Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/3118E43E966B11EAAA23047CC4F9AE02.roa
File: 3118E43E966B11EAAA23047CC4F9AE02.roa (raw, json)
Hash identifier: WrHJMHrfmwXer8MYeRSCkBLBrLygk4/ZZ/f4skJIziE=
Subject key identifier: 44:E7:F1:75:B6:5E:F5:C7:FD:58:7D:16:61:6E:19:69:78:35:82:41
Certificate issuer: /CN=A914C33A/serialNumber=9C81471F18AAEECDF945A7C917FD8A8985D7C3AC
Certificate serial: 294F
Authority key identifier: 9C:81:47:1F:18:AA:EE:CD:F9:45:A7:C9:17:FD:8A:89:85:D7:C3:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIFHHxiq7s35RafJF_2KiYXXw6w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/3118E43E966B11EAAA23047CC4F9AE02.roa
Signing time: Tue 26 Sep 2023 15:52:22 +0000
ROA not before: Tue 26 Sep 2023 15:52:22 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 7642
IP address blocks: 27.114.128.0/18 maxlen: 18
27.114.128.0/23 maxlen: 24
27.114.130.0/23 maxlen: 24
27.114.132.0/23 maxlen: 24
27.114.134.0/23 maxlen: 24
27.114.136.0/23 maxlen: 24
27.114.138.0/23 maxlen: 24
27.114.140.0/23 maxlen: 24
27.114.142.0/23 maxlen: 24
27.114.144.0/23 maxlen: 24
27.114.146.0/23 maxlen: 24
27.114.148.0/23 maxlen: 24
27.114.150.0/23 maxlen: 24
27.114.152.0/23 maxlen: 24
27.114.154.0/23 maxlen: 24
27.114.156.0/23 maxlen: 24
27.114.158.0/23 maxlen: 24
27.114.160.0/23 maxlen: 24
27.114.162.0/23 maxlen: 24
27.114.164.0/23 maxlen: 24
27.114.166.0/23 maxlen: 24
27.114.168.0/23 maxlen: 24
27.114.170.0/23 maxlen: 24
27.114.172.0/23 maxlen: 24
27.114.174.0/23 maxlen: 24
27.114.176.0/23 maxlen: 24
27.114.178.0/23 maxlen: 24
27.114.180.0/23 maxlen: 24
27.114.182.0/23 maxlen: 24
27.114.184.0/23 maxlen: 24
27.114.186.0/23 maxlen: 24
27.114.188.0/23 maxlen: 24
27.114.190.0/23 maxlen: 24
43.226.220.0/22 maxlen: 24
103.31.84.0/22 maxlen: 24
123.176.0.0/19 maxlen: 24
124.195.192.0/19 maxlen: 19
124.195.192.0/23 maxlen: 24
124.195.194.0/23 maxlen: 24
124.195.196.0/23 maxlen: 24
124.195.198.0/23 maxlen: 24
124.195.200.0/23 maxlen: 24
124.195.202.0/23 maxlen: 24
124.195.204.0/23 maxlen: 24
124.195.206.0/23 maxlen: 24
124.195.208.0/23 maxlen: 24
124.195.210.0/23 maxlen: 24
124.195.212.0/23 maxlen: 24
124.195.214.0/23 maxlen: 24
124.195.216.0/23 maxlen: 24
124.195.218.0/23 maxlen: 24
124.195.220.0/23 maxlen: 24
124.195.222.0/23 maxlen: 24
202.1.192.0/20 maxlen: 24
203.104.24.0/21 maxlen: 21
203.104.24.0/23 maxlen: 24
203.104.26.0/23 maxlen: 24
203.104.28.0/23 maxlen: 24
203.104.30.0/23 maxlen: 24
2406:e400::/32 maxlen: 56
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/nIFHHxiq7s35RafJF_2KiYXXw6w.crl
rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/nIFHHxiq7s35RafJF_2KiYXXw6w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIFHHxiq7s35RafJF_2KiYXXw6w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 29 May 2024 15:52:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10575 (0x294f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C33A/serialNumber=9C81471F18AAEECDF945A7C917FD8A8985D7C3AC
Validity
Not Before: Sep 26 15:52:22 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6512fe36-a20e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b1:47:4f:4b:59:ad:66:47:70:9d:46:95:36:
4e:f8:ec:f4:37:1b:8e:d8:ff:2e:92:08:10:eb:65:
da:47:af:d0:84:26:12:47:50:0f:26:f5:2d:cb:09:
a0:6f:c6:ad:11:ce:fb:b7:82:b7:43:0b:17:aa:61:
5b:7f:af:ce:32:31:87:ae:f5:50:5d:7c:f0:5c:6a:
bf:5e:f3:87:cd:5f:b6:e0:f9:21:8c:19:8f:f3:57:
4c:31:a1:ae:51:72:1a:a4:0e:c7:01:95:c1:ec:df:
7d:ba:66:c9:07:39:42:ee:31:a1:2a:84:d1:dd:99:
33:e7:78:91:31:b7:d0:58:93:61:ec:41:e5:07:19:
d9:29:e8:21:6c:a4:f3:8d:de:cd:ce:8a:22:aa:c7:
0b:28:fb:cb:f1:4b:0e:f2:57:bb:10:32:34:e5:84:
c7:39:3a:0e:6b:04:5d:d7:9a:89:f8:51:7e:1d:f0:
45:11:c4:df:79:6d:4b:ba:9b:6f:6b:3b:23:59:73:
0d:bf:2a:25:ca:0f:21:0f:43:52:bb:29:ab:10:fe:
88:7a:99:7f:08:0f:f6:06:ac:c8:c7:ec:71:9d:62:
36:e3:14:f7:04:4c:7b:29:8c:3b:cc:37:82:fa:7a:
d6:9c:0c:9e:cd:39:f3:36:43:a2:7f:fc:71:16:54:
73:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E7:F1:75:B6:5E:F5:C7:FD:58:7D:16:61:6E:19:69:78:35:82:41
X509v3 Authority Key Identifier:
keyid:9C:81:47:1F:18:AA:EE:CD:F9:45:A7:C9:17:FD:8A:89:85:D7:C3:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/nIFHHxiq7s35RafJF_2KiYXXw6w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIFHHxiq7s35RafJF_2KiYXXw6w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/3118E43E966B11EAAA23047CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.114.128.0/18
43.226.220.0/22
103.31.84.0/22
123.176.0.0/19
124.195.192.0/19
202.1.192.0/20
203.104.24.0/21
IPv6:
2406:e400::/32
Signature Algorithm: sha256WithRSAEncryption
87:d8:f2:25:18:2a:54:a0:38:8c:f8:00:02:90:bc:df:6b:e8:
a4:1d:9c:af:7d:b3:0c:78:e1:f6:3f:3c:f1:68:78:2b:d8:eb:
3b:45:a2:d3:8e:c7:e4:8b:45:a4:4c:b6:1c:b6:ca:19:73:ed:
f3:d9:27:9e:51:17:88:d2:d2:b5:63:71:24:6f:3c:c8:d5:57:
92:f8:a4:12:3d:a6:74:88:c9:55:ab:72:46:20:72:e9:f6:a5:
ca:e9:4b:c8:13:fb:79:cc:37:07:97:ff:be:b9:4c:a0:83:88:
3c:cd:f6:2c:04:4c:76:93:29:24:38:ca:78:a9:d1:a1:b3:18:
4f:e6:21:39:4c:68:a8:84:5f:c7:e8:70:68:e1:9c:22:1a:48:
8c:b7:88:1f:71:23:dd:03:d6:e3:0c:42:f8:da:29:88:21:b7:
7d:9a:dd:ff:1f:15:3e:54:ae:e0:95:e4:9c:57:74:d6:2e:09:
08:f6:a6:42:c5:47:38:7e:0b:cf:b7:72:94:7b:0b:81:7d:a0:
8b:66:a6:63:81:9b:36:47:7d:55:2a:3c:d2:ef:1e:17:65:04:
1f:dd:38:14:c7:91:8a:e5:9d:a1:87:40:62:6b:e9:f4:a8:43:
86:56:1a:0b:7e:01:ff:25:b4:cc:d8:09:99:a8:cc:5e:9c:78:
09:73:cc:35
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICKU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEMzM0ExMTAvBgNVBAUTKDlDODE0NzFGMThBQUVFQ0RGOTQ1QTdDOTE3RkQ4QTg5
ODVEN0MzQUMwHhcNMjMwOTI2MTU1MjIyWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTEyZmUzNi1hMjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArbFHT0tZrWZHcJ1GlTZO+Oz0NxuO2P8ukggQ62XaR6/QhCYSR1APJvUtywmg
b8atEc77t4K3QwsXqmFbf6/OMjGHrvVQXXzwXGq/XvOHzV+24PkhjBmP81dMMaGu
UXIapA7HAZXB7N99umbJBzlC7jGhKoTR3Zkz53iRMbfQWJNh7EHlBxnZKeghbKTz
jd7NzooiqscLKPvL8UsO8le7EDI05YTHOToOawRd15qJ+FF+HfBFEcTfeW1Luptv
azsjWXMNvyolyg8hD0NSuymrEP6Iepl/CA/2BqzIx+xxnWI24xT3BEx7KYw7zDeC
+nrWnAyezTnzNkOif/xxFlRz/wIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFETn8XW2
XvXH/Vh9FmFuGWl4NYJBMB8GA1UdIwQYMBaAFJyBRx8Yqu7N+UWnyRf9iomF18Os
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzMzQS8xRDJCRDAzRTJE
REIxMUU0OUFGNjE1MzBDNEY5QUUwMi9uSUZISHhpcTdzMzVSYWZKRl8yS2lZWFh3
NncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25JRkhIeGlxN3MzNVJhZkpGXzJLaVlYWHc2dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEMzM0EvMUQyQkQwM0UyRERCMTFFNDlBRjYxNTMwQzRGOUFFMDIvMzExOEU0M0U5
NjZCMTFFQUFBMjMwNDdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAYbcoADBAIr4twDBAJnH1QDBAV7sAADBAV8w8ADBATKAcAD
BAPLaBgwDQQCAAIwBwMFACQG5AAwDQYJKoZIhvcNAQELBQADggEBAIfY8iUYKlSg
OIz4AAKQvN9r6KQdnK99swx44fY/PPFoeCvY6ztFotOOx+SLRaRMthy2yhlz7fPZ
J55RF4jS0rVjcSRvPMjVV5L4pBI9pnSIyVWrckYgcun2pcrpS8gT+3nMNweX/765
TKCDiDzN9iwETHaTKSQ4ynip0aGzGE/mITlMaKiEX8focGjhnCIaSIy3iB9xI90D
1uMMQvjaKYght32a3f8fFT5UruCV5JxXdNYuCQj2pkLFRzh+C8+3cpR7C4F9oItm
pmOBmzZHfVUqPNLvHhdlBB/dOBTHkYrlnaGHQGJr6fSoQ4ZWGgt+Af8ltMzYCZmo
zF6ceAlzzDU=
-----END CERTIFICATE-----
Generated at Wed May 22 16:49:06 2024 by rpki-client on console-fra.rpki-client.org