Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9145519/A2FC3264E45C11E68CEDFA3EC4F9AE02/7814B330E45E11E681F82341C4F9AE02.roa
File: 7814B330E45E11E681F82341C4F9AE02.roa (raw, json)
Hash identifier: QPa3xeVaCwoPo7TKjfKmtybRDsW4cHxsvq14yH39kTE=
Subject key identifier: F8:6F:53:39:AF:9F:B5:C1:69:81:77:39:3A:84:E9:8C:E9:42:19:E8
Certificate issuer: /CN=A9145519/serialNumber=6FE6B33EA87390660B46B111DAD57D606F2FEE24
Certificate serial: 1B85
Authority key identifier: 6F:E6:B3:3E:A8:73:90:66:0B:46:B1:11:DA:D5:7D:60:6F:2F:EE:24
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b-azPqhzkGYLRrER2tV9YG8v7iQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9145519/A2FC3264E45C11E68CEDFA3EC4F9AE02/7814B330E45E11E681F82341C4F9AE02.roa
Signing time: Tue 12 Mar 2024 02:49:52 +0000
ROA not before: Tue 12 Mar 2024 02:49:52 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 132167
IP address blocks: 69.160.0.0/24 maxlen: 24
69.160.1.0/24 maxlen: 24
69.160.2.0/24 maxlen: 24
69.160.3.0/24 maxlen: 24
69.160.4.0/24 maxlen: 24
69.160.5.0/24 maxlen: 24
69.160.6.0/24 maxlen: 24
69.160.7.0/24 maxlen: 24
69.160.8.0/24 maxlen: 24
69.160.9.0/24 maxlen: 24
69.160.10.0/24 maxlen: 24
69.160.11.0/24 maxlen: 24
69.160.13.0/24 maxlen: 24
69.160.14.0/24 maxlen: 24
69.160.16.0/24 maxlen: 24
69.160.17.0/24 maxlen: 24
69.160.18.0/24 maxlen: 24
69.160.19.0/24 maxlen: 24
69.160.20.0/24 maxlen: 24
69.160.21.0/24 maxlen: 24
69.160.22.0/24 maxlen: 24
69.160.23.0/24 maxlen: 24
69.160.24.0/24 maxlen: 24
69.160.25.0/24 maxlen: 24
69.160.26.0/24 maxlen: 24
69.160.27.0/24 maxlen: 24
69.160.28.0/24 maxlen: 24
69.160.29.0/24 maxlen: 24
69.160.30.0/24 maxlen: 24
69.160.31.0/24 maxlen: 24
74.50.208.0/21 maxlen: 21
74.50.208.0/24 maxlen: 24
74.50.209.0/24 maxlen: 24
74.50.210.0/24 maxlen: 24
74.50.211.0/24 maxlen: 24
74.50.212.0/24 maxlen: 24
74.50.213.0/24 maxlen: 24
74.50.214.0/24 maxlen: 24
74.50.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9145519/A2FC3264E45C11E68CEDFA3EC4F9AE02/b-azPqhzkGYLRrER2tV9YG8v7iQ.crl
rsync://rpki.apnic.net/member_repository/A9145519/A2FC3264E45C11E68CEDFA3EC4F9AE02/b-azPqhzkGYLRrER2tV9YG8v7iQ.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b-azPqhzkGYLRrER2tV9YG8v7iQ.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 14:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7045 (0x1b85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9145519/serialNumber=6FE6B33EA87390660B46B111DAD57D606F2FEE24
Validity
Not Before: Mar 12 02:49:52 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65efc2cf-df39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:79:fa:7a:67:6b:cd:4e:d7:79:b1:34:78:66:
8c:de:6c:35:81:f5:03:5e:24:2a:b0:d1:ca:4a:71:
27:c7:7d:51:ab:b0:bc:c4:39:e5:6d:a4:e5:93:ee:
ea:ce:44:75:6e:d0:85:ef:b0:dc:6a:04:b0:6d:b5:
d7:71:6a:e3:fc:d8:00:3d:1f:a5:4d:c3:9b:3d:09:
3b:b5:b8:5a:63:8a:fb:e8:2d:47:f4:f4:a8:f6:7c:
30:e0:e9:aa:3c:47:b0:21:ca:e0:85:80:20:58:ca:
09:a7:af:7c:05:7d:6a:9a:2d:8d:dc:03:31:0d:ff:
9c:15:d2:45:2b:98:21:28:0d:36:f2:03:8f:b0:b6:
43:73:9b:c8:dd:94:25:d9:ff:1d:e2:3b:0f:91:2e:
e9:b6:40:56:17:29:88:87:82:0b:08:8a:5a:5d:39:
77:d1:19:7d:65:94:3a:5f:45:c4:c6:3b:06:b5:fd:
7c:ed:eb:de:46:b1:18:5b:74:fc:29:da:3e:90:de:
e5:eb:2a:aa:89:37:aa:8e:b2:f9:31:02:07:ad:68:
fa:9f:91:0a:d3:56:f0:e2:65:a5:f3:2f:6d:83:e3:
53:8f:8e:97:f4:a5:a0:49:10:c1:0c:f6:a4:5b:1f:
26:81:85:8e:65:17:d0:64:5b:b6:cc:42:31:bd:2c:
39:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:6F:53:39:AF:9F:B5:C1:69:81:77:39:3A:84:E9:8C:E9:42:19:E8
X509v3 Authority Key Identifier:
keyid:6F:E6:B3:3E:A8:73:90:66:0B:46:B1:11:DA:D5:7D:60:6F:2F:EE:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9145519/A2FC3264E45C11E68CEDFA3EC4F9AE02/b-azPqhzkGYLRrER2tV9YG8v7iQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b-azPqhzkGYLRrER2tV9YG8v7iQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145519/A2FC3264E45C11E68CEDFA3EC4F9AE02/7814B330E45E11E681F82341C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
69.160.0.0-69.160.11.255
69.160.13.0-69.160.14.255
69.160.16.0/20
74.50.208.0/21
Signature Algorithm: sha256WithRSAEncryption
32:ba:5e:7e:f7:21:df:bf:c8:d2:ab:51:1b:bf:f8:16:d5:c4:
41:cd:42:a1:3a:fe:8b:02:3f:df:d6:d0:f3:68:93:fe:c5:ac:
30:8d:0e:5a:b0:ef:d5:32:87:1e:3f:02:89:06:a7:bf:ff:9c:
b6:8f:40:33:d6:27:d6:96:c3:8a:35:ce:b4:f5:f2:11:f8:df:
3d:53:93:84:ff:cc:6a:28:45:84:91:c6:5e:d7:11:d0:89:d6:
5e:36:7a:1a:c0:4f:45:66:99:3c:82:d2:3e:52:48:92:ee:cb:
a4:e0:09:fd:f9:8a:c4:6d:2e:3b:85:71:f4:da:a7:d0:7c:31:
ae:62:81:ec:81:67:9e:04:97:4f:c1:48:26:c2:4b:9b:dc:d3:
21:f2:5d:11:e8:ea:01:03:2b:6e:9f:3e:5a:f4:7e:1d:25:28:
2e:51:47:0c:14:e3:07:b1:3b:14:bc:da:41:2e:7d:d5:bd:9b:
0b:33:9e:1a:4e:17:7c:46:ef:47:9a:28:1d:73:6c:b0:e1:94:
a7:dc:a3:4e:53:72:c2:db:dc:16:31:06:0d:c1:9b:95:b7:ad:
3b:6d:1e:77:93:f1:2f:ae:f4:48:5d:07:06:a4:7c:5c:c2:97:
18:9c:9c:23:ab:95:ce:c2:d9:06:58:04:79:93:24:fd:b7:c3:
b8:2c:d9:7d
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICG4UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU1MTkxMTAvBgNVBAUTKDZGRTZCMzNFQTg3MzkwNjYwQjQ2QjExMURBRDU3RDYw
NkYyRkVFMjQwHhcNMjQwMzEyMDI0OTUyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWVmYzJjZi1kZjM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzHn6emdrzU7XebE0eGaM3mw1gfUDXiQqsNHKSnEnx31Rq7C8xDnlbaTlk+7q
zkR1btCF77DcagSwbbXXcWrj/NgAPR+lTcObPQk7tbhaY4r76C1H9PSo9nww4Omq
PEewIcrghYAgWMoJp698BX1qmi2N3AMxDf+cFdJFK5ghKA028gOPsLZDc5vI3ZQl
2f8d4jsPkS7ptkBWFymIh4ILCIpaXTl30Rl9ZZQ6X0XExjsGtf187eveRrEYW3T8
Kdo+kN7l6yqqiTeqjrL5MQIHrWj6n5EK01bw4mWl8y9tg+NTj46X9KWgSRDBDPak
Wx8mgYWOZRfQZFu2zEIxvSw5KwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFPhvUzmv
n7XBaYF3OTqE6YzpQhnoMB8GA1UdIwQYMBaAFG/msz6oc5BmC0axEdrVfWBvL+4k
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTUxOS9BMkZDMzI2NEU0
NUMxMUU2OENFREZBM0VDNEY5QUUwMi9iLWF6UHFoemtHWUxSckVSMnRWOVlHOHY3
aVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2ItYXpQcWh6a0dZTFJyRVIydFY5WUc4djdpUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDU1MTkvQTJGQzMyNjRFNDVDMTFFNjhDRURGQTNFQzRGOUFFMDIvNzgxNEIzMzBF
NDVFMTFFNjgxRjgyMzQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMC0EAgABMCcwCwMDBUWgAwQCRaAIMAwDBABFoA0DBABFoA4DBARFoBADBANK
MtAwDQYJKoZIhvcNAQELBQADggEBADK6Xn73Id+/yNKrURu/+BbVxEHNQqE6/osC
P9/W0PNok/7FrDCNDlqw79Uyhx4/AokGp7//nLaPQDPWJ9aWw4o1zrT18hH43z1T
k4T/zGooRYSRxl7XEdCJ1l42ehrAT0VmmTyC0j5SSJLuy6TgCf35isRtLjuFcfTa
p9B8Ma5igeyBZ54El0/BSCbCS5vc0yHyXRHo6gEDK26fPlr0fh0lKC5RRwwU4wex
OxS82kEufdW9mwsznhpOF3xG70eaKB1zbLDhlKfco05TcsLb3BYxBg3Bm5W3rTtt
HneT8S+u9EhdBwakfFzClxicnCOrlc7C2QZYBHmTJP23w7gs2X0=
-----END CERTIFICATE-----
Generated at Fri May 31 17:44:23 2024 by rpki-client on console-fra.rpki-client.org