Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9152F52/88EBCFDC1D4911EAAE775B34C4F9AE02/20F4644647A811EAB74E6635C4F9AE02.roa
File: 20F4644647A811EAB74E6635C4F9AE02.roa (raw, json)
Hash identifier: WV0iaT4o4mWVunpYKv9lK4g2zUj7MAoL1rXYJ9vhunc=
Subject key identifier: D0:22:02:DB:76:26:E3:41:A5:38:4A:DE:74:CC:4C:10:8B:09:85:64
Certificate issuer: /CN=A9152F52/serialNumber=81428A01C51691E7A8C5D843ECB6B1D3D9AE424E
Certificate serial: 0ACA
Authority key identifier: 81:42:8A:01:C5:16:91:E7:A8:C5:D8:43:EC:B6:B1:D3:D9:AE:42:4E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gUKKAcUWkeeoxdhD7Lax09muQk4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9152F52/88EBCFDC1D4911EAAE775B34C4F9AE02/20F4644647A811EAB74E6635C4F9AE02.roa
Signing time: Mon 31 Jul 2023 19:57:26 +0000
ROA not before: Mon 31 Jul 2023 19:57:26 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 24446
IP address blocks: 27.121.64.0/21 maxlen: 21
114.31.72.0/21 maxlen: 21
114.141.204.0/22 maxlen: 22
117.58.248.0/21 maxlen: 21
180.235.128.0/22 maxlen: 22
202.47.0.0/21 maxlen: 21
202.124.240.0/21 maxlen: 21
202.131.95.0/24 maxlen: 24
202.191.60.0/22 maxlen: 22
203.2.122.0/24 maxlen: 24
203.8.188.0/23 maxlen: 23
203.19.190.0/23 maxlen: 23
203.30.252.0/24 maxlen: 24
203.55.142.0/24 maxlen: 24
203.55.143.0/24 maxlen: 24
203.210.96.0/19 maxlen: 19
2403:1400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9152F52/88EBCFDC1D4911EAAE775B34C4F9AE02/gUKKAcUWkeeoxdhD7Lax09muQk4.crl
rsync://rpki.apnic.net/member_repository/A9152F52/88EBCFDC1D4911EAAE775B34C4F9AE02/gUKKAcUWkeeoxdhD7Lax09muQk4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gUKKAcUWkeeoxdhD7Lax09muQk4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 09 Jun 2024 20:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2762 (0xaca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9152F52/serialNumber=81428A01C51691E7A8C5D843ECB6B1D3D9AE424E
Validity
Not Before: Jul 31 19:57:26 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64c81225-02a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:be:78:6d:dc:e2:39:c9:7c:c3:88:0e:c2:38:
aa:10:36:f8:ed:63:7c:57:7a:9e:89:fe:dd:02:06:
22:51:b1:88:18:e0:f6:da:bf:30:67:a0:05:40:0e:
94:a5:5a:79:cc:16:6d:0b:36:65:c9:93:eb:be:28:
f1:4f:bd:ab:0a:5f:5d:ed:03:1f:8f:cd:11:c2:76:
c7:52:e6:02:85:1e:a0:dd:44:7d:ec:ed:aa:5a:c5:
fd:4f:a0:17:a1:0e:c7:f2:c1:b0:42:65:01:86:e8:
9a:31:5a:ce:56:d6:79:6a:b4:22:a6:f0:81:61:20:
b2:eb:17:33:4c:e7:ac:3e:33:b8:be:6f:ab:51:db:
90:ef:d8:fe:1d:8f:ae:9c:50:a9:ad:d8:f5:a9:14:
4a:8e:d3:93:46:34:66:af:b2:59:aa:5a:0d:92:a2:
98:e9:15:0a:77:92:c7:33:ae:41:25:fd:39:bd:24:
8e:b2:3a:d9:32:64:18:a6:84:2c:f5:6f:49:ca:6f:
77:a8:cc:5b:85:df:4b:fa:0e:bb:13:10:f3:41:6c:
70:8c:4f:9c:bb:9c:ba:46:c6:24:1e:2b:07:28:b5:
bb:44:57:be:21:e7:a8:19:e2:45:c7:59:b3:f5:20:
8f:56:d4:3e:52:fa:14:ca:c2:41:9e:cc:7b:06:50:
24:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:22:02:DB:76:26:E3:41:A5:38:4A:DE:74:CC:4C:10:8B:09:85:64
X509v3 Authority Key Identifier:
keyid:81:42:8A:01:C5:16:91:E7:A8:C5:D8:43:EC:B6:B1:D3:D9:AE:42:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9152F52/88EBCFDC1D4911EAAE775B34C4F9AE02/gUKKAcUWkeeoxdhD7Lax09muQk4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gUKKAcUWkeeoxdhD7Lax09muQk4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152F52/88EBCFDC1D4911EAAE775B34C4F9AE02/20F4644647A811EAB74E6635C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.121.64.0/21
114.31.72.0/21
114.141.204.0/22
117.58.248.0/21
180.235.128.0/22
202.47.0.0/21
202.124.240.0/21
202.131.95.0/24
202.191.60.0/22
203.2.122.0/24
203.8.188.0/23
203.19.190.0/23
203.30.252.0/24
203.55.142.0/23
203.210.96.0/19
IPv6:
2403:1400::/32
Signature Algorithm: sha256WithRSAEncryption
dd:26:16:22:51:42:5f:f8:87:80:c5:df:d7:ed:e8:ec:c7:9c:
e5:98:d4:1f:5f:9a:c0:69:fc:0b:83:6b:5d:d5:2d:28:38:e1:
af:01:9d:a1:1d:8c:6e:21:d0:b9:97:ff:e7:f1:c6:68:c9:53:
33:97:62:c4:0d:75:38:8d:48:25:f1:b6:24:9b:0e:39:43:4d:
39:1a:f4:81:b5:25:63:ac:9f:2d:fc:2e:2b:f3:41:66:c9:a3:
8b:cc:ac:28:c7:38:8c:28:3e:ca:d5:53:9a:bf:da:02:f4:51:
82:ee:f0:65:6a:0a:4b:b4:1a:12:a5:25:8d:6e:d5:9c:f0:8f:
88:ef:3b:f3:4b:7a:c8:db:97:11:a6:a3:bf:7a:6a:e0:89:c3:
b8:7a:59:0c:6e:1d:9a:36:73:b1:c8:c8:92:05:ca:f2:31:c4:
2e:11:15:5b:3a:1e:09:50:2b:75:c8:da:e4:ac:e4:0d:f7:a7:
54:6d:29:0f:6f:d1:26:93:0e:8d:3c:2a:e9:b5:d1:3e:5a:4d:
e5:22:8c:73:3f:da:b5:c9:5a:b3:65:96:0b:b8:3b:30:d6:61:
9e:d2:29:73:8f:39:03:4d:47:3b:cf:bf:fd:86:0e:82:e8:c5:
92:5a:9e:b3:0d:05:93:28:a7:68:70:79:54:4f:db:8b:7e:77:
3d:6b:78:69
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgICCsowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJGNTIxMTAvBgNVBAUTKDgxNDI4QTAxQzUxNjkxRTdBOEM1RDg0M0VDQjZCMUQz
RDlBRTQyNEUwHhcNMjMwNzMxMTk1NzI2WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGM4MTIyNS0wMmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyr54bdziOcl8w4gOwjiqEDb47WN8V3qeif7dAgYiUbGIGOD22r8wZ6AFQA6U
pVp5zBZtCzZlyZPrvijxT72rCl9d7QMfj80RwnbHUuYChR6g3UR97O2qWsX9T6AX
oQ7H8sGwQmUBhuiaMVrOVtZ5arQipvCBYSCy6xczTOesPjO4vm+rUduQ79j+HY+u
nFCprdj1qRRKjtOTRjRmr7JZqloNkqKY6RUKd5LHM65BJf05vSSOsjrZMmQYpoQs
9W9Jym93qMxbhd9L+g67ExDzQWxwjE+cu5y6RsYkHisHKLW7RFe+IeeoGeJFx1mz
9SCPVtQ+UvoUysJBnsx7BlAkjQIDAQABo4IC+TCCAvUwHQYDVR0OBBYEFNAiAtt2
JuNBpThK3nTMTBCLCYVkMB8GA1UdIwQYMBaAFIFCigHFFpHnqMXYQ+y2sdPZrkJO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkY1Mi84OEVCQ0ZEQzFE
NDkxMUVBQUU3NzVCMzRDNEY5QUUwMi9nVUtLQWNVV2tlZW94ZGhEN0xheDA5bXVR
azQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dVS0tBY1VXa2Vlb3hkaEQ3TGF4MDltdVFrNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTJGNTIvODhFQkNGREMxRDQ5MTFFQUFFNzc1QjM0QzRGOUFFMDIvMjBGNDY0NDY0
N0E4MTFFQUI3NEU2NjM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYIGCCsGAQUFBwEHAQH/
BHMwcTBgBAIAATBaAwQDG3lAAwQDch9IAwQCco3MAwQDdTr4AwQCtOuAAwQDyi8A
AwQDynzwAwQAyoNfAwQCyr88AwQAywJ6AwQBywi8AwQByxO+AwQAyx78AwQByzeO
AwQFy9JgMA0EAgACMAcDBQAkAxQAMA0GCSqGSIb3DQEBCwUAA4IBAQDdJhYiUUJf
+IeAxd/X7ejsx5zlmNQfX5rAafwLg2td1S0oOOGvAZ2hHYxuIdC5l//n8cZoyVMz
l2LEDXU4jUgl8bYkmw45Q005GvSBtSVjrJ8t/C4r80FmyaOLzKwoxziMKD7K1VOa
v9oC9FGC7vBlagpLtBoSpSWNbtWc8I+I7zvzS3rI25cRpqO/emrgicO4elkMbh2a
NnOxyMiSBcryMcQuERVbOh4JUCt1yNrkrOQN96dUbSkPb9Emkw6NPCrptdE+Wk3l
IoxzP9q1yVqzZZYLuDsw1mGe0ilzjzkDTUc7z7/9hg6C6MWSWp6zDQWTKKdocHlU
T9uLfnc9a3hp
-----END CERTIFICATE-----
Generated at Sun Jun 2 21:14:20 2024 by rpki-client on console-ams.rpki-client.org