Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/0E95C2D8F14211EAA4333775C4F9AE02.roa
File: 0E95C2D8F14211EAA4333775C4F9AE02.roa (raw, json)
Hash identifier: v7dpF7DEHY5W9PehrFLFcsUWT8Jk0m5IH4U++CpJtnc=
Subject key identifier: 52:78:1B:80:20:B5:4F:05:65:F5:A6:02:B3:D3:6D:20:67:EC:8D:9C
Certificate issuer: /CN=A914CE75/serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Certificate serial: 30EA
Authority key identifier: 49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/0E95C2D8F14211EAA4333775C4F9AE02.roa
Signing time: Tue 30 Apr 2024 15:52:24 +0000
ROA not before: Tue 30 Apr 2024 15:52:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10199
IP address blocks: 14.141.140.0/24 maxlen: 24
59.161.0.0/16 maxlen: 16
59.161.0.0/20 maxlen: 20
59.161.16.0/20 maxlen: 20
59.161.64.0/18 maxlen: 18
59.161.80.0/21 maxlen: 21
59.161.88.0/22 maxlen: 22
59.161.92.0/22 maxlen: 22
59.161.96.0/21 maxlen: 21
59.161.120.0/21 maxlen: 21
59.161.128.0/20 maxlen: 20
59.161.144.0/20 maxlen: 20
115.117.0.0/16 maxlen: 16
115.117.19.0/24 maxlen: 24
115.117.35.0/24 maxlen: 24
115.117.50.0/23 maxlen: 23
115.117.56.0/22 maxlen: 22
115.117.100.0/22 maxlen: 22
115.117.160.0/22 maxlen: 22
115.117.164.0/22 maxlen: 22
115.117.168.0/22 maxlen: 22
115.117.172.0/22 maxlen: 22
115.117.180.0/22 maxlen: 22
115.117.184.0/21 maxlen: 21
115.117.192.0/18 maxlen: 18
115.117.208.0/20 maxlen: 20
115.118.67.0/24 maxlen: 24
121.244.0.0/21 maxlen: 21
121.244.10.0/23 maxlen: 23
121.244.12.0/23 maxlen: 23
121.244.14.0/23 maxlen: 23
121.244.16.0/23 maxlen: 23
121.244.18.0/23 maxlen: 23
121.244.20.0/23 maxlen: 23
121.245.32.0/20 maxlen: 24
121.245.64.0/20 maxlen: 20
121.245.80.0/20 maxlen: 20
121.245.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 15:24:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12522 (0x30ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914CE75/serialNumber=49892537D8B2C0325B7BE081FD9286C79BEA6A85
Validity
Not Before: Apr 30 15:52:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=663113b8-fcfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f4:8f:2f:7b:39:00:00:9c:21:11:4c:4d:6c:
79:77:1b:2d:91:40:d8:7e:d2:45:3e:bb:13:e4:44:
14:d8:2a:a1:42:15:6b:50:47:f2:af:48:91:ff:35:
80:54:7c:42:21:15:e5:8f:3f:6a:e3:72:d1:66:47:
17:7f:13:50:91:cf:a0:c8:93:13:f5:64:12:44:c7:
59:ad:45:b0:c6:34:3f:c6:7d:ae:0d:4c:f5:2f:71:
49:3e:e5:4c:6a:06:c0:63:95:e5:0d:62:bc:0f:98:
8f:45:6a:a0:b2:f9:97:f2:4b:ef:ee:6a:01:04:6d:
2f:c8:27:bc:9a:41:15:72:a6:a4:5a:7b:14:52:e7:
d2:0f:71:fa:f2:14:e8:1f:96:d3:ba:59:e6:0c:da:
d0:1c:bc:4d:6d:3e:15:05:9c:e3:0c:8d:a3:43:da:
21:db:05:75:4f:14:b6:34:3f:fc:ce:05:6c:25:ef:
7a:29:a3:19:bf:7e:12:4c:1c:40:0a:71:fe:97:af:
89:c0:a7:d4:a1:2e:d3:7c:4d:88:2c:82:9b:c2:71:
e8:f9:13:a4:01:ce:ff:0b:42:14:e3:3b:6a:ff:92:
f1:2e:44:01:7a:3a:70:9b:ef:23:ac:0b:96:a3:ad:
e2:11:cd:66:ff:46:18:b0:2d:88:35:38:a5:ea:10:
62:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:78:1B:80:20:B5:4F:05:65:F5:A6:02:B3:D3:6D:20:67:EC:8D:9C
X509v3 Authority Key Identifier:
keyid:49:89:25:37:D8:B2:C0:32:5B:7B:E0:81:FD:92:86:C7:9B:EA:6A:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/SYklN9iywDJbe-CB_ZKGx5vqaoU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SYklN9iywDJbe-CB_ZKGx5vqaoU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CE75/D22EF3D6FF4B11E281BE06625911EA32/0E95C2D8F14211EAA4333775C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.141.140.0/24
59.161.0.0/16
115.117.0.0/16
115.118.67.0/24
121.244.0.0/21
121.244.10.0-121.244.21.255
121.245.32.0/20
121.245.64.0-121.245.111.255
Signature Algorithm: sha256WithRSAEncryption
64:e8:70:98:2f:52:72:d1:1e:49:5d:0e:6c:e8:28:22:26:1a:
7d:cd:31:93:75:8f:33:ef:96:cb:7c:8d:f2:ff:80:64:99:12:
f0:bc:5c:c0:13:81:20:04:8b:c9:0a:90:6b:13:86:52:f0:db:
62:fb:85:e4:2b:08:9b:1d:05:82:d0:34:1d:8b:fa:f9:d3:95:
91:d5:d5:c0:d4:3a:ef:9e:41:c1:83:8b:51:e4:45:75:1f:0b:
35:d8:48:0f:11:f5:d3:49:5a:51:cd:2f:dd:a8:53:18:e1:81:
57:6f:ab:3e:04:17:ee:1c:21:a7:b8:ed:de:4c:50:2d:60:f9:
5b:34:c5:c4:10:a7:69:80:da:63:dd:1f:be:d8:98:b5:4d:6f:
53:46:b0:b4:a3:87:2d:38:75:ff:97:79:34:65:6d:d6:ff:df:
5b:96:92:36:71:7d:16:5e:83:40:69:ae:9d:ee:61:02:7a:af:
14:4d:c0:57:aa:40:a1:63:06:ba:15:cf:23:a5:51:d1:20:eb:
cb:9f:5c:43:e1:f1:64:0f:27:e8:93:6c:c2:50:fa:9c:c1:db:
52:c2:fb:14:e9:74:10:84:3a:be:ee:37:65:a2:ca:56:e2:bc:
ec:cf:f7:82:50:8f:2f:3c:c3:b9:f9:d1:ca:9c:00:b4:c2:b0:
82:60:d5:0d
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICMOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENFNzUxMTAvBgNVBAUTKDQ5ODkyNTM3RDhCMkMwMzI1QjdCRTA4MUZEOTI4NkM3
OUJFQTZBODUwHhcNMjQwNDMwMTU1MjI0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxMTNiOC1mY2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5fSPL3s5AACcIRFMTWx5dxstkUDYftJFPrsT5EQU2CqhQhVrUEfyr0iR/zWA
VHxCIRXljz9q43LRZkcXfxNQkc+gyJMT9WQSRMdZrUWwxjQ/xn2uDUz1L3FJPuVM
agbAY5XlDWK8D5iPRWqgsvmX8kvv7moBBG0vyCe8mkEVcqakWnsUUufSD3H68hTo
H5bTulnmDNrQHLxNbT4VBZzjDI2jQ9oh2wV1TxS2ND/8zgVsJe96KaMZv34STBxA
CnH+l6+JwKfUoS7TfE2ILIKbwnHo+ROkAc7/C0IU4ztq/5LxLkQBejpwm+8jrAuW
o63iEc1m/0YYsC2INTil6hBiUQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFFJ4G4Ag
tU8FZfWmArPTbSBn7I2cMB8GA1UdIwQYMBaAFEmJJTfYssAyW3vggf2Shseb6mqF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0U3NS9EMjJFRjNENkZG
NEIxMUUyODFCRTA2NjI1OTExRUEzMi9TWWtsTjlpeXdESmJlLUNCX1pLR3g1dnFh
b1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NZa2xOOWl5d0RKYmUtQ0JfWktHeDV2cWFvVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENFNzUvRDIyRUYzRDZGRjRCMTFFMjgxQkUwNjYyNTkxMUVBMzIvMEU5NUMyRDhG
MTQyMTFFQUE0MzMzNzc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E
SDBGMEQEAgABMD4DBAAOjYwDAwA7oQMDAHN1AwQAc3ZDAwQDefQAMAwDBAF59AoD
BAF59BQDBAR59SAwDAMEBnn1QAMEBHn1YDANBgkqhkiG9w0BAQsFAAOCAQEAZOhw
mC9SctEeSV0ObOgoIiYafc0xk3WPM++Wy3yN8v+AZJkS8LxcwBOBIASLyQqQaxOG
UvDbYvuF5CsImx0FgtA0HYv6+dOVkdXVwNQ6755BwYOLUeRFdR8LNdhIDxH100la
Uc0v3ahTGOGBV2+rPgQX7hwhp7jt3kxQLWD5WzTFxBCnaYDaY90fvtiYtU1vU0aw
tKOHLTh1/5d5NGVt1v/fW5aSNnF9Fl6DQGmune5hAnqvFE3AV6pAoWMGuhXPI6VR
0SDry59cQ+HxZA8n6JNswlD6nMHbUsL7FOl0EIQ6vu43ZaLKVuK87M/3glCPLzzD
ufnRypwAtMKwgmDVDQ==
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:24:10 2024 by rpki-client on console-ams.rpki-client.org