Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/B80AFEB204D311E9A6452047C4F9AE02.roa
File: B80AFEB204D311E9A6452047C4F9AE02.roa (raw, json)
Hash identifier: 6HE5O99pqJim2+vH0iQ0dMVLinr4ximICB9GUIsNd6c=
Subject key identifier: 7D:97:63:7B:31:7F:7F:37:A7:95:F2:10:90:3D:FA:9B:E9:B6:01:AA
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1D34
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/B80AFEB204D311E9A6452047C4F9AE02.roa
Signing time: Tue 02 Jan 2024 16:54:36 +0000
ROA not before: Tue 02 Jan 2024 16:54:36 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 4816
IP address blocks: 121.11.96.0/20 maxlen: 20
121.11.112.0/21 maxlen: 21
121.12.80.0/21 maxlen: 21
121.14.72.0/21 maxlen: 21
121.14.80.0/21 maxlen: 21
121.14.88.0/21 maxlen: 21
121.14.96.0/21 maxlen: 21
121.14.104.0/21 maxlen: 21
121.14.112.0/21 maxlen: 21
121.14.120.0/21 maxlen: 21
121.35.254.0/24 maxlen: 24
125.91.16.0/20 maxlen: 20
125.91.32.0/19 maxlen: 19
125.91.64.0/19 maxlen: 19
125.91.104.0/21 maxlen: 21
125.91.112.0/20 maxlen: 20
125.91.128.0/21 maxlen: 21
125.91.136.0/22 maxlen: 22
125.91.140.0/23 maxlen: 23
202.104.128.0/24 maxlen: 24
202.104.139.0/24 maxlen: 24
218.18.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 16:54:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7476 (0x1d34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Jan 2 16:54:36 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65943fcb-d43d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4b:15:db:95:cc:48:b7:f0:d0:79:77:2f:f4:
78:04:3d:e9:ba:86:27:fb:79:62:d6:8b:41:37:5b:
f5:b2:04:6b:de:2d:71:7d:e6:46:67:67:9a:ea:4a:
6c:dc:64:51:16:8c:db:a1:dc:95:7f:7e:5d:50:38:
7d:6c:80:ab:97:31:d7:44:4c:9d:72:c8:9a:03:4c:
56:75:1d:99:0d:70:7f:8d:65:d0:c1:04:4f:4b:e7:
58:2f:5b:3b:6d:8a:59:80:0d:f2:20:e8:d6:ee:d0:
41:d5:cd:b7:36:de:19:45:14:17:f5:c9:a2:f0:d0:
6b:5a:65:f6:fe:49:55:d5:7c:56:4f:f4:47:88:ff:
24:84:da:41:32:73:f2:f9:a9:8d:b0:cc:66:be:f0:
b7:fc:5d:1a:7e:ee:2e:cb:84:4a:79:ce:ad:1f:16:
8f:fd:b4:8e:73:b4:7d:62:ef:f6:b8:3a:fd:9c:22:
6e:4d:71:b4:d6:ee:e9:51:1e:6a:58:19:44:da:1f:
d6:20:11:dd:c4:fc:1b:e4:c0:f2:cf:1c:12:40:3c:
6a:04:a5:e6:88:5f:a1:5a:e8:36:47:a4:72:39:14:
ab:bc:2c:54:bf:71:68:5e:ea:a3:03:ec:f2:b9:d5:
29:3e:89:5a:c7:95:b5:34:aa:64:c0:50:dd:99:8c:
b2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:97:63:7B:31:7F:7F:37:A7:95:F2:10:90:3D:FA:9B:E9:B6:01:AA
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/B80AFEB204D311E9A6452047C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.11.96.0-121.11.119.255
121.12.80.0/21
121.14.72.0-121.14.127.255
121.35.254.0/24
125.91.16.0-125.91.95.255
125.91.104.0-125.91.141.255
202.104.128.0/24
202.104.139.0/24
218.18.95.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:97:68:86:fb:19:73:0e:52:fa:ef:f3:b0:cc:24:40:38:52:
5f:23:02:de:ce:1d:71:a5:58:9a:b9:01:5c:c1:b6:93:c0:07:
d1:67:46:f3:d1:14:87:9c:f3:48:de:08:55:99:72:b6:cf:70:
8c:93:ea:84:6a:9e:da:4b:b7:02:c5:7e:4e:de:63:a5:0b:4b:
4a:c2:53:53:a6:94:4c:c5:38:61:04:13:7a:32:f5:16:d4:7c:
2f:0c:b3:1c:29:2a:54:f2:27:23:60:72:2f:73:bf:48:62:ea:
25:86:8d:d6:07:3b:13:94:f2:f2:41:94:3a:0e:56:84:cb:6f:
04:7f:2e:e6:98:15:a9:55:d2:ff:ed:c8:99:1b:05:03:3d:51:
b9:1a:f8:95:98:e5:f2:cf:31:ca:11:d5:9d:f6:ef:a7:63:a9:
ad:ca:7d:a2:3d:f9:08:72:51:78:12:74:5e:b4:1b:1b:b7:cd:
2c:d4:6a:cc:16:6f:ee:51:2d:5c:ff:fd:97:5e:48:8f:cb:81:
ba:9f:0c:4e:1c:8d:3b:49:69:3a:2a:f6:ca:86:39:41:b1:b6:
ca:ce:c1:76:c0:1f:eb:f4:88:39:b7:7f:37:e4:0f:1e:f6:ee:
89:2b:17:e3:a5:31:f6:a4:f8:c6:66:d4:3c:a2:b8:a7:10:b5:
83:af:f4:f3
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgICHTQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjQwMTAyMTY1NDM2WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk0M2ZjYi1kNDNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwUsV25XMSLfw0Hl3L/R4BD3puoYn+3li1otBN1v1sgRr3i1xfeZGZ2ea6kps
3GRRFozbodyVf35dUDh9bICrlzHXREydcsiaA0xWdR2ZDXB/jWXQwQRPS+dYL1s7
bYpZgA3yIOjW7tBB1c23Nt4ZRRQX9cmi8NBrWmX2/klV1XxWT/RHiP8khNpBMnPy
+amNsMxmvvC3/F0afu4uy4RKec6tHxaP/bSOc7R9Yu/2uDr9nCJuTXG01u7pUR5q
WBlE2h/WIBHdxPwb5MDyzxwSQDxqBKXmiF+hWug2R6RyORSrvCxUv3FoXuqjA+zy
udUpPolax5W1NKpkwFDdmYyycwIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFH2XY3sx
f383p5XyEJA9+pvptgGqMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvQjgwQUZFQjIw
NEQzMTFFOUE2NDUyMDQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbwYIKwYBBQUHAQcBAf8E
YDBeMFwEAgABMFYwDAMEBXkLYAMEA3kLcAMEA3kMUDAMAwQDeQ5IAwQHeQ4AAwQA
eSP+MAwDBAR9WxADBAV9W0AwDAMEA31baAMEAX1bjAMEAMpogAMEAMpoiwMEANoS
XzANBgkqhkiG9w0BAQsFAAOCAQEArJdohvsZcw5S+u/zsMwkQDhSXyMC3s4dcaVY
mrkBXMG2k8AH0WdG89EUh5zzSN4IVZlyts9wjJPqhGqe2ku3AsV+Tt5jpQtLSsJT
U6aUTMU4YQQTejL1FtR8LwyzHCkqVPInI2ByL3O/SGLqJYaN1gc7E5Ty8kGUOg5W
hMtvBH8u5pgVqVXS/+3ImRsFAz1RuRr4lZjl8s8xyhHVnfbvp2Oprcp9oj35CHJR
eBJ0XrQbG7fNLNRqzBZv7lEtXP/9l15Ij8uBup8MThyNO0lpOir2yoY5QbG2ys7B
dsAf6/SIObd/N+QPHvbuiSsX46Ux9qT4xmbUPKK4pxC1g6/08w==
-----END CERTIFICATE-----
Generated at Thu May 16 18:26:04 2024 by rpki-client on console-fra.rpki-client.org