Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/F9B55ECA922111EAB5138581C4F9AE02.roa
File: F9B55ECA922111EAB5138581C4F9AE02.roa (raw, json)
Hash identifier: 6fJsoHs4/VvYWKDLSqWaoRq9Q7ZbsMnOcxCIRsmzwwE=
Subject key identifier: 38:03:51:7F:14:F7:CD:C7:55:F0:04:1B:8C:9B:90:5A:B3:7B:2C:2A
Certificate issuer: /CN=A914C33A/serialNumber=54411D9070E20C9FFCFFC414FD09320BF39AB6E8
Certificate serial: 1552
Authority key identifier: 54:41:1D:90:70:E2:0C:9F:FC:FF:C4:14:FD:09:32:0B:F3:9A:B6:E8
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/VEEdkHDiDJ_8_8QU_QkyC_Oatug.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/F9B55ECA922111EAB5138581C4F9AE02.roa
Signing time: Tue 26 Sep 2023 15:52:23 +0000
ROA not before: Tue 26 Sep 2023 15:52:23 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 7642
IP address blocks: 69.94.32.0/20 maxlen: 20
69.94.32.0/23 maxlen: 24
69.94.34.0/23 maxlen: 24
69.94.36.0/23 maxlen: 24
69.94.38.0/23 maxlen: 24
69.94.40.0/23 maxlen: 24
69.94.42.0/23 maxlen: 24
69.94.44.0/23 maxlen: 24
69.94.46.0/23 maxlen: 24
69.94.80.0/20 maxlen: 20
69.94.80.0/23 maxlen: 24
69.94.82.0/23 maxlen: 24
69.94.84.0/23 maxlen: 24
69.94.86.0/23 maxlen: 24
69.94.88.0/23 maxlen: 24
69.94.90.0/23 maxlen: 24
69.94.92.0/23 maxlen: 24
69.94.94.0/23 maxlen: 24
209.212.192.0/19 maxlen: 19
209.212.192.0/23 maxlen: 24
209.212.194.0/23 maxlen: 24
209.212.196.0/23 maxlen: 24
209.212.198.0/23 maxlen: 24
209.212.200.0/23 maxlen: 24
209.212.202.0/23 maxlen: 24
209.212.204.0/23 maxlen: 24
209.212.206.0/23 maxlen: 24
209.212.208.0/23 maxlen: 24
209.212.210.0/23 maxlen: 24
209.212.212.0/23 maxlen: 24
209.212.214.0/23 maxlen: 24
209.212.216.0/23 maxlen: 24
209.212.218.0/23 maxlen: 24
209.212.220.0/23 maxlen: 24
209.212.222.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/VEEdkHDiDJ_8_8QU_QkyC_Oatug.crl
rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/VEEdkHDiDJ_8_8QU_QkyC_Oatug.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/VEEdkHDiDJ_8_8QU_QkyC_Oatug.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5458 (0x1552)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C33A/serialNumber=54411D9070E20C9FFCFFC414FD09320BF39AB6E8
Validity
Not Before: Sep 26 15:52:23 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6512fe37-c6db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:68:bb:f3:5c:e3:28:57:09:18:ff:2a:16:e4:
df:71:4f:32:10:c4:48:6e:72:c1:cd:ca:9b:04:1f:
a4:11:bd:a6:87:d9:05:0d:02:eb:8b:65:ed:86:d5:
0a:57:9a:16:a8:0c:84:df:57:bc:25:5a:ee:75:91:
b1:fb:ec:2a:f8:f5:46:42:00:ee:72:3d:e5:b2:ec:
df:ba:17:36:13:ef:81:d5:1b:6f:e7:f9:81:53:eb:
b2:f5:7c:37:7e:49:8a:9a:a6:0e:df:ce:0c:8d:31:
25:bb:05:06:c1:1e:e7:f4:ae:81:1c:f3:de:15:20:
a1:e2:45:c6:e6:fa:2d:2b:3f:87:02:1b:20:7d:53:
80:d8:bf:29:14:b0:46:e5:72:38:75:33:60:d8:3b:
25:df:9c:16:16:f6:7b:44:7a:ea:ac:52:fd:03:0b:
b4:bb:09:9d:86:37:82:fa:b7:25:1c:83:28:0b:d8:
89:ed:f7:19:84:16:ee:69:af:1d:c9:b3:cd:c3:01:
01:88:9f:fd:13:78:16:75:a1:7d:09:cf:b2:fe:49:
de:d3:21:0d:39:f8:9f:06:c3:8a:73:fc:82:0d:ee:
95:ff:88:f7:9b:f9:4c:6d:b3:36:19:76:48:99:e2:
fc:c1:a4:c2:f5:ed:a0:cd:c2:cb:88:5e:fc:94:15:
56:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:03:51:7F:14:F7:CD:C7:55:F0:04:1B:8C:9B:90:5A:B3:7B:2C:2A
X509v3 Authority Key Identifier:
keyid:54:41:1D:90:70:E2:0C:9F:FC:FF:C4:14:FD:09:32:0B:F3:9A:B6:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/VEEdkHDiDJ_8_8QU_QkyC_Oatug.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/VEEdkHDiDJ_8_8QU_QkyC_Oatug.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/F9B55ECA922111EAB5138581C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
69.94.32.0/20
69.94.80.0/20
209.212.192.0/19
Signature Algorithm: sha256WithRSAEncryption
21:63:f6:32:96:e4:e2:54:37:8b:6c:c9:cb:bc:55:26:a6:f3:
7c:fe:db:49:50:a2:f5:7f:e4:41:27:ab:95:26:48:8b:13:96:
8d:83:95:37:bb:d2:4f:a8:36:7b:39:8f:d8:d5:da:20:7f:bc:
79:aa:81:47:26:5b:3c:20:63:a8:f3:e7:41:9d:0a:5e:0e:c2:
3a:2a:01:03:e3:36:d2:d1:28:7f:25:a4:eb:59:aa:75:fc:de:
64:2a:01:c0:42:10:5b:e0:92:62:90:8a:92:53:c5:00:99:c2:
83:2d:c7:0a:46:ba:3d:fd:c5:ef:fd:b7:35:f5:35:45:45:57:
ef:8a:53:ce:29:96:bf:9e:a1:b2:e0:b8:02:66:d6:da:b2:fa:
38:07:39:60:55:83:62:31:c2:78:05:b5:f4:cc:c4:d8:40:6c:
09:bf:60:33:8b:0d:14:c6:90:36:7d:00:24:ad:32:a3:97:60:
00:62:3f:35:7f:00:74:ea:49:d5:6c:f3:cb:ed:f6:d3:68:31:
bf:1b:f5:de:84:15:49:27:5f:5f:94:fe:78:f9:27:b6:26:33:
ae:6d:99:0b:b4:19:d9:d4:1b:84:22:35:7f:48:f8:f0:05:e7:
26:3d:fe:78:a9:f9:e4:5d:dd:77:12:f4:48:11:4b:65:22:80:
de:70:c4:e0
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICFVIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEMzM0ExMTAvBgNVBAUTKDU0NDExRDkwNzBFMjBDOUZGQ0ZGQzQxNEZEMDkzMjBC
RjM5QUI2RTgwHhcNMjMwOTI2MTU1MjIzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTEyZmUzNy1jNmRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7mi781zjKFcJGP8qFuTfcU8yEMRIbnLBzcqbBB+kEb2mh9kFDQLri2XthtUK
V5oWqAyE31e8JVrudZGx++wq+PVGQgDucj3lsuzfuhc2E++B1Rtv5/mBU+uy9Xw3
fkmKmqYO384MjTEluwUGwR7n9K6BHPPeFSCh4kXG5votKz+HAhsgfVOA2L8pFLBG
5XI4dTNg2Dsl35wWFvZ7RHrqrFL9Awu0uwmdhjeC+rclHIMoC9iJ7fcZhBbuaa8d
ybPNwwEBiJ/9E3gWdaF9Cc+y/kne0yENOfifBsOKc/yCDe6V/4j3m/lMbbM2GXZI
meL8waTC9e2gzcLLiF78lBVWXQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFDgDUX8U
983HVfAEG4ybkFqzeywqMB8GA1UdIwQYMBaAFFRBHZBw4gyf/P/EFP0JMgvzmrbo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzMzQS9GRUM3N0M5QTA3
MzYxMUU4QUI3RENCNEFDNEY5QUUwMi9WRUVka0hEaURKXzhfOFFVX1FreUNfT2F0
dWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1ZFRWRrSERpREpfOF84UVVfUWt5Q19PYXR1Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEMzM0EvRkVDNzdDOUEwNzM2MTFFOEFCN0RDQjRBQzRGOUFFMDIvRjlCNTVFQ0E5
MjIxMTFFQUI1MTM4NTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBARFXiADBARFXlADBAXR1MAwDQYJKoZIhvcNAQELBQADggEB
ACFj9jKW5OJUN4tsycu8VSam83z+20lQovV/5EEnq5UmSIsTlo2DlTe70k+oNns5
j9jV2iB/vHmqgUcmWzwgY6jz50GdCl4OwjoqAQPjNtLRKH8lpOtZqnX83mQqAcBC
EFvgkmKQipJTxQCZwoMtxwpGuj39xe/9tzX1NUVFV++KU84plr+eobLguAJm1tqy
+jgHOWBVg2IxwngFtfTMxNhAbAm/YDOLDRTGkDZ9ACStMqOXYABiPzV/AHTqSdVs
88vt9tNoMb8b9d6EFUknX1+U/nj5J7YmM65tmQu0GdnUG4QiNX9I+PAF5yY9/nip
+eRd3XcS9EgRS2UigN5wxOA=
-----END CERTIFICATE-----
Generated at Sat May 18 17:20:04 2024 by rpki-client on console-ams.rpki-client.org