Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6136E33A07B511EBBBA2521CC4F9AE02.roa
File: 6136E33A07B511EBBBA2521CC4F9AE02.roa (raw, json)
Hash identifier: 8Q+OjzZN/ayMTw7B4asPpBGcZxQq5JGAHygNoU7Le9M=
Subject key identifier: 9B:42:A8:09:B3:07:79:9D:17:A1:A1:8E:E2:F3:CA:D4:96:89:D5:24
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1E23
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6136E33A07B511EBBBA2521CC4F9AE02.roa
Signing time: Fri 20 Sep 2024 16:34:53 +0000
ROA not before: Fri 20 Sep 2024 16:34:53 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 36678
IP address blocks: 203.14.184.0/22 maxlen: 22
203.14.188.0/24 maxlen: 24
203.14.189.0/24 maxlen: 24
203.19.32.0/22 maxlen: 22
203.19.37.0/24 maxlen: 24
203.19.38.0/24 maxlen: 24
203.25.50.0/24 maxlen: 24
203.25.53.0/24 maxlen: 24
203.25.54.0/24 maxlen: 24
203.33.8.0/22 maxlen: 24
203.34.196.0/24 maxlen: 24
203.56.48.0/23 maxlen: 23
203.80.136.0/23 maxlen: 24
203.80.138.0/23 maxlen: 24
203.128.224.0/24 maxlen: 24
218.30.32.0/24 maxlen: 24
218.30.35.0/24 maxlen: 24
218.30.41.0/24 maxlen: 24
218.30.43.0/24 maxlen: 24
218.30.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 06:14:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7715 (0x1e23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Sep 20 16:34:53 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66eda42c-bc9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4d:b3:87:aa:2a:29:73:52:9b:17:85:06:41:
d0:49:4c:f1:4e:40:ab:10:af:73:4c:1e:94:42:8e:
48:b0:c2:a9:ff:13:d3:e1:2e:39:48:48:60:bc:e0:
e6:9a:d1:d2:12:7a:ab:00:18:c9:7c:b7:51:e2:35:
8d:d5:dd:cd:e8:f9:a9:a2:86:68:30:78:c6:6e:c6:
d0:36:df:c4:8e:77:c1:6c:0b:8a:b6:ef:63:fd:48:
37:50:5c:e3:fc:4d:ed:0b:49:3e:23:5a:44:2d:58:
ce:c5:b4:bf:7b:37:fd:8d:14:69:81:57:63:f8:2b:
97:e9:5f:82:0e:15:ef:c6:ae:f9:32:22:2a:d4:80:
f9:f6:35:16:ec:b7:76:05:0f:eb:47:5e:8a:18:82:
98:74:6d:c6:69:e1:c5:4f:52:9a:92:c1:1a:73:e2:
c5:79:ad:47:9d:d5:54:6a:cb:63:f3:bd:71:ba:03:
dc:2e:12:fd:f8:d6:9e:5f:a2:49:41:8c:49:92:3d:
97:63:bd:3e:bc:aa:5b:00:0c:ad:d0:71:6d:d0:fe:
39:cf:14:17:13:38:a4:be:ae:53:f1:27:24:2d:6e:
0d:29:ec:6e:60:b4:02:d4:da:4c:46:31:02:d6:ff:
37:4a:b4:14:a9:4d:00:3b:4a:95:8a:15:95:d1:46:
33:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:42:A8:09:B3:07:79:9D:17:A1:A1:8E:E2:F3:CA:D4:96:89:D5:24
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6136E33A07B511EBBBA2521CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.14.184.0-203.14.189.255
203.19.32.0/22
203.19.37.0-203.19.38.255
203.25.50.0/24
203.25.53.0-203.25.54.255
203.33.8.0/22
203.34.196.0/24
203.56.48.0/23
203.80.136.0/22
203.128.224.0/24
218.30.32.0/24
218.30.35.0/24
218.30.41.0/24
218.30.43.0-218.30.44.255
Signature Algorithm: sha256WithRSAEncryption
b0:0d:56:43:d1:00:47:e4:f8:66:7f:5f:23:d8:ab:c6:07:75:
61:ba:31:35:ab:02:9e:68:76:ad:a2:5d:d0:81:b6:66:a5:e4:
98:7f:34:cd:97:8a:30:16:de:a0:11:45:cc:27:4d:9b:c5:a0:
6b:d0:ec:e5:56:36:38:e1:ef:f8:71:3a:27:24:a7:ad:ca:f9:
42:c2:60:ff:4e:f3:ea:ae:94:7d:13:40:a7:17:aa:51:2e:bf:
15:6a:47:15:90:73:00:cb:06:fa:bd:2d:d1:26:4f:7d:47:19:
78:53:01:a8:41:11:30:8e:09:72:b7:47:62:bb:c0:15:00:39:
dd:4b:9e:9e:6b:c6:c7:ac:2c:bb:6d:11:27:cb:b8:67:71:23:
7e:e1:c2:61:aa:d8:c9:e6:cb:f4:1e:aa:c2:a7:3c:c7:f3:b0:
6f:26:34:5e:9e:b0:5c:5b:77:73:cc:ca:0a:49:68:0c:b0:5c:
07:36:2f:31:28:46:5d:42:aa:bf:7c:4c:02:dc:29:35:db:87:
23:17:59:98:bd:d3:e7:1d:77:01:fb:14:6e:86:ae:f7:ed:c7:
98:4b:15:6a:bd:30:ec:d0:ce:db:4a:1c:39:cd:e2:04:dc:c7:
05:1e:35:4e:45:38:65:66:f1:cb:f7:92:2c:f5:ae:47:9b:68:
77:97:d1:c7
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgICHiMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjQwOTIwMTYzNDUzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmVkYTQyYy1iYzlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArE2zh6oqKXNSmxeFBkHQSUzxTkCrEK9zTB6UQo5IsMKp/xPT4S45SEhgvODm
mtHSEnqrABjJfLdR4jWN1d3N6PmpooZoMHjGbsbQNt/EjnfBbAuKtu9j/Ug3UFzj
/E3tC0k+I1pELVjOxbS/ezf9jRRpgVdj+CuX6V+CDhXvxq75MiIq1ID59jUW7Ld2
BQ/rR16KGIKYdG3GaeHFT1KaksEac+LFea1HndVUastj871xugPcLhL9+NaeX6JJ
QYxJkj2XY70+vKpbAAyt0HFt0P45zxQXEzikvq5T8SckLW4NKexuYLQC1NpMRjEC
1v83SrQUqU0AO0qVihWV0UYzhQIDAQABo4IDBDCCAwAwHQYDVR0OBBYEFJtCqAmz
B3mdF6GhjuLzytSWidUkMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNjEzNkUzM0Ew
N0I1MTFFQkJCQTI1MjFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgY0GCCsGAQUFBwEHAQH/
BH4wfDB6BAIAATB0MAwDBAPLDrgDBAHLDrwDBALLEyAwDAMEAMsTJQMEAMsTJgME
AMsZMjAMAwQAyxk1AwQAyxk2AwQCyyEIAwQAyyLEAwQByzgwAwQCy1CIAwQAy4Dg
AwQA2h4gAwQA2h4jAwQA2h4pMAwDBADaHisDBADaHiwwDQYJKoZIhvcNAQELBQAD
ggEBALANVkPRAEfk+GZ/XyPYq8YHdWG6MTWrAp5odq2iXdCBtmal5Jh/NM2XijAW
3qARRcwnTZvFoGvQ7OVWNjjh7/hxOickp63K+ULCYP9O8+qulH0TQKcXqlEuvxVq
RxWQcwDLBvq9LdEmT31HGXhTAahBETCOCXK3R2K7wBUAOd1Lnp5rxsesLLttESfL
uGdxI37hwmGq2Mnmy/QeqsKnPMfzsG8mNF6esFxbd3PMygpJaAywXAc2LzEoRl1C
qr98TALcKTXbhyMXWZi90+cddwH7FG6Grvftx5hLFWq9MOzQzttKHDnN4gTcxwUe
NU5FOGVm8cv3kiz1rkebaHeX0cc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:41:15 2024 by rpki-client on console-ams.rpki-client.org