Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/8D7B467A09C211EB8B759828C4F9AE02.roa
File: 8D7B467A09C211EB8B759828C4F9AE02.roa (raw, json)
Hash identifier: Hub9wrJJmDyKMBTqCIrJirgrMl2vMMlF3DeN/DXmEi4=
Subject key identifier: E7:32:44:9B:FC:56:CF:FA:AC:E7:CD:CD:C3:66:E1:63:F9:56:A7:0D
Certificate issuer: /CN=A91275FD/serialNumber=4E10F13F295FBF2B359C84DDD1651BC851AA8AF5
Certificate serial: 2575
Authority key identifier: 4E:10:F1:3F:29:5F:BF:2B:35:9C:84:DD:D1:65:1B:C8:51:AA:8A:F5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/8D7B467A09C211EB8B759828C4F9AE02.roa
Signing time: Tue 02 May 2023 16:32:46 +0000
ROA not before: Tue 02 May 2023 16:32:46 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 17970
IP address blocks: 43.255.216.0/22 maxlen: 22
61.9.0.0/17 maxlen: 17
61.9.0.0/19 maxlen: 19
61.9.32.0/19 maxlen: 19
61.9.80.0/21 maxlen: 21
61.9.96.0/22 maxlen: 22
61.9.111.0/24 maxlen: 24
61.14.192.0/21 maxlen: 24
103.239.200.0/22 maxlen: 22
202.81.160.0/20 maxlen: 20
202.81.160.0/22 maxlen: 22
202.81.164.0/22 maxlen: 22
202.81.168.0/22 maxlen: 22
202.81.172.0/22 maxlen: 22
202.81.173.0/24 maxlen: 24
202.81.174.0/24 maxlen: 24
203.76.192.0/20 maxlen: 20
203.76.192.0/22 maxlen: 22
203.76.195.0/24 maxlen: 24
203.76.196.0/22 maxlen: 22
203.76.196.0/24 maxlen: 24
203.76.200.0/22 maxlen: 22
203.76.204.0/22 maxlen: 22
219.90.80.0/20 maxlen: 20
219.90.80.0/22 maxlen: 22
219.90.84.0/22 maxlen: 22
219.90.84.0/24 maxlen: 24
219.90.86.0/24 maxlen: 24
219.90.87.0/24 maxlen: 24
219.90.88.0/22 maxlen: 22
219.90.90.0/24 maxlen: 24
219.90.91.0/24 maxlen: 24
219.90.92.0/22 maxlen: 22
219.90.92.0/24 maxlen: 24
2405:f400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/ThDxPylfvys1nITd0WUbyFGqivU.crl
rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/ThDxPylfvys1nITd0WUbyFGqivU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 09 May 2024 16:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9589 (0x2575)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91275FD/serialNumber=4E10F13F295FBF2B359C84DDD1651BC851AA8AF5
Validity
Not Before: May 2 16:32:46 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64513b2e-1433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:4f:83:8b:51:d1:ae:c9:c4:bc:c2:a8:6e:c1:
c9:8e:29:ad:ae:99:87:6d:ef:79:24:dd:23:40:f5:
55:1e:43:50:6a:ac:f3:bd:9c:df:e7:dd:da:5c:6e:
da:5a:6c:01:22:39:49:0c:33:5e:30:30:79:e3:8b:
6b:7a:bd:6f:f8:67:6f:ed:f1:6d:74:07:dd:da:8c:
8a:0e:7c:5c:1c:3f:18:2e:de:6d:94:57:f5:f9:d4:
f8:06:e4:9f:d4:54:83:dc:68:24:f1:04:e0:75:a4:
a1:25:17:f7:67:d0:8d:5e:d3:d4:53:a1:cf:f8:03:
ca:72:76:2c:40:d0:18:63:42:bc:74:27:7b:6e:82:
ce:04:0c:ea:64:49:a0:97:de:69:1e:47:30:03:f3:
2e:d8:71:7e:a1:2f:ae:1b:c9:b7:64:cf:20:cd:65:
9f:be:01:aa:d0:bf:03:94:3f:20:04:e7:4e:d0:9f:
5a:e4:f7:9d:ab:00:05:2a:d7:c2:1d:d5:b2:0e:62:
c1:88:ca:36:01:12:c0:f4:5b:48:35:49:bc:ac:b4:
eb:71:14:fc:1b:79:bd:0c:fc:35:f4:76:d0:7a:af:
06:03:bf:1e:03:28:d1:6d:47:02:13:65:98:05:4e:
13:82:34:bc:dc:2b:45:13:37:ab:76:67:ef:23:b2:
61:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:32:44:9B:FC:56:CF:FA:AC:E7:CD:CD:C3:66:E1:63:F9:56:A7:0D
X509v3 Authority Key Identifier:
keyid:4E:10:F1:3F:29:5F:BF:2B:35:9C:84:DD:D1:65:1B:C8:51:AA:8A:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/ThDxPylfvys1nITd0WUbyFGqivU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ThDxPylfvys1nITd0WUbyFGqivU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91275FD/E1EFD9B6DECE11E4A14F0068C4F9AE02/8D7B467A09C211EB8B759828C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.216.0/22
61.9.0.0/17
61.14.192.0/21
103.239.200.0/22
202.81.160.0/20
203.76.192.0/20
219.90.80.0/20
IPv6:
2405:f400::/32
Signature Algorithm: sha256WithRSAEncryption
95:45:e5:f6:b9:f5:4e:64:1c:37:b9:a7:38:99:43:66:bb:dd:
d2:a6:4d:88:b3:70:d8:bd:5e:90:a3:08:8d:a3:23:17:ac:55:
de:6d:2e:8c:dc:30:1d:65:1e:f3:f7:44:e9:20:e5:a2:c5:00:
47:eb:d8:2e:f1:a2:d3:4e:d6:97:8d:81:aa:97:52:89:d7:48:
f9:c6:d8:ad:40:59:5a:2e:17:c8:9a:43:5a:41:1e:00:df:06:
4c:f9:f1:5d:88:db:bb:f1:8b:99:15:f5:db:87:01:25:fc:9c:
a9:d5:02:d5:44:e0:70:ab:ca:ba:be:94:45:cd:4b:85:1c:42:
30:82:33:d0:05:29:ec:4c:b8:68:6a:21:7b:76:ad:f2:f9:fd:
d5:2a:c8:72:37:d9:a8:c4:d7:af:f3:f0:77:d3:ca:f9:d4:41:
98:c7:71:c3:d1:90:6c:ec:be:cc:b8:89:65:85:4e:c8:71:fb:
f1:65:09:65:29:e1:56:92:29:e9:b1:65:64:3f:8a:34:d6:b0:
58:4a:51:bd:ab:7a:27:90:8c:dc:04:ca:5b:72:8e:27:44:ee:
dc:85:cc:aa:73:a3:66:6c:58:d8:5a:28:b9:b0:c4:56:37:6b:
7f:6e:75:60:08:c3:30:62:12:fa:5e:01:a1:3d:41:b3:b5:56:
3f:be:b7:18
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICJXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjc1RkQxMTAvBgNVBAUTKDRFMTBGMTNGMjk1RkJGMkIzNTlDODREREQxNjUxQkM4
NTFBQThBRjUwHhcNMjMwNTAyMTYzMjQ2WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUxM2IyZS0xNDMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6U+Di1HRrsnEvMKobsHJjimtrpmHbe95JN0jQPVVHkNQaqzzvZzf593aXG7a
WmwBIjlJDDNeMDB544trer1v+Gdv7fFtdAfd2oyKDnxcHD8YLt5tlFf1+dT4BuSf
1FSD3Ggk8QTgdaShJRf3Z9CNXtPUU6HP+APKcnYsQNAYY0K8dCd7boLOBAzqZEmg
l95pHkcwA/Mu2HF+oS+uG8m3ZM8gzWWfvgGq0L8DlD8gBOdO0J9a5PedqwAFKtfC
HdWyDmLBiMo2ARLA9FtINUm8rLTrcRT8G3m9DPw19HbQeq8GA78eAyjRbUcCE2WY
BU4TgjS83CtFEzerdmfvI7JhcwIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFOcyRJv8
Vs/6rOfNzcNm4WP5VqcNMB8GA1UdIwQYMBaAFE4Q8T8pX78rNZyE3dFlG8hRqor1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzVGRC9FMUVGRDlCNkRF
Q0UxMUU0QTE0RjAwNjhDNEY5QUUwMi9UaER4UHlsZnZ5czFuSVRkMFdVYnlGR3Fp
dlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RoRHhQeWxmdnlzMW5JVGQwV1VieUZHcWl2VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjc1RkQvRTFFRkQ5QjZERUNFMTFFNEExNEYwMDY4QzRGOUFFMDIvOEQ3QjQ2N0Ew
OUMyMTFFQjhCNzU5ODI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAIr/9gDBAc9CQADBAM9DsADBAJn78gDBATKUaADBATLTMAD
BATbWlAwDQQCAAIwBwMFACQF9AAwDQYJKoZIhvcNAQELBQADggEBAJVF5fa59U5k
HDe5pziZQ2a73dKmTYizcNi9XpCjCI2jIxesVd5tLozcMB1lHvP3ROkg5aLFAEfr
2C7xotNO1peNgaqXUonXSPnG2K1AWVouF8iaQ1pBHgDfBkz58V2I27vxi5kV9duH
ASX8nKnVAtVE4HCryrq+lEXNS4UcQjCCM9AFKexMuGhqIXt2rfL5/dUqyHI32ajE
16/z8HfTyvnUQZjHccPRkGzsvsy4iWWFTshx+/FlCWUp4VaSKemxZWQ/ijTWsFhK
Ub2reieQjNwEyltyjidE7tyFzKpzo2ZsWNhaKLmwxFY3a39udWAIwzBiEvpeAaE9
QbO1Vj++txg=
-----END CERTIFICATE-----
Generated at Thu May 2 17:18:26 2024 by rpki-client on console-ams.rpki-client.org