Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914DA2D/72B5F292D27D11ECA73EF154C4F9AE02/B2F10206F3A311EC8804FE09C4F9AE02.roa
File: B2F10206F3A311EC8804FE09C4F9AE02.roa (raw, json)
Hash identifier: SGqEOD9kqAEWwvjfSGBDqxipEX5k0szvlLWgNevkloI=
Subject key identifier: A1:F4:BE:47:B7:B9:CA:31:12:29:2D:E4:BF:2A:79:43:77:A7:6D:61
Certificate issuer: /CN=A914DA2D/serialNumber=D7CB6D1DDCF934A1F59E4FFE4982F0B4C52C35F5
Certificate serial: 0194
Authority key identifier: D7:CB:6D:1D:DC:F9:34:A1:F5:9E:4F:FE:49:82:F0:B4:C5:2C:35:F5
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/18ttHdz5NKH1nk_-SYLwtMUsNfU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914DA2D/72B5F292D27D11ECA73EF154C4F9AE02/B2F10206F3A311EC8804FE09C4F9AE02.roa
Signing time: Wed 10 May 2023 17:26:00 +0000
ROA not before: Wed 10 May 2023 17:26:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17882
IP address blocks: 64.119.16.0/24 maxlen: 24
64.119.17.0/24 maxlen: 24
64.119.18.0/24 maxlen: 24
64.119.19.0/24 maxlen: 24
64.119.20.0/24 maxlen: 24
64.119.21.0/24 maxlen: 24
64.119.22.0/24 maxlen: 24
64.119.23.0/24 maxlen: 24
64.119.24.0/24 maxlen: 24
64.119.25.0/24 maxlen: 24
64.119.26.0/24 maxlen: 24
64.119.27.0/24 maxlen: 24
64.119.28.0/24 maxlen: 24
64.119.29.0/24 maxlen: 24
64.119.30.0/24 maxlen: 24
64.119.31.0/24 maxlen: 24
66.181.160.0/24 maxlen: 24
66.181.161.0/24 maxlen: 24
66.181.162.0/24 maxlen: 24
66.181.163.0/24 maxlen: 24
66.181.164.0/24 maxlen: 24
66.181.165.0/24 maxlen: 24
66.181.166.0/24 maxlen: 24
66.181.167.0/24 maxlen: 24
66.181.168.0/24 maxlen: 24
66.181.169.0/24 maxlen: 24
66.181.170.0/24 maxlen: 24
66.181.171.0/24 maxlen: 24
66.181.172.0/24 maxlen: 24
66.181.173.0/24 maxlen: 24
66.181.174.0/24 maxlen: 24
66.181.175.0/24 maxlen: 24
66.181.176.0/24 maxlen: 24
66.181.177.0/24 maxlen: 24
66.181.178.0/24 maxlen: 24
66.181.179.0/24 maxlen: 24
66.181.180.0/24 maxlen: 24
66.181.181.0/24 maxlen: 24
66.181.182.0/24 maxlen: 24
66.181.183.0/24 maxlen: 24
66.181.184.0/24 maxlen: 24
66.181.185.0/24 maxlen: 24
66.181.186.0/24 maxlen: 24
66.181.187.0/24 maxlen: 24
66.181.188.0/24 maxlen: 24
66.181.189.0/24 maxlen: 24
66.181.190.0/24 maxlen: 24
66.181.191.0/24 maxlen: 24
192.82.64.0/19 maxlen: 19
192.82.64.0/24 maxlen: 24
192.82.65.0/24 maxlen: 24
192.82.66.0/24 maxlen: 24
192.82.67.0/24 maxlen: 24
192.82.68.0/24 maxlen: 24
192.82.69.0/24 maxlen: 24
192.82.70.0/24 maxlen: 24
192.82.71.0/24 maxlen: 24
192.82.72.0/24 maxlen: 24
192.82.73.0/24 maxlen: 24
192.82.74.0/24 maxlen: 24
192.82.75.0/24 maxlen: 24
192.82.76.0/24 maxlen: 24
192.82.77.0/24 maxlen: 24
192.82.78.0/24 maxlen: 24
192.82.79.0/24 maxlen: 24
192.82.80.0/24 maxlen: 24
192.82.81.0/24 maxlen: 24
192.82.82.0/24 maxlen: 24
192.82.83.0/24 maxlen: 24
192.82.84.0/24 maxlen: 24
192.82.85.0/24 maxlen: 24
192.82.86.0/24 maxlen: 24
192.82.87.0/24 maxlen: 24
192.82.88.0/24 maxlen: 24
192.82.89.0/24 maxlen: 24
192.82.90.0/24 maxlen: 24
192.82.91.0/24 maxlen: 24
192.82.92.0/24 maxlen: 24
192.82.93.0/24 maxlen: 24
192.82.94.0/24 maxlen: 24
192.82.95.0/24 maxlen: 24
192.82.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914DA2D/72B5F292D27D11ECA73EF154C4F9AE02/18ttHdz5NKH1nk_-SYLwtMUsNfU.crl
rsync://rpki.apnic.net/member_repository/A914DA2D/72B5F292D27D11ECA73EF154C4F9AE02/18ttHdz5NKH1nk_-SYLwtMUsNfU.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/18ttHdz5NKH1nk_-SYLwtMUsNfU.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 404 (0x194)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914DA2D/serialNumber=D7CB6D1DDCF934A1F59E4FFE4982F0B4C52C35F5
Validity
Not Before: May 10 17:26:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bd3a8-0a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8f:a5:22:3b:fb:25:7d:d4:23:7e:a0:51:8f:
0b:0c:e5:ac:5a:97:7f:04:df:e9:9a:3c:35:8f:ba:
94:3d:45:39:dc:46:36:6a:45:b5:6d:7b:86:64:59:
e5:25:b9:86:9e:2b:26:82:ad:d0:0e:cc:dc:2e:ef:
a6:b0:0b:f1:af:7b:d3:14:76:b3:1d:ed:33:02:8b:
8f:36:a6:45:11:5d:47:ff:29:cf:7a:49:18:06:d8:
01:d9:22:1e:af:9f:3a:4b:48:d7:ba:7e:7e:9b:49:
20:30:5e:76:5c:14:b1:c9:62:b7:50:21:6e:29:99:
0d:90:1b:a8:3a:97:42:d4:1e:1f:c3:52:1d:15:ce:
f3:d7:2a:8d:f9:53:a1:ed:1b:f6:a8:84:fb:2a:3f:
b2:74:1d:7f:d0:de:4d:ee:46:86:63:5e:29:80:94:
8d:d6:6d:a4:1c:2a:3d:ab:d1:a1:d9:2e:8d:b7:66:
de:03:cd:d7:d8:2a:a7:2e:d4:a2:24:12:3f:d4:71:
47:b7:46:b9:16:88:0a:e4:f9:e0:ce:2c:e6:f7:62:
59:64:1c:c7:07:e4:f3:41:5c:a2:67:b9:84:d0:ab:
a5:c4:a3:da:03:4e:1a:9e:ed:15:96:57:c3:c3:04:
d2:e4:22:28:78:7f:54:4d:d5:6e:47:e8:79:ed:ac:
fa:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F4:BE:47:B7:B9:CA:31:12:29:2D:E4:BF:2A:79:43:77:A7:6D:61
X509v3 Authority Key Identifier:
keyid:D7:CB:6D:1D:DC:F9:34:A1:F5:9E:4F:FE:49:82:F0:B4:C5:2C:35:F5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914DA2D/72B5F292D27D11ECA73EF154C4F9AE02/18ttHdz5NKH1nk_-SYLwtMUsNfU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/18ttHdz5NKH1nk_-SYLwtMUsNfU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914DA2D/72B5F292D27D11ECA73EF154C4F9AE02/B2F10206F3A311EC8804FE09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.119.16.0/20
66.181.160.0/19
192.82.64.0/19
192.82.100.0/24
Signature Algorithm: sha256WithRSAEncryption
92:1a:3e:6b:22:db:06:3b:0a:ca:5c:e9:8c:e0:1a:b8:60:75:
fa:78:bb:26:24:12:fb:d8:d4:08:62:95:d1:bf:e0:90:c5:51:
31:17:3c:e0:f6:3e:32:9b:2f:ac:28:ba:81:f6:1b:ba:2a:e2:
4c:f3:fe:4b:86:bc:e4:5a:da:81:5a:3a:fa:0a:5b:b0:76:e6:
a1:7b:ec:5c:48:73:9e:b5:61:a2:e7:79:7d:95:a1:24:86:af:
98:87:7f:92:c7:a9:9d:4c:2a:84:28:c5:89:d5:21:e9:99:b2:
09:db:14:df:cc:36:26:0b:c2:74:6d:30:af:d2:fd:02:72:a8:
35:e1:29:60:df:18:2f:a7:92:3e:19:65:52:1b:da:f4:0b:ae:
9e:63:75:d4:d0:ba:4f:2a:ef:99:d5:b3:8c:f2:7c:4a:84:f4:
5b:d9:67:7f:77:66:be:b2:66:a1:43:21:ec:4a:0b:ba:7f:0f:
97:eb:2b:e5:87:78:a4:e5:da:94:fe:59:2e:0d:ae:e4:16:06:
18:61:40:e4:3e:23:29:93:5c:95:d7:f4:ec:c6:b9:ed:2e:7d:
90:d6:8d:ed:c7:b8:7e:00:3e:45:89:d2:1f:0b:df:fa:91:bb:
f8:27:5f:20:45:6e:a5:bc:aa:17:f8:7d:af:1d:8a:28:29:9d:
6e:18:f2:e8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NERBMkQxMTAvBgNVBAUTKEQ3Q0I2RDFERENGOTM0QTFGNTlFNEZGRTQ5ODJGMEI0
QzUyQzM1RjUwHhcNMjMwNTEwMTcyNjAwWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViZDNhOC0wYTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw4+lIjv7JX3UI36gUY8LDOWsWpd/BN/pmjw1j7qUPUU53EY2akW1bXuGZFnl
JbmGnismgq3QDszcLu+msAvxr3vTFHazHe0zAouPNqZFEV1H/ynPekkYBtgB2SIe
r586S0jXun5+m0kgMF52XBSxyWK3UCFuKZkNkBuoOpdC1B4fw1IdFc7z1yqN+VOh
7Rv2qIT7Kj+ydB1/0N5N7kaGY14pgJSN1m2kHCo9q9Gh2S6Nt2beA83X2CqnLtSi
JBI/1HFHt0a5FogK5Pngzizm92JZZBzHB+TzQVyiZ7mE0KulxKPaA04anu0VllfD
wwTS5CIoeH9UTdVuR+h57az6+QIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFKH0vke3
ucoxEikt5L8qeUN3p21hMB8GA1UdIwQYMBaAFNfLbR3c+TSh9Z5P/kmC8LTFLDX1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0REEyRC83MkI1RjI5MkQy
N0QxMUVDQTczRUYxNTRDNEY5QUUwMi8xOHR0SGR6NU5LSDFua18tU1lMd3RNVXNO
ZlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzE4dHRIZHo1TktIMW5rXy1TWUx3dE1Vc05mVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NERBMkQvNzJCNUYyOTJEMjdEMTFFQ0E3M0VGMTU0QzRGOUFFMDIvQjJGMTAyMDZG
M0EzMTFFQzg4MDRGRTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBARAdxADBAVCtaADBAXAUkADBADAUmQwDQYJKoZIhvcNAQEL
BQADggEBAJIaPmsi2wY7Cspc6YzgGrhgdfp4uyYkEvvY1AhildG/4JDFUTEXPOD2
PjKbL6wouoH2G7oq4kzz/kuGvORa2oFaOvoKW7B25qF77FxIc561YaLneX2VoSSG
r5iHf5LHqZ1MKoQoxYnVIemZsgnbFN/MNiYLwnRtMK/S/QJyqDXhKWDfGC+nkj4Z
ZVIb2vQLrp5jddTQuk8q75nVs4zyfEqE9FvZZ393Zr6yZqFDIexKC7p/D5frK+WH
eKTl2pT+WS4NruQWBhhhQOQ+IymTXJXX9OzGue0ufZDWje3HuH4APkWJ0h8L3/qR
u/gnXyBFbqW8qhf4fa8diigpnW4Y8ug=
-----END CERTIFICATE-----
Generated at Sat May 18 18:21:36 2024 by rpki-client on console-ams.rpki-client.org