Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/202A51EA52D611EFA0333E23C4F9AE02.roa
File: 202A51EA52D611EFA0333E23C4F9AE02.roa (raw, json)
Hash identifier: jy45pLpGUEHdAvcc7aV1J1N0BlCts0GUmsU/8qKGZrI=
Subject key identifier: E6:E5:1C:68:5F:46:CE:3D:BB:C7:F2:3E:24:62:1E:6F:67:5B:4F:BD
Certificate issuer: /CN=A9125C22/serialNumber=D9069391A3E7804A6EBDDF9D41F2DE4D91BD51B3
Certificate serial: 0605
Authority key identifier: D9:06:93:91:A3:E7:80:4A:6E:BD:DF:9D:41:F2:DE:4D:91:BD:51:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QaTkaPngEpuvd-dQfLeTZG9UbM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/202A51EA52D611EFA0333E23C4F9AE02.roa
Signing time: Fri 18 Oct 2024 22:42:22 +0000
ROA not before: Fri 18 Oct 2024 22:42:22 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 133771
IP address blocks: 59.153.56.0/22 maxlen: 22
59.153.56.0/24 maxlen: 24
59.153.57.0/24 maxlen: 24
59.153.58.0/24 maxlen: 24
59.153.59.0/24 maxlen: 24
103.198.56.0/22 maxlen: 24
116.251.224.0/19 maxlen: 19
116.251.224.0/22 maxlen: 22
116.251.224.0/24 maxlen: 24
116.251.225.0/24 maxlen: 24
116.251.226.0/23 maxlen: 24
116.251.228.0/22 maxlen: 22
116.251.228.0/24 maxlen: 24
116.251.229.0/24 maxlen: 24
116.251.230.0/24 maxlen: 24
116.251.231.0/24 maxlen: 24
116.251.232.0/22 maxlen: 22
116.251.232.0/24 maxlen: 24
116.251.233.0/24 maxlen: 24
116.251.234.0/23 maxlen: 24
116.251.236.0/22 maxlen: 22
116.251.236.0/23 maxlen: 24
116.251.238.0/24 maxlen: 24
116.251.239.0/24 maxlen: 24
116.251.240.0/22 maxlen: 22
116.251.240.0/24 maxlen: 24
116.251.241.0/24 maxlen: 24
116.251.242.0/24 maxlen: 24
116.251.243.0/24 maxlen: 24
116.251.244.0/22 maxlen: 22
116.251.244.0/24 maxlen: 24
116.251.245.0/24 maxlen: 24
116.251.246.0/24 maxlen: 24
116.251.247.0/24 maxlen: 24
116.251.248.0/22 maxlen: 22
116.251.248.0/24 maxlen: 24
116.251.249.0/24 maxlen: 24
116.251.250.0/24 maxlen: 24
116.251.251.0/24 maxlen: 24
116.251.252.0/22 maxlen: 22
116.251.252.0/24 maxlen: 24
116.251.253.0/24 maxlen: 24
116.251.254.0/24 maxlen: 24
116.251.255.0/24 maxlen: 24
138.43.32.0/20 maxlen: 24
138.43.192.0/20 maxlen: 24
2401:d280::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.crl
rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QaTkaPngEpuvd-dQfLeTZG9UbM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 20:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1541 (0x605)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125C22/serialNumber=D9069391A3E7804A6EBDDF9D41F2DE4D91BD51B3
Validity
Not Before: Oct 18 22:42:22 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6712e44d-6a3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:30:7a:99:47:e7:72:26:b4:5f:8f:6e:52:94:
59:c8:b2:eb:11:56:c7:a7:91:5e:42:69:7d:34:1c:
4b:3e:63:d0:ff:47:26:3a:25:18:17:81:11:07:84:
64:5d:8e:12:43:97:7d:9a:bd:76:4a:42:7c:b2:c7:
c7:48:e1:91:ab:92:d9:a3:14:71:2c:ba:de:49:24:
a9:59:9b:0d:3f:ba:1f:ab:a4:62:c9:46:86:e0:c0:
3f:42:eb:06:9c:a0:64:97:9c:7d:3e:4f:69:db:16:
a4:bc:a1:23:02:53:bc:f0:86:ee:d2:8d:f2:42:c9:
5d:7f:b4:1f:83:78:45:98:92:cb:a3:50:6c:15:ab:
f1:8e:14:86:50:af:80:cd:49:fd:c8:be:e7:70:4e:
76:93:f7:17:11:e1:be:f5:07:36:34:10:55:2c:d5:
aa:f2:ed:c9:93:49:ef:4c:4d:0f:b0:74:05:88:2b:
85:a8:2b:f4:f6:7c:fc:2e:ff:b1:9a:ea:db:2c:b0:
1b:ed:b1:e2:99:ac:27:94:02:94:f6:35:d6:51:df:
67:9d:35:8e:85:35:cb:42:8d:d5:27:d4:c2:1d:0e:
ed:fa:39:69:71:de:cb:6e:64:24:c8:8a:08:f2:06:
a2:a6:b3:ee:c7:a7:51:b1:6c:ba:17:40:d2:30:a7:
46:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:E5:1C:68:5F:46:CE:3D:BB:C7:F2:3E:24:62:1E:6F:67:5B:4F:BD
X509v3 Authority Key Identifier:
keyid:D9:06:93:91:A3:E7:80:4A:6E:BD:DF:9D:41:F2:DE:4D:91:BD:51:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/2QaTkaPngEpuvd-dQfLeTZG9UbM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QaTkaPngEpuvd-dQfLeTZG9UbM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C22/045695B87FAE11EB977B5335C4F9AE02/202A51EA52D611EFA0333E23C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.153.56.0/22
103.198.56.0/22
116.251.224.0/19
138.43.32.0/20
138.43.192.0/20
IPv6:
2401:d280::/32
Signature Algorithm: sha256WithRSAEncryption
2e:ab:24:88:5a:b8:ba:1e:6f:bd:83:b3:b2:1e:a1:e8:7c:be:
eb:3e:75:b3:ac:fe:ee:be:0c:9a:cf:4e:75:47:fa:8c:23:ea:
2c:d4:38:48:92:40:68:46:7a:a4:55:9f:56:74:0b:5c:f8:99:
72:3b:b1:6f:90:5b:82:20:3b:b6:54:94:ef:94:80:88:ff:37:
18:5f:d1:8e:d5:73:40:44:f3:20:67:8b:2b:09:a9:33:dc:09:
89:81:3d:84:3a:01:7d:24:8e:77:15:4b:a3:c7:86:45:38:41:
25:40:e2:e0:de:94:bb:a1:da:24:13:8b:36:a6:bb:6a:0b:78:
62:21:23:39:bb:b2:be:9b:86:0c:b7:a0:39:02:12:fe:34:51:
6a:f8:22:fc:cf:e9:cc:8b:31:e7:0f:fc:d0:44:1c:04:7e:f5:
b0:b8:4c:ac:ea:a6:f4:6e:c4:d4:35:21:47:c3:b4:17:1f:df:
0a:39:4c:fe:15:fe:c8:b3:5a:42:f3:c0:50:46:8f:83:cb:39:
75:5f:0f:60:a2:22:d6:96:20:0c:86:b1:94:cd:cf:1b:36:8f:
65:46:47:0d:a9:2d:5d:d0:a5:ca:24:66:91:8d:83:49:2a:ba:
94:b8:ce:f4:dd:7c:8f:0b:5f:ce:e8:c6:be:26:05:59:c7:7c:
dd:79:7b:31
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICBgUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjVDMjIxMTAvBgNVBAUTKEQ5MDY5MzkxQTNFNzgwNEE2RUJEREY5RDQxRjJERTRE
OTFCRDUxQjMwHhcNMjQxMDE4MjI0MjIyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzEyZTQ0ZC02YTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsDB6mUfncia0X49uUpRZyLLrEVbHp5FeQml9NBxLPmPQ/0cmOiUYF4ERB4Rk
XY4SQ5d9mr12SkJ8ssfHSOGRq5LZoxRxLLreSSSpWZsNP7ofq6RiyUaG4MA/QusG
nKBkl5x9Pk9p2xakvKEjAlO88Ibu0o3yQsldf7Qfg3hFmJLLo1BsFavxjhSGUK+A
zUn9yL7ncE52k/cXEeG+9Qc2NBBVLNWq8u3Jk0nvTE0PsHQFiCuFqCv09nz8Lv+x
murbLLAb7bHimawnlAKU9jXWUd9nnTWOhTXLQo3VJ9TCHQ7t+jlpcd7LbmQkyIoI
8gaiprPux6dRsWy6F0DSMKdGMQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFOblHGhf
Rs49u8fyPiRiHm9nW0+9MB8GA1UdIwQYMBaAFNkGk5Gj54BKbr3fnUHy3k2RvVGz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMyMi8wNDU2OTVCODdG
QUUxMUVCOTc3QjUzMzVDNEY5QUUwMi8yUWFUa2FQbmdFcHV2ZC1kUWZMZVRaRzlV
Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJRYVRrYVBuZ0VwdXZkLWRRZkxlVFpHOVViTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjVDMjIvMDQ1Njk1Qjg3RkFFMTFFQjk3N0I1MzM1QzRGOUFFMDIvMjAyQTUxRUE1
MkQ2MTFFRkEwMzMzRTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAI7mTgDBAJnxjgDBAV0++ADBASKKyADBASKK8AwDQQCAAIw
BwMFACQB0oAwDQYJKoZIhvcNAQELBQADggEBAC6rJIhauLoeb72Ds7Ieoeh8vus+
dbOs/u6+DJrPTnVH+owj6izUOEiSQGhGeqRVn1Z0C1z4mXI7sW+QW4IgO7ZUlO+U
gIj/Nxhf0Y7Vc0BE8yBniysJqTPcCYmBPYQ6AX0kjncVS6PHhkU4QSVA4uDelLuh
2iQTizamu2oLeGIhIzm7sr6bhgy3oDkCEv40UWr4IvzP6cyLMecP/NBEHAR+9bC4
TKzqpvRuxNQ1IUfDtBcf3wo5TP4V/sizWkLzwFBGj4PLOXVfD2CiItaWIAyGsZTN
zxs2j2VGRw2pLV3QpcokZpGNg0kqupS4zvTdfI8LX87oxr4mBVnHfN15ezE=
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:11:43 2024 by rpki-client on console-fra.rpki-client.org