Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/7B6600CA4B0911EEA98A477BC4F9AE02.roa
File: 7B6600CA4B0911EEA98A477BC4F9AE02.roa (raw, json)
Hash identifier: rUqI8w2nCD+cKM66t2FzCRpsANMOP6oxAEjbkDoG4y8=
Subject key identifier: C1:02:0E:9E:7E:92:DE:85:EC:6F:B4:B4:12:AD:67:1A:07:58:27:DD
Certificate issuer: /CN=A9145456/serialNumber=3FB0A56E20F194C7749879D4D225B3F97E9EBECF
Certificate serial: 0703
Authority key identifier: 3F:B0:A5:6E:20:F1:94:C7:74:98:79:D4:D2:25:B3:F9:7E:9E:BE:CF
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7ClbiDxlMd0mHnU0iWz-X6evs8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/7B6600CA4B0911EEA98A477BC4F9AE02.roa
Signing time: Tue 10 Sep 2024 08:26:18 +0000
ROA not before: Tue 10 Sep 2024 08:26:18 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 139831
IP address blocks: 131.226.64.0/18 maxlen: 18
131.226.64.0/22 maxlen: 24
131.226.68.0/22 maxlen: 24
131.226.74.0/23 maxlen: 24
131.226.76.0/23 maxlen: 24
131.226.80.0/22 maxlen: 24
131.226.84.0/22 maxlen: 24
131.226.88.0/22 maxlen: 24
131.226.92.0/22 maxlen: 24
131.226.96.0/22 maxlen: 23
131.226.100.0/22 maxlen: 23
131.226.100.0/24 maxlen: 24
131.226.104.0/22 maxlen: 23
131.226.108.0/22 maxlen: 23
131.226.112.0/22 maxlen: 23
131.226.116.0/23 maxlen: 23
131.226.118.0/23 maxlen: 23
131.226.120.0/23 maxlen: 23
131.226.122.0/23 maxlen: 23
131.226.124.0/23 maxlen: 23
131.226.126.0/24 maxlen: 24
131.226.127.0/24 maxlen: 24
139.135.64.0/18 maxlen: 18
139.135.64.0/22 maxlen: 22
139.135.68.0/22 maxlen: 22
139.135.72.0/22 maxlen: 22
139.135.76.0/22 maxlen: 22
139.135.80.0/22 maxlen: 22
139.135.88.0/22 maxlen: 22
139.135.104.0/24 maxlen: 24
139.135.105.0/24 maxlen: 24
139.135.106.0/24 maxlen: 24
139.135.107.0/24 maxlen: 24
139.135.108.0/24 maxlen: 24
139.135.109.0/24 maxlen: 24
139.135.110.0/24 maxlen: 24
139.135.111.0/24 maxlen: 24
139.135.124.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/P7ClbiDxlMd0mHnU0iWz-X6evs8.crl
rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/P7ClbiDxlMd0mHnU0iWz-X6evs8.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7ClbiDxlMd0mHnU0iWz-X6evs8.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 19:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1795 (0x703)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9145456/serialNumber=3FB0A56E20F194C7749879D4D225B3F97E9EBECF
Validity
Not Before: Sep 10 08:26:18 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66e002aa-7232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:40:09:2d:aa:c3:f1:00:3b:9e:d3:7b:33:69:
b4:b8:6a:fe:9d:da:fd:47:47:31:94:34:5d:47:4e:
00:d1:59:a2:f3:2e:e3:c3:f3:4c:58:eb:bd:1f:a6:
26:37:64:37:e2:05:fb:4b:f5:38:13:6e:f6:12:ec:
b1:17:29:58:d9:a0:f8:43:d6:a9:61:78:b9:3b:03:
52:89:e5:a9:6b:d5:9a:a0:e0:19:2a:db:b4:3f:91:
b6:02:ec:3a:03:5b:42:b1:7d:01:b2:bc:5c:03:d9:
71:b8:a6:df:29:25:7b:43:36:6e:39:35:de:f4:64:
9e:d2:ef:fd:7f:9a:74:fa:49:38:a1:89:95:3a:00:
1f:cc:21:60:1d:a1:ed:3e:57:9d:d1:6b:aa:0e:87:
00:53:26:56:d4:a3:34:03:28:ee:e8:89:b5:01:bd:
20:30:3d:05:9d:5b:b9:1a:42:7c:a9:45:75:9b:e1:
a8:e6:57:ad:cc:8b:3d:9b:2f:4d:07:57:b6:93:e0:
56:4e:4a:59:30:0e:58:4a:73:0d:13:25:b3:5d:a2:
42:43:2a:30:1b:f2:2a:50:f7:de:f8:f5:83:19:f2:
b2:a0:32:9c:81:4c:41:02:76:06:94:7b:5a:ed:c3:
74:01:a5:f0:c4:dc:20:eb:c2:d1:fe:cb:a7:68:b6:
b7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:02:0E:9E:7E:92:DE:85:EC:6F:B4:B4:12:AD:67:1A:07:58:27:DD
X509v3 Authority Key Identifier:
keyid:3F:B0:A5:6E:20:F1:94:C7:74:98:79:D4:D2:25:B3:F9:7E:9E:BE:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/P7ClbiDxlMd0mHnU0iWz-X6evs8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7ClbiDxlMd0mHnU0iWz-X6evs8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145456/7719C710306611EB85251355C4F9AE02/7B6600CA4B0911EEA98A477BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
131.226.64.0/18
139.135.64.0/18
Signature Algorithm: sha256WithRSAEncryption
1a:26:ee:d4:be:94:2a:a0:98:fe:9c:63:91:27:73:d5:7b:2e:
37:c5:c5:da:37:92:4d:a4:b5:b2:96:bb:02:3c:de:41:60:6c:
e0:7e:e1:66:40:c1:8f:d7:a0:1e:4b:20:45:52:0a:b9:a6:27:
fd:bc:01:57:4c:22:09:05:6b:53:28:01:89:22:ed:13:0b:c7:
35:fb:86:8b:74:b4:e5:02:a7:eb:c9:6c:a1:d2:48:30:d1:da:
c4:5b:73:c8:6e:37:85:29:75:e1:ff:6b:be:bd:83:05:14:21:
76:b6:b6:7f:44:15:92:ca:de:73:6e:9d:70:54:6b:d3:6f:08:
c9:56:34:ac:72:43:82:e5:93:51:8a:20:b1:dc:2c:b5:b8:62:
83:71:ca:6a:ee:8f:c6:74:49:4b:69:1f:bd:6b:7c:5a:5a:8d:
e6:2d:e9:84:7e:bd:e6:f7:30:c9:d8:29:4c:14:4f:e8:c9:ca:
40:23:5e:24:37:b0:ef:79:96:89:55:a1:e2:5b:cd:a5:8d:11:
b9:b6:59:63:ea:79:a3:4a:df:30:24:db:f3:39:16:2d:23:7b:
d5:42:d2:de:fc:3a:1f:a5:ce:4a:f7:5d:bd:52:fa:7f:f5:65:
9c:1c:fa:57:30:5a:2a:a6:72:e4:e8:e1:86:8c:79:6e:cb:a5:
e2:7d:c4:5c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBwMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU0NTYxMTAvBgNVBAUTKDNGQjBBNTZFMjBGMTk0Qzc3NDk4NzlENEQyMjVCM0Y5
N0U5RUJFQ0YwHhcNMjQwOTEwMDgyNjE4WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmUwMDJhYS03MjMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxkAJLarD8QA7ntN7M2m0uGr+ndr9R0cxlDRdR04A0Vmi8y7jw/NMWOu9H6Ym
N2Q34gX7S/U4E272EuyxFylY2aD4Q9apYXi5OwNSieWpa9WaoOAZKtu0P5G2Auw6
A1tCsX0BsrxcA9lxuKbfKSV7QzZuOTXe9GSe0u/9f5p0+kk4oYmVOgAfzCFgHaHt
Pled0WuqDocAUyZW1KM0Ayju6Im1Ab0gMD0FnVu5GkJ8qUV1m+Go5letzIs9my9N
B1e2k+BWTkpZMA5YSnMNEyWzXaJCQyowG/IqUPfe+PWDGfKyoDKcgUxBAnYGlHta
7cN0AaXwxNwg68LR/sunaLa3+wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMECDp5+
kt6F7G+0tBKtZxoHWCfdMB8GA1UdIwQYMBaAFD+wpW4g8ZTHdJh51NIls/l+nr7P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTQ1Ni83NzE5QzcxMDMw
NjYxMUVCODUyNTEzNTVDNEY5QUUwMi9QN0NsYmlEeGxNZDBtSG5VMGlXei1YNmV2
czguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1A3Q2xiaUR4bE1kMG1IblUwaVd6LVg2ZXZzOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDU0NTYvNzcxOUM3MTAzMDY2MTFFQjg1MjUxMzU1QzRGOUFFMDIvN0I2NjAwQ0E0
QjA5MTFFRUE5OEE0NzdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAaD4kADBAaLh0AwDQYJKoZIhvcNAQELBQADggEBABom7tS+
lCqgmP6cY5Enc9V7LjfFxdo3kk2ktbKWuwI83kFgbOB+4WZAwY/XoB5LIEVSCrmm
J/28AVdMIgkFa1MoAYki7RMLxzX7hot0tOUCp+vJbKHSSDDR2sRbc8huN4UpdeH/
a769gwUUIXa2tn9EFZLK3nNunXBUa9NvCMlWNKxyQ4Llk1GKILHcLLW4YoNxymru
j8Z0SUtpH71rfFpajeYt6YR+veb3MMnYKUwUT+jJykAjXiQ3sO95lolVoeJbzaWN
Ebm2WWPqeaNK3zAk2/M5Fi0je9VC0t78Oh+lzkr3Xb1S+n/1ZZwc+lcwWiqmcuTo
4YaMeW7LpeJ9xFw=
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:55:39 2024 by rpki-client on console-ams.rpki-client.org