Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/EFC569DEE1F711EF86B26817C4F9AE02.roa
File: EFC569DEE1F711EF86B26817C4F9AE02.roa (raw, json)
Hash identifier: LqQwnUilbJ5Nyu5lLSHnzsoPP9b6Z11qewBfqnSZCJw=
Subject key identifier: 45:A7:10:BF:76:18:41:F5:7D:F9:3A:30:DF:65:92:A5:5D:0F:4E:FD
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0C5D
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/EFC569DEE1F711EF86B26817C4F9AE02.roa
Signing time: Wed 05 Feb 2025 20:21:51 +0000
ROA not before: Wed 05 Feb 2025 20:21:51 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 45814
IP address blocks: 14.192.128.0/24 maxlen: 24
14.192.129.0/24 maxlen: 24
14.192.131.0/24 maxlen: 24
14.192.132.0/24 maxlen: 24
14.192.133.0/24 maxlen: 24
14.192.136.0/24 maxlen: 24
14.192.143.0/24 maxlen: 24
14.192.144.0/24 maxlen: 24
14.192.145.0/24 maxlen: 24
14.192.146.0/24 maxlen: 24
14.192.147.0/24 maxlen: 24
14.192.148.0/24 maxlen: 24
14.192.149.0/24 maxlen: 24
14.192.150.0/24 maxlen: 24
14.192.151.0/24 maxlen: 24
14.192.155.0/24 maxlen: 24
14.192.156.0/24 maxlen: 24
14.192.157.0/24 maxlen: 24
14.192.158.0/24 maxlen: 24
14.192.159.0/24 maxlen: 24
43.247.120.0/24 maxlen: 24
43.247.121.0/24 maxlen: 24
43.247.122.0/24 maxlen: 24
43.247.123.0/24 maxlen: 24
103.20.132.0/24 maxlen: 24
103.20.133.0/24 maxlen: 24
103.20.134.0/24 maxlen: 24
103.20.135.0/24 maxlen: 24
111.92.128.0/24 maxlen: 24
111.92.129.0/24 maxlen: 24
111.92.130.0/24 maxlen: 24
111.92.131.0/24 maxlen: 24
111.92.132.0/24 maxlen: 24
111.92.133.0/24 maxlen: 24
111.92.134.0/24 maxlen: 24
111.92.135.0/24 maxlen: 24
111.92.136.0/24 maxlen: 24
111.92.137.0/24 maxlen: 24
111.92.138.0/24 maxlen: 24
111.92.139.0/24 maxlen: 24
111.92.140.0/24 maxlen: 24
111.92.141.0/24 maxlen: 24
111.92.142.0/24 maxlen: 24
111.92.143.0/24 maxlen: 24
111.92.144.0/24 maxlen: 24
111.92.145.0/24 maxlen: 24
111.92.146.0/24 maxlen: 24
111.92.147.0/24 maxlen: 24
111.92.148.0/24 maxlen: 24
111.92.149.0/24 maxlen: 24
111.92.150.0/24 maxlen: 24
111.92.151.0/24 maxlen: 24
2403:7980::/32 maxlen: 32
2403:7980::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3165 (0xc5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD
Validity
Not Before: Feb 5 20:21:51 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67a3c85e-c1e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:73:df:2e:01:40:87:6c:59:02:24:ab:58:6c:
48:3a:2b:99:4f:e9:5c:10:6b:71:e1:e0:e8:b8:8e:
20:69:0f:b4:68:02:b9:9d:c9:17:f3:f5:7f:bb:29:
16:47:44:27:22:68:56:0b:b2:11:a5:69:19:41:80:
a6:c0:e2:5d:d3:77:69:5b:65:cc:c2:48:af:e1:09:
39:e0:b7:fe:df:79:d3:f9:63:28:b1:60:75:06:9e:
21:da:8e:f8:ff:19:00:90:ac:bb:d6:eb:15:e4:e8:
03:6a:31:25:05:2a:be:bb:98:b1:b4:48:c8:ab:4d:
e7:93:70:cc:b3:e6:58:75:b2:f2:37:23:94:74:ff:
15:67:36:9a:c4:9d:b3:68:37:94:43:3f:06:79:ab:
1e:c5:79:de:aa:a3:5b:48:68:14:57:eb:f7:be:cb:
55:a6:ca:30:45:ca:81:da:4f:17:ce:50:77:49:d4:
de:3d:81:bb:a4:06:87:1e:c6:99:aa:ab:2e:5a:6e:
48:e1:90:de:96:0a:97:b9:91:80:13:ed:61:c3:db:
ea:bd:55:b0:6b:bf:ea:a4:e3:e8:24:20:9e:87:39:
9d:b3:97:0a:0a:7b:fa:4f:ef:89:a2:d3:46:fe:be:
20:50:0d:d8:58:e4:2d:cf:a6:ad:98:f8:00:3c:d9:
8f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A7:10:BF:76:18:41:F5:7D:F9:3A:30:DF:65:92:A5:5D:0F:4E:FD
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/EFC569DEE1F711EF86B26817C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.128.0/23
14.192.131.0-14.192.133.255
14.192.136.0/24
14.192.143.0-14.192.151.255
14.192.155.0-14.192.159.255
43.247.120.0/22
103.20.132.0/22
111.92.128.0-111.92.151.255
IPv6:
2403:7980::/32
Signature Algorithm: sha256WithRSAEncryption
11:f0:a4:21:fa:44:fc:1e:e9:0d:ba:f2:d8:91:c2:8d:c2:85:
cf:b8:08:c1:69:4b:97:09:7c:9c:39:f9:20:ed:f3:99:b9:1b:
ac:5f:b2:cc:6b:09:a3:41:12:46:c6:4d:42:06:8e:35:9b:d0:
be:b6:e1:98:58:bf:d2:c1:d6:3e:62:05:99:19:aa:ae:10:9c:
e9:39:42:d0:b2:5a:b6:8b:91:2d:c4:71:62:1e:ff:53:7a:2c:
18:00:0d:d1:72:30:93:50:60:a7:92:99:0c:d4:4f:8d:0a:ea:
68:ac:9b:2f:ef:43:4b:96:44:89:92:74:22:44:22:9e:82:37:
34:d3:85:c0:52:6a:04:97:fd:c0:d8:fd:3f:ee:6d:fd:47:66:
d4:7a:4a:88:ce:5c:51:b2:51:ee:72:4d:df:58:5f:44:1d:45:
63:47:6b:9c:d0:5d:39:8d:6b:c2:da:2b:ca:5a:3a:da:67:e0:
2c:bf:5e:dc:12:93:e9:41:46:fd:5e:55:0a:3d:53:19:0d:48:
76:4a:df:d8:2a:5a:c7:90:77:05:b1:cc:44:70:76:7b:71:10:
42:92:e4:ff:1c:82:43:73:66:63:e8:3d:07:46:3e:1d:a1:c4:
3f:b1:8d:4a:11:b6:43:4d:63:9d:bf:22:40:b7:b0:76:59:dc:
d5:74:85:20
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgICDF0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwMjA1MjAyMTUxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EzYzg1ZS1jMWU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAznPfLgFAh2xZAiSrWGxIOiuZT+lcEGtx4eDouI4gaQ+0aAK5nckX8/V/uykW
R0QnImhWC7IRpWkZQYCmwOJd03dpW2XMwkiv4Qk54Lf+33nT+WMosWB1Bp4h2o74
/xkAkKy71usV5OgDajElBSq+u5ixtEjIq03nk3DMs+ZYdbLyNyOUdP8VZzaaxJ2z
aDeUQz8GeasexXneqqNbSGgUV+v3vstVpsowRcqB2k8XzlB3SdTePYG7pAaHHsaZ
qqsuWm5I4ZDelgqXuZGAE+1hw9vqvVWwa7/qpOPoJCCehzmds5cKCnv6T++JotNG
/r4gUA3YWOQtz6atmPgAPNmPoQIDAQABo4IC7jCCAuowHQYDVR0OBBYEFEWnEL92
GEH1ffk6MN9lkqVdD079MB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvRUZDNTY5REVF
MUY3MTFFRjg2QjI2ODE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwweAYIKwYBBQUHAQcBAf8E
aTBnMFYEAgABMFADBAEOwIAwDAMEAA7AgwMEAQ7AhAMEAA7AiDAMAwQADsCPAwQD
DsCQMAwDBAAOwJsDBAUOwIADBAIr93gDBAJnFIQwDAMEB29cgAMEA29ckDANBAIA
AjAHAwUAJAN5gDANBgkqhkiG9w0BAQsFAAOCAQEAEfCkIfpE/B7pDbry2JHCjcKF
z7gIwWlLlwl8nDn5IO3zmbkbrF+yzGsJo0ESRsZNQgaONZvQvrbhmFi/0sHWPmIF
mRmqrhCc6TlC0LJatouRLcRxYh7/U3osGAAN0XIwk1Bgp5KZDNRPjQrqaKybL+9D
S5ZEiZJ0IkQinoI3NNOFwFJqBJf9wNj9P+5t/Udm1HpKiM5cUbJR7nJN31hfRB1F
Y0drnNBdOY1rwtorylo62mfgLL9e3BKT6UFG/V5VCj1TGQ1Idkrf2Cpax5B3BbHM
RHB2e3EQQpLk/xyCQ3NmY+g9B0Y+HaHEP7GNShG2Q01jnb8iQLewdlnc1XSFIA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:47 2025 by rpki-client