Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa
File: CBAFF664136B11EFB53F2683C4F9AE02.roa (raw, json)
Hash identifier: 7C3EpcIViwZAY4nCzCQCDuQQXNlANXEp+HrUlqwDI+0=
Subject key identifier: A8:A2:32:9F:C5:C6:46:42:E0:A0:4B:DA:05:3A:30:57:52:04:4F:11
Certificate issuer: /CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Certificate serial: 1E32
Authority key identifier: AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa
Signing time: Fri 20 Sep 2024 16:35:07 +0000
ROA not before: Fri 20 Sep 2024 16:35:07 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 58777
IP address blocks: 202.67.0.0/22 maxlen: 24
202.73.128.0/22 maxlen: 24
202.191.72.0/21 maxlen: 24
203.33.67.0/24 maxlen: 24
203.33.68.0/24 maxlen: 24
203.33.73.0/24 maxlen: 24
203.33.79.0/24 maxlen: 24
203.33.100.0/24 maxlen: 24
203.33.122.0/24 maxlen: 24
203.33.129.0/24 maxlen: 24
203.33.131.0/24 maxlen: 24
240e:108:4040::/48 maxlen: 48
240e:108:4047::/48 maxlen: 48
240e:108:4060::/48 maxlen: 48
240e:108:4360::/48 maxlen: 48
240e:108:4820::/48 maxlen: 48
240e:108:4840::/48 maxlen: 48
240e:108:4847::/48 maxlen: 48
240e:108:4860::/48 maxlen: 48
240e:108:4b60::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 06:14:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7730 (0x1e32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4/serialNumber=AD56B67187A98BA314084405797BD9656E8AC8BA
Validity
Not Before: Sep 20 16:35:07 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66eda43b-5603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f2:68:3e:81:7e:ce:f1:cd:2e:42:c9:ee:4e:
14:ee:7e:7e:db:23:d1:d9:91:ef:f8:0b:cf:f1:d8:
5b:05:9e:af:01:8c:41:45:6f:cd:8b:ad:1e:de:0b:
6c:a3:cc:fa:8e:9d:49:31:13:f9:7b:53:73:06:f0:
91:ec:82:b6:b7:32:e7:8f:66:7b:99:f7:db:71:72:
57:3a:9b:14:d2:ad:4d:ca:dd:fc:9a:0c:df:8f:7e:
ce:74:10:29:f2:33:f7:bd:55:9f:93:77:af:c5:a7:
04:38:a8:e8:a2:6e:ff:bf:72:b4:02:e9:03:f6:e0:
9b:03:5e:b2:d6:a3:fd:1f:af:aa:e6:c8:b1:40:27:
78:f5:eb:c5:2e:db:18:a1:e7:2b:8c:d4:cb:72:31:
a1:de:42:af:21:f4:26:8a:55:5d:8a:ce:3b:7e:41:
87:f1:85:e1:97:12:bf:03:ed:a1:76:cd:2e:c4:ad:
fd:33:1b:92:c1:3f:53:8b:1f:3a:70:1f:69:73:01:
d2:8a:8c:11:3a:d2:ec:85:f5:a3:e8:e6:64:5d:5a:
ca:3b:75:a6:06:8f:4c:54:e5:39:a7:3a:ea:0b:a9:
21:08:ae:db:4d:52:f5:fd:bc:c4:41:58:b0:cb:c9:
04:79:68:01:64:39:dc:33:a9:55:cd:b8:9d:ea:0b:
c8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A2:32:9F:C5:C6:46:42:E0:A0:4B:DA:05:3A:30:57:52:04:4F:11
X509v3 Authority Key Identifier:
keyid:AD:56:B6:71:87:A9:8B:A3:14:08:44:05:79:7B:D9:65:6E:8A:C8:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/rVa2cYepi6MUCEQFeXvZZW6KyLo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rVa2cYepi6MUCEQFeXvZZW6KyLo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/6753B8AE257511E7AC0D172AC4F9AE02/CBAFF664136B11EFB53F2683C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.67.0.0/22
202.73.128.0/22
202.191.72.0/21
203.33.67.0-203.33.68.255
203.33.73.0/24
203.33.79.0/24
203.33.100.0/24
203.33.122.0/24
203.33.129.0/24
203.33.131.0/24
IPv6:
240e:108:4040::/48
240e:108:4047::/48
240e:108:4060::/48
240e:108:4360::/48
240e:108:4820::/48
240e:108:4840::/48
240e:108:4847::/48
240e:108:4860::/48
240e:108:4b60::/48
Signature Algorithm: sha256WithRSAEncryption
a9:53:26:f9:fc:1b:a0:6b:f8:ec:17:15:9b:07:46:d2:58:d9:
c7:8e:02:6e:c7:8c:bf:22:71:af:08:2a:b8:b6:86:36:3a:88:
4d:c0:d2:9c:38:01:d5:86:29:2c:fa:95:48:ad:cc:09:60:8d:
a5:10:a2:18:45:35:86:2b:dc:98:5d:e3:32:ab:f1:57:ea:dd:
fc:2c:06:d1:52:b5:ca:27:8c:0a:62:35:57:c2:12:8b:6f:bd:
5c:6c:a0:85:b1:4e:8b:01:35:d8:07:2e:fd:df:9f:8b:83:e0:
8d:fe:33:ba:1a:0c:27:03:05:94:1a:4a:0f:56:3a:dd:4b:2a:
fc:2e:63:86:87:a5:47:b1:57:af:85:a0:77:56:33:b7:83:8b:
1b:fd:74:ea:d1:94:3e:bc:e4:62:7b:58:7a:b0:b6:00:ca:81:
7f:e1:fa:ee:65:be:9b:d6:61:02:74:55:12:6f:63:aa:1f:b7:
16:f7:89:8d:ad:e4:a3:c6:0c:3e:00:d0:a9:11:63:4f:28:a1:
dc:57:82:46:b4:62:6e:b5:03:b5:51:96:05:61:a4:3e:e3:cb:
95:4c:35:95:86:a2:49:00:fd:79:17:ac:62:07:b6:e1:8a:f9:
bf:bd:44:a6:f3:6b:e9:e7:47:39:19:8c:3a:74:c6:83:bd:ad:
0d:92:63:4a
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgICHjIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEFENTZCNjcxODdBOThCQTMxNDA4NDQwNTc5N0JEOTY1
NkU4QUM4QkEwHhcNMjQwOTIwMTYzNTA3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmVkYTQzYi01NjAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0/JoPoF+zvHNLkLJ7k4U7n5+2yPR2ZHv+AvP8dhbBZ6vAYxBRW/Ni60e3gts
o8z6jp1JMRP5e1NzBvCR7IK2tzLnj2Z7mffbcXJXOpsU0q1Nyt38mgzfj37OdBAp
8jP3vVWfk3evxacEOKjoom7/v3K0AukD9uCbA16y1qP9H6+q5sixQCd49evFLtsY
oecrjNTLcjGh3kKvIfQmilVdis47fkGH8YXhlxK/A+2hds0uxK39MxuSwT9Tix86
cB9pcwHSiowROtLshfWj6OZkXVrKO3WmBo9MVOU5pzrqC6khCK7bTVL1/bzEQViw
y8kEeWgBZDncM6lVzbid6gvIjwIDAQABo4IDLzCCAyswHQYDVR0OBBYEFKiiMp/F
xkZC4KBL2gU6MFdSBE8RMB8GA1UdIwQYMBaAFK1WtnGHqYujFAhEBXl72WVuisi6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC82NzUzQjhBRTI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi9yVmEyY1llcGk2TVVDRVFGZVh2WlpXNkt5
TG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JWYTJjWWVwaTZNVUNFUUZlWHZaWlc2S3lMby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNjc1M0I4QUUyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvQ0JBRkY2NjQx
MzZCMTFFRkI1M0YyNjgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbgGCCsGAQUFBwEHAQH/
BIGoMIGlMEoEAgABMEQDBALKQwADBALKSYADBAPKv0gwDAMEAMshQwMEAMshRAME
AMshSQMEAMshTwMEAMshZAMEAMshegMEAMshgQMEAMshgzBXBAIAAjBRAwcAJA4B
CEBAAwcAJA4BCEBHAwcAJA4BCEBgAwcAJA4BCENgAwcAJA4BCEggAwcAJA4BCEhA
AwcAJA4BCEhHAwcAJA4BCEhgAwcAJA4BCEtgMA0GCSqGSIb3DQEBCwUAA4IBAQCp
Uyb5/Buga/jsFxWbB0bSWNnHjgJux4y/InGvCCq4toY2OohNwNKcOAHVhiks+pVI
rcwJYI2lEKIYRTWGK9yYXeMyq/FX6t38LAbRUrXKJ4wKYjVXwhKLb71cbKCFsU6L
ATXYBy7935+Lg+CN/jO6GgwnAwWUGkoPVjrdSyr8LmOGh6VHsVevhaB3VjO3g4sb
/XTq0ZQ+vORie1h6sLYAyoF/4fruZb6b1mECdFUSb2OqH7cW94mNreSjxgw+ANCp
EWNPKKHcV4JGtGJutQO1UZYFYaQ+48uVTDWVhqJJAP15F6xiB7bhivm/vUSm82vp
50c5GYw6dMaDva0NkmNK
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:31:42 2024 by rpki-client on console-fra.rpki-client.org