Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6136E33A07B511EBBBA2521CC4F9AE02.roa
File: 6136E33A07B511EBBBA2521CC4F9AE02.roa (raw, json)
Hash identifier: 5gHU3jFy7z5LFTCYTejSXIjJ97wSczI/IE08RPi+Juw=
Subject key identifier: A4:38:97:EB:86:F3:0B:0D:4A:58:44:F8:D4:20:48:89:31:CB:BB:AA
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1D2D
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6136E33A07B511EBBBA2521CC4F9AE02.roa
Signing time: Tue 02 Jan 2024 16:54:29 +0000
ROA not before: Tue 02 Jan 2024 16:54:29 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 36678
IP address blocks: 203.14.184.0/22 maxlen: 22
203.14.188.0/24 maxlen: 24
203.14.189.0/24 maxlen: 24
203.19.32.0/22 maxlen: 22
203.19.37.0/24 maxlen: 24
203.19.38.0/24 maxlen: 24
203.25.50.0/24 maxlen: 24
203.25.53.0/24 maxlen: 24
203.25.54.0/24 maxlen: 24
203.33.8.0/22 maxlen: 24
203.34.196.0/24 maxlen: 24
203.56.48.0/23 maxlen: 23
203.80.136.0/23 maxlen: 24
203.80.138.0/23 maxlen: 24
203.128.224.0/24 maxlen: 24
218.30.32.0/24 maxlen: 24
218.30.35.0/24 maxlen: 24
218.30.41.0/24 maxlen: 24
218.30.43.0/24 maxlen: 24
218.30.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7469 (0x1d2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Jan 2 16:54:29 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65943fc4-5a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:cb:82:a2:0b:72:ed:d7:cf:cb:77:89:db:15:
f0:0a:b2:b4:9c:7b:35:4a:71:91:14:f9:55:f1:97:
90:38:20:1a:9a:7c:33:db:6c:36:3d:c2:86:2b:dd:
6d:11:83:a3:13:05:06:bd:76:75:8c:fb:98:52:36:
ea:94:d0:f4:f7:d7:ca:60:30:1d:28:b4:9d:35:63:
93:30:55:96:eb:7f:9b:4d:9c:82:7c:5f:84:06:85:
14:1f:91:ca:a3:45:40:6f:8b:49:c6:79:a9:9f:11:
bc:84:3c:a1:eb:0f:7c:0a:d0:34:e8:dc:cd:18:50:
dc:f4:16:d9:67:5f:a1:fe:28:bd:70:c3:5b:04:25:
95:89:c5:bc:59:f5:59:71:49:1f:32:ff:14:15:af:
15:57:20:9b:fe:e9:40:d0:dc:e8:a3:1c:31:86:29:
2f:5a:61:75:f4:98:ab:76:97:7e:18:95:74:e5:17:
87:e1:aa:fa:69:cc:20:85:89:fc:f8:1d:77:b7:3e:
32:f6:e6:61:8e:b7:d3:18:4c:c8:2b:74:6e:66:61:
96:6d:45:94:60:a3:bc:11:94:3c:87:69:ee:d7:69:
14:2e:44:e5:3f:85:7b:bd:9c:39:07:80:10:82:03:
e9:91:c3:2e:c8:ee:e6:48:00:af:ee:54:f6:b9:f3:
00:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:38:97:EB:86:F3:0B:0D:4A:58:44:F8:D4:20:48:89:31:CB:BB:AA
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/6136E33A07B511EBBBA2521CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.14.184.0-203.14.189.255
203.19.32.0/22
203.19.37.0-203.19.38.255
203.25.50.0/24
203.25.53.0-203.25.54.255
203.33.8.0/22
203.34.196.0/24
203.56.48.0/23
203.80.136.0/22
203.128.224.0/24
218.30.32.0/24
218.30.35.0/24
218.30.41.0/24
218.30.43.0-218.30.44.255
Signature Algorithm: sha256WithRSAEncryption
14:ed:df:20:0e:c6:de:0f:80:6f:87:98:4d:0b:81:30:27:ef:
90:38:d5:71:cc:8e:da:56:78:d4:b2:58:7c:01:53:77:7b:f2:
1c:ad:29:e1:b0:da:89:0d:1c:f6:e9:67:66:98:b2:9c:37:d0:
ae:be:65:b4:54:77:46:37:71:45:fd:09:d9:c0:54:b5:95:58:
02:00:c6:d6:ca:ea:2f:30:d9:7d:f8:a2:8d:83:2b:72:e1:12:
73:ab:76:0b:ed:c7:3c:fe:8b:22:e6:5a:fb:1c:de:8b:63:14:
54:88:c4:b4:82:f9:16:44:21:82:43:b9:80:f6:42:47:a2:65:
63:71:ff:f3:b6:8c:67:ac:c3:6a:c2:68:f4:3b:c8:44:e6:71:
a3:50:93:88:94:62:d2:53:ca:82:bf:f3:14:17:e1:9d:61:6a:
65:50:28:9a:df:ba:64:24:fc:1b:ab:13:ce:c1:8c:43:20:19:
2f:f4:6c:26:76:4d:e7:f7:9e:1a:38:3f:e1:22:0c:c4:c7:0d:
c3:ef:44:a9:a8:ef:7d:39:3a:a1:12:01:1d:3c:a8:28:82:91:
a9:9c:20:59:5c:7a:a8:16:f2:df:39:2f:be:01:b8:4d:5f:43:
d1:d3:99:55:fa:13:f6:c3:a6:2b:f1:9d:6e:e1:be:23:3b:14:
54:68:fd:f0
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgICHS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjQwMTAyMTY1NDI5WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk0M2ZjNC01YTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5MuCogty7dfPy3eJ2xXwCrK0nHs1SnGRFPlV8ZeQOCAamnwz22w2PcKGK91t
EYOjEwUGvXZ1jPuYUjbqlND099fKYDAdKLSdNWOTMFWW63+bTZyCfF+EBoUUH5HK
o0VAb4tJxnmpnxG8hDyh6w98CtA06NzNGFDc9BbZZ1+h/ii9cMNbBCWVicW8WfVZ
cUkfMv8UFa8VVyCb/ulA0NzooxwxhikvWmF19Jirdpd+GJV05ReH4ar6acwghYn8
+B13tz4y9uZhjrfTGEzIK3RuZmGWbUWUYKO8EZQ8h2nu12kULkTlP4V7vZw5B4AQ
ggPpkcMuyO7mSACv7lT2ufMAbwIDAQABo4IDBDCCAwAwHQYDVR0OBBYEFKQ4l+uG
8wsNSlhE+NQgSIkxy7uqMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvNjEzNkUzM0Ew
N0I1MTFFQkJCQTI1MjFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgY0GCCsGAQUFBwEHAQH/
BH4wfDB6BAIAATB0MAwDBAPLDrgDBAHLDrwDBALLEyAwDAMEAMsTJQMEAMsTJgME
AMsZMjAMAwQAyxk1AwQAyxk2AwQCyyEIAwQAyyLEAwQByzgwAwQCy1CIAwQAy4Dg
AwQA2h4gAwQA2h4jAwQA2h4pMAwDBADaHisDBADaHiwwDQYJKoZIhvcNAQELBQAD
ggEBABTt3yAOxt4PgG+HmE0LgTAn75A41XHMjtpWeNSyWHwBU3d78hytKeGw2okN
HPbpZ2aYspw30K6+ZbRUd0Y3cUX9CdnAVLWVWAIAxtbK6i8w2X34oo2DK3LhEnOr
dgvtxzz+iyLmWvsc3otjFFSIxLSC+RZEIYJDuYD2QkeiZWNx//O2jGesw2rCaPQ7
yETmcaNQk4iUYtJTyoK/8xQX4Z1hamVQKJrfumQk/BurE87BjEMgGS/0bCZ2Tef3
nho4P+EiDMTHDcPvRKmo7305OqESAR08qCiCkamcIFlceqgW8t85L74BuE1fQ9HT
mVX6E/bDpivxnW7hviM7FFRo/fA=
-----END CERTIFICATE-----
Generated at Sat May 18 18:21:36 2024 by rpki-client on console-ams.rpki-client.org