Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/FB4F0F9EF90011EDAEA1FC13C4F9AE02.roa
File: FB4F0F9EF90011EDAEA1FC13C4F9AE02.roa (raw, json)
Hash identifier: we93FrU41ilQVifSpk7RSN4XUbpm8hOan1YZqsaKAsA=
Subject key identifier: C4:E1:F0:7F:06:40:F2:48:D3:85:2F:9A:A7:2B:AA:B5:A0:25:8B:F4
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 34D2
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/FB4F0F9EF90011EDAEA1FC13C4F9AE02.roa
Signing time: Tue 26 Sep 2023 14:30:14 +0000
ROA not before: Tue 26 Sep 2023 14:30:14 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 10160
IP address blocks: 119.59.24.0/24 maxlen: 24
119.59.25.0/24 maxlen: 24
119.59.26.0/24 maxlen: 24
119.59.27.0/24 maxlen: 24
119.59.28.0/24 maxlen: 24
119.59.29.0/24 maxlen: 24
119.59.30.0/24 maxlen: 24
119.59.31.0/24 maxlen: 24
119.59.32.0/24 maxlen: 24
119.59.33.0/24 maxlen: 24
119.59.34.0/24 maxlen: 24
119.59.35.0/24 maxlen: 24
119.59.36.0/24 maxlen: 24
119.59.37.0/24 maxlen: 24
119.59.38.0/24 maxlen: 24
119.59.39.0/24 maxlen: 24
119.59.40.0/24 maxlen: 24
119.59.41.0/24 maxlen: 24
119.59.42.0/24 maxlen: 24
119.59.43.0/24 maxlen: 24
119.59.44.0/24 maxlen: 24
119.59.45.0/24 maxlen: 24
119.59.46.0/24 maxlen: 24
119.59.47.0/24 maxlen: 24
119.59.48.0/24 maxlen: 24
119.59.49.0/24 maxlen: 24
119.59.50.0/24 maxlen: 24
119.59.51.0/24 maxlen: 24
119.59.52.0/24 maxlen: 24
119.59.53.0/24 maxlen: 24
119.59.54.0/24 maxlen: 24
119.59.55.0/24 maxlen: 24
119.59.56.0/24 maxlen: 24
119.59.57.0/24 maxlen: 24
119.59.58.0/24 maxlen: 24
119.59.59.0/24 maxlen: 24
119.59.60.0/24 maxlen: 24
119.59.61.0/24 maxlen: 24
119.59.62.0/24 maxlen: 24
119.59.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:23:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13522 (0x34d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Validity
Not Before: Sep 26 14:30:14 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=6512eaf6-0f72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:93:a6:25:ff:1a:ef:45:d8:38:18:79:a2:ed:
e2:66:7b:11:38:97:0a:af:4c:51:b7:87:ae:82:13:
11:63:a5:72:98:d7:ed:f7:fd:a2:95:0e:d1:85:41:
ee:23:9b:22:d5:92:89:1c:f0:ad:3b:73:d4:44:31:
37:75:06:ff:de:c3:09:ff:24:e1:89:de:62:7d:aa:
77:1b:05:7f:43:ef:f3:13:dc:e6:39:13:e7:01:4e:
f7:e2:10:ef:d3:46:45:ad:62:19:b8:ac:19:fa:69:
e8:ea:98:60:e1:7d:08:f3:6a:da:a8:38:07:d0:da:
60:8e:63:d9:8d:c1:c1:84:8b:51:ab:1c:53:b6:1a:
2d:7e:67:65:06:b4:12:fa:bf:0d:02:25:65:e5:e7:
da:5a:6a:7a:ea:9b:ff:03:4b:65:94:bb:13:4d:98:
43:09:86:19:49:0a:1c:e9:78:ab:ad:19:95:bb:8b:
aa:98:88:e7:ef:2a:60:ba:a4:64:bf:4c:62:5c:c9:
92:77:57:8d:a9:d8:d9:8e:6a:c8:4e:46:bd:eb:8d:
95:78:96:3b:b8:2e:71:04:cd:ec:9f:27:1f:b1:fd:
2a:ce:c0:a5:3b:9a:72:d8:dd:7a:49:86:05:40:71:
a5:52:5e:cd:d2:eb:0a:04:a8:83:26:74:bf:41:58:
d2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E1:F0:7F:06:40:F2:48:D3:85:2F:9A:A7:2B:AA:B5:A0:25:8B:F4
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/FB4F0F9EF90011EDAEA1FC13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.59.24.0-119.59.63.255
Signature Algorithm: sha256WithRSAEncryption
62:bd:4e:e9:9c:70:74:ad:95:8d:57:b6:03:5e:37:b5:d9:4d:
bc:77:9e:a1:da:f6:e1:b3:9d:1e:cf:ab:27:c6:3f:60:d8:a3:
69:35:cc:97:16:11:ac:a5:d9:66:73:48:df:c4:ec:5f:11:9f:
24:a9:f8:fe:a5:4c:b3:79:00:91:9c:59:51:a1:16:97:88:b0:
4c:49:e8:c1:87:07:e6:b2:2f:1e:a9:04:2f:92:29:48:ab:97:
32:6c:cb:4d:fa:eb:a7:c7:88:90:58:84:f2:73:01:fa:25:df:
dd:27:3c:2e:43:fd:c6:66:d1:ae:b0:bf:ad:50:8a:c8:22:c0:
38:e7:82:de:c2:f4:c3:9c:b4:35:41:9a:23:33:ab:cf:86:2b:
34:e7:8c:68:4d:0b:e8:78:8c:0b:7d:9e:45:3b:95:2d:7c:4f:
06:fe:40:b3:af:27:75:54:99:60:22:b5:4d:9c:d0:e0:c1:45:
86:9d:ba:0d:75:83:e0:43:8d:7e:56:ec:53:34:95:79:d1:49:
0b:ec:17:5a:e2:7d:96:9b:cc:d8:7f:c7:43:61:82:a1:d8:2f:
94:da:0d:d8:da:de:13:37:7c:af:9e:f9:a5:5a:7d:dd:55:29:
b6:92:24:4b:98:24:52:59:ba:8a:86:a3:9a:fb:6e:8c:d0:a1:
ca:d6:ac:17
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICNNIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjMwOTI2MTQzMDE0WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTEyZWFmNi0wZjcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv5OmJf8a70XYOBh5ou3iZnsROJcKr0xRt4eughMRY6VymNft9/2ilQ7RhUHu
I5si1ZKJHPCtO3PURDE3dQb/3sMJ/yThid5ifap3GwV/Q+/zE9zmORPnAU734hDv
00ZFrWIZuKwZ+mno6phg4X0I82raqDgH0NpgjmPZjcHBhItRqxxTthotfmdlBrQS
+r8NAiVl5efaWmp66pv/A0tllLsTTZhDCYYZSQoc6XirrRmVu4uqmIjn7ypguqRk
v0xiXMmSd1eNqdjZjmrITka9642VeJY7uC5xBM3snycfsf0qzsClO5py2N16SYYF
QHGlUl7N0usKBKiDJnS/QVjSwQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFMTh8H8G
QPJI04UvmqcrqrWgJYv0MB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvRkI0RjBGOUVG
OTAwMTFFREFFQTFGQzEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEA3c7GAMEBnc7ADANBgkqhkiG9w0BAQsFAAOCAQEAYr1O
6ZxwdK2VjVe2A143tdlNvHeeodr24bOdHs+rJ8Y/YNijaTXMlxYRrKXZZnNI38Ts
XxGfJKn4/qVMs3kAkZxZUaEWl4iwTEnowYcH5rIvHqkEL5IpSKuXMmzLTfrrp8eI
kFiE8nMB+iXf3Sc8LkP9xmbRrrC/rVCKyCLAOOeC3sL0w5y0NUGaIzOrz4YrNOeM
aE0L6HiMC32eRTuVLXxPBv5As68ndVSZYCK1TZzQ4MFFhp26DXWD4EONflbsUzSV
edFJC+wXWuJ9lpvM2H/HQ2GCodgvlNoN2NreEzd8r575pVp93VUptpIkS5gkUlm6
ioajmvtujNChytasFw==
-----END CERTIFICATE-----
Generated at Sat May 18 15:26:02 2024 by rpki-client on console-fra.rpki-client.org