Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914DA2D/72B5F292D27D11ECA73EF154C4F9AE02/9EE56DE2B1A611EFAFF48385C4F9AE02.roa
File: 9EE56DE2B1A611EFAFF48385C4F9AE02.roa (raw, json)
Hash identifier: eRFLslRaYy7Z/9vONGljKXTFuKVL6bHKALfN/nB50xQ=
Subject key identifier: 76:4E:80:F2:E3:14:65:F3:78:D6:06:6B:B0:12:56:3E:DF:1B:48:CF
Certificate issuer: /CN=A914DA2D/serialNumber=D7CB6D1DDCF934A1F59E4FFE4982F0B4C52C35F5
Certificate serial: 02D7
Authority key identifier: D7:CB:6D:1D:DC:F9:34:A1:F5:9E:4F:FE:49:82:F0:B4:C5:2C:35:F5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/18ttHdz5NKH1nk_-SYLwtMUsNfU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914DA2D/72B5F292D27D11ECA73EF154C4F9AE02/9EE56DE2B1A611EFAFF48385C4F9AE02.roa
Signing time: Tue 03 Dec 2024 18:44:26 +0000
ROA not before: Tue 03 Dec 2024 18:44:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17882
IP address blocks: 64.119.16.0/24 maxlen: 24
64.119.17.0/24 maxlen: 24
64.119.18.0/24 maxlen: 24
64.119.19.0/24 maxlen: 24
64.119.20.0/24 maxlen: 24
64.119.21.0/24 maxlen: 24
64.119.22.0/24 maxlen: 24
64.119.23.0/24 maxlen: 24
64.119.24.0/24 maxlen: 24
64.119.25.0/24 maxlen: 24
64.119.26.0/24 maxlen: 24
64.119.27.0/24 maxlen: 24
64.119.28.0/24 maxlen: 24
64.119.29.0/24 maxlen: 24
64.119.30.0/24 maxlen: 24
64.119.31.0/24 maxlen: 24
66.181.160.0/24 maxlen: 24
66.181.161.0/24 maxlen: 24
66.181.162.0/24 maxlen: 24
66.181.163.0/24 maxlen: 24
66.181.164.0/24 maxlen: 24
66.181.165.0/24 maxlen: 24
66.181.166.0/24 maxlen: 24
66.181.167.0/24 maxlen: 24
66.181.168.0/24 maxlen: 24
66.181.169.0/24 maxlen: 24
66.181.170.0/24 maxlen: 24
66.181.171.0/24 maxlen: 24
66.181.172.0/24 maxlen: 24
66.181.173.0/24 maxlen: 24
66.181.174.0/24 maxlen: 24
66.181.175.0/24 maxlen: 24
66.181.176.0/24 maxlen: 24
66.181.177.0/24 maxlen: 24
66.181.178.0/24 maxlen: 24
66.181.179.0/24 maxlen: 24
66.181.180.0/24 maxlen: 24
66.181.181.0/24 maxlen: 24
66.181.182.0/24 maxlen: 24
66.181.183.0/24 maxlen: 24
66.181.184.0/24 maxlen: 24
66.181.185.0/24 maxlen: 24
66.181.186.0/24 maxlen: 24
66.181.187.0/24 maxlen: 24
66.181.188.0/24 maxlen: 24
66.181.189.0/24 maxlen: 24
66.181.190.0/24 maxlen: 24
66.181.191.0/24 maxlen: 24
192.82.64.0/24 maxlen: 24
192.82.65.0/24 maxlen: 24
192.82.66.0/24 maxlen: 24
192.82.67.0/24 maxlen: 24
192.82.68.0/24 maxlen: 24
192.82.69.0/24 maxlen: 24
192.82.70.0/24 maxlen: 24
192.82.71.0/24 maxlen: 24
192.82.72.0/24 maxlen: 24
192.82.73.0/24 maxlen: 24
192.82.74.0/24 maxlen: 24
192.82.75.0/24 maxlen: 24
192.82.76.0/24 maxlen: 24
192.82.77.0/24 maxlen: 24
192.82.78.0/24 maxlen: 24
192.82.79.0/24 maxlen: 24
192.82.92.0/24 maxlen: 24
192.82.94.0/24 maxlen: 24
192.82.95.0/24 maxlen: 24
192.82.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914DA2D/72B5F292D27D11ECA73EF154C4F9AE02/18ttHdz5NKH1nk_-SYLwtMUsNfU.crl
rsync://rpki.apnic.net/member_repository/A914DA2D/72B5F292D27D11ECA73EF154C4F9AE02/18ttHdz5NKH1nk_-SYLwtMUsNfU.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/18ttHdz5NKH1nk_-SYLwtMUsNfU.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 727 (0x2d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914DA2D
Validity
Not Before: Dec 3 18:44:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=674f518a-8edc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ac:0e:67:5f:91:d9:1a:fe:08:a0:10:c0:d9:
78:36:ea:0e:ee:51:23:cb:f3:88:b8:86:ef:7f:66:
e4:d1:36:60:15:c3:24:4b:2e:e4:79:3e:d7:1b:43:
64:e5:86:85:fb:92:a9:a0:2e:fd:62:96:b0:58:a8:
b9:b3:71:b1:f9:83:9a:7c:ed:22:75:59:5b:d4:0b:
96:ae:d8:cf:3d:eb:5f:87:98:2e:37:75:22:c9:22:
65:0f:34:23:8d:d0:78:96:2e:68:47:84:94:e2:da:
14:c3:54:a3:05:0f:4c:11:89:9b:96:d6:cd:ef:af:
e9:46:de:05:ea:54:f0:29:86:b8:63:a1:6f:82:4a:
94:15:ea:f7:e6:c4:0b:61:86:3c:74:ef:d1:9a:df:
c4:3c:2f:8d:88:28:0d:7a:f3:fc:4e:24:3f:ed:8e:
05:07:eb:1b:15:68:b8:87:78:7f:2b:6d:70:29:a9:
3d:a9:c7:df:45:a3:f5:92:7c:d2:3f:ba:4c:e9:41:
83:b6:21:8a:c9:f3:eb:44:dc:0d:4e:16:e2:d5:00:
49:c9:52:a7:08:b0:c8:14:cb:c3:bf:15:e7:a8:a5:
12:18:82:cc:f5:62:17:15:99:ac:16:7f:40:05:16:
4a:04:97:49:32:6c:72:30:ef:ae:a0:c4:46:77:71:
94:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:4E:80:F2:E3:14:65:F3:78:D6:06:6B:B0:12:56:3E:DF:1B:48:CF
X509v3 Authority Key Identifier:
keyid:D7:CB:6D:1D:DC:F9:34:A1:F5:9E:4F:FE:49:82:F0:B4:C5:2C:35:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914DA2D/72B5F292D27D11ECA73EF154C4F9AE02/18ttHdz5NKH1nk_-SYLwtMUsNfU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/18ttHdz5NKH1nk_-SYLwtMUsNfU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914DA2D/72B5F292D27D11ECA73EF154C4F9AE02/9EE56DE2B1A611EFAFF48385C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.119.16.0/20
66.181.160.0/19
192.82.64.0/20
192.82.92.0/24
192.82.94.0/23
192.82.100.0/24
Signature Algorithm: sha256WithRSAEncryption
13:0b:b5:90:de:70:38:dc:49:57:69:ad:fd:d0:8c:16:dc:1f:
ac:11:2d:dc:06:41:5b:4e:d2:45:b8:38:de:f1:91:cd:c4:41:
fb:f4:96:a6:93:24:99:6b:ed:91:5e:91:cf:75:47:5e:ff:5d:
3d:f3:87:3c:d1:f5:0e:99:e6:a8:a1:60:99:2f:45:e5:f1:7e:
b6:e0:eb:87:df:50:86:5c:a2:57:4f:9d:8b:9d:19:04:3b:f9:
2f:01:5d:b2:14:09:13:eb:54:2d:23:7c:5e:26:b6:4f:50:64:
3e:7d:33:82:44:ea:1b:24:7b:3d:85:d1:3f:9b:5e:bf:8b:44:
7e:1f:5f:ad:f6:e2:30:6c:94:37:fa:10:9c:f4:1f:db:03:be:
56:fc:fa:2c:68:8e:f1:72:cb:d7:63:45:25:fc:20:c8:84:b7:
5c:e3:90:07:4f:78:5a:91:21:40:7f:41:62:71:41:7a:45:96:
77:8a:e6:ee:0b:15:ed:fe:bc:eb:be:9e:3e:af:45:93:97:48:
4d:d2:9c:77:6a:7c:4a:87:c7:14:99:73:31:7a:91:48:bc:69:
c5:dd:11:93:de:a2:55:be:06:6f:79:7a:c7:ae:7b:f8:4b:4a:
c0:9b:5b:79:19:8a:e9:81:42:c4:4f:83:5e:35:9c:8a:3c:39:
b4:d6:8f:8f
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICAtcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NERBMkQxMTAvBgNVBAUTKEQ3Q0I2RDFERENGOTM0QTFGNTlFNEZGRTQ5ODJGMEI0
QzUyQzM1RjUwHhcNMjQxMjAzMTg0NDI2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRmNTE4YS04ZWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1KwOZ1+R2Rr+CKAQwNl4NuoO7lEjy/OIuIbvf2bk0TZgFcMkSy7keT7XG0Nk
5YaF+5KpoC79YpawWKi5s3Gx+YOafO0idVlb1AuWrtjPPetfh5guN3UiySJlDzQj
jdB4li5oR4SU4toUw1SjBQ9MEYmbltbN76/pRt4F6lTwKYa4Y6FvgkqUFer35sQL
YYY8dO/Rmt/EPC+NiCgNevP8TiQ/7Y4FB+sbFWi4h3h/K21wKak9qcffRaP1knzS
P7pM6UGDtiGKyfPrRNwNThbi1QBJyVKnCLDIFMvDvxXnqKUSGILM9WIXFZmsFn9A
BRZKBJdJMmxyMO+uoMRGd3GU9wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFHZOgPLj
FGXzeNYGa7ASVj7fG0jPMB8GA1UdIwQYMBaAFNfLbR3c+TSh9Z5P/kmC8LTFLDX1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0REEyRC83MkI1RjI5MkQy
N0QxMUVDQTczRUYxNTRDNEY5QUUwMi8xOHR0SGR6NU5LSDFua18tU1lMd3RNVXNO
ZlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzE4dHRIZHo1TktIMW5rXy1TWUx3dE1Vc05mVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NERBMkQvNzJCNUYyOTJEMjdEMTFFQ0E3M0VGMTU0QzRGOUFFMDIvOUVFNTZERTJC
MUE2MTFFRkFGRjQ4Mzg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBARAdxADBAVCtaADBATAUkADBADAUlwDBAHAUl4DBADAUmQw
DQYJKoZIhvcNAQELBQADggEBABMLtZDecDjcSVdprf3QjBbcH6wRLdwGQVtO0kW4
ON7xkc3EQfv0lqaTJJlr7ZFekc91R17/XT3zhzzR9Q6Z5qihYJkvReXxfrbg64ff
UIZcoldPnYudGQQ7+S8BXbIUCRPrVC0jfF4mtk9QZD59M4JE6hskez2F0T+bXr+L
RH4fX6324jBslDf6EJz0H9sDvlb8+ixojvFyy9djRSX8IMiEt1zjkAdPeFqRIUB/
QWJxQXpFlneK5u4LFe3+vOu+nj6vRZOXSE3SnHdqfEqHxxSZczF6kUi8acXdEZPe
olW+Bm95eseue/hLSsCbW3kZiumBQsRPg141nIo8ObTWj48=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:49 2025 by rpki-client