Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/20B5026203BC11EB9D8B117AC4F9AE02.roa
File: 20B5026203BC11EB9D8B117AC4F9AE02.roa (raw, json)
Hash identifier: YFEaA92UxHeNCe88zJx5kVnVSg46ocaX04iWT+IiiXo=
Subject key identifier: ED:34:DF:60:72:B1:94:99:52:6D:42:AD:DC:86:DA:52:A4:84:3B:7C
Certificate issuer: /CN=A9125475/serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E
Certificate serial: 3527
Authority key identifier: 44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/20B5026203BC11EB9D8B117AC4F9AE02.roa
Signing time: Sat 02 Dec 2023 14:40:20 +0000
ROA not before: Sat 02 Dec 2023 14:40:20 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 135566
IP address blocks: 122.155.26.0/24 maxlen: 24
122.155.27.0/24 maxlen: 24
202.139.197.0/24 maxlen: 24
202.139.198.0/24 maxlen: 24
202.139.199.0/24 maxlen: 24
202.139.200.0/24 maxlen: 24
202.139.201.0/24 maxlen: 24
202.139.202.0/24 maxlen: 24
202.139.203.0/24 maxlen: 24
202.139.204.0/24 maxlen: 24
202.139.205.0/24 maxlen: 24
202.139.206.0/24 maxlen: 24
202.139.207.0/24 maxlen: 24
202.139.208.0/24 maxlen: 24
202.139.209.0/24 maxlen: 24
202.139.210.0/24 maxlen: 24
202.139.211.0/24 maxlen: 24
202.139.212.0/24 maxlen: 24
202.139.213.0/24 maxlen: 24
202.139.215.0/24 maxlen: 24
202.139.216.0/24 maxlen: 24
202.139.217.0/24 maxlen: 24
2001:c38:90a0::/44 maxlen: 44
2001:c38:90a9::/48 maxlen: 48
2001:c38:90ae::/48 maxlen: 48
2001:c38:90af::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl
rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 14:21:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13607 (0x3527)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125475/serialNumber=4440F6C422E9500C7D46A62D7DEB70D33A88750E
Validity
Not Before: Dec 2 14:40:20 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=656b41d4-9e9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:81:ca:66:0e:76:38:0c:b4:80:b1:df:3a:c1:
e6:28:3b:a0:ca:04:e7:e2:37:4b:0a:bb:20:40:eb:
ab:b3:a4:30:cd:96:b8:8f:65:d7:c1:50:e4:41:ef:
d6:c7:ea:dd:87:fa:f2:bc:13:50:46:d1:ce:cd:3d:
34:19:e2:e2:7f:ac:f1:ff:d4:93:82:d1:52:77:b3:
05:91:bb:33:d6:99:c1:1b:a9:f2:1f:2a:46:44:5b:
d5:97:82:61:1f:11:ba:30:82:b3:3c:d4:31:1b:e3:
52:21:04:bf:0b:89:4d:90:20:24:9d:b0:12:b6:18:
98:a9:fa:5c:aa:2e:77:fc:80:d0:81:5f:a0:ba:b1:
32:68:5a:8d:e5:98:4d:94:28:1d:4c:ba:c8:69:cd:
10:bf:ea:08:3b:f1:79:bd:3a:9d:cb:4c:c5:3c:3f:
91:a8:8f:ea:71:e2:65:57:89:68:27:a2:d1:b1:31:
8f:5c:71:9a:1c:90:15:50:7f:a0:5e:cb:aa:c8:a5:
cc:79:78:5c:b9:da:06:51:85:6a:61:a2:58:2a:cb:
65:42:c4:19:98:75:f8:b5:19:59:4d:30:54:b8:3d:
cd:35:22:2a:4a:15:73:3f:06:71:bb:f4:ac:08:a8:
5e:21:e5:a5:d8:5f:3b:5d:3f:ac:ff:16:05:03:73:
3a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:34:DF:60:72:B1:94:99:52:6D:42:AD:DC:86:DA:52:A4:84:3B:7C
X509v3 Authority Key Identifier:
keyid:44:40:F6:C4:22:E9:50:0C:7D:46:A6:2D:7D:EB:70:D3:3A:88:75:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/RED2xCLpUAx9RqYtfetw0zqIdQ4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RED2xCLpUAx9RqYtfetw0zqIdQ4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125475/AB4479721D7811E2ADB6F2C408B02CD2/20B5026203BC11EB9D8B117AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.155.26.0/23
202.139.197.0-202.139.213.255
202.139.215.0-202.139.217.255
IPv6:
2001:c38:90a0::/44
Signature Algorithm: sha256WithRSAEncryption
d1:b8:35:ce:9e:df:58:ad:85:8d:00:e3:d7:28:a0:48:f1:c5:
09:4f:c9:93:2c:d7:6d:a7:7a:ee:2e:e6:9b:a5:fd:cd:4b:d0:
84:04:58:e4:59:66:64:e1:cd:e2:88:20:3d:5c:51:29:9e:71:
80:3a:97:d7:c7:b4:bb:40:60:c1:05:e3:f6:f2:5a:32:f5:ca:
5b:e4:0b:81:09:08:ea:ac:71:e9:81:5b:bc:74:da:6b:45:81:
72:e0:b9:d2:16:50:91:3c:ea:cb:e0:e8:34:4b:ef:d9:da:fb:
75:f0:e4:80:40:b7:d9:e4:f0:bb:29:36:34:f8:92:b0:f0:74:
b5:a9:ce:6f:38:7c:1b:9f:1b:a5:1f:3d:f8:b8:8d:96:32:e9:
4d:67:8a:46:3e:fd:61:18:fc:a5:34:c9:35:d4:4b:65:66:a0:
57:90:ed:30:d0:2c:62:ae:7b:3a:a2:e0:da:01:82:8b:a1:10:
32:7d:7d:58:0b:44:5d:48:e5:bb:13:50:24:18:66:77:0d:8c:
4a:72:46:cf:8d:5f:99:99:a0:23:4b:e8:41:5e:bd:6e:52:18:
ad:8c:f5:58:1b:64:55:54:41:c4:6b:6f:a4:1c:44:28:51:88:
09:5e:ab:57:e7:e5:a3:c2:14:4c:5a:66:c5:82:2c:f8:b5:c1:
59:42:d2:5f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICNScwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjU0NzUxMTAvBgNVBAUTKDQ0NDBGNkM0MjJFOTUwMEM3RDQ2QTYyRDdERUI3MEQz
M0E4ODc1MEUwHhcNMjMxMjAyMTQ0MDIwWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTZiNDFkNC05ZTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv4HKZg52OAy0gLHfOsHmKDugygTn4jdLCrsgQOurs6QwzZa4j2XXwVDkQe/W
x+rdh/ryvBNQRtHOzT00GeLif6zx/9STgtFSd7MFkbsz1pnBG6nyHypGRFvVl4Jh
HxG6MIKzPNQxG+NSIQS/C4lNkCAknbASthiYqfpcqi53/IDQgV+gurEyaFqN5ZhN
lCgdTLrIac0Qv+oIO/F5vTqdy0zFPD+RqI/qceJlV4loJ6LRsTGPXHGaHJAVUH+g
XsuqyKXMeXhcudoGUYVqYaJYKstlQsQZmHX4tRlZTTBUuD3NNSIqShVzPwZxu/Ss
CKheIeWl2F87XT+s/xYFA3M6LQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFO0032By
sZSZUm1CrdyG2lKkhDt8MB8GA1UdIwQYMBaAFERA9sQi6VAMfUamLX3rcNM6iHUO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTQ3NS9BQjQ0Nzk3MjFE
NzgxMUUyQURCNkYyQzQwOEIwMkNEMi9SRUQyeENMcFVBeDlScVl0ZmV0dzB6cUlk
UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JFRDJ4Q0xwVUF4OVJxWXRmZXR3MHpxSWRRNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjU0NzUvQUI0NDc5NzIxRDc4MTFFMkFEQjZGMkM0MDhCMDJDRDIvMjBCNTAyNjIw
M0JDMTFFQjlEOEIxMTdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCgEAgABMCIDBAF6mxowDAMEAMqLxQMEAcqL1DAMAwQAyovXAwQByovYMA8E
AgACMAkDBwQgAQw4kKAwDQYJKoZIhvcNAQELBQADggEBANG4Nc6e31ithY0A49co
oEjxxQlPyZMs122neu4u5pul/c1L0IQEWORZZmThzeKIID1cUSmecYA6l9fHtLtA
YMEF4/byWjL1ylvkC4EJCOqscemBW7x02mtFgXLgudIWUJE86svg6DRL79na+3Xw
5IBAt9nk8LspNjT4krDwdLWpzm84fBufG6UfPfi4jZYy6U1nikY+/WEY/KU0yTXU
S2VmoFeQ7TDQLGKuezqi4NoBgouhEDJ9fVgLRF1I5bsTUCQYZncNjEpyRs+NX5mZ
oCNL6EFevW5SGK2M9VgbZFVUQcRrb6QcRChRiAleq1fn5aPCFExaZsWCLPi1wVlC
0l8=
-----END CERTIFICATE-----
Generated at Thu May 16 16:14:30 2024 by rpki-client on console-fra.rpki-client.org