Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/9F883BFCB33811E981BB4E6FC4F9AE02.roa
File: 9F883BFCB33811E981BB4E6FC4F9AE02.roa (raw, json)
Hash identifier: rRlhYDjmsKn1HWp2b9Kwcsqx4aDeX7WeOuZsyustf0A=
Subject key identifier: 46:E0:B7:28:E0:5C:DA:7D:FA:B2:18:86:57:18:33:91:36:BA:07:7F
Certificate issuer: /CN=A913E8F3/serialNumber=F9BB29B0ABE849E7FE180E339E4B1C282368C521
Certificate serial: 0F05
Authority key identifier: F9:BB:29:B0:AB:E8:49:E7:FE:18:0E:33:9E:4B:1C:28:23:68:C5:21
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-bspsKvoSef-GA4znkscKCNoxSE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/9F883BFCB33811E981BB4E6FC4F9AE02.roa
Signing time: Wed 28 Feb 2024 18:26:36 +0000
ROA not before: Wed 28 Feb 2024 18:26:36 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 58521
IP address blocks: 143.92.112.0/21 maxlen: 21
143.92.112.0/22 maxlen: 22
143.92.112.0/23 maxlen: 23
143.92.112.0/24 maxlen: 24
143.92.113.0/24 maxlen: 24
143.92.114.0/24 maxlen: 24
143.92.115.0/24 maxlen: 24
143.92.116.0/24 maxlen: 24
143.92.117.0/24 maxlen: 24
143.92.118.0/24 maxlen: 24
143.92.119.0/24 maxlen: 24
143.92.120.0/22 maxlen: 22
143.92.120.0/24 maxlen: 24
143.92.121.0/24 maxlen: 24
143.92.122.0/24 maxlen: 24
143.92.123.0/24 maxlen: 24
143.92.124.0/22 maxlen: 24
148.222.64.0/19 maxlen: 19
148.222.64.0/22 maxlen: 22
148.222.64.0/24 maxlen: 24
148.222.65.0/24 maxlen: 24
148.222.66.0/23 maxlen: 23
148.222.66.0/24 maxlen: 24
148.222.67.0/24 maxlen: 24
148.222.68.0/22 maxlen: 22
148.222.68.0/24 maxlen: 24
148.222.69.0/24 maxlen: 24
148.222.70.0/24 maxlen: 24
148.222.71.0/24 maxlen: 24
148.222.72.0/22 maxlen: 22
148.222.72.0/24 maxlen: 24
148.222.73.0/24 maxlen: 24
148.222.74.0/24 maxlen: 24
148.222.75.0/24 maxlen: 24
148.222.76.0/22 maxlen: 22
148.222.76.0/24 maxlen: 24
148.222.77.0/24 maxlen: 24
148.222.78.0/24 maxlen: 24
148.222.79.0/24 maxlen: 24
148.222.80.0/22 maxlen: 22
148.222.80.0/24 maxlen: 24
148.222.81.0/24 maxlen: 24
148.222.82.0/24 maxlen: 24
148.222.83.0/24 maxlen: 24
148.222.84.0/22 maxlen: 22
148.222.84.0/24 maxlen: 24
148.222.85.0/24 maxlen: 24
148.222.86.0/24 maxlen: 24
148.222.87.0/24 maxlen: 24
148.222.88.0/22 maxlen: 22
148.222.88.0/24 maxlen: 24
148.222.89.0/24 maxlen: 24
148.222.90.0/24 maxlen: 24
148.222.91.0/24 maxlen: 24
148.222.92.0/22 maxlen: 22
148.222.92.0/24 maxlen: 24
148.222.93.0/24 maxlen: 24
148.222.94.0/24 maxlen: 24
148.222.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/-bspsKvoSef-GA4znkscKCNoxSE.crl
rsync://rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/-bspsKvoSef-GA4znkscKCNoxSE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-bspsKvoSef-GA4znkscKCNoxSE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 15:22:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3845 (0xf05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913E8F3/serialNumber=F9BB29B0ABE849E7FE180E339E4B1C282368C521
Validity
Not Before: Feb 28 18:26:36 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65df7adb-520c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ab:fd:cf:d2:42:87:08:de:e2:57:e3:f1:75:
64:40:75:39:24:42:53:a4:e5:7a:e2:7b:4b:4e:e5:
cf:df:07:b3:63:cf:50:38:3b:6c:b7:d9:1b:e0:b4:
ea:e8:55:9c:94:64:e4:19:2f:15:65:15:f6:07:53:
ff:b8:b5:06:ed:04:c6:cc:27:a4:11:09:2c:6b:d6:
3e:20:05:51:50:34:97:2c:67:c8:a0:ad:09:b2:20:
ec:65:03:bd:dc:1f:ef:58:8a:76:83:be:eb:d5:87:
1c:24:9d:d3:82:36:68:1d:b3:fe:b0:74:cf:f6:23:
c1:fe:b8:51:2f:9e:20:90:a6:89:89:cf:c9:b2:44:
78:69:77:7a:68:37:9f:5b:4d:8e:12:89:91:47:cc:
ae:fb:d1:3f:b5:4c:14:46:9a:5b:51:39:f1:c4:e0:
fb:f6:53:bf:1e:b2:68:56:98:8c:c4:59:e8:d2:63:
0e:e9:11:c9:1f:15:1c:ca:0a:53:3d:3e:05:f9:4b:
53:0f:21:47:f2:ea:2b:bc:8c:f0:f9:40:8d:5f:97:
b4:c1:29:92:62:14:aa:8e:a9:e8:98:52:c9:2b:e4:
9d:62:00:8d:c2:b1:1f:23:ac:cc:7e:26:f7:98:6f:
fe:7e:ec:27:ae:76:0f:bb:ec:b0:f0:64:23:cb:af:
6c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E0:B7:28:E0:5C:DA:7D:FA:B2:18:86:57:18:33:91:36:BA:07:7F
X509v3 Authority Key Identifier:
keyid:F9:BB:29:B0:AB:E8:49:E7:FE:18:0E:33:9E:4B:1C:28:23:68:C5:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/-bspsKvoSef-GA4znkscKCNoxSE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-bspsKvoSef-GA4znkscKCNoxSE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/9F883BFCB33811E981BB4E6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
143.92.112.0/20
148.222.64.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:29:b2:8a:a1:7d:82:a3:3d:07:16:01:70:23:6e:9f:90:64:
e1:64:8a:67:ef:48:36:fd:da:45:ad:1e:d3:8e:f9:bf:89:af:
07:7d:5e:cf:fc:a5:4a:69:f7:e3:7c:d6:76:4e:b2:ce:f9:98:
a0:61:e0:ff:66:6d:59:ca:81:a1:66:4e:c3:28:5d:b7:95:5b:
72:27:70:44:77:6c:47:7f:24:b8:68:f7:1e:16:07:32:b8:e2:
d5:73:08:59:a1:90:67:fe:ca:2f:75:13:25:85:a4:b3:b5:97:
c1:1c:c8:2b:27:aa:4c:4d:56:9d:20:e4:dc:91:a9:5a:47:48:
52:fe:74:83:0d:d1:c6:d6:0c:27:52:a3:3f:d6:d9:f3:7e:24:
82:92:7b:e9:9a:46:7f:51:5d:e7:95:fa:a9:89:6e:f8:0a:e6:
a9:3c:63:68:01:60:86:0b:2d:83:20:91:03:82:98:4a:59:04:
89:f7:aa:74:9a:30:73:ae:9f:5b:d5:c7:c3:6f:9d:2a:b4:3a:
83:29:b4:c9:a8:0f:27:05:28:1c:11:bc:22:38:63:18:75:a8:
92:51:ef:9d:fa:92:98:a5:68:53:ce:a4:7a:dd:94:39:ea:65:
0e:fa:76:bb:7f:e2:20:6b:35:0e:ee:78:14:84:bf:fe:24:0e:
9d:07:4e:1a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDwUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0U4RjMxMTAvBgNVBAUTKEY5QkIyOUIwQUJFODQ5RTdGRTE4MEUzMzlFNEIxQzI4
MjM2OEM1MjEwHhcNMjQwMjI4MTgyNjM2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRmN2FkYi01MjBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz6v9z9JChwje4lfj8XVkQHU5JEJTpOV64ntLTuXP3wezY89QODtst9kb4LTq
6FWclGTkGS8VZRX2B1P/uLUG7QTGzCekEQksa9Y+IAVRUDSXLGfIoK0JsiDsZQO9
3B/vWIp2g77r1YccJJ3TgjZoHbP+sHTP9iPB/rhRL54gkKaJic/JskR4aXd6aDef
W02OEomRR8yu+9E/tUwURppbUTnxxOD79lO/HrJoVpiMxFno0mMO6RHJHxUcygpT
PT4F+UtTDyFH8uorvIzw+UCNX5e0wSmSYhSqjqnomFLJK+SdYgCNwrEfI6zMfib3
mG/+fuwnrnYPu+yw8GQjy69svQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFEbgtyjg
XNp9+rIYhlcYM5E2ugd/MB8GA1UdIwQYMBaAFPm7KbCr6Enn/hgOM55LHCgjaMUh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRThGMy8wQTA0RjRFMjU0
OTQxMUU5QjU5N0U1NzFDNEY5QUUwMi8tYnNwc0t2b1NlZi1HQTR6bmtzY0tDTm94
U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLy1ic3BzS3ZvU2VmLUdBNHpua3NjS0NOb3hTRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0U4RjMvMEEwNEY0RTI1NDk0MTFFOUI1OTdFNTcxQzRGOUFFMDIvOUY4ODNCRkNC
MzM4MTFFOTgxQkI0RTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBASPXHADBAWU3kAwDQYJKoZIhvcNAQELBQADggEBAJopsoqh
fYKjPQcWAXAjbp+QZOFkimfvSDb92kWtHtOO+b+Jrwd9Xs/8pUpp9+N81nZOss75
mKBh4P9mbVnKgaFmTsMoXbeVW3IncER3bEd/JLho9x4WBzK44tVzCFmhkGf+yi91
EyWFpLO1l8EcyCsnqkxNVp0g5NyRqVpHSFL+dIMN0cbWDCdSoz/W2fN+JIKSe+ma
Rn9RXeeV+qmJbvgK5qk8Y2gBYIYLLYMgkQOCmEpZBIn3qnSaMHOun1vVx8NvnSq0
OoMptMmoDycFKBwRvCI4Yxh1qJJR7536kpilaFPOpHrdlDnqZQ76drt/4iBrNQ7u
eBSEv/4kDp0HTho=
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:05:16 2024 by rpki-client on console-ams.rpki-client.org