Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/15812F82C4A111EBAE6C7F49C4F9AE02.roa
File: 15812F82C4A111EBAE6C7F49C4F9AE02.roa (raw, json)
Hash identifier: 6BqXUlWYiTkpgXpGY7rkchtmJ2+yGytSAakHHbF+aDw=
Subject key identifier: 96:14:27:3F:B8:96:F7:4B:B0:9A:C5:82:DC:3E:37:B3:DA:33:3B:29
Certificate issuer: /CN=A915EE53/serialNumber=F8AA70916B6CA583C0363EB7A9A5F7F2627D7360
Certificate serial: 24CD
Authority key identifier: F8:AA:70:91:6B:6C:A5:83:C0:36:3E:B7:A9:A5:F7:F2:62:7D:73:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-KpwkWtspYPANj63qaX38mJ9c2A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/15812F82C4A111EBAE6C7F49C4F9AE02.roa
Signing time: Tue 04 Jul 2023 16:02:22 +0000
ROA not before: Tue 04 Jul 2023 16:02:22 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 55430
IP address blocks: 58.146.128.0/18 maxlen: 24
58.182.0.0/16 maxlen: 24
59.189.0.0/16 maxlen: 24
103.234.104.0/22 maxlen: 24
116.86.0.0/15 maxlen: 24
116.88.0.0/16 maxlen: 24
116.89.0.0/17 maxlen: 24
150.107.128.0/22 maxlen: 24
202.156.0.0/16 maxlen: 24
218.186.0.0/16 maxlen: 24
218.212.0.0/16 maxlen: 24
222.164.0.0/16 maxlen: 24
222.165.0.0/17 maxlen: 24
2404:e800::/31 maxlen: 32
2404:e800::/40 maxlen: 48
2404:e800:100::/40 maxlen: 48
2404:e800:2000::/40 maxlen: 48
2404:e801:1000::/40 maxlen: 48
2404:e801:2000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.crl
rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-KpwkWtspYPANj63qaX38mJ9c2A.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 16:14:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9421 (0x24cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915EE53/serialNumber=F8AA70916B6CA583C0363EB7A9A5F7F2627D7360
Validity
Not Before: Jul 4 16:02:22 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64a4428d-9798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:79:64:99:cf:6c:de:2f:00:fb:81:98:f5:7e:
91:b1:a8:49:30:76:f4:2c:42:ff:4b:d6:5b:82:84:
77:38:48:b4:76:40:85:00:dc:43:29:98:55:42:08:
e0:f1:76:8a:61:6e:4e:97:91:6d:82:1d:76:31:ab:
c5:48:1c:03:80:09:23:41:99:4b:48:37:5d:92:6f:
52:41:85:13:5c:f0:5e:04:44:40:db:3c:35:40:49:
b2:19:d9:38:e9:b0:24:fb:f4:41:bc:ec:d8:93:00:
5a:0f:2d:42:64:00:51:52:68:f8:3c:5b:54:62:1a:
c5:44:1d:e3:6b:99:e6:36:52:1b:a1:cd:1b:f5:b9:
99:5d:97:3a:1e:33:12:ff:ff:56:e8:62:b7:af:3d:
2a:bd:6c:69:e5:a1:76:1e:eb:bf:44:71:84:67:99:
7d:60:38:69:eb:7c:ee:f3:ca:a5:75:ee:e3:37:b1:
da:91:9f:77:e2:40:17:ec:56:b2:bd:5d:50:64:22:
42:4e:ae:d1:99:cf:f2:74:b7:f4:25:b1:eb:fa:be:
23:91:5e:c1:54:50:b6:bb:b9:9b:39:1a:b5:3c:c6:
ee:3b:6b:c8:26:ca:be:d0:4e:09:c3:44:e3:91:ba:
5c:b0:a9:5a:1a:4e:a0:06:1f:95:72:3b:45:74:3b:
3b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:14:27:3F:B8:96:F7:4B:B0:9A:C5:82:DC:3E:37:B3:DA:33:3B:29
X509v3 Authority Key Identifier:
keyid:F8:AA:70:91:6B:6C:A5:83:C0:36:3E:B7:A9:A5:F7:F2:62:7D:73:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-KpwkWtspYPANj63qaX38mJ9c2A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/15812F82C4A111EBAE6C7F49C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.146.128.0/18
58.182.0.0/16
59.189.0.0/16
103.234.104.0/22
116.86.0.0-116.89.127.255
150.107.128.0/22
202.156.0.0/16
218.186.0.0/16
218.212.0.0/16
222.164.0.0-222.165.127.255
IPv6:
2404:e800::/31
Signature Algorithm: sha256WithRSAEncryption
54:25:58:33:de:99:cf:b5:bb:db:07:60:7a:eb:8e:e4:04:da:
16:02:1d:52:af:1d:0e:8e:07:c7:b8:48:a3:fb:c6:46:99:5d:
1a:1f:d7:df:35:8b:7d:4f:e8:5d:db:84:fb:17:c8:77:bc:51:
cf:0f:3d:b4:70:94:6a:96:15:15:48:08:91:22:b0:84:5b:43:
47:4a:58:28:4d:c9:24:65:9b:1b:7f:8d:e8:7a:25:07:69:5e:
84:4e:5b:ee:08:15:96:ef:84:e7:6b:34:55:dc:07:f2:6f:f2:
89:b2:50:66:e0:43:3a:e9:c1:35:d0:57:6c:57:fc:af:75:f1:
f2:12:e9:2d:d9:e5:77:b9:0e:49:65:57:c0:49:9d:2c:80:ca:
d2:a6:22:24:75:5c:76:b3:38:4f:13:93:03:8c:ac:30:ed:31:
d7:ad:69:da:80:8a:7e:76:c2:c8:dd:1c:f3:0a:b9:05:29:8d:
77:00:a2:8d:dd:6b:be:30:27:79:5e:a4:3a:3f:49:45:f1:d9:
71:d4:07:53:4c:3c:a6:ae:a9:3b:77:41:e5:f3:1d:69:b6:5b:
e4:48:8a:25:f6:b9:46:a8:d0:42:ec:26:44:21:72:e8:bf:1b:
20:f2:ab:0a:1a:cd:a6:84:4f:45:19:02:81:59:8b:4d:6e:75:
56:64:dc:37
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgICJM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVFNTMxMTAvBgNVBAUTKEY4QUE3MDkxNkI2Q0E1ODNDMDM2M0VCN0E5QTVGN0Yy
NjI3RDczNjAwHhcNMjMwNzA0MTYwMjIyWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE0NDI4ZC05Nzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzXlkmc9s3i8A+4GY9X6RsahJMHb0LEL/S9ZbgoR3OEi0dkCFANxDKZhVQgjg
8XaKYW5Ol5Ftgh12MavFSBwDgAkjQZlLSDddkm9SQYUTXPBeBERA2zw1QEmyGdk4
6bAk+/RBvOzYkwBaDy1CZABRUmj4PFtUYhrFRB3ja5nmNlIboc0b9bmZXZc6HjMS
//9W6GK3rz0qvWxp5aF2Huu/RHGEZ5l9YDhp63zu88qlde7jN7HakZ934kAX7Fay
vV1QZCJCTq7Rmc/ydLf0JbHr+r4jkV7BVFC2u7mbORq1PMbuO2vIJsq+0E4Jw0Tj
kbpcsKlaGk6gBh+VcjtFdDs79wIDAQABo4IC4zCCAt8wHQYDVR0OBBYEFJYUJz+4
lvdLsJrFgtw+N7PaMzspMB8GA1UdIwQYMBaAFPiqcJFrbKWDwDY+t6ml9/JifXNg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUU1My8zODUxMTg0MDQ1
ODgxMUU1OUIyRDgzNzFDNEY5QUUwMi8tS3B3a1d0c3BZUEFOajYzcWFYMzhtSjlj
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1LcHdrV3RzcFlQQU5qNjNxYVgzOG1KOWMyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUVFNTMvMzg1MTE4NDA0NTg4MTFFNTlCMkQ4MzcxQzRGOUFFMDIvMTU4MTJGODJD
NEExMTFFQkFFNkM3RjQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbQYIKwYBBQUHAQcBAf8E
XjBcMEsEAgABMEUDBAY6koADAwA6tgMDADu9AwQCZ+poMAsDAwF0VgMEB3RZAAME
ApZrgAMDAMqcAwMA2roDAwDa1DALAwMC3qQDBAfepQAwDQQCAAIwBwMFASQE6AAw
DQYJKoZIhvcNAQELBQADggEBAFQlWDPemc+1u9sHYHrrjuQE2hYCHVKvHQ6OB8e4
SKP7xkaZXRof1981i31P6F3bhPsXyHe8Uc8PPbRwlGqWFRVICJEisIRbQ0dKWChN
ySRlmxt/jeh6JQdpXoROW+4IFZbvhOdrNFXcB/Jv8omyUGbgQzrpwTXQV2xX/K91
8fIS6S3Z5Xe5DkllV8BJnSyAytKmIiR1XHazOE8TkwOMrDDtMdetadqAin52wsjd
HPMKuQUpjXcAoo3da74wJ3lepDo/SUXx2XHUB1NMPKauqTt3QeXzHWm2W+RIiiX2
uUao0ELsJkQhcui/GyDyqwoazaaET0UZAoFZi01udVZk3Dc=
-----END CERTIFICATE-----
Generated at Thu May 16 18:26:05 2024 by rpki-client on console-fra.rpki-client.org