Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/C22F80E4D1F011EEB68A503EC4F9AE02.roa
File: C22F80E4D1F011EEB68A503EC4F9AE02.roa (raw, json)
Hash identifier: EhrrSjqdpItwnKgZyjyGdRomVZTFKibhS8+HqmDwgfE=
Subject key identifier: 86:46:D0:77:3F:AA:64:7F:4D:4A:E8:3A:61:3C:68:B9:7B:A2:E5:53
Certificate issuer: /CN=A9157861/serialNumber=BD5F088894D9DA7565D4436143EE026C320E4A2A
Certificate serial: 1DC1
Authority key identifier: BD:5F:08:88:94:D9:DA:75:65:D4:43:61:43:EE:02:6C:32:0E:4A:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/C22F80E4D1F011EEB68A503EC4F9AE02.roa
Signing time: Fri 02 Aug 2024 16:33:55 +0000
ROA not before: Fri 02 Aug 2024 16:33:55 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 38176
IP address blocks: 113.208.64.0/23 maxlen: 23
113.208.66.0/24 maxlen: 24
113.208.67.0/24 maxlen: 24
113.208.68.0/24 maxlen: 24
113.208.69.0/24 maxlen: 24
113.208.70.0/24 maxlen: 24
113.208.71.0/24 maxlen: 24
113.208.72.0/24 maxlen: 24
113.208.73.0/24 maxlen: 24
113.208.74.0/24 maxlen: 24
113.208.75.0/24 maxlen: 24
113.208.76.0/24 maxlen: 24
113.208.78.0/24 maxlen: 24
113.208.79.0/24 maxlen: 24
113.208.80.0/24 maxlen: 24
113.208.81.0/24 maxlen: 24
113.208.82.0/24 maxlen: 24
113.208.83.0/24 maxlen: 24
113.208.84.0/24 maxlen: 24
113.208.85.0/24 maxlen: 24
113.208.86.0/24 maxlen: 24
113.208.87.0/24 maxlen: 24
113.208.88.0/24 maxlen: 24
113.208.89.0/24 maxlen: 24
113.208.90.0/24 maxlen: 24
113.208.91.0/24 maxlen: 24
113.208.92.0/24 maxlen: 24
113.208.93.0/24 maxlen: 24
113.208.94.0/24 maxlen: 24
203.202.224.0/23 maxlen: 23
203.202.224.0/24 maxlen: 24
203.202.225.0/24 maxlen: 24
203.202.226.0/23 maxlen: 23
203.202.226.0/24 maxlen: 24
203.202.227.0/24 maxlen: 24
203.202.228.0/23 maxlen: 23
203.202.228.0/24 maxlen: 24
203.202.229.0/24 maxlen: 24
203.202.230.0/23 maxlen: 23
203.202.230.0/24 maxlen: 24
203.202.231.0/24 maxlen: 24
2405:1400::/34 maxlen: 34
2405:1400:4000::/34 maxlen: 34
2405:1400:8000::/34 maxlen: 34
2405:1400:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.crl
rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 16:06:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7617 (0x1dc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157861/serialNumber=BD5F088894D9DA7565D4436143EE026C320E4A2A
Validity
Not Before: Aug 2 16:33:55 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66ad0a73-7ef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:9b:b2:c4:e6:12:13:a9:39:9b:20:51:b7:fb:
d8:94:06:ea:7f:6b:db:62:b6:f4:6f:b1:de:e8:df:
ce:08:9d:65:cf:fd:3a:af:18:40:56:0f:db:ba:05:
dc:1d:61:a3:d3:db:95:44:38:a3:19:93:75:db:02:
0c:bc:8e:4b:a6:cc:2d:92:55:0a:de:25:1a:10:a0:
28:83:8f:03:e1:36:61:6b:dc:f9:f7:7a:f1:2c:74:
56:ba:bf:53:80:b0:fd:4d:62:ba:25:2a:62:d2:b1:
2c:8c:46:8d:b2:9d:94:e3:21:d3:81:e3:7e:00:ef:
b8:75:c7:65:28:8b:3b:e4:18:41:63:fa:63:be:ac:
f0:d9:0f:fb:14:df:d1:d4:28:57:12:70:cd:38:ab:
73:81:7e:e8:24:04:58:cc:7e:f9:a4:68:a3:39:44:
94:97:82:e3:7e:67:98:34:90:e5:cb:73:3d:a3:f5:
e3:c9:0a:7a:fc:f2:0b:f8:1f:16:63:d0:77:da:c1:
2b:b1:b7:da:76:d4:d9:d6:85:14:ab:03:a5:d3:e1:
80:56:40:20:29:d3:2c:48:9a:1e:5d:42:a8:01:a6:
09:3e:f2:47:63:6a:50:de:78:59:5d:df:65:e9:b2:
e1:77:09:71:7c:6b:d1:ba:e4:6f:6b:b7:2a:9b:45:
42:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:46:D0:77:3F:AA:64:7F:4D:4A:E8:3A:61:3C:68:B9:7B:A2:E5:53
X509v3 Authority Key Identifier:
keyid:BD:5F:08:88:94:D9:DA:75:65:D4:43:61:43:EE:02:6C:32:0E:4A:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vV8IiJTZ2nVl1ENhQ-4CbDIOSio.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157861/34D26C88846F11E6A313C022C4F9AE02/C22F80E4D1F011EEB68A503EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.208.64.0-113.208.76.255
113.208.78.0-113.208.94.255
203.202.224.0/21
IPv6:
2405:1400::/32
Signature Algorithm: sha256WithRSAEncryption
4f:6d:ee:5e:dd:2e:5d:bd:c0:28:4c:a2:7e:3e:97:c2:27:6a:
d9:74:40:aa:bb:5b:fb:6a:56:56:96:a5:39:1e:ad:aa:8a:89:
10:68:30:9b:0b:94:94:0a:35:7a:c3:47:aa:5d:d9:52:ff:f7:
c3:8b:86:01:5e:44:0f:88:cb:1e:c5:a2:e8:21:61:9b:3c:63:
9f:c9:85:52:cf:f9:4d:19:3c:53:7b:09:0b:f2:29:73:69:5c:
48:e9:8f:b6:ab:36:09:6a:a9:7a:2c:7b:74:64:75:4f:0f:c8:
d9:78:ce:06:cf:12:43:53:17:33:8c:f1:3f:65:3c:bf:7f:0c:
fc:ea:10:fa:5e:a0:dd:29:77:5a:72:3b:8f:c2:b4:36:e1:0b:
72:b1:a8:12:03:c1:b9:ad:a1:6f:45:94:e9:ce:a7:96:4f:43:
ad:b8:ca:25:5a:c9:9a:20:a4:d4:38:5e:e1:6e:c0:89:36:28:
9c:95:5c:cf:6a:f8:da:dd:38:91:28:0f:b5:69:67:ab:f9:0c:
24:3f:e5:67:10:8f:4e:72:3f:9a:1d:18:2c:e1:e2:3e:94:f6:
05:66:8e:fd:1a:a0:25:59:64:6e:14:d1:57:de:70:24:44:64:
48:6b:49:07:6a:9d:68:01:6e:ef:7c:35:26:c3:38:a1:60:75:
03:a6:6d:11
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgICHcEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTc4NjExMTAvBgNVBAUTKEJENUYwODg4OTREOURBNzU2NUQ0NDM2MTQzRUUwMjZD
MzIwRTRBMkEwHhcNMjQwODAyMTYzMzU1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFkMGE3My03ZWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4JuyxOYSE6k5myBRt/vYlAbqf2vbYrb0b7He6N/OCJ1lz/06rxhAVg/bugXc
HWGj09uVRDijGZN12wIMvI5LpswtklUK3iUaEKAog48D4TZha9z593rxLHRWur9T
gLD9TWK6JSpi0rEsjEaNsp2U4yHTgeN+AO+4dcdlKIs75BhBY/pjvqzw2Q/7FN/R
1ChXEnDNOKtzgX7oJARYzH75pGijOUSUl4LjfmeYNJDly3M9o/XjyQp6/PIL+B8W
Y9B32sErsbfadtTZ1oUUqwOl0+GAVkAgKdMsSJoeXUKoAaYJPvJHY2pQ3nhZXd9l
6bLhdwlxfGvRuuRva7cqm0VC7QIDAQABo4ICwDCCArwwHQYDVR0OBBYEFIZG0Hc/
qmR/TUroOmE8aLl7ouVTMB8GA1UdIwQYMBaAFL1fCIiU2dp1ZdRDYUPuAmwyDkoq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Nzg2MS8zNEQyNkM4ODg0
NkYxMUU2QTMxM0MwMjJDNEY5QUUwMi92VjhJaUpUWjJuVmwxRU5oUS00Q2JESU9T
aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZWOElpSlRaMm5WbDFFTmhRLTRDYkRJT1Npby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTc4NjEvMzREMjZDODg4NDZGMTFFNkEzMTNDMDIyQzRGOUFFMDIvQzIyRjgwRTRE
MUYwMTFFRUI2OEE1MDNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E
OzA5MCgEAgABMCIwDAMEBnHQQAMEAHHQTDAMAwQBcdBOAwQAcdBeAwQDy8rgMA0E
AgACMAcDBQAkBRQAMA0GCSqGSIb3DQEBCwUAA4IBAQBPbe5e3S5dvcAoTKJ+PpfC
J2rZdECqu1v7alZWlqU5Hq2qiokQaDCbC5SUCjV6w0eqXdlS//fDi4YBXkQPiMse
xaLoIWGbPGOfyYVSz/lNGTxTewkL8ilzaVxI6Y+2qzYJaql6LHt0ZHVPD8jZeM4G
zxJDUxczjPE/ZTy/fwz86hD6XqDdKXdacjuPwrQ24QtysagSA8G5raFvRZTpzqeW
T0OtuMolWsmaIKTUOF7hbsCJNiiclVzPavja3TiRKA+1aWer+QwkP+VnEI9Ocj+a
HRgs4eI+lPYFZo79GqAlWWRuFNFX3nAkRGRIa0kHap1oAW7vfDUmwzihYHUDpm0R
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:55:46 2024 by rpki-client on console-fra.rpki-client.org