Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/F9B55ECA922111EAB5138581C4F9AE02.roa
File: F9B55ECA922111EAB5138581C4F9AE02.roa (raw, json)
Hash identifier: t1Oq9/W3+A2l0ATKJkmUH6k2nz0jQQTxzppJnzarsfQ=
Subject key identifier: 44:94:BD:3E:E3:14:98:EF:86:83:67:15:63:0B:E8:5C:D8:C6:D3:EA
Certificate issuer: /CN=A914C33A/serialNumber=54411D9070E20C9FFCFFC414FD09320BF39AB6E8
Certificate serial: 1616
Authority key identifier: 54:41:1D:90:70:E2:0C:9F:FC:FF:C4:14:FD:09:32:0B:F3:9A:B6:E8
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/VEEdkHDiDJ_8_8QU_QkyC_Oatug.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/F9B55ECA922111EAB5138581C4F9AE02.roa
Signing time: Tue 08 Oct 2024 16:02:33 +0000
ROA not before: Tue 08 Oct 2024 16:02:33 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 7642
IP address blocks: 69.94.32.0/20 maxlen: 20
69.94.32.0/23 maxlen: 24
69.94.34.0/23 maxlen: 24
69.94.36.0/23 maxlen: 24
69.94.38.0/23 maxlen: 24
69.94.40.0/23 maxlen: 24
69.94.42.0/23 maxlen: 24
69.94.44.0/23 maxlen: 24
69.94.46.0/23 maxlen: 24
69.94.80.0/20 maxlen: 20
69.94.80.0/23 maxlen: 24
69.94.82.0/23 maxlen: 24
69.94.84.0/23 maxlen: 24
69.94.86.0/23 maxlen: 24
69.94.88.0/23 maxlen: 24
69.94.90.0/23 maxlen: 24
69.94.92.0/23 maxlen: 24
69.94.94.0/23 maxlen: 24
209.212.192.0/19 maxlen: 19
209.212.192.0/23 maxlen: 24
209.212.194.0/23 maxlen: 24
209.212.196.0/23 maxlen: 24
209.212.198.0/23 maxlen: 24
209.212.200.0/23 maxlen: 24
209.212.202.0/23 maxlen: 24
209.212.204.0/23 maxlen: 24
209.212.206.0/23 maxlen: 24
209.212.208.0/23 maxlen: 24
209.212.210.0/23 maxlen: 24
209.212.212.0/23 maxlen: 24
209.212.214.0/23 maxlen: 24
209.212.216.0/23 maxlen: 24
209.212.218.0/23 maxlen: 24
209.212.220.0/23 maxlen: 24
209.212.222.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/VEEdkHDiDJ_8_8QU_QkyC_Oatug.crl
rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/VEEdkHDiDJ_8_8QU_QkyC_Oatug.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/VEEdkHDiDJ_8_8QU_QkyC_Oatug.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 15:22:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5654 (0x1616)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C33A/serialNumber=54411D9070E20C9FFCFFC414FD09320BF39AB6E8
Validity
Not Before: Oct 8 16:02:33 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67055799-624b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d0:46:6a:3d:2a:e0:d9:f8:2a:70:ab:12:14:
0a:0d:72:e2:c1:cd:3b:78:16:cc:46:ff:42:aa:93:
60:4c:2b:10:2f:e1:85:9a:5b:9b:57:e7:a8:e6:d4:
dd:35:5b:07:e1:3c:88:1c:1b:e3:ea:cd:fd:66:c2:
e3:6c:2a:cd:7c:8c:08:74:b3:d8:80:ef:e4:76:ec:
47:fb:67:ef:b5:db:e7:5f:2f:8e:00:93:ca:23:fe:
da:d3:d2:f5:26:d4:a5:94:72:09:d4:c7:55:41:4b:
30:5d:f0:6e:11:70:fe:bf:cb:e2:90:92:49:ee:66:
f0:26:0f:4e:b4:33:bc:7c:b0:09:86:e0:3d:6e:5c:
79:ae:a6:ad:fc:c4:48:71:a2:a5:78:20:25:e6:d5:
12:36:0c:51:82:a4:14:98:94:67:65:b9:86:b4:58:
56:5d:45:a8:9e:a1:e6:fb:ef:7f:ce:f9:33:cf:7e:
9d:68:0c:78:62:0c:df:50:74:69:53:7b:9e:70:fd:
8c:58:8a:8c:ca:50:ba:84:d5:4b:04:50:54:77:4b:
bd:24:72:b6:b6:0c:09:c2:0d:4f:c7:39:04:3c:e8:
83:02:0f:b2:66:28:b8:22:f7:ba:f8:a6:5f:79:16:
3c:02:17:ec:ed:7e:31:b1:28:63:26:9f:51:56:77:
9a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:94:BD:3E:E3:14:98:EF:86:83:67:15:63:0B:E8:5C:D8:C6:D3:EA
X509v3 Authority Key Identifier:
keyid:54:41:1D:90:70:E2:0C:9F:FC:FF:C4:14:FD:09:32:0B:F3:9A:B6:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/VEEdkHDiDJ_8_8QU_QkyC_Oatug.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/VEEdkHDiDJ_8_8QU_QkyC_Oatug.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C33A/FEC77C9A073611E8AB7DCB4AC4F9AE02/F9B55ECA922111EAB5138581C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
69.94.32.0/20
69.94.80.0/20
209.212.192.0/19
Signature Algorithm: sha256WithRSAEncryption
ab:1e:a8:e4:6d:b9:24:7e:d4:27:bb:05:8f:b6:2f:b8:93:4a:
7a:cf:80:42:61:6f:1e:6d:f0:b4:64:48:98:63:7a:20:1e:7b:
cb:9f:80:d3:9b:03:47:52:c2:d7:8d:c0:19:e7:e6:3f:b4:26:
06:35:b5:40:53:f9:10:14:ca:f3:00:15:0c:0a:49:69:a2:7c:
7b:9f:6c:bc:96:f1:16:08:08:6c:32:0b:d3:bf:57:bd:e3:91:
35:af:90:4a:de:be:03:c4:c9:d3:d2:d7:55:61:ea:98:a2:2a:
78:ad:64:01:41:9f:1c:5a:5a:7a:c9:b7:1d:53:aa:9a:d5:07:
8a:60:f5:67:c0:14:8c:ba:da:97:0d:ea:dd:d5:ce:7c:39:23:
21:11:be:f1:0d:d8:fb:c9:67:5b:ca:5e:ae:87:fd:ec:f4:e3:
b6:62:b1:bf:05:bc:b7:e2:c2:af:06:2b:b9:fe:fe:b8:b9:46:
c8:c7:2e:27:e6:4f:5e:59:8b:61:a4:17:7f:fa:97:65:45:ec:
50:cf:51:08:b2:56:79:b3:61:09:0b:3d:eb:b6:ab:9c:9c:89:
7d:37:64:6b:55:9e:79:69:3f:12:e3:31:b3:fb:e0:96:0b:58:
fc:52:e1:38:40:e6:bf:38:6e:a0:af:0b:53:94:7c:44:d7:7c:
3c:ae:c3:3b
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICFhYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEMzM0ExMTAvBgNVBAUTKDU0NDExRDkwNzBFMjBDOUZGQ0ZGQzQxNEZEMDkzMjBC
RjM5QUI2RTgwHhcNMjQxMDA4MTYwMjMzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA1NTc5OS02MjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAodBGaj0q4Nn4KnCrEhQKDXLiwc07eBbMRv9CqpNgTCsQL+GFmlubV+eo5tTd
NVsH4TyIHBvj6s39ZsLjbCrNfIwIdLPYgO/kduxH+2fvtdvnXy+OAJPKI/7a09L1
JtSllHIJ1MdVQUswXfBuEXD+v8vikJJJ7mbwJg9OtDO8fLAJhuA9blx5rqat/MRI
caKleCAl5tUSNgxRgqQUmJRnZbmGtFhWXUWonqHm++9/zvkzz36daAx4YgzfUHRp
U3uecP2MWIqMylC6hNVLBFBUd0u9JHK2tgwJwg1PxzkEPOiDAg+yZii4Ive6+KZf
eRY8Ahfs7X4xsShjJp9RVneaqQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFESUvT7j
FJjvhoNnFWML6FzYxtPqMB8GA1UdIwQYMBaAFFRBHZBw4gyf/P/EFP0JMgvzmrbo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzMzQS9GRUM3N0M5QTA3
MzYxMUU4QUI3RENCNEFDNEY5QUUwMi9WRUVka0hEaURKXzhfOFFVX1FreUNfT2F0
dWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1ZFRWRrSERpREpfOF84UVVfUWt5Q19PYXR1Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEMzM0EvRkVDNzdDOUEwNzM2MTFFOEFCN0RDQjRBQzRGOUFFMDIvRjlCNTVFQ0E5
MjIxMTFFQUI1MTM4NTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBARFXiADBARFXlADBAXR1MAwDQYJKoZIhvcNAQELBQADggEB
AKseqORtuSR+1Ce7BY+2L7iTSnrPgEJhbx5t8LRkSJhjeiAee8ufgNObA0dSwteN
wBnn5j+0JgY1tUBT+RAUyvMAFQwKSWmifHufbLyW8RYICGwyC9O/V73jkTWvkEre
vgPEydPS11Vh6piiKnitZAFBnxxaWnrJtx1TqprVB4pg9WfAFIy62pcN6t3Vznw5
IyERvvEN2PvJZ1vKXq6H/ez047Zisb8FvLfiwq8GK7n+/ri5RsjHLifmT15Zi2Gk
F3/6l2VF7FDPUQiyVnmzYQkLPeu2q5yciX03ZGtVnnlpPxLjMbP74JYLWPxS4ThA
5r84bqCvC1OUfETXfDyuwzs=
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:05:17 2024 by rpki-client on console-ams.rpki-client.org