Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136DD6/DF38955E3B3711E9A038AB2AC4F9AE02/7B306A34218D11EC87C96D6DC4F9AE02.roa
File: 7B306A34218D11EC87C96D6DC4F9AE02.roa (raw, json)
Hash identifier: SH4ht9mpJYf8cKX0vcP54ZxApzU7aueABR3AMhEMgD4=
Subject key identifier: 47:79:0D:72:0A:48:37:48:77:97:62:C0:66:57:84:0C:27:FE:38:82
Certificate issuer: /CN=A9136DD6/serialNumber=CA83D43E5A5E59C7759B1B9B2FBD98A947DFD3BC
Certificate serial: 0F71
Authority key identifier: CA:83:D4:3E:5A:5E:59:C7:75:9B:1B:9B:2F:BD:98:A9:47:DF:D3:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoPUPlpeWcd1mxubL72YqUff07w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136DD6/DF38955E3B3711E9A038AB2AC4F9AE02/7B306A34218D11EC87C96D6DC4F9AE02.roa
Signing time: Mon 20 Nov 2023 18:15:56 +0000
ROA not before: Mon 20 Nov 2023 18:15:56 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 4773
IP address blocks: 118.189.34.0/24 maxlen: 24
118.189.44.0/22 maxlen: 22
118.189.78.0/24 maxlen: 24
118.189.82.0/24 maxlen: 24
118.189.176.0/20 maxlen: 20
118.189.176.0/22 maxlen: 22
118.189.176.0/24 maxlen: 24
118.189.177.0/24 maxlen: 24
118.189.178.0/24 maxlen: 24
118.189.179.0/24 maxlen: 24
118.189.180.0/23 maxlen: 24
118.189.182.0/23 maxlen: 24
118.189.184.0/21 maxlen: 21
118.189.184.0/24 maxlen: 24
118.189.185.0/24 maxlen: 24
118.189.186.0/24 maxlen: 24
118.189.187.0/24 maxlen: 24
118.189.188.0/24 maxlen: 24
118.189.189.0/24 maxlen: 24
118.189.190.0/24 maxlen: 24
118.189.191.0/24 maxlen: 24
118.189.192.0/20 maxlen: 22
118.189.192.0/24 maxlen: 24
118.189.193.0/24 maxlen: 24
118.189.194.0/24 maxlen: 24
118.189.195.0/24 maxlen: 24
118.189.196.0/24 maxlen: 24
118.189.197.0/24 maxlen: 24
118.189.198.0/24 maxlen: 24
118.189.199.0/24 maxlen: 24
118.189.200.0/24 maxlen: 24
118.189.201.0/24 maxlen: 24
118.189.202.0/24 maxlen: 24
118.189.203.0/24 maxlen: 24
118.189.204.0/24 maxlen: 24
118.189.205.0/24 maxlen: 24
118.189.206.0/24 maxlen: 24
118.189.207.0/24 maxlen: 24
118.189.208.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9136DD6/DF38955E3B3711E9A038AB2AC4F9AE02/yoPUPlpeWcd1mxubL72YqUff07w.crl
rsync://rpki.apnic.net/member_repository/A9136DD6/DF38955E3B3711E9A038AB2AC4F9AE02/yoPUPlpeWcd1mxubL72YqUff07w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoPUPlpeWcd1mxubL72YqUff07w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 18:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3953 (0xf71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136DD6/serialNumber=CA83D43E5A5E59C7759B1B9B2FBD98A947DFD3BC
Validity
Not Before: Nov 20 18:15:56 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=655ba25b-7a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9c:ca:ed:7a:40:1a:6b:94:2c:51:e1:2e:3f:
9b:0d:e2:63:93:19:a8:ed:0b:0c:8d:ec:9e:50:82:
02:e8:e5:f3:a4:dd:9d:00:1f:7c:96:f2:34:19:94:
98:7b:27:da:5b:44:9f:55:0c:f8:37:84:f7:f7:33:
96:0a:31:0c:84:24:db:ad:44:90:18:e9:03:de:f7:
de:15:81:77:01:e0:c7:89:b7:1d:94:1b:37:70:0a:
75:1c:10:fd:d1:0f:b1:da:a0:53:84:4d:b9:bf:48:
fd:2d:c5:e8:ce:27:f9:e7:ec:93:5c:0a:41:1b:9f:
76:1b:dc:d0:d9:52:9d:b6:44:15:da:e7:c1:02:2d:
cf:62:26:4e:c3:8c:f6:6d:ef:f6:eb:df:78:d8:de:
ee:43:dc:bf:40:03:4a:81:d2:23:ff:bb:30:b0:08:
8f:bb:44:29:58:a0:f1:39:3b:04:f4:cb:1b:35:be:
ec:ad:3c:e6:21:28:bf:ab:5f:1e:4e:80:7e:f1:79:
75:2c:54:cb:6b:92:fe:cf:79:f3:bd:07:6d:d1:6a:
52:7d:6b:2d:88:bd:ec:61:a2:68:92:93:ba:54:75:
fa:22:43:22:78:14:da:7e:e4:41:bd:13:91:13:a7:
a8:90:7f:69:23:15:ed:85:9f:b2:35:90:b5:39:ca:
18:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:79:0D:72:0A:48:37:48:77:97:62:C0:66:57:84:0C:27:FE:38:82
X509v3 Authority Key Identifier:
keyid:CA:83:D4:3E:5A:5E:59:C7:75:9B:1B:9B:2F:BD:98:A9:47:DF:D3:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136DD6/DF38955E3B3711E9A038AB2AC4F9AE02/yoPUPlpeWcd1mxubL72YqUff07w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoPUPlpeWcd1mxubL72YqUff07w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136DD6/DF38955E3B3711E9A038AB2AC4F9AE02/7B306A34218D11EC87C96D6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
118.189.34.0/24
118.189.44.0/22
118.189.78.0/24
118.189.82.0/24
118.189.176.0-118.189.215.255
Signature Algorithm: sha256WithRSAEncryption
71:9a:8e:22:d2:a5:d3:cd:0c:86:5f:7d:f6:7f:9b:85:d5:55:
1d:2e:ec:95:79:14:34:43:d4:85:51:c6:72:83:8f:5d:2f:ab:
2d:a2:90:06:97:ad:90:a5:80:74:48:f7:59:85:cc:a7:3d:84:
8b:60:1f:be:99:ae:84:64:f4:c9:ee:37:4f:04:f2:d3:68:8e:
c6:61:58:bf:c8:5b:d6:f5:8b:eb:fe:5a:20:bf:3d:40:a1:ab:
52:5b:08:b0:20:20:20:95:e1:8f:d2:a3:be:7d:fb:46:e2:7f:
90:12:56:eb:87:42:15:d8:dd:f5:2c:ff:40:62:e3:21:02:2f:
06:05:88:a2:9b:81:07:4c:60:e4:45:f4:42:1b:ad:65:ab:3c:
59:84:15:d8:c7:6f:17:56:35:a4:3e:c6:c2:1d:e6:ba:bc:cb:
55:d4:47:85:c6:4c:70:dd:d1:00:01:af:9a:92:75:d9:76:f4:
82:15:7d:5e:e7:11:1b:72:90:99:79:ba:5e:38:10:33:55:a5:
55:ac:8b:bf:ae:ec:d6:0a:17:60:82:bc:fd:c7:68:aa:f2:fd:
32:86:ca:ad:36:f2:d4:f2:cf:40:e8:b9:dc:1c:dd:80:b7:22:
1c:ba:37:a7:22:39:c0:18:38:f8:a5:08:ad:5d:5e:a1:49:99:
47:8a:6b:53
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICD3EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzZERDYxMTAvBgNVBAUTKENBODNENDNFNUE1RTU5Qzc3NTlCMUI5QjJGQkQ5OEE5
NDdERkQzQkMwHhcNMjMxMTIwMTgxNTU2WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTViYTI1Yi03YTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqJzK7XpAGmuULFHhLj+bDeJjkxmo7QsMjeyeUIIC6OXzpN2dAB98lvI0GZSY
eyfaW0SfVQz4N4T39zOWCjEMhCTbrUSQGOkD3vfeFYF3AeDHibcdlBs3cAp1HBD9
0Q+x2qBThE25v0j9LcXozif55+yTXApBG592G9zQ2VKdtkQV2ufBAi3PYiZOw4z2
be/269942N7uQ9y/QANKgdIj/7swsAiPu0QpWKDxOTsE9MsbNb7srTzmISi/q18e
ToB+8Xl1LFTLa5L+z3nzvQdt0WpSfWstiL3sYaJokpO6VHX6IkMieBTafuRBvROR
E6eokH9pIxXthZ+yNZC1OcoYFQIDAQABo4ICtTCCArEwHQYDVR0OBBYEFEd5DXIK
SDdId5diwGZXhAwn/jiCMB8GA1UdIwQYMBaAFMqD1D5aXlnHdZsbmy+9mKlH39O8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkRENi9ERjM4OTU1RTNC
MzcxMUU5QTAzOEFCMkFDNEY5QUUwMi95b1BVUGxwZVdjZDFteHViTDcyWXFVZmYw
N3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lvUFVQbHBlV2NkMW14dWJMNzJZcVVmZjA3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzZERDYvREYzODk1NUUzQjM3MTFFOUEwMzhBQjJBQzRGOUFFMDIvN0IzMDZBMzQy
MThEMTFFQzg3Qzk2RDZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPwYIKwYBBQUHAQcBAf8E
MDAuMCwEAgABMCYDBAB2vSIDBAJ2vSwDBAB2vU4DBAB2vVIwDAMEBHa9sAMEA3a9
0DANBgkqhkiG9w0BAQsFAAOCAQEAcZqOItKl080Mhl999n+bhdVVHS7slXkUNEPU
hVHGcoOPXS+rLaKQBpetkKWAdEj3WYXMpz2Ei2AfvpmuhGT0ye43TwTy02iOxmFY
v8hb1vWL6/5aIL89QKGrUlsIsCAgIJXhj9Kjvn37RuJ/kBJW64dCFdjd9Sz/QGLj
IQIvBgWIopuBB0xg5EX0QhutZas8WYQV2MdvF1Y1pD7Gwh3murzLVdRHhcZMcN3R
AAGvmpJ12Xb0ghV9XucRG3KQmXm6XjgQM1WlVayLv67s1goXYIK8/cdoqvL9MobK
rTby1PLPQOi53BzdgLciHLo3pyI5wBg4+KUIrV1eoUmZR4prUw==
-----END CERTIFICATE-----
Generated at Thu May 16 19:10:54 2024 by rpki-client on console-fra.rpki-client.org