Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/E19826A0EAA511EBA4C1F32CC4F9AE02.roa
File: E19826A0EAA511EBA4C1F32CC4F9AE02.roa (raw, json)
Hash identifier: gYJqe1joyytxkN1ZytJH28Ehz1uUP2ymtDRMZmWEPps=
Subject key identifier: 91:AE:62:3A:5F:E3:01:4F:1C:F0:92:4B:48:12:56:AF:B6:52:7A:0E
Certificate issuer: /CN=A9146207/serialNumber=897E02CCD8EB4039A783D02379C55FEE9F0CEE59
Certificate serial: 06F6
Authority key identifier: 89:7E:02:CC:D8:EB:40:39:A7:83:D0:23:79:C5:5F:EE:9F:0C:EE:59
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/E19826A0EAA511EBA4C1F32CC4F9AE02.roa
Signing time: Wed 14 Feb 2024 08:02:34 +0000
ROA not before: Wed 14 Feb 2024 08:02:34 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 132199
IP address blocks: 64.224.96.0/21 maxlen: 21
64.224.104.0/22 maxlen: 22
64.224.108.0/22 maxlen: 22
64.224.112.0/21 maxlen: 21
64.224.120.0/21 maxlen: 21
64.224.128.0/22 maxlen: 22
64.224.132.0/22 maxlen: 22
64.224.136.0/21 maxlen: 21
158.62.0.0/21 maxlen: 21
158.62.8.0/22 maxlen: 22
158.62.16.0/21 maxlen: 21
158.62.24.0/22 maxlen: 22
158.62.32.0/21 maxlen: 21
158.62.32.0/22 maxlen: 22
158.62.36.0/23 maxlen: 23
158.62.38.0/23 maxlen: 23
158.62.40.0/22 maxlen: 22
158.62.48.0/21 maxlen: 21
158.62.56.0/23 maxlen: 23
158.62.62.0/23 maxlen: 23
158.62.64.0/22 maxlen: 22
158.62.68.0/23 maxlen: 23
158.62.70.0/23 maxlen: 23
158.62.72.0/23 maxlen: 23
158.62.74.0/23 maxlen: 23
158.62.76.0/22 maxlen: 22
158.62.80.0/23 maxlen: 23
158.62.82.0/23 maxlen: 23
158.62.84.0/24 maxlen: 24
158.62.86.0/23 maxlen: 23
158.62.88.0/22 maxlen: 22
158.62.92.0/22 maxlen: 22
158.62.96.0/22 maxlen: 22
158.62.100.0/23 maxlen: 23
158.62.108.0/22 maxlen: 22
158.62.112.0/22 maxlen: 22
158.62.116.0/23 maxlen: 23
158.62.118.0/24 maxlen: 24
158.62.119.0/24 maxlen: 24
158.62.120.0/22 maxlen: 22
158.62.124.0/22 maxlen: 22
216.247.0.0/22 maxlen: 22
216.247.4.0/23 maxlen: 23
216.247.6.0/23 maxlen: 23
216.247.8.0/22 maxlen: 22
216.247.12.0/23 maxlen: 23
216.247.14.0/23 maxlen: 23
216.247.16.0/22 maxlen: 22
216.247.20.0/22 maxlen: 22
216.247.24.0/22 maxlen: 22
216.247.28.0/23 maxlen: 23
216.247.30.0/23 maxlen: 23
216.247.32.0/22 maxlen: 22
216.247.36.0/22 maxlen: 22
216.247.40.0/23 maxlen: 23
216.247.42.0/23 maxlen: 23
216.247.44.0/22 maxlen: 22
216.247.48.0/22 maxlen: 22
216.247.52.0/23 maxlen: 23
216.247.54.0/23 maxlen: 23
216.247.56.0/22 maxlen: 22
216.247.60.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.crl
rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 15:56:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1782 (0x6f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146207/serialNumber=897E02CCD8EB4039A783D02379C55FEE9F0CEE59
Validity
Not Before: Feb 14 08:02:34 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65cc739a-d9a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:62:10:21:63:51:1f:09:87:5f:a8:e5:9c:be:
dc:e0:57:6b:42:74:aa:b2:1c:4b:e2:b3:39:e8:09:
33:74:e2:fe:a7:c4:e6:d8:19:bd:9b:86:b1:ee:73:
a6:1b:6d:83:6f:c3:53:dc:e8:ea:a7:98:f6:56:87:
f0:bc:2f:ab:02:01:55:7a:46:5f:70:f7:62:b1:3c:
fe:73:b3:68:26:bc:d2:e9:7c:b5:98:72:79:2b:6f:
ee:31:11:05:0e:e7:9e:fa:4d:af:a2:ae:c0:af:ee:
54:c9:94:99:29:7f:7b:36:be:bb:2c:4e:a9:d0:4e:
5b:3f:a0:f6:e3:6e:a0:62:44:3e:e0:b7:bd:94:70:
2e:4d:f7:3d:94:d0:a8:52:5f:8d:d8:fd:3b:3a:ec:
0b:d5:2b:2f:7a:86:65:25:a8:75:82:dd:b5:1b:5d:
8d:3f:d2:fa:ed:bf:db:05:1c:6e:11:3a:eb:7b:b8:
f4:69:f1:21:16:c9:62:5b:c8:00:3d:65:89:25:b9:
e0:5e:57:64:a9:44:b7:d9:b0:04:cb:f5:42:72:0f:
a3:aa:e5:05:99:e0:8b:7e:97:83:5d:c5:46:32:02:
b6:5a:41:c3:93:13:ac:09:b8:46:2a:36:12:66:bd:
cb:0b:ca:f6:0f:e4:c4:b3:8b:95:84:85:f2:78:7e:
0e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:AE:62:3A:5F:E3:01:4F:1C:F0:92:4B:48:12:56:AF:B6:52:7A:0E
X509v3 Authority Key Identifier:
keyid:89:7E:02:CC:D8:EB:40:39:A7:83:D0:23:79:C5:5F:EE:9F:0C:EE:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/E19826A0EAA511EBA4C1F32CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.224.96.0-64.224.143.255
158.62.0.0-158.62.11.255
158.62.16.0-158.62.27.255
158.62.32.0-158.62.43.255
158.62.48.0-158.62.57.255
158.62.62.0-158.62.84.255
158.62.86.0-158.62.101.255
158.62.108.0-158.62.127.255
216.247.0.0/18
Signature Algorithm: sha256WithRSAEncryption
1a:ac:ee:67:b2:f8:1c:0f:31:b9:9e:55:03:f2:47:4c:27:5f:
c2:a6:b5:22:8a:58:1c:e2:91:9b:5f:62:0b:71:58:7e:c4:c6:
68:de:c9:d0:aa:34:ac:a0:d3:32:8d:e7:4b:19:7a:96:51:7c:
fd:61:71:e1:4b:24:35:93:e5:61:ea:3a:e1:94:a0:7a:e4:e0:
86:80:23:a9:03:bc:b7:c9:75:f7:59:59:75:2a:30:32:c2:fa:
f8:ab:0b:c3:5c:47:d5:ed:1d:6b:01:21:b4:dc:c6:b2:f6:f4:
08:a5:84:7d:0a:03:9f:5f:c9:82:1a:50:53:c3:0a:1f:c8:73:
e8:18:27:da:cd:fa:03:c0:d7:f9:92:81:43:5f:a8:5f:c0:75:
be:2e:2e:7c:89:f9:c3:2e:0a:16:d9:96:bc:2f:1f:15:66:ce:
5b:da:23:ed:57:47:24:22:dc:6b:97:c8:2a:64:2a:ce:aa:c9:
b0:aa:8e:35:6e:13:de:3d:9e:e8:72:50:46:a6:0b:e9:06:83:
2c:8c:14:97:4c:95:8d:0c:73:13:7c:be:e8:04:d0:0c:4c:b2:
b0:be:3b:b5:36:b9:60:4a:73:40:17:81:3a:08:fb:78:64:d9:
e1:66:5c:aa:bc:45:28:4c:e9:ed:1d:6f:db:90:c6:30:b1:21:
cb:ed:2e:8f
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgICBvYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDYyMDcxMTAvBgNVBAUTKDg5N0UwMkNDRDhFQjQwMzlBNzgzRDAyMzc5QzU1RkVF
OUYwQ0VFNTkwHhcNMjQwMjE0MDgwMjM0WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWNjNzM5YS1kOWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr2IQIWNRHwmHX6jlnL7c4FdrQnSqshxL4rM56AkzdOL+p8Tm2Bm9m4ax7nOm
G22Db8NT3Ojqp5j2VofwvC+rAgFVekZfcPdisTz+c7NoJrzS6Xy1mHJ5K2/uMREF
Duee+k2voq7Ar+5UyZSZKX97Nr67LE6p0E5bP6D2426gYkQ+4Le9lHAuTfc9lNCo
Ul+N2P07OuwL1SsveoZlJah1gt21G12NP9L67b/bBRxuETrre7j0afEhFsliW8gA
PWWJJbngXldkqUS32bAEy/VCcg+jquUFmeCLfpeDXcVGMgK2WkHDkxOsCbhGKjYS
Zr3LC8r2D+TEs4uVhIXyeH4OYwIDAQABo4IDBTCCAwEwHQYDVR0OBBYEFJGuYjpf
4wFPHPCSS0gSVq+2UnoOMB8GA1UdIwQYMBaAFIl+AszY60A5p4PQI3nFX+6fDO5Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NjIwNy84QzY4QjlBMjA5
ODExMUVCOUQ0NjFCMzBDNEY5QUUwMi9pWDRDek5qclFEbW5nOUFqZWNWZjdwOE03
bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lYNEN6TmpyUURtbmc5QWplY1ZmN3A4TTdsay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDYyMDcvOEM2OEI5QTIwOTgxMTFFQjlENDYxQjMwQzRGOUFFMDIvRTE5ODI2QTBF
QUE1MTFFQkE0QzFGMzJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgY4GCCsGAQUFBwEHAQH/
BH8wfTB7BAIAATB1MAwDBAVA4GADBARA4IAwCwMDAZ4+AwQCnj4IMAwDBASePhAD
BAKePhgwDAMEBZ4+IAMEAp4+KDAMAwQEnj4wAwQBnj44MAwDBAGePj4DBACePlQw
DAMEAZ4+VgMEAZ4+ZDAMAwQCnj5sAwQHnj4AAwQG2PcAMA0GCSqGSIb3DQEBCwUA
A4IBAQAarO5nsvgcDzG5nlUD8kdMJ1/CprUiilgc4pGbX2ILcVh+xMZo3snQqjSs
oNMyjedLGXqWUXz9YXHhSyQ1k+Vh6jrhlKB65OCGgCOpA7y3yXX3WVl1KjAywvr4
qwvDXEfV7R1rASG03May9vQIpYR9CgOfX8mCGlBTwwofyHPoGCfazfoDwNf5koFD
X6hfwHW+Li58ifnDLgoW2Za8Lx8VZs5b2iPtV0ckItxrl8gqZCrOqsmwqo41bhPe
PZ7oclBGpgvpBoMsjBSXTJWNDHMTfL7oBNAMTLKwvju1NrlgSnNAF4E6CPt4ZNnh
ZlyqvEUoTOntHW/bkMYwsSHL7S6P
-----END CERTIFICATE-----
Generated at Thu May 16 18:26:03 2024 by rpki-client on console-fra.rpki-client.org