Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/7C8D74D43CC011EFAD90AC3AC4F9AE02.roa
File: 7C8D74D43CC011EFAD90AC3AC4F9AE02.roa (raw, json)
Hash identifier: dobalbolJ3gRTgFVtlPYmFCBANYElIWMj9pQTZT5H/M=
Subject key identifier: 8F:D2:BB:54:D4:07:2C:0D:2A:82:A2:68:60:A4:63:10:C2:BF:92:E3
Certificate issuer: /CN=A9123072/serialNumber=E3BCBA88BEDC2A768A9865F416D68A7C3033F469
Certificate serial: 0702
Authority key identifier: E3:BC:BA:88:BE:DC:2A:76:8A:98:65:F4:16:D6:8A:7C:30:33:F4:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/47y6iL7cKnaKmGX0FtaKfDAz9Gk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/7C8D74D43CC011EFAD90AC3AC4F9AE02.roa
Signing time: Mon 08 Jul 2024 00:24:49 +0000
ROA not before: Mon 08 Jul 2024 00:24:49 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 55720
IP address blocks: 45.116.164.0/24 maxlen: 24
45.116.165.0/24 maxlen: 24
45.116.166.0/24 maxlen: 24
45.116.167.0/24 maxlen: 24
59.153.148.0/24 maxlen: 24
59.153.149.0/24 maxlen: 24
59.153.150.0/24 maxlen: 24
59.153.151.0/24 maxlen: 24
61.4.112.0/24 maxlen: 24
61.4.113.0/24 maxlen: 24
61.4.114.0/24 maxlen: 24
61.4.115.0/24 maxlen: 24
61.4.116.0/24 maxlen: 24
61.4.117.0/24 maxlen: 24
61.4.118.0/24 maxlen: 24
61.4.119.0/24 maxlen: 24
61.4.120.0/24 maxlen: 24
61.4.121.0/24 maxlen: 24
61.4.122.0/24 maxlen: 24
61.4.123.0/24 maxlen: 24
61.4.124.0/24 maxlen: 24
61.4.125.0/24 maxlen: 24
61.4.126.0/24 maxlen: 24
61.4.127.0/24 maxlen: 24
103.198.192.0/24 maxlen: 24
103.198.193.0/24 maxlen: 24
103.198.194.0/24 maxlen: 24
103.198.195.0/24 maxlen: 24
103.229.64.0/24 maxlen: 24
103.229.65.0/24 maxlen: 24
103.229.66.0/24 maxlen: 24
103.229.67.0/24 maxlen: 24
103.229.224.0/24 maxlen: 24
103.229.225.0/24 maxlen: 24
103.229.226.0/24 maxlen: 24
103.229.227.0/24 maxlen: 24
103.230.144.0/24 maxlen: 24
103.230.145.0/24 maxlen: 24
103.230.146.0/24 maxlen: 24
103.230.147.0/24 maxlen: 24
103.232.136.0/24 maxlen: 24
103.232.137.0/24 maxlen: 24
103.232.138.0/24 maxlen: 24
103.232.139.0/24 maxlen: 24
114.29.252.0/24 maxlen: 24
114.29.253.0/24 maxlen: 24
114.29.254.0/24 maxlen: 24
114.29.255.0/24 maxlen: 24
185.189.160.0/24 maxlen: 24
185.189.161.0/24 maxlen: 24
185.189.162.0/24 maxlen: 24
185.189.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/47y6iL7cKnaKmGX0FtaKfDAz9Gk.crl
rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/47y6iL7cKnaKmGX0FtaKfDAz9Gk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/47y6iL7cKnaKmGX0FtaKfDAz9Gk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 20:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1794 (0x702)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9123072/serialNumber=E3BCBA88BEDC2A768A9865F416D68A7C3033F469
Validity
Not Before: Jul 8 00:24:49 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=668b31d1-da7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d5:47:08:cf:07:f6:d6:96:55:e7:9d:6c:fd:
55:e7:84:9b:a7:b8:73:fc:7e:0f:e2:73:c0:1c:3b:
d9:77:be:ac:e1:2a:88:0f:48:ab:9b:9e:12:3c:09:
8f:85:6f:35:b2:d5:5e:0b:40:4a:5e:4e:e3:c9:c8:
05:e7:4f:72:d7:23:02:51:c7:81:91:85:9c:be:bb:
5e:aa:7e:bf:f5:ae:70:15:07:bf:19:78:ef:1c:cd:
a4:a9:12:d5:3e:e2:f1:cd:fc:4b:a6:06:be:01:4c:
50:13:e3:ca:ee:44:7a:3e:e1:69:84:1b:8f:f3:7d:
65:16:d7:60:eb:46:84:55:58:dc:3c:36:23:a6:42:
be:20:47:b1:f2:ce:b9:89:ff:9d:99:29:12:ad:b8:
fa:4f:7b:56:80:f3:76:c0:c8:06:51:7b:b2:8c:16:
58:e8:e5:8c:13:b6:b2:62:83:56:c0:35:67:72:6e:
04:fc:86:56:25:20:e0:69:f6:1b:90:60:c5:36:e2:
a1:47:33:40:af:9f:fa:77:23:a1:7e:eb:d2:dc:85:
1d:05:fc:98:2b:db:64:17:7f:2f:df:21:d0:dd:c6:
b4:03:f9:dc:7f:09:7b:e4:8d:af:da:26:66:20:cd:
6d:f8:9e:3d:c8:6b:28:99:ba:bd:ee:07:a0:55:2e:
f9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D2:BB:54:D4:07:2C:0D:2A:82:A2:68:60:A4:63:10:C2:BF:92:E3
X509v3 Authority Key Identifier:
keyid:E3:BC:BA:88:BE:DC:2A:76:8A:98:65:F4:16:D6:8A:7C:30:33:F4:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/47y6iL7cKnaKmGX0FtaKfDAz9Gk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/47y6iL7cKnaKmGX0FtaKfDAz9Gk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/7C8D74D43CC011EFAD90AC3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.116.164.0/22
59.153.148.0/22
61.4.112.0/20
103.198.192.0/22
103.229.64.0/22
103.229.224.0/22
103.230.144.0/22
103.232.136.0/22
114.29.252.0/22
185.189.160.0/22
Signature Algorithm: sha256WithRSAEncryption
91:f6:78:36:df:ba:af:c0:4e:f3:a1:2b:fc:a0:ef:59:6f:f4:
6a:73:25:52:1c:d6:e5:38:e9:d5:e9:f7:59:c7:32:7c:97:0a:
32:73:f5:eb:15:b8:64:91:de:27:e9:2f:d8:80:7d:b3:d8:53:
ff:f3:f3:af:d6:64:ac:67:89:f2:e3:c1:87:37:cf:36:29:47:
25:1e:e2:3e:64:3c:b8:bb:91:8e:6e:25:de:26:5b:f2:ea:e2:
a7:ad:ab:df:ba:95:d3:5b:0c:41:ff:f5:5f:8c:55:c9:cf:8d:
e0:2c:d8:9c:73:4d:9f:55:e7:1d:b3:69:f7:eb:6f:bb:20:63:
5c:84:f3:01:78:4b:59:b6:fa:94:4d:f7:2a:03:b1:d9:25:4f:
ee:ad:29:72:d7:ba:4f:94:7c:8d:c8:96:0a:9b:8f:cb:23:5e:
fa:db:ce:b8:b8:d5:b5:3c:71:6e:dd:06:1e:29:55:8f:b0:5b:
6c:ae:83:b3:c5:85:2a:3d:20:4e:ae:6f:30:72:14:42:4f:4c:
d3:48:93:f4:a2:e3:17:d6:c4:0d:b3:6b:59:e9:98:02:7e:bb:
70:75:61:70:2e:98:ec:34:04:d5:9d:30:90:cc:5a:c4:8b:07:
4d:5f:7c:59:25:2f:3e:a5:33:79:04:a6:ca:cf:af:b6:36:c4:
f6:80:66:04
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICBwIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjMwNzIxMTAvBgNVBAUTKEUzQkNCQTg4QkVEQzJBNzY4QTk4NjVGNDE2RDY4QTdD
MzAzM0Y0NjkwHhcNMjQwNzA4MDAyNDQ5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhiMzFkMS1kYTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA09VHCM8H9taWVeedbP1V54Sbp7hz/H4P4nPAHDvZd76s4SqID0irm54SPAmP
hW81stVeC0BKXk7jycgF509y1yMCUceBkYWcvrteqn6/9a5wFQe/GXjvHM2kqRLV
PuLxzfxLpga+AUxQE+PK7kR6PuFphBuP831lFtdg60aEVVjcPDYjpkK+IEex8s65
if+dmSkSrbj6T3tWgPN2wMgGUXuyjBZY6OWME7ayYoNWwDVncm4E/IZWJSDgafYb
kGDFNuKhRzNAr5/6dyOhfuvS3IUdBfyYK9tkF38v3yHQ3ca0A/ncfwl75I2v2iZm
IM1t+J49yGsombq97gegVS75WQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFI/Su1TU
BywNKoKiaGCkYxDCv5LjMB8GA1UdIwQYMBaAFOO8uoi+3Cp2iphl9BbWinwwM/Rp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzA3Mi8wQ0VBNDk1QzBC
NUMxMUVCOTlBMTc1NjJDNEY5QUUwMi80N3k2aUw3Y0tuYUttR1gwRnRhS2ZEQXo5
R2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzQ3eTZpTDdjS25hS21HWDBGdGFLZkRBejlHay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjMwNzIvMENFQTQ5NUMwQjVDMTFFQjk5QTE3NTYyQzRGOUFFMDIvN0M4RDc0RDQz
Q0MwMTFFRkFEOTBBQzNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBAItdKQDBAI7mZQDBAQ9BHADBAJnxsADBAJn5UADBAJn5eAD
BAJn5pADBAJn6IgDBAJyHfwDBAK5vaAwDQYJKoZIhvcNAQELBQADggEBAJH2eDbf
uq/ATvOhK/yg71lv9GpzJVIc1uU46dXp91nHMnyXCjJz9esVuGSR3ifpL9iAfbPY
U//z86/WZKxnifLjwYc3zzYpRyUe4j5kPLi7kY5uJd4mW/Lq4qetq9+6ldNbDEH/
9V+MVcnPjeAs2JxzTZ9V5x2zaffrb7sgY1yE8wF4S1m2+pRN9yoDsdklT+6tKXLX
uk+UfI3Ilgqbj8sjXvrbzri41bU8cW7dBh4pVY+wW2yug7PFhSo9IE6ubzByFEJP
TNNIk/Si4xfWxA2za1npmAJ+u3B1YXAumOw0BNWdMJDMWsSLB01ffFklLz6lM3kE
psrPr7Y2xPaAZgQ=
-----END CERTIFICATE-----
Generated at Wed Nov 20 21:52:36 2024 by rpki-client on console-fra.rpki-client.org