Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/8C333A4E6B9E11EDB0DCC676C4F9AE02.roa
File: 8C333A4E6B9E11EDB0DCC676C4F9AE02.roa (raw, json)
Hash identifier: neNYJqIEz8xW2AoFgnO+vg+NOrfZM+OF1VhMZH+wkRk=
Subject key identifier: F6:D4:1D:B8:2C:E0:2D:5B:4D:B0:A5:AE:4E:58:AC:32:38:A1:EF:87
Certificate issuer: /CN=A9129E3A/serialNumber=5A96D4EC3D352494D9239D52AF35AC104DA12F9D
Certificate serial: 33F7
Authority key identifier: 5A:96:D4:EC:3D:35:24:94:D9:23:9D:52:AF:35:AC:10:4D:A1:2F:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WpbU7D01JJTZI51SrzWsEE2hL50.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/8C333A4E6B9E11EDB0DCC676C4F9AE02.roa
Signing time: Tue 30 Jan 2024 14:50:48 +0000
ROA not before: Tue 30 Jan 2024 14:50:48 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 17408
IP address blocks: 202.3.160.0/20 maxlen: 23
202.3.160.0/21 maxlen: 24
202.3.168.0/23 maxlen: 24
202.3.170.0/24 maxlen: 24
202.3.172.0/22 maxlen: 24
202.3.176.0/21 maxlen: 24
202.3.186.0/23 maxlen: 24
202.3.188.0/22 maxlen: 24
202.55.224.0/19 maxlen: 24
202.153.160.0/23 maxlen: 23
202.153.160.0/24 maxlen: 24
202.153.161.0/24 maxlen: 24
202.153.162.0/23 maxlen: 23
202.153.162.0/24 maxlen: 24
202.153.164.0/24 maxlen: 24
202.153.165.0/24 maxlen: 24
202.153.167.0/24 maxlen: 24
202.153.168.0/23 maxlen: 23
202.153.168.0/24 maxlen: 24
202.153.169.0/24 maxlen: 24
202.153.170.0/24 maxlen: 24
202.153.172.0/24 maxlen: 24
202.153.173.0/24 maxlen: 24
202.153.174.0/23 maxlen: 23
202.153.174.0/24 maxlen: 24
202.153.175.0/24 maxlen: 24
202.153.176.0/22 maxlen: 22
202.153.176.0/23 maxlen: 24
202.153.178.0/23 maxlen: 23
202.153.178.0/24 maxlen: 24
202.153.179.0/24 maxlen: 24
202.153.180.0/24 maxlen: 24
202.153.181.0/24 maxlen: 24
202.153.182.0/23 maxlen: 24
202.153.184.0/21 maxlen: 24
202.153.193.0/24 maxlen: 24
202.153.194.0/23 maxlen: 23
202.153.194.0/24 maxlen: 24
202.153.196.0/22 maxlen: 22
202.153.196.0/23 maxlen: 24
202.153.198.0/23 maxlen: 24
202.153.202.0/23 maxlen: 24
202.153.204.0/22 maxlen: 22
202.153.204.0/23 maxlen: 24
202.153.206.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/WpbU7D01JJTZI51SrzWsEE2hL50.crl
rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/WpbU7D01JJTZI51SrzWsEE2hL50.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WpbU7D01JJTZI51SrzWsEE2hL50.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 14:28:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13303 (0x33f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9129E3A/serialNumber=5A96D4EC3D352494D9239D52AF35AC104DA12F9D
Validity
Not Before: Jan 30 14:50:48 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65b90cc7-3aba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a0:1d:0c:c3:b3:51:21:30:c0:d2:3b:c8:ae:
ca:8e:a2:e9:65:7a:f8:39:60:5d:e2:11:18:5f:12:
e8:d7:92:76:bb:9b:af:0b:2e:a7:9d:2f:a1:0b:27:
85:81:1e:7a:c4:79:83:a8:67:5f:35:83:4a:89:69:
e0:0d:28:bf:51:e3:8f:3d:e6:72:a2:94:51:eb:c1:
eb:ca:78:8a:0b:2e:f1:28:de:b2:5b:18:bc:39:d3:
b7:7c:70:c9:35:d5:9a:b4:d5:6f:da:ad:cf:ef:d4:
74:d6:7a:82:8c:ae:ee:82:f8:a4:8a:e1:dd:1c:3c:
81:ba:9b:30:20:88:f2:c5:73:0f:7a:d3:32:3b:85:
e2:e9:d5:01:fe:11:4c:9e:90:b4:3d:e7:4a:e3:e0:
06:dc:68:6c:14:45:7f:10:49:74:1d:5f:2c:33:e6:
00:c3:d5:87:96:99:75:5a:42:f6:51:76:a2:ae:57:
c0:45:07:d6:ca:fd:19:6f:a7:ca:1f:55:88:d1:3a:
93:33:f1:0a:55:90:5a:01:d8:33:8b:3a:5f:38:7f:
e4:2b:ca:0e:e1:3d:4e:12:36:34:be:e3:a9:68:27:
e3:7b:c5:d3:04:2d:80:0e:ca:4b:02:eb:0f:f1:97:
4b:55:24:10:04:2f:0c:da:d7:fb:5e:c9:e9:f9:bd:
95:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:D4:1D:B8:2C:E0:2D:5B:4D:B0:A5:AE:4E:58:AC:32:38:A1:EF:87
X509v3 Authority Key Identifier:
keyid:5A:96:D4:EC:3D:35:24:94:D9:23:9D:52:AF:35:AC:10:4D:A1:2F:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/WpbU7D01JJTZI51SrzWsEE2hL50.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WpbU7D01JJTZI51SrzWsEE2hL50.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9129E3A/197EC0B61D8611E2ABEF22DD08B02CD2/8C333A4E6B9E11EDB0DCC676C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.3.160.0-202.3.183.255
202.3.186.0-202.3.191.255
202.55.224.0/19
202.153.160.0-202.153.165.255
202.153.167.0-202.153.170.255
202.153.172.0-202.153.191.255
202.153.193.0-202.153.199.255
202.153.202.0-202.153.207.255
Signature Algorithm: sha256WithRSAEncryption
29:23:0c:72:45:93:f8:cd:a0:0a:6f:24:f8:e6:45:bd:ea:c8:
0b:b4:11:60:fd:49:b4:00:8a:dc:35:e4:70:d0:c5:89:e4:89:
02:95:04:ac:79:dc:f9:ec:e1:30:36:a6:12:55:ff:30:8b:50:
5b:44:8b:50:2d:0a:d4:0c:30:96:2b:c3:59:f6:49:98:63:17:
6d:c3:09:bb:1a:9e:c0:3c:df:14:28:3b:ac:c2:c3:18:6e:e5:
6f:17:96:78:40:c2:1e:cd:3b:53:07:f1:72:28:52:fb:60:81:
dc:4f:01:3b:a4:f3:bb:4d:21:60:e4:eb:e3:eb:84:17:63:e2:
6d:43:0e:9b:df:05:51:4a:18:fc:43:32:a2:86:5d:82:c9:87:
e3:99:af:4f:fd:67:03:04:b5:b0:17:4c:1f:c2:f7:62:84:47:
63:59:79:2a:12:c8:5b:ad:eb:1e:38:da:90:30:bb:50:93:2f:
47:51:58:59:6d:4e:d7:4a:01:35:5e:cc:58:59:df:58:04:3a:
ee:cd:cf:82:47:fa:57:b0:1b:f9:30:ca:02:c0:d9:ce:d9:2c:
af:b9:da:c0:14:96:b8:66:3a:7f:df:3c:fa:89:80:6d:39:3f:
89:1f:7d:b1:e2:17:81:fa:be:e4:83:b0:19:0d:d3:39:ba:5a:
a6:e2:1c:2f
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgICM/cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjlFM0ExMTAvBgNVBAUTKDVBOTZENEVDM0QzNTI0OTREOTIzOUQ1MkFGMzVBQzEw
NERBMTJGOUQwHhcNMjQwMTMwMTQ1MDQ4WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5MGNjNy0zYWJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2aAdDMOzUSEwwNI7yK7KjqLpZXr4OWBd4hEYXxLo15J2u5uvCy6nnS+hCyeF
gR56xHmDqGdfNYNKiWngDSi/UeOPPeZyopRR68HryniKCy7xKN6yWxi8OdO3fHDJ
NdWatNVv2q3P79R01nqCjK7ugvikiuHdHDyBupswIIjyxXMPetMyO4Xi6dUB/hFM
npC0PedK4+AG3GhsFEV/EEl0HV8sM+YAw9WHlpl1WkL2UXairlfARQfWyv0Zb6fK
H1WI0TqTM/EKVZBaAdgzizpfOH/kK8oO4T1OEjY0vuOpaCfje8XTBC2ADspLAusP
8ZdLVSQQBC8M2tf7Xsnp+b2VgQIDAQABo4IC+DCCAvQwHQYDVR0OBBYEFPbUHbgs
4C1bTbClrk5YrDI4oe+HMB8GA1UdIwQYMBaAFFqW1Ow9NSSU2SOdUq81rBBNoS+d
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOUUzQS8xOTdFQzBCNjFE
ODYxMUUyQUJFRjIyREQwOEIwMkNEMi9XcGJVN0QwMUpKVFpJNTFTcnpXc0VFMmhM
NTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dwYlU3RDAxSkpUWkk1MVNyeldzRUUyaEw1MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjlFM0EvMTk3RUMwQjYxRDg2MTFFMkFCRUYyMkREMDhCMDJDRDIvOEMzMzNBNEU2
QjlFMTFFREIwRENDNjc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYEGCCsGAQUFBwEHAQH/
BHIwcDBuBAIAATBoMAwDBAXKA6ADBAPKA7AwDAMEAcoDugMEBsoDgAMEBco34DAM
AwQFypmgAwQBypmkMAwDBADKmacDBADKmaowDAMEAsqZrAMEBsqZgDAMAwQAypnB
AwQDypnAMAwDBAHKmcoDBATKmcAwDQYJKoZIhvcNAQELBQADggEBACkjDHJFk/jN
oApvJPjmRb3qyAu0EWD9SbQAitw15HDQxYnkiQKVBKx53Pns4TA2phJV/zCLUFtE
i1AtCtQMMJYrw1n2SZhjF23DCbsansA83xQoO6zCwxhu5W8XlnhAwh7NO1MH8XIo
UvtggdxPATuk87tNIWDk6+PrhBdj4m1DDpvfBVFKGPxDMqKGXYLJh+OZr0/9ZwME
tbAXTB/C92KER2NZeSoSyFut6x442pAwu1CTL0dRWFltTtdKATVezFhZ31gEOu7N
z4JH+lewG/kwygLA2c7ZLK+52sAUlrhmOn/fPPqJgG05P4kffbHiF4H6vuSDsBkN
0zm6WqbiHC8=
-----END CERTIFICATE-----
Generated at Thu May 16 16:14:30 2024 by rpki-client on console-fra.rpki-client.org