Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/AB9340DC856911EFB7CEE880C4F9AE02.roa
File: AB9340DC856911EFB7CEE880C4F9AE02.roa (raw, json)
Hash identifier: GC0LIG7423ohW4FccLgZPOiT8SAIOKsc81Zm4Fbij5g=
Subject key identifier: 61:81:CF:36:90:22:3E:BF:F6:53:E3:37:6E:2F:FB:B7:55:5B:49:10
Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Certificate serial: 191B
Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/AB9340DC856911EFB7CEE880C4F9AE02.roa
Signing time: Tue 08 Oct 2024 11:37:17 +0000
ROA not before: Tue 08 Oct 2024 11:37:17 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 20940
IP address blocks: 43.249.213.0/24 maxlen: 24
43.254.120.0/22 maxlen: 22
59.151.128.0/18 maxlen: 18
60.254.128.0/18 maxlen: 18
60.254.143.0/24 maxlen: 24
60.254.148.0/24 maxlen: 24
60.254.173.0/24 maxlen: 24
103.238.148.0/22 maxlen: 22
118.214.0.0/16 maxlen: 16
118.214.1.0/24 maxlen: 24
118.214.167.0/24 maxlen: 24
118.214.171.0/24 maxlen: 24
118.214.178.0/24 maxlen: 24
118.214.181.0/24 maxlen: 24
118.214.185.0/24 maxlen: 24
118.214.186.0/24 maxlen: 24
118.214.187.0/24 maxlen: 24
118.214.188.0/23 maxlen: 23
118.214.190.0/24 maxlen: 24
118.215.0.0/17 maxlen: 17
118.215.128.0/18 maxlen: 18
122.252.32.0/19 maxlen: 19
122.252.128.0/20 maxlen: 20
125.56.128.0/17 maxlen: 17
125.56.184.0/24 maxlen: 24
125.56.185.0/24 maxlen: 24
125.56.186.0/24 maxlen: 24
125.56.199.0/24 maxlen: 24
125.56.201.0/24 maxlen: 24
125.56.205.0/24 maxlen: 24
125.56.218.0/24 maxlen: 24
125.56.219.0/24 maxlen: 24
125.56.222.0/24 maxlen: 24
125.252.192.0/18 maxlen: 18
125.252.224.0/24 maxlen: 24
2405:9600::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl
rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 16:27:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6427 (0x191b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Validity
Not Before: Oct 8 11:37:17 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6705196d-a7ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:07:dd:00:88:46:7a:9b:c9:16:9d:e0:4c:14:
8c:07:45:96:e8:b2:f6:52:47:53:cf:ef:1b:bd:e7:
b8:ef:21:90:0d:90:8e:fc:be:f1:f4:1b:fa:df:45:
43:51:8e:e4:8b:22:58:46:5c:76:cb:fb:61:dc:90:
bf:07:84:9a:22:d1:d7:d5:3e:f0:9a:6f:5a:ca:ec:
27:21:ca:a8:56:4a:58:ff:15:a6:d3:91:03:51:21:
3c:fc:9c:60:65:c8:c4:13:0b:b9:44:e6:16:62:4e:
85:01:e3:01:b5:5d:ef:e1:d1:10:06:5c:85:17:6d:
21:67:17:1b:09:3a:45:a0:1c:91:7e:8e:41:b6:f3:
38:51:30:a9:cb:3e:87:e1:2d:db:7e:92:fb:e6:93:
cb:a0:71:09:3c:9c:c5:8f:d4:1c:b4:3a:91:25:9a:
79:52:b8:69:af:27:6f:1a:88:62:34:12:ec:9e:28:
66:63:29:64:78:20:24:36:a1:7d:5e:3c:1a:5c:b7:
b8:3e:21:ae:d3:02:76:9c:fe:e9:48:af:ee:42:94:
c1:c8:84:0a:54:70:6a:72:a0:82:03:06:fa:da:26:
6b:ac:89:f7:d3:58:50:c5:74:3a:7c:a5:ee:58:75:
22:cc:21:cb:17:61:8b:06:d3:1d:b3:2d:22:21:2e:
2f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:81:CF:36:90:22:3E:BF:F6:53:E3:37:6E:2F:FB:B7:55:5B:49:10
X509v3 Authority Key Identifier:
keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/AB9340DC856911EFB7CEE880C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.213.0/24
43.254.120.0/22
59.151.128.0/18
60.254.128.0/18
103.238.148.0/22
118.214.0.0-118.215.191.255
122.252.32.0/19
122.252.128.0/20
125.56.128.0/17
125.252.192.0/18
IPv6:
2405:9600::/32
Signature Algorithm: sha256WithRSAEncryption
04:af:f2:dc:06:63:24:3c:25:c2:02:35:3f:02:32:0f:5c:99:
de:de:5a:80:b2:2a:96:2d:3d:0e:fa:0c:81:f0:5e:31:bb:23:
19:18:76:74:85:69:32:57:a3:ea:17:fc:a9:e4:d6:c9:1d:69:
38:c0:1e:9a:4b:b8:8d:69:31:ea:07:2a:93:0c:5f:d1:a4:b1:
d6:4f:ed:e5:3a:5e:75:b2:f3:99:b1:11:60:44:bd:20:62:14:
e1:52:16:3f:f9:46:74:fd:5a:c5:80:25:d1:bd:45:03:6c:4e:
c7:05:07:ba:92:e9:46:31:ed:74:10:eb:dd:ab:43:d3:b0:e5:
9e:f1:92:ce:d9:4d:f4:77:36:50:f0:d6:28:17:1b:59:a4:51:
41:aa:79:25:74:be:51:4d:62:ad:30:a3:82:4c:83:07:42:01:
f8:af:0e:07:43:95:54:3b:c0:9b:1a:10:3c:06:31:b2:6b:55:
c2:e0:73:52:e1:40:55:58:a7:81:77:8a:5d:58:9e:2d:87:9d:
83:dd:64:aa:ff:3c:73:35:aa:b2:9d:56:4a:5c:c1:03:f5:05:
24:a4:0e:73:57:0e:2b:34:08:50:3a:22:3e:b8:87:0f:fb:62:
35:76:81:48:1f:90:87:45:ac:6a:02:7a:12:44:ab:b1:30:cb:
d2:c9:37:03
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICGRswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD
NTQyQTBEOTEwHhcNMjQxMDA4MTEzNzE3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA1MTk2ZC1hN2FlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArAfdAIhGepvJFp3gTBSMB0WW6LL2UkdTz+8bvee47yGQDZCO/L7x9Bv630VD
UY7kiyJYRlx2y/th3JC/B4SaItHX1T7wmm9ayuwnIcqoVkpY/xWm05EDUSE8/Jxg
ZcjEEwu5ROYWYk6FAeMBtV3v4dEQBlyFF20hZxcbCTpFoByRfo5BtvM4UTCpyz6H
4S3bfpL75pPLoHEJPJzFj9QctDqRJZp5UrhprydvGohiNBLsnihmYylkeCAkNqF9
XjwaXLe4PiGu0wJ2nP7pSK/uQpTByIQKVHBqcqCCAwb62iZrrIn301hQxXQ6fKXu
WHUizCHLF2GLBtMdsy0iIS4vHwIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFGGBzzaQ
Ij6/9lPjN24v+7dVW0kQMB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky
NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE
WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvQUI5MzQwREM4
NTY5MTFFRkI3Q0VFODgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMEkEAgABMEMDBAAr+dUDBAIr/ngDBAY7l4ADBAY8/oADBAJn7pQwCwMDAXbW
AwQGdteAAwQFevwgAwQEevyAAwQHfTiAAwQGffzAMA0EAgACMAcDBQAkBZYAMA0G
CSqGSIb3DQEBCwUAA4IBAQAEr/LcBmMkPCXCAjU/AjIPXJne3lqAsiqWLT0O+gyB
8F4xuyMZGHZ0hWkyV6PqF/yp5NbJHWk4wB6aS7iNaTHqByqTDF/RpLHWT+3lOl51
svOZsRFgRL0gYhThUhY/+UZ0/VrFgCXRvUUDbE7HBQe6kulGMe10EOvdq0PTsOWe
8ZLO2U30dzZQ8NYoFxtZpFFBqnkldL5RTWKtMKOCTIMHQgH4rw4HQ5VUO8CbGhA8
BjGya1XC4HNS4UBVWKeBd4pdWJ4th52D3WSq/zxzNaqynVZKXMED9QUkpA5zVw4r
NAhQOiI+uIcP+2I1doFIH5CHRaxqAnoSRKuxMMvSyTcD
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:44:56 2024 by rpki-client on console-fra.rpki-client.org