzx
-----END CERTIFICATE-----
Generated at Mon May 20 15:11:13 2024 by rpki-client on console-fra.rpki-client.org