Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9145519/A2FC3264E45C11E68CEDFA3EC4F9AE02/7814B330E45E11E681F82341C4F9AE02.roa
File: 7814B330E45E11E681F82341C4F9AE02.roa (raw, json)
Hash identifier: KpfW5v22QQ8knW5hcfiQgbsPMLlFz8zLOAmQh0gN2hw=
Subject key identifier: FF:2A:1A:6F:4F:77:AA:3E:FC:7C:1F:E7:22:9D:D4:CB:2D:12:C5:63
Certificate issuer: /CN=A9145519/serialNumber=6FE6B33EA87390660B46B111DAD57D606F2FEE24
Certificate serial: 1BF7
Authority key identifier: 6F:E6:B3:3E:A8:73:90:66:0B:46:B1:11:DA:D5:7D:60:6F:2F:EE:24
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b-azPqhzkGYLRrER2tV9YG8v7iQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9145519/A2FC3264E45C11E68CEDFA3EC4F9AE02/7814B330E45E11E681F82341C4F9AE02.roa
Signing time: Sat 12 Oct 2024 16:24:22 +0000
ROA not before: Sat 12 Oct 2024 16:24:22 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 132167
IP address blocks: 69.160.0.0/24 maxlen: 24
69.160.1.0/24 maxlen: 24
69.160.2.0/24 maxlen: 24
69.160.3.0/24 maxlen: 24
69.160.4.0/24 maxlen: 24
69.160.5.0/24 maxlen: 24
69.160.6.0/24 maxlen: 24
69.160.7.0/24 maxlen: 24
69.160.8.0/24 maxlen: 24
69.160.9.0/24 maxlen: 24
69.160.10.0/24 maxlen: 24
69.160.11.0/24 maxlen: 24
69.160.13.0/24 maxlen: 24
69.160.14.0/24 maxlen: 24
69.160.16.0/24 maxlen: 24
69.160.17.0/24 maxlen: 24
69.160.18.0/24 maxlen: 24
69.160.19.0/24 maxlen: 24
69.160.20.0/24 maxlen: 24
69.160.21.0/24 maxlen: 24
69.160.22.0/24 maxlen: 24
69.160.23.0/24 maxlen: 24
69.160.24.0/24 maxlen: 24
69.160.25.0/24 maxlen: 24
69.160.26.0/24 maxlen: 24
69.160.27.0/24 maxlen: 24
69.160.28.0/24 maxlen: 24
69.160.29.0/24 maxlen: 24
69.160.30.0/24 maxlen: 24
69.160.31.0/24 maxlen: 24
74.50.208.0/21 maxlen: 21
74.50.208.0/24 maxlen: 24
74.50.209.0/24 maxlen: 24
74.50.210.0/24 maxlen: 24
74.50.211.0/24 maxlen: 24
74.50.212.0/24 maxlen: 24
74.50.213.0/24 maxlen: 24
74.50.214.0/24 maxlen: 24
74.50.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9145519/A2FC3264E45C11E68CEDFA3EC4F9AE02/b-azPqhzkGYLRrER2tV9YG8v7iQ.crl
rsync://rpki.apnic.net/member_repository/A9145519/A2FC3264E45C11E68CEDFA3EC4F9AE02/b-azPqhzkGYLRrER2tV9YG8v7iQ.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b-azPqhzkGYLRrER2tV9YG8v7iQ.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 15:22:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7159 (0x1bf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9145519/serialNumber=6FE6B33EA87390660B46B111DAD57D606F2FEE24
Validity
Not Before: Oct 12 16:24:22 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=670aa2b5-096f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ed:70:cf:5d:81:b1:b2:c2:be:5f:b3:0d:4a:
dd:ed:5e:54:00:62:f1:8f:08:31:07:25:e0:02:9e:
71:c6:74:36:dc:c6:70:1c:48:cf:37:57:ac:a9:09:
df:88:cb:be:1c:0f:8c:84:02:1b:74:c0:57:f6:f5:
15:88:e8:97:47:6f:bc:1a:14:a9:95:b2:a8:04:fa:
29:c6:7a:9d:9d:6f:53:2d:d5:40:32:a6:df:28:16:
13:b2:a1:8e:a3:9b:38:31:c5:32:36:0c:4f:ff:6f:
75:59:b3:ff:ee:d2:56:3a:01:6d:72:d3:55:fb:6a:
39:50:93:4c:e5:e5:35:f3:0c:30:b3:9a:bc:a1:33:
5a:79:62:55:60:81:b0:6e:db:86:0e:8b:8f:e5:b9:
aa:67:7a:2f:7f:4c:0b:d1:b2:6d:13:12:02:5a:9e:
b5:e3:83:59:97:6c:af:b6:16:aa:34:a5:a6:ea:ab:
cd:da:ed:c8:28:de:7c:72:ae:38:18:c8:19:48:b5:
4c:5d:a1:f2:7c:b3:9e:3b:b7:2e:0a:d7:db:75:3c:
07:5d:9d:ee:48:ba:7a:e1:5a:4f:a9:fe:04:b4:6f:
89:6e:45:09:95:cb:ef:50:bb:7e:76:7a:df:94:e3:
c4:15:a1:5c:8c:b9:58:c2:0c:22:3b:a8:62:8b:60:
60:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2A:1A:6F:4F:77:AA:3E:FC:7C:1F:E7:22:9D:D4:CB:2D:12:C5:63
X509v3 Authority Key Identifier:
keyid:6F:E6:B3:3E:A8:73:90:66:0B:46:B1:11:DA:D5:7D:60:6F:2F:EE:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9145519/A2FC3264E45C11E68CEDFA3EC4F9AE02/b-azPqhzkGYLRrER2tV9YG8v7iQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b-azPqhzkGYLRrER2tV9YG8v7iQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145519/A2FC3264E45C11E68CEDFA3EC4F9AE02/7814B330E45E11E681F82341C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
69.160.0.0-69.160.11.255
69.160.13.0-69.160.14.255
69.160.16.0/20
74.50.208.0/21
Signature Algorithm: sha256WithRSAEncryption
33:66:62:5c:98:ef:14:f5:46:fd:93:e2:4e:d0:c4:15:ba:da:
b9:a5:bb:3f:05:5c:4e:52:71:b1:21:57:3a:23:6a:ff:ec:49:
9b:57:32:f2:62:53:65:88:4c:a0:01:ca:04:fe:f9:3f:37:24:
f3:fa:13:38:96:09:ad:58:e7:d6:6f:19:fd:8e:f8:f4:d7:a3:
60:16:b3:dd:04:12:f7:1c:e7:bc:f5:57:46:1e:d0:5b:70:17:
3d:ac:af:7c:21:58:f3:ac:8c:03:d8:7b:a8:d0:15:c1:ce:ea:
4a:2c:ad:c1:9b:6d:f5:70:16:8c:9d:d1:a8:db:53:15:38:24:
b4:34:c0:46:3c:a8:dc:72:06:ec:9d:9a:8c:5c:65:41:e1:ad:
46:65:85:ee:c0:24:dd:eb:78:b9:10:1a:e2:4b:03:cb:66:10:
2f:6e:a3:4d:d6:a8:0b:cb:60:fd:52:d8:b2:3a:b3:f8:cc:01:
cb:56:52:75:28:b3:15:db:9b:7c:c6:87:02:ab:08:2c:fd:ff:
58:79:bb:60:19:00:03:a7:17:3a:8b:39:65:5c:77:5c:ef:6d:
3f:72:6a:ac:8f:00:d8:36:4a:c9:d5:f5:37:a9:87:7d:67:f1:
d7:1e:af:1a:cd:ec:2f:82:81:7a:cf:9a:cf:16:ec:ee:ea:f6:
88:ff:00:71
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICG/cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU1MTkxMTAvBgNVBAUTKDZGRTZCMzNFQTg3MzkwNjYwQjQ2QjExMURBRDU3RDYw
NkYyRkVFMjQwHhcNMjQxMDEyMTYyNDIyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzBhYTJiNS0wOTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv+1wz12BsbLCvl+zDUrd7V5UAGLxjwgxByXgAp5xxnQ23MZwHEjPN1esqQnf
iMu+HA+MhAIbdMBX9vUViOiXR2+8GhSplbKoBPopxnqdnW9TLdVAMqbfKBYTsqGO
o5s4McUyNgxP/291WbP/7tJWOgFtctNV+2o5UJNM5eU18wwws5q8oTNaeWJVYIGw
btuGDouP5bmqZ3ovf0wL0bJtExICWp6144NZl2yvthaqNKWm6qvN2u3IKN58cq44
GMgZSLVMXaHyfLOeO7cuCtfbdTwHXZ3uSLp64VpPqf4EtG+JbkUJlcvvULt+dnrf
lOPEFaFcjLlYwgwiO6hii2BgbwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFP8qGm9P
d6o+/Hwf5yKd1MstEsVjMB8GA1UdIwQYMBaAFG/msz6oc5BmC0axEdrVfWBvL+4k
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTUxOS9BMkZDMzI2NEU0
NUMxMUU2OENFREZBM0VDNEY5QUUwMi9iLWF6UHFoemtHWUxSckVSMnRWOVlHOHY3
aVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2ItYXpQcWh6a0dZTFJyRVIydFY5WUc4djdpUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDU1MTkvQTJGQzMyNjRFNDVDMTFFNjhDRURGQTNFQzRGOUFFMDIvNzgxNEIzMzBF
NDVFMTFFNjgxRjgyMzQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMC0EAgABMCcwCwMDBUWgAwQCRaAIMAwDBABFoA0DBABFoA4DBARFoBADBANK
MtAwDQYJKoZIhvcNAQELBQADggEBADNmYlyY7xT1Rv2T4k7QxBW62rmluz8FXE5S
cbEhVzojav/sSZtXMvJiU2WITKABygT++T83JPP6EziWCa1Y59ZvGf2O+PTXo2AW
s90EEvcc57z1V0Ye0FtwFz2sr3whWPOsjAPYe6jQFcHO6kosrcGbbfVwFoyd0ajb
UxU4JLQ0wEY8qNxyBuydmoxcZUHhrUZlhe7AJN3reLkQGuJLA8tmEC9uo03WqAvL
YP1S2LI6s/jMActWUnUosxXbm3zGhwKrCCz9/1h5u2AZAAOnFzqLOWVcd1zvbT9y
aqyPANg2SsnV9Teph31n8dcerxrN7C+CgXrPms8W7O7q9oj/AHE=
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:44:52 2024 by rpki-client on console-fra.rpki-client.org