Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/0CC38EEC80E711EBB8CFF825C4F9AE02.roa
File: 0CC38EEC80E711EBB8CFF825C4F9AE02.roa (raw, json)
Hash identifier: pT4OFb0Ut3O3WHsP00oq6WU/Xt3BvFk/JWRe+d3rVAY=
Subject key identifier: 02:48:EF:7A:18:00:6C:58:9D:E9:5C:26:E1:FD:B6:FB:7C:D5:FF:AD
Certificate issuer: /CN=A9146207/serialNumber=897E02CCD8EB4039A783D02379C55FEE9F0CEE59
Certificate serial: 06F3
Authority key identifier: 89:7E:02:CC:D8:EB:40:39:A7:83:D0:23:79:C5:5F:EE:9F:0C:EE:59
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/0CC38EEC80E711EBB8CFF825C4F9AE02.roa
Signing time: Wed 14 Feb 2024 07:36:51 +0000
ROA not before: Wed 14 Feb 2024 07:36:51 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 4775
IP address blocks: 64.224.21.0/24 maxlen: 24
64.224.96.0/19 maxlen: 19
64.224.128.0/20 maxlen: 20
64.226.56.0/21 maxlen: 21
64.226.56.0/24 maxlen: 24
64.226.57.0/24 maxlen: 24
64.226.58.0/24 maxlen: 24
64.226.59.0/24 maxlen: 24
64.226.60.0/24 maxlen: 24
64.226.61.0/24 maxlen: 24
64.226.62.0/24 maxlen: 24
64.226.63.0/24 maxlen: 24
138.84.64.0/18 maxlen: 18
138.84.128.0/19 maxlen: 19
138.84.192.0/21 maxlen: 21
147.185.169.0/24 maxlen: 24
158.62.0.0/17 maxlen: 17
158.62.106.0/24 maxlen: 24
209.35.160.0/20 maxlen: 20
209.35.160.0/24 maxlen: 24
209.35.161.0/24 maxlen: 24
209.35.162.0/24 maxlen: 24
209.35.163.0/24 maxlen: 24
209.35.164.0/24 maxlen: 24
209.35.165.0/24 maxlen: 24
209.35.166.0/24 maxlen: 24
209.35.167.0/24 maxlen: 24
209.35.169.0/24 maxlen: 24
209.35.170.0/24 maxlen: 24
209.35.171.0/24 maxlen: 24
209.35.172.0/24 maxlen: 24
209.35.173.0/24 maxlen: 24
209.35.174.0/24 maxlen: 24
216.247.0.0/18 maxlen: 18
216.247.80.0/20 maxlen: 20
216.247.80.0/24 maxlen: 24
216.247.81.0/24 maxlen: 24
216.247.82.0/24 maxlen: 24
216.247.83.0/24 maxlen: 24
216.247.84.0/24 maxlen: 24
216.247.85.0/24 maxlen: 24
216.247.86.0/24 maxlen: 24
216.247.87.0/24 maxlen: 24
216.247.88.0/24 maxlen: 24
216.247.89.0/24 maxlen: 24
216.247.90.0/24 maxlen: 24
216.247.91.0/24 maxlen: 24
216.247.92.0/24 maxlen: 24
216.247.93.0/24 maxlen: 24
216.247.94.0/24 maxlen: 24
216.247.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.crl
rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 15:56:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1779 (0x6f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146207/serialNumber=897E02CCD8EB4039A783D02379C55FEE9F0CEE59
Validity
Not Before: Feb 14 07:36:51 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65cc6d92-278b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:81:a9:69:49:2b:d5:d4:95:88:9e:e0:30:fc:
95:fd:c7:47:35:a9:5e:e0:33:c8:e6:88:23:c0:d1:
7e:82:85:07:49:02:eb:39:2e:5c:89:ff:d7:92:8d:
37:18:fb:2c:d4:eb:0e:d2:89:22:0d:04:78:1f:f3:
47:f8:43:90:13:9d:8e:d6:b1:a7:23:f4:53:1d:24:
41:50:e7:e0:29:52:c1:d9:0e:bb:7c:77:5b:7d:08:
6c:49:88:06:4f:c7:98:ec:cd:20:26:30:0e:bf:79:
bb:44:93:9a:bb:6c:70:81:f2:de:88:b8:8a:c2:62:
e3:5e:96:b4:0e:8b:0e:92:53:05:dc:26:8f:ab:e5:
7a:8e:17:bd:ca:f3:87:0d:9b:ea:82:ab:01:8f:2d:
5d:37:46:4d:42:55:88:61:33:ad:1a:8d:61:a0:13:
0c:a9:ec:eb:9e:50:08:2e:f0:56:8d:e2:e9:61:7c:
3f:61:5a:74:a4:9b:e1:22:8d:e1:f6:f2:e6:c1:e7:
54:6a:ad:99:14:7e:90:83:0a:82:59:8e:a5:f3:2d:
bc:da:2d:30:41:c8:eb:57:60:75:98:47:93:f5:01:
af:5c:dd:58:4f:fd:ba:c2:e5:9e:9b:d5:1f:cf:cb:
ab:28:5b:8b:00:b8:14:ef:04:67:82:32:3c:68:80:
ec:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:48:EF:7A:18:00:6C:58:9D:E9:5C:26:E1:FD:B6:FB:7C:D5:FF:AD
X509v3 Authority Key Identifier:
keyid:89:7E:02:CC:D8:EB:40:39:A7:83:D0:23:79:C5:5F:EE:9F:0C:EE:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/0CC38EEC80E711EBB8CFF825C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.224.21.0/24
64.224.96.0-64.224.143.255
64.226.56.0/21
138.84.64.0-138.84.159.255
138.84.192.0/21
147.185.169.0/24
158.62.0.0/17
209.35.160.0/20
216.247.0.0/18
216.247.80.0/20
Signature Algorithm: sha256WithRSAEncryption
c6:40:f2:e6:c3:94:c6:78:dd:f1:cc:4e:d4:6b:88:a9:59:92:
57:1a:05:88:13:54:30:ce:6a:4c:4e:ea:8e:4c:a4:b6:c3:a8:
2b:e6:0c:8f:d0:47:ab:5d:ed:a5:0e:9d:e4:1c:22:c4:32:2c:
b0:61:88:48:50:c6:9a:bc:38:0b:4a:09:30:97:cd:b4:86:6b:
46:ee:01:b4:98:3a:1d:c3:28:82:59:a1:1a:49:9c:1f:62:4d:
d8:ee:ab:ac:d3:db:9d:1c:0e:f0:51:f2:54:71:ce:d0:ec:00:
6f:6a:d8:95:95:fb:09:d9:6c:4e:c0:fd:77:c8:d3:e2:f8:96:
c5:fe:fd:88:8e:dc:77:07:4c:90:ee:dc:ea:a6:a6:e5:e0:78:
d6:41:1a:cb:51:5a:3e:07:a1:70:2f:e0:6a:9d:ab:db:a2:65:
71:7d:b9:aa:1f:13:73:a9:98:2b:bb:3a:a4:97:b7:1f:01:b9:
ad:85:b7:5a:89:4e:16:b9:fd:e5:5b:2a:d5:a5:f4:80:58:5e:
f0:bc:e1:77:e9:bb:9b:ab:5a:03:58:67:16:05:df:9f:8e:d6:
c6:d6:8a:d8:68:da:59:58:64:ef:9d:cf:54:29:f8:1d:bb:ee:
1f:cd:55:91:51:32:c4:0f:8a:65:87:6e:7e:5a:e8:ea:ab:71:
42:dc:3b:a9
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgICBvMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDYyMDcxMTAvBgNVBAUTKDg5N0UwMkNDRDhFQjQwMzlBNzgzRDAyMzc5QzU1RkVF
OUYwQ0VFNTkwHhcNMjQwMjE0MDczNjUxWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWNjNmQ5Mi0yNzhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA14GpaUkr1dSViJ7gMPyV/cdHNale4DPI5ogjwNF+goUHSQLrOS5cif/Xko03
GPss1OsO0okiDQR4H/NH+EOQE52O1rGnI/RTHSRBUOfgKVLB2Q67fHdbfQhsSYgG
T8eY7M0gJjAOv3m7RJOau2xwgfLeiLiKwmLjXpa0DosOklMF3CaPq+V6jhe9yvOH
DZvqgqsBjy1dN0ZNQlWIYTOtGo1hoBMMqezrnlAILvBWjeLpYXw/YVp0pJvhIo3h
9vLmwedUaq2ZFH6QgwqCWY6l8y282i0wQcjrV2B1mEeT9QGvXN1YT/26wuWem9Uf
z8urKFuLALgU7wRngjI8aIDsxwIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFAJI73oY
AGxYnelcJuH9tvt81f+tMB8GA1UdIwQYMBaAFIl+AszY60A5p4PQI3nFX+6fDO5Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NjIwNy84QzY4QjlBMjA5
ODExMUVCOUQ0NjFCMzBDNEY5QUUwMi9pWDRDek5qclFEbW5nOUFqZWNWZjdwOE03
bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lYNEN6TmpyUURtbmc5QWplY1ZmN3A4TTdsay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDYyMDcvOEM2OEI5QTIwOTgxMTFFQjlENDYxQjMwQzRGOUFFMDIvMENDMzhFRUM4
MEU3MTFFQkI4Q0ZGODI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZQYIKwYBBQUHAQcBAf8E
VjBUMFIEAgABMEwDBABA4BUwDAMEBUDgYAMEBEDggAMEA0DiODAMAwQGilRAAwQF
ilSAAwQDilTAAwQAk7mpAwQHnj4AAwQE0SOgAwQG2PcAAwQE2PdQMA0GCSqGSIb3
DQEBCwUAA4IBAQDGQPLmw5TGeN3xzE7Ua4ipWZJXGgWIE1QwzmpMTuqOTKS2w6gr
5gyP0EerXe2lDp3kHCLEMiywYYhIUMaavDgLSgkwl820hmtG7gG0mDodwyiCWaEa
SZwfYk3Y7qus09udHA7wUfJUcc7Q7ABvatiVlfsJ2WxOwP13yNPi+JbF/v2Ijtx3
B0yQ7tzqpqbl4HjWQRrLUVo+B6FwL+BqnavbomVxfbmqHxNzqZgruzqkl7cfAbmt
hbdaiU4Wuf3lWyrVpfSAWF7wvOF36bubq1oDWGcWBd+fjtbG1orYaNpZWGTvnc9U
Kfgdu+4fzVWRUTLED4plh25+Wujqq3FC3Dup
-----END CERTIFICATE-----
Generated at Thu May 16 17:51:19 2024 by rpki-client on console-ams.rpki-client.org