Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/C22F80E4D1F011EEB68A503EC4F9AE02.roa
File: C22F80E4D1F011EEB68A503EC4F9AE02.roa (raw, json)
Hash identifier: L+Key5WXbk33yKNJ4IIZFpwnG90x0iDCVMA3sY/Pk7U=
Subject key identifier: 94:70:DC:1B:84:0A:9F:48:9B:C2:D9:40:A9:CE:C4:AC:31:1E:84:FA
Certificate issuer: /CN=A9157861/serialNumber=BD5F088894D9DA7565D4436143EE026C320E4A2A
Certificate serial: 1D6A
Authority key identifier: BD:5F:08:88:94:D9:DA:75:65:D4:43:61:43:EE:02:6C:32:0E:4A:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/C22F80E4D1F011EEB68A503EC4F9AE02.roa
Signing time: Mon 26 Feb 2024 02:41:31 +0000
ROA not before: Mon 26 Feb 2024 02:41:31 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 38176
IP address blocks: 113.208.64.0/23 maxlen: 23
113.208.66.0/24 maxlen: 24
113.208.67.0/24 maxlen: 24
113.208.68.0/24 maxlen: 24
113.208.69.0/24 maxlen: 24
113.208.70.0/24 maxlen: 24
113.208.71.0/24 maxlen: 24
113.208.72.0/24 maxlen: 24
113.208.73.0/24 maxlen: 24
113.208.74.0/24 maxlen: 24
113.208.75.0/24 maxlen: 24
113.208.76.0/24 maxlen: 24
113.208.78.0/24 maxlen: 24
113.208.79.0/24 maxlen: 24
113.208.80.0/24 maxlen: 24
113.208.81.0/24 maxlen: 24
113.208.82.0/24 maxlen: 24
113.208.83.0/24 maxlen: 24
113.208.84.0/24 maxlen: 24
113.208.85.0/24 maxlen: 24
113.208.86.0/24 maxlen: 24
113.208.87.0/24 maxlen: 24
113.208.88.0/24 maxlen: 24
113.208.89.0/24 maxlen: 24
113.208.90.0/24 maxlen: 24
113.208.91.0/24 maxlen: 24
113.208.92.0/24 maxlen: 24
113.208.93.0/24 maxlen: 24
113.208.94.0/24 maxlen: 24
203.202.224.0/23 maxlen: 23
203.202.224.0/24 maxlen: 24
203.202.225.0/24 maxlen: 24
203.202.226.0/23 maxlen: 23
203.202.226.0/24 maxlen: 24
203.202.227.0/24 maxlen: 24
203.202.228.0/23 maxlen: 23
203.202.228.0/24 maxlen: 24
203.202.229.0/24 maxlen: 24
203.202.230.0/23 maxlen: 23
203.202.230.0/24 maxlen: 24
203.202.231.0/24 maxlen: 24
2405:1400::/34 maxlen: 34
2405:1400:4000::/34 maxlen: 34
2405:1400:8000::/34 maxlen: 34
2405:1400:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.crl
rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7530 (0x1d6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157861/serialNumber=BD5F088894D9DA7565D4436143EE026C320E4A2A
Validity
Not Before: Feb 26 02:41:31 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65dbfa5b-666d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:56:ff:d7:cf:82:3a:f9:39:c3:3a:00:8b:5d:
ce:fc:9d:3a:fc:2a:55:ca:b3:f6:25:88:83:26:ce:
f6:dc:39:4b:f5:09:1d:b6:1b:ae:04:9d:dc:dc:ff:
c2:f3:be:53:42:58:3d:51:b5:58:46:4c:16:40:cb:
bb:a5:0e:ca:d5:38:72:78:ec:b4:8d:e8:77:13:5f:
5f:0c:68:1e:1a:5f:23:30:15:d2:8f:6c:0e:99:8a:
e5:cd:0f:77:1c:a1:8d:4d:5d:44:47:96:3f:90:12:
76:88:fc:e0:36:69:22:2b:a4:9b:26:96:f3:f4:e0:
51:84:ff:ed:61:9e:89:db:87:a4:61:ee:59:b1:0e:
10:4f:87:d8:0b:ae:cf:50:b1:47:1f:e7:d0:10:10:
96:14:10:71:d1:a0:01:fd:99:55:97:03:9a:dc:95:
a7:1c:96:da:4c:39:fd:ff:36:11:f2:55:c7:5b:32:
1f:b4:35:1a:38:27:17:c8:44:1d:77:c5:ce:fb:ac:
2b:0e:17:dc:31:6d:13:cc:39:74:f4:cf:bb:15:2a:
66:2d:f3:e1:06:03:d6:e0:75:e6:be:ab:d6:d8:f4:
c4:88:94:78:92:37:3d:4d:a4:b2:8b:7f:cf:92:5f:
4f:f2:fa:52:f5:9a:25:e4:a5:93:76:83:93:89:13:
f0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:70:DC:1B:84:0A:9F:48:9B:C2:D9:40:A9:CE:C4:AC:31:1E:84:FA
X509v3 Authority Key Identifier:
keyid:BD:5F:08:88:94:D9:DA:75:65:D4:43:61:43:EE:02:6C:32:0E:4A:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/C22F80E4D1F011EEB68A503EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.208.64.0-113.208.76.255
113.208.78.0-113.208.94.255
203.202.224.0/21
IPv6:
2405:1400::/32
Signature Algorithm: sha256WithRSAEncryption
48:8f:60:f4:c2:42:00:47:7d:90:5d:49:fa:91:83:6e:b8:a0:
77:fa:c6:07:f9:3a:f7:c4:f7:50:c5:b5:0d:bc:50:91:59:23:
5f:68:84:e0:b1:ef:cb:f1:97:ee:3e:bf:56:38:32:b3:e5:79:
51:c3:e0:c5:22:07:50:fa:88:13:dc:0b:d8:ff:92:79:fb:2f:
e6:0c:ae:23:3b:85:15:c7:27:7c:c3:b2:98:b6:f1:40:3a:70:
31:6a:89:16:42:83:55:bc:fb:57:b7:a0:85:52:cd:7f:e7:18:
d5:1e:ba:58:f8:fc:f7:8b:69:60:11:d9:8a:a1:0a:66:57:20:
b9:97:6c:31:7a:26:5e:7d:3f:3d:47:53:81:3b:a2:99:e5:a5:
2c:c7:41:18:dc:ae:07:32:11:ed:9e:72:a3:b4:60:93:97:b7:
7e:d8:29:3b:a2:fa:6a:b7:04:14:31:ed:b9:86:13:bd:c7:75:
cd:57:e7:6e:21:2e:ff:a8:6d:97:76:83:c6:dd:cd:3a:f8:f3:
31:53:2c:15:f5:7d:07:8d:3c:b4:c6:66:a8:57:06:21:07:01:
04:da:98:c4:76:04:f9:af:ca:13:21:5c:aa:96:36:33:25:73:
1f:fd:7a:e5:a0:37:91:d1:31:f9:43:a5:b1:fb:a7:67:e2:80:
1b:a2:2e:a6
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgICHWowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTc4NjExMTAvBgNVBAUTKEJENUYwODg4OTREOURBNzU2NUQ0NDM2MTQzRUUwMjZD
MzIwRTRBMkEwHhcNMjQwMjI2MDI0MTMxWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWRiZmE1Yi02NjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsFb/18+COvk5wzoAi13O/J06/CpVyrP2JYiDJs723DlL9QkdthuuBJ3c3P/C
875TQlg9UbVYRkwWQMu7pQ7K1ThyeOy0jeh3E19fDGgeGl8jMBXSj2wOmYrlzQ93
HKGNTV1ER5Y/kBJ2iPzgNmkiK6SbJpbz9OBRhP/tYZ6J24ekYe5ZsQ4QT4fYC67P
ULFHH+fQEBCWFBBx0aAB/ZlVlwOa3JWnHJbaTDn9/zYR8lXHWzIftDUaOCcXyEQd
d8XO+6wrDhfcMW0TzDl09M+7FSpmLfPhBgPW4HXmvqvW2PTEiJR4kjc9TaSyi3/P
kl9P8vpS9Zol5KWTdoOTiRPwDQIDAQABo4ICwDCCArwwHQYDVR0OBBYEFJRw3BuE
Cp9Im8LZQKnOxKwxHoT6MB8GA1UdIwQYMBaAFL1fCIiU2dp1ZdRDYUPuAmwyDkoq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Nzg2MS8zNEQyNkM4ODg0
NkYxMUU2QTMxM0MwMjJDNEY5QUUwMi92VjhJaUpUWjJuVmwxRU5oUS00Q2JESU9T
aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZWOElpSlRaMm5WbDFFTmhRLTRDYkRJT1Npby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTc4NjEvMzREMjZDODg4NDZGMTFFNkEzMTNDMDIyQzRGOUFFMDIvQzIyRjgwRTRE
MUYwMTFFRUI2OEE1MDNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E
OzA5MCgEAgABMCIwDAMEBnHQQAMEAHHQTDAMAwQBcdBOAwQAcdBeAwQDy8rgMA0E
AgACMAcDBQAkBRQAMA0GCSqGSIb3DQEBCwUAA4IBAQBIj2D0wkIAR32QXUn6kYNu
uKB3+sYH+Tr3xPdQxbUNvFCRWSNfaITgse/L8ZfuPr9WODKz5XlRw+DFIgdQ+ogT
3AvY/5J5+y/mDK4jO4UVxyd8w7KYtvFAOnAxaokWQoNVvPtXt6CFUs1/5xjVHrpY
+Pz3i2lgEdmKoQpmVyC5l2wxeiZefT89R1OBO6KZ5aUsx0EY3K4HMhHtnnKjtGCT
l7d+2Ck7ovpqtwQUMe25hhO9x3XNV+duIS7/qG2XdoPG3c06+PMxUywV9X0HjTy0
xmaoVwYhBwEE2pjEdgT5r8oTIVyqljYzJXMf/XrloDeR0TH5Q6Wx+6dn4oAboi6m
-----END CERTIFICATE-----
Generated at Sat May 18 16:57:53 2024 by rpki-client on console-fra.rpki-client.org