Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/C1A5D38289D111EFAE1BBE09C4F9AE02.roa
File: C1A5D38289D111EFAE1BBE09C4F9AE02.roa (raw, json)
Hash identifier: RFr1UCPmkl78cZCZts3ouOFTPjtfQbZc2Lu/VIQA1mM=
Subject key identifier: 49:FC:6D:F2:62:15:1A:31:C2:E5:6D:DC:44:E2:9A:4E:DC:86:DA:6C
Certificate issuer: /CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Certificate serial: 0C0D
Authority key identifier: 40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/C1A5D38289D111EFAE1BBE09C4F9AE02.roa
Signing time: Wed 06 Nov 2024 19:08:42 +0000
ROA not before: Wed 06 Nov 2024 19:08:42 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 18206
IP address blocks: 49.236.192.0/24 maxlen: 24
49.236.193.0/24 maxlen: 24
49.236.194.0/24 maxlen: 24
49.236.195.0/24 maxlen: 24
49.236.197.0/24 maxlen: 24
49.236.199.0/24 maxlen: 24
49.236.203.0/24 maxlen: 24
49.236.204.0/24 maxlen: 24
112.137.160.0/24 maxlen: 24
112.137.161.0/24 maxlen: 24
112.137.162.0/24 maxlen: 24
112.137.169.0/24 maxlen: 24
112.137.170.0/24 maxlen: 24
112.137.172.0/24 maxlen: 24
112.137.173.0/24 maxlen: 24
112.137.175.0/24 maxlen: 24
119.110.97.0/24 maxlen: 24
119.110.99.0/24 maxlen: 24
119.110.102.0/24 maxlen: 24
119.110.107.0/24 maxlen: 24
119.110.108.0/24 maxlen: 24
124.197.224.0/20 maxlen: 20
124.197.224.0/22 maxlen: 22
124.197.224.0/24 maxlen: 24
124.197.225.0/24 maxlen: 24
124.197.233.0/24 maxlen: 24
124.197.238.0/24 maxlen: 24
124.197.239.0/24 maxlen: 24
202.75.45.0/24 maxlen: 24
202.162.0.0/19 maxlen: 24
202.165.0.0/19 maxlen: 24
203.153.80.0/20 maxlen: 24
210.48.144.0/20 maxlen: 24
2404:b8::/32 maxlen: 32
2404:b8::/48 maxlen: 48
2404:b8:0:1::/64 maxlen: 64
2404:b8:1::/48 maxlen: 48
2404:b8:3::/48 maxlen: 48
2404:b8:20::/43 maxlen: 43
2404:b8:2000::/44 maxlen: 44
2404:b8:2020::/43 maxlen: 43
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 19:05:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3085 (0xc0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911CA78/serialNumber=40562C143A29CB19C70FFC9B99B60BBECD1D73B6
Validity
Not Before: Nov 6 19:08:42 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=672bbeb9-2ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b7:0b:88:ad:b3:11:16:26:77:72:77:af:49:
c5:80:d0:67:9e:19:e8:50:37:e7:11:2a:9e:1a:b4:
cd:08:fd:26:bb:b1:66:26:db:40:4b:08:5d:2e:8b:
d1:d5:6b:3a:4d:84:98:9a:4f:83:b7:cc:4f:58:2f:
86:eb:a3:db:db:a8:6e:08:d5:46:44:f8:47:45:fb:
18:1b:6e:96:17:0a:35:85:ee:0b:c4:54:e1:63:6a:
91:a2:0f:9f:a6:ff:84:01:a5:b1:98:a8:f7:7e:39:
0e:74:af:92:1b:07:0c:72:69:fa:6b:e1:fe:cb:7b:
4b:01:11:79:df:31:41:e3:03:75:56:2f:02:b8:4e:
80:66:65:5d:69:14:38:ed:ca:04:b7:6d:a5:45:23:
f7:06:9e:a3:b6:bf:92:33:90:0e:84:3d:a3:38:96:
87:7a:a9:d8:a7:f0:1d:1d:76:cc:2a:1e:d2:36:3a:
15:43:a5:be:83:7a:05:cb:c7:f5:ec:c4:87:6f:a5:
08:bd:0c:0c:ac:1d:18:68:32:48:e2:a3:e4:6a:64:
1f:0c:72:e3:ce:dd:af:ec:7d:ac:78:a9:c6:5d:66:
d0:34:b7:76:3e:2f:5a:a6:90:47:81:e9:75:87:46:
8e:09:93:f6:59:6d:ee:0e:56:21:95:e0:b5:8e:87:
bc:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FC:6D:F2:62:15:1A:31:C2:E5:6D:DC:44:E2:9A:4E:DC:86:DA:6C
X509v3 Authority Key Identifier:
keyid:40:56:2C:14:3A:29:CB:19:C7:0F:FC:9B:99:B6:0B:BE:CD:1D:73:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/QFYsFDopyxnHD_ybmbYLvs0dc7Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QFYsFDopyxnHD_ybmbYLvs0dc7Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911CA78/BE8846D235D811EAA730EC46C4F9AE02/C1A5D38289D111EFAE1BBE09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.236.192.0/22
49.236.197.0/24
49.236.199.0/24
49.236.203.0-49.236.204.255
112.137.160.0-112.137.162.255
112.137.169.0-112.137.170.255
112.137.172.0/23
112.137.175.0/24
119.110.97.0/24
119.110.99.0/24
119.110.102.0/24
119.110.107.0-119.110.108.255
124.197.224.0/20
202.75.45.0/24
202.162.0.0/19
202.165.0.0/19
203.153.80.0/20
210.48.144.0/20
IPv6:
2404:b8::/32
Signature Algorithm: sha256WithRSAEncryption
04:28:74:d6:7f:c2:d3:6d:d2:fa:3a:46:32:36:36:fb:7d:14:
9c:9c:4f:54:f6:c0:f1:ee:3e:96:7a:15:5c:99:73:a6:80:50:
58:12:3e:99:43:cd:72:da:44:2e:ac:2e:f8:d4:ed:63:e7:98:
c8:80:79:26:85:1d:ef:7a:58:21:b8:11:7d:20:f1:bc:43:f7:
ec:eb:53:fb:11:3f:1d:0b:ab:80:7a:54:16:26:1a:46:ca:b8:
48:b0:8f:be:cd:41:01:f7:79:ba:07:21:55:5e:68:d5:4d:bc:
1c:ba:ea:2f:75:da:fb:9b:c7:e1:85:76:ba:a4:95:61:59:4b:
0d:59:6a:bd:10:4a:98:52:49:7d:06:87:ff:3e:28:e7:36:08:
7c:be:84:be:b8:b8:7f:6f:24:f7:cd:d9:21:73:fd:48:fc:5f:
e8:9d:21:85:08:2f:a1:b3:bf:4c:02:a8:c3:4e:e3:f7:aa:00:
38:6b:ea:0e:28:2c:63:96:41:21:cd:30:ef:1a:2d:2f:ba:c7:
94:1e:25:b2:39:99:3e:e0:c3:22:3d:26:aa:cc:a4:1e:7e:76:
c6:31:bf:d0:2c:53:7c:be:58:5e:d5:23:f4:ee:0c:ee:53:7c:
cc:ff:de:50:72:2a:0c:65:83:64:da:5b:56:75:e4:45:bd:76:
23:73:b2:59
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgICDA0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUNBNzgxMTAvBgNVBAUTKDQwNTYyQzE0M0EyOUNCMTlDNzBGRkM5Qjk5QjYwQkJF
Q0QxRDczQjYwHhcNMjQxMTA2MTkwODQyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJiYmViOS0yYWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzLcLiK2zERYmd3J3r0nFgNBnnhnoUDfnESqeGrTNCP0mu7FmJttASwhdLovR
1Ws6TYSYmk+Dt8xPWC+G66Pb26huCNVGRPhHRfsYG26WFwo1he4LxFThY2qRog+f
pv+EAaWxmKj3fjkOdK+SGwcMcmn6a+H+y3tLARF53zFB4wN1Vi8CuE6AZmVdaRQ4
7coEt22lRSP3Bp6jtr+SM5AOhD2jOJaHeqnYp/AdHXbMKh7SNjoVQ6W+g3oFy8f1
7MSHb6UIvQwMrB0YaDJI4qPkamQfDHLjzt2v7H2seKnGXWbQNLd2Pi9appBHgel1
h0aOCZP2WW3uDlYhleC1joe8/QIDAQABo4IDLzCCAyswHQYDVR0OBBYEFEn8bfJi
FRoxwuVt3ETimk7chtpsMB8GA1UdIwQYMBaAFEBWLBQ6KcsZxw/8m5m2C77NHXO2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQ0E3OC9CRTg4NDZEMjM1
RDgxMUVBQTczMEVDNDZDNEY5QUUwMi9RRllzRkRvcHl4bkhEX3libWJZTHZzMGRj
N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FGWXNGRG9weXhuSERfeWJtYllMdnMwZGM3WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUNBNzgvQkU4ODQ2RDIzNUQ4MTFFQUE3MzBFQzQ2QzRGOUFFMDIvQzFBNUQzODI4
OUQxMTFFRkFFMUJCRTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbgGCCsGAQUFBwEHAQH/
BIGoMIGlMIGTBAIAATCBjAMEAjHswAMEADHsxQMEADHsxzAMAwQAMezLAwQAMezM
MAwDBAVwiaADBABwiaIwDAMEAHCJqQMEAHCJqgMEAXCJrAMEAHCJrwMEAHduYQME
AHduYwMEAHduZjAMAwQAd25rAwQAd25sAwQEfMXgAwQAykstAwQFyqIAAwQFyqUA
AwQEy5lQAwQE0jCQMA0EAgACMAcDBQAkBAC4MA0GCSqGSIb3DQEBCwUAA4IBAQAE
KHTWf8LTbdL6OkYyNjb7fRScnE9U9sDx7j6WehVcmXOmgFBYEj6ZQ81y2kQurC74
1O1j55jIgHkmhR3velghuBF9IPG8Q/fs61P7ET8dC6uAelQWJhpGyrhIsI++zUEB
93m6ByFVXmjVTbwcuuovddr7m8fhhXa6pJVhWUsNWWq9EEqYUkl9Bof/PijnNgh8
voS+uLh/byT3zdkhc/1I/F/onSGFCC+hs79MAqjDTuP3qgA4a+oOKCxjlkEhzTDv
Gi0vuseUHiWyOZk+4MMiPSaqzKQefnbGMb/QLFN8vlhe1SP07gzuU3zM/95QcioM
ZYNk2ltWdeRFvXYjc7JZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:21 2024 by rpki-client on console-ams.rpki-client.org