Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4DEF33661FBE11EF97E7974FC4F9AE02.roa
File: 4DEF33661FBE11EF97E7974FC4F9AE02.roa (raw, json)
Hash identifier: DBXLndsOKz/JGWD1lShqIEDWlyFNXi5Vc/FZVBzH7Fk=
Subject key identifier: 20:2B:D8:61:49:CA:B2:94:33:D5:45:AB:02:90:D0:24:5D:E2:E7:E0
Certificate issuer: /CN=A9148D01/serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Certificate serial: 0605
Authority key identifier: 7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4DEF33661FBE11EF97E7974FC4F9AE02.roa
Signing time: Mon 03 Jun 2024 01:55:15 +0000
ROA not before: Mon 03 Jun 2024 01:55:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17762
IP address blocks: 49.248.0.0/17 maxlen: 21
49.248.0.0/18 maxlen: 24
49.248.64.0/19 maxlen: 24
49.248.96.0/22 maxlen: 22
49.248.96.0/23 maxlen: 24
49.248.104.0/21 maxlen: 24
49.248.112.0/20 maxlen: 23
49.248.112.0/21 maxlen: 24
49.248.120.0/22 maxlen: 24
49.248.124.0/23 maxlen: 24
49.248.126.0/24 maxlen: 24
49.248.128.0/18 maxlen: 18
49.248.128.0/21 maxlen: 23
49.248.129.0/24 maxlen: 24
49.248.135.0/24 maxlen: 24
49.248.136.0/21 maxlen: 23
49.248.136.0/24 maxlen: 24
49.248.138.0/23 maxlen: 24
49.248.140.0/22 maxlen: 24
49.248.144.0/22 maxlen: 24
49.248.148.0/23 maxlen: 24
49.248.151.0/24 maxlen: 24
49.248.152.0/21 maxlen: 24
49.248.160.0/19 maxlen: 24
49.248.192.0/19 maxlen: 24
49.248.246.0/23 maxlen: 24
49.248.248.0/21 maxlen: 24
103.3.40.0/24 maxlen: 24
103.3.41.0/24 maxlen: 24
103.3.43.0/24 maxlen: 24
103.8.148.0/22 maxlen: 24
114.143.0.0/16 maxlen: 24
123.252.128.0/18 maxlen: 21
123.252.128.0/22 maxlen: 22
123.252.128.0/23 maxlen: 24
123.252.131.0/24 maxlen: 24
123.252.133.0/24 maxlen: 24
123.252.134.0/23 maxlen: 24
123.252.136.0/21 maxlen: 22
123.252.136.0/23 maxlen: 24
123.252.138.0/24 maxlen: 24
123.252.140.0/22 maxlen: 24
123.252.144.0/20 maxlen: 24
123.252.160.0/19 maxlen: 24
123.252.192.0/18 maxlen: 24
202.149.192.0/19 maxlen: 19
202.149.192.0/22 maxlen: 22
202.149.192.0/24 maxlen: 24
202.149.193.0/24 maxlen: 24
202.149.196.0/24 maxlen: 24
202.149.198.0/24 maxlen: 24
202.149.199.0/24 maxlen: 24
202.149.201.0/24 maxlen: 24
202.149.202.0/24 maxlen: 24
202.149.203.0/24 maxlen: 24
202.149.204.0/22 maxlen: 22
202.149.204.0/23 maxlen: 23
202.149.207.0/24 maxlen: 24
202.149.210.0/24 maxlen: 24
202.149.212.0/22 maxlen: 22
202.149.214.0/24 maxlen: 24
202.149.217.0/24 maxlen: 24
202.149.218.0/24 maxlen: 24
202.149.219.0/24 maxlen: 24
202.149.220.0/22 maxlen: 22
202.149.222.0/23 maxlen: 23
202.149.222.0/24 maxlen: 24
202.149.223.0/24 maxlen: 24
202.189.224.0/19 maxlen: 24
2402:d400::/32 maxlen: 32
2402:d400::/44 maxlen: 48
2402:d400:40::/48 maxlen: 48
2402:d400:41::/48 maxlen: 48
2402:d400:fa00::/44 maxlen: 48
2402:d400:fa10::/44 maxlen: 48
2402:d400:fa20::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 20:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1541 (0x605)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148D01/serialNumber=7E36AB1C044321B74CF678263E0524FD34179BBD
Validity
Not Before: Jun 3 01:55:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=665d2282-2c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7c:c4:0e:1d:e1:77:d7:1c:6e:b8:21:b5:71:
3a:20:70:80:b0:1e:ff:d2:51:31:56:43:00:86:05:
76:c4:49:03:2b:e4:09:df:ab:cd:6a:61:1d:ca:bb:
bd:17:4b:99:ce:db:95:5c:98:9e:db:d9:9b:3a:1a:
09:52:3f:48:0b:74:e3:0f:eb:46:0a:a6:02:c4:b7:
83:fb:69:9c:58:89:11:b4:1c:a1:d7:17:65:f9:f0:
ac:03:e8:f7:ba:9d:db:4a:f8:5d:b7:f6:dc:b4:bc:
f0:4d:46:48:14:4d:71:34:fe:d3:2e:96:6a:12:e8:
73:b3:06:96:fe:81:33:b2:63:57:4f:7e:ea:fa:34:
b1:3c:60:93:f7:00:11:99:d1:e4:77:6e:a6:c8:3f:
ea:96:12:aa:8b:4b:91:cf:18:d7:62:b7:ca:b4:c8:
ac:e1:46:f2:5e:93:cd:a1:5e:19:e7:6f:19:12:7c:
6c:a3:8d:61:a5:0d:41:cc:78:8e:18:d0:5f:ee:e5:
c7:4e:49:9e:22:fd:71:f4:f4:8b:24:a4:22:51:bd:
e5:86:a2:fa:3f:db:18:e8:01:64:f1:b6:58:2d:bd:
2e:ba:68:6e:38:83:b5:77:04:07:c2:51:09:f7:d8:
d0:52:9d:02:ad:5f:1f:00:7e:0b:4f:2e:10:86:c8:
fa:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2B:D8:61:49:CA:B2:94:33:D5:45:AB:02:90:D0:24:5D:E2:E7:E0
X509v3 Authority Key Identifier:
keyid:7E:36:AB:1C:04:43:21:B7:4C:F6:78:26:3E:05:24:FD:34:17:9B:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/fjarHARDIbdM9ngmPgUk_TQXm70.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fjarHARDIbdM9ngmPgUk_TQXm70.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D01/E92519FA990B11EBA355CB53C4F9AE02/4DEF33661FBE11EF97E7974FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.248.0.0-49.248.223.255
49.248.246.0-49.248.255.255
103.3.40.0/23
103.3.43.0/24
103.8.148.0/22
114.143.0.0/16
123.252.128.0/17
202.149.192.0/19
202.189.224.0/19
IPv6:
2402:d400::/32
Signature Algorithm: sha256WithRSAEncryption
2d:85:f2:37:37:87:30:d4:53:1f:78:69:e0:03:11:fa:da:48:
84:07:4f:b4:94:e7:d6:7f:9c:ce:f0:db:04:68:4c:6e:cc:66:
f9:18:72:7d:b1:05:11:88:41:55:0a:7d:68:cb:8c:14:cd:5c:
98:de:e9:1e:c8:6d:7b:f5:17:13:98:e3:7d:0a:a2:c4:71:c8:
e8:11:ed:47:7c:88:ee:a4:0c:75:7c:6d:be:f6:77:cf:1f:0b:
b7:1f:cb:e3:81:b9:41:1b:09:c6:dc:ae:34:ba:57:b3:9a:a9:
a9:9b:83:58:d6:8a:26:48:48:0b:73:4e:80:73:54:71:dd:1f:
2f:9d:0a:02:1a:bb:60:0b:16:23:90:30:4f:cb:2c:fa:ac:1d:
26:01:59:89:a0:f5:6b:6b:b4:25:a1:e6:5e:c8:15:54:96:33:
23:db:0f:6e:14:6f:40:fb:0b:f4:63:03:ac:62:61:2f:51:47:
39:53:db:38:87:76:21:26:63:b1:0a:e9:99:76:dd:bd:86:d3:
80:1b:cb:bf:6b:a7:0d:18:18:49:25:a7:78:18:25:17:fd:1b:
c4:01:22:2f:d3:e2:28:66:65:c3:d2:2d:bc:81:c2:4b:29:01:
af:9b:a5:85:71:0d:12:e9:b4:55:2f:93:e3:20:ae:3a:ed:30:
cb:1e:81:62
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICBgUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhEMDExMTAvBgNVBAUTKDdFMzZBQjFDMDQ0MzIxQjc0Q0Y2NzgyNjNFMDUyNEZE
MzQxNzlCQkQwHhcNMjQwNjAzMDE1NTE0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVkMjI4Mi0yYzcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzXzEDh3hd9ccbrghtXE6IHCAsB7/0lExVkMAhgV2xEkDK+QJ36vNamEdyru9
F0uZztuVXJie29mbOhoJUj9IC3TjD+tGCqYCxLeD+2mcWIkRtByh1xdl+fCsA+j3
up3bSvhdt/bctLzwTUZIFE1xNP7TLpZqEuhzswaW/oEzsmNXT37q+jSxPGCT9wAR
mdHkd26myD/qlhKqi0uRzxjXYrfKtMis4UbyXpPNoV4Z528ZEnxso41hpQ1BzHiO
GNBf7uXHTkmeIv1x9PSLJKQiUb3lhqL6P9sY6AFk8bZYLb0uumhuOIO1dwQHwlEJ
99jQUp0CrV8fAH4LTy4Qhsj6owIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFCAr2GFJ
yrKUM9VFqwKQ0CRd4ufgMB8GA1UdIwQYMBaAFH42qxwEQyG3TPZ4Jj4FJP00F5u9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQwMS9FOTI1MTlGQTk5
MEIxMUVCQTM1NUNCNTNDNEY5QUUwMi9mamFySEFSREliZE05bmdtUGdVa19UUVht
NzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZqYXJIQVJESWJkTTluZ21QZ1VrX1RRWG03MC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhEMDEvRTkyNTE5RkE5OTBCMTFFQkEzNTVDQjUzQzRGOUFFMDIvNERFRjMzNjYx
RkJFMTFFRjk3RTc5NzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMEkEAgABMEMwCwMDAzH4AwQFMfjAMAsDBAEx+PYDAwAx+AMEAWcDKAMEAGcD
KwMEAmcIlAMDAHKPAwQHe/yAAwQFypXAAwQFyr3gMA0EAgACMAcDBQAkAtQAMA0G
CSqGSIb3DQEBCwUAA4IBAQAthfI3N4cw1FMfeGngAxH62kiEB0+0lOfWf5zO8NsE
aExuzGb5GHJ9sQURiEFVCn1oy4wUzVyY3ukeyG179RcTmON9CqLEccjoEe1HfIju
pAx1fG2+9nfPHwu3H8vjgblBGwnG3K40ulezmqmpm4NY1oomSEgLc06Ac1Rx3R8v
nQoCGrtgCxYjkDBPyyz6rB0mAVmJoPVra7QloeZeyBVUljMj2w9uFG9A+wv0YwOs
YmEvUUc5U9s4h3YhJmOxCumZdt29htOAG8u/a6cNGBhJJad4GCUX/RvEASIv0+Io
ZmXD0i28gcJLKQGvm6WFcQ0S6bRVL5PjIK467TDLHoFi
-----END CERTIFICATE-----
Generated at Thu Nov 21 00:21:20 2024 by rpki-client on console-fra.rpki-client.org