Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/AC3033FAC35011EE8A0A4819C4F9AE02.roa
File: AC3033FAC35011EE8A0A4819C4F9AE02.roa (raw, json)
Hash identifier: V/HURMzXNTeg+2bsSb3s+TqvwLl3AYnJsdtDEXn23Ng=
Subject key identifier: 8A:35:ED:34:10:6E:59:BD:88:F0:95:EE:95:69:E0:3B:E6:11:D8:C4
Certificate issuer: /CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A
Certificate serial: 3434
Authority key identifier: 7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/AC3033FAC35011EE8A0A4819C4F9AE02.roa
Signing time: Tue 30 Jul 2024 14:50:17 +0000
ROA not before: Tue 30 Jul 2024 14:50:17 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 23884
IP address blocks: 210.246.200.0/24 maxlen: 24
210.246.201.0/24 maxlen: 24
210.246.202.0/24 maxlen: 24
210.246.206.0/24 maxlen: 24
210.246.207.0/24 maxlen: 24
210.246.208.0/24 maxlen: 24
210.246.209.0/24 maxlen: 24
210.246.210.0/24 maxlen: 24
210.246.211.0/24 maxlen: 24
210.246.212.0/24 maxlen: 24
210.246.213.0/24 maxlen: 24
210.246.214.0/24 maxlen: 24
210.246.215.0/24 maxlen: 24
210.246.216.0/24 maxlen: 24
210.246.217.0/24 maxlen: 24
210.246.218.0/24 maxlen: 24
210.246.219.0/24 maxlen: 24
210.246.230.0/24 maxlen: 24
210.246.231.0/24 maxlen: 24
210.246.236.0/22 maxlen: 22
210.246.236.0/24 maxlen: 24
210.246.237.0/24 maxlen: 24
210.246.239.0/24 maxlen: 24
210.246.240.0/24 maxlen: 24
210.246.241.0/24 maxlen: 24
210.246.242.0/24 maxlen: 24
210.246.243.0/24 maxlen: 24
210.246.244.0/24 maxlen: 24
210.246.245.0/24 maxlen: 24
210.246.246.0/24 maxlen: 24
210.246.247.0/24 maxlen: 24
210.246.248.0/24 maxlen: 24
210.246.249.0/24 maxlen: 24
210.246.250.0/24 maxlen: 24
210.246.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl
rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:22:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13364 (0x3434)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A
Validity
Not Before: Jul 30 14:50:17 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66a8fda8-766a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:90:48:23:9f:e8:8e:86:9f:cc:46:dc:4f:c0:
65:ee:88:5c:45:18:6f:1b:ac:cf:ef:b8:2a:34:27:
4a:4b:61:11:c6:52:9c:d2:5e:eb:79:ca:a3:bd:cc:
0a:cd:92:37:f9:d2:50:1b:a7:e9:a8:15:f7:88:d3:
7a:e4:5c:62:5f:01:4f:b6:a0:41:b9:4f:e2:ae:71:
0a:58:de:f9:05:1e:60:7d:dc:40:ab:57:df:fe:e1:
34:36:d2:7f:a0:c3:39:82:b4:1e:0b:1b:75:69:cf:
e8:1f:91:82:82:5e:2e:2f:37:d6:77:85:7c:b9:f7:
84:18:4a:96:72:c5:72:bf:c8:33:4b:bf:6c:8f:8a:
30:88:6a:23:19:35:19:ee:3e:a5:f1:bd:62:cb:d7:
1a:f8:11:9d:0b:1b:54:bc:96:27:2a:90:fe:89:8b:
b0:45:16:dd:16:30:2f:ee:c3:13:a4:09:0a:69:e4:
62:60:5b:d7:a0:c0:6e:63:57:a1:b6:87:3b:31:60:
5a:3e:83:91:7f:44:64:13:5d:b6:d6:51:0e:94:e3:
79:22:c8:95:99:65:dd:8a:a3:75:04:b1:3b:84:ef:
83:8d:0b:40:ef:37:5a:d5:78:7f:8c:9d:f0:96:84:
28:c5:6c:ab:93:fc:6e:01:5c:5a:a8:b5:51:0e:e4:
37:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:35:ED:34:10:6E:59:BD:88:F0:95:EE:95:69:E0:3B:E6:11:D8:C4
X509v3 Authority Key Identifier:
keyid:7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/AC3033FAC35011EE8A0A4819C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.246.200.0-210.246.202.255
210.246.206.0-210.246.219.255
210.246.230.0/23
210.246.236.0-210.246.251.255
Signature Algorithm: sha256WithRSAEncryption
94:3e:57:2b:fb:49:dc:e4:48:ea:b1:1c:ee:de:05:2e:72:69:
43:c5:65:27:05:3a:26:40:b8:5f:1e:fb:8e:39:54:32:8f:2e:
49:e1:ed:34:0a:ff:08:f9:2d:3c:8e:73:8f:69:65:66:5f:72:
e3:9a:16:47:22:44:91:e3:e7:c3:25:1b:af:88:b6:c4:36:52:
91:03:1c:ce:f3:55:63:b9:f8:c7:3e:e7:59:9d:65:78:d5:e8:
60:47:fa:5b:b3:9b:76:7b:ab:b3:c1:71:ae:c1:94:0b:db:c5:
b0:7a:7c:75:be:ae:1e:7c:65:86:7e:32:11:50:23:cf:05:79:
5e:3e:d9:7c:64:b5:fc:58:35:84:1e:17:9b:93:5b:e7:52:42:
2b:e1:94:1e:08:80:ec:f5:12:b3:2a:a4:ed:48:66:20:41:31:
d9:54:c5:77:fd:1d:80:f1:92:3a:65:86:c0:05:23:26:b8:7a:
62:b2:10:01:4b:f0:19:6f:2b:45:15:4a:ec:07:b7:46:9d:4c:
a9:e1:56:4d:0f:cc:da:81:45:59:c1:c1:4d:bd:89:6f:5c:e4:
ad:a9:ae:c8:ae:9d:d6:64:54:ee:73:bf:5d:d3:ba:d2:b2:34:
fd:d4:00:8d:39:2a:99:9f:78:22:95:92:a7:b6:29:bc:ec:fb:
0e:cb:91:2b
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICNDQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUM1QjAxMTAvBgNVBAUTKDdBOTYxNzY5NTQ5RTBBQUQwQTlCRjk5MjU2ODNCQUVG
NzMzQTJGMUEwHhcNMjQwNzMwMTQ1MDE3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE4ZmRhOC03NjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv5BII5/ojoafzEbcT8Bl7ohcRRhvG6zP77gqNCdKS2ERxlKc0l7recqjvcwK
zZI3+dJQG6fpqBX3iNN65FxiXwFPtqBBuU/irnEKWN75BR5gfdxAq1ff/uE0NtJ/
oMM5grQeCxt1ac/oH5GCgl4uLzfWd4V8ufeEGEqWcsVyv8gzS79sj4owiGojGTUZ
7j6l8b1iy9ca+BGdCxtUvJYnKpD+iYuwRRbdFjAv7sMTpAkKaeRiYFvXoMBuY1eh
toc7MWBaPoORf0RkE1221lEOlON5IsiVmWXdiqN1BLE7hO+DjQtA7zda1Xh/jJ3w
loQoxWyrk/xuAVxaqLVRDuQ34QIDAQABo4ICvzCCArswHQYDVR0OBBYEFIo17TQQ
blm9iPCV7pVp4DvmEdjEMB8GA1UdIwQYMBaAFHqWF2lUngqtCpv5klaDuu9zOi8a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzVCMC80MEM4RDVBNjFE
ODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNxMEttX21TVm9PNjczTTZM
eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VwWVhhVlNlQ3EwS21fbVNWb082NzNNNkx4by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUM1QjAvNDBDOEQ1QTYxRDgzMTFFMjgyM0E1RkQ4MDhCMDJDRDIvQUMzMDMzRkFD
MzUwMTFFRThBMEE0ODE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDAwDAMEA9L2yAMEANL2yjAMAwQB0vbOAwQC0vbYAwQB0vbmMAwD
BALS9uwDBALS9vgwDQYJKoZIhvcNAQELBQADggEBAJQ+Vyv7SdzkSOqxHO7eBS5y
aUPFZScFOiZAuF8e+445VDKPLknh7TQK/wj5LTyOc49pZWZfcuOaFkciRJHj58Ml
G6+ItsQ2UpEDHM7zVWO5+Mc+51mdZXjV6GBH+luzm3Z7q7PBca7BlAvbxbB6fHW+
rh58ZYZ+MhFQI88FeV4+2XxktfxYNYQeF5uTW+dSQivhlB4IgOz1ErMqpO1IZiBB
MdlUxXf9HYDxkjplhsAFIya4emKyEAFL8BlvK0UVSuwHt0adTKnhVk0PzNqBRVnB
wU29iW9c5K2prsiundZkVO5zv13TutKyNP3UAI05KpmfeCKVkqe2Kbzs+w7LkSs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:25:34 2024 by rpki-client on console-fra.rpki-client.org