Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/6480462C1F5511EC999E640AC4F9AE02.roa
File: 6480462C1F5511EC999E640AC4F9AE02.roa (raw, json)
Hash identifier: FGOl/G+64uwQtPqszdubijBBc16NQ5r432NkvWyIy/g=
Subject key identifier: 54:07:CF:10:FC:A1:EC:F5:30:A3:34:BC:57:79:7E:1F:5F:71:72:CA
Certificate issuer: /CN=A915F89C/serialNumber=D697BB6F3F99E94480EE0BBAD3D26800AB416260
Certificate serial: 3406
Authority key identifier: D6:97:BB:6F:3F:99:E9:44:80:EE:0B:BA:D3:D2:68:00:AB:41:62:60
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1pe7bz-Z6USA7gu609JoAKtBYmA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/6480462C1F5511EC999E640AC4F9AE02.roa
Signing time: Thu 22 Feb 2024 05:27:22 +0000
ROA not before: Thu 22 Feb 2024 05:27:22 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 3758
IP address blocks: 128.106.0.0/18 maxlen: 18
128.106.4.0/24 maxlen: 24
128.106.5.0/24 maxlen: 24
128.106.6.0/24 maxlen: 24
128.106.7.0/24 maxlen: 24
128.106.12.0/24 maxlen: 24
128.106.15.0/24 maxlen: 24
128.106.17.0/24 maxlen: 24
128.106.19.0/24 maxlen: 24
128.106.20.0/24 maxlen: 24
128.106.21.0/24 maxlen: 24
128.106.22.0/24 maxlen: 24
128.106.23.0/24 maxlen: 24
128.106.28.0/24 maxlen: 24
128.106.40.0/23 maxlen: 24
128.106.64.0/18 maxlen: 18
128.106.128.0/17 maxlen: 17
165.21.0.0/16 maxlen: 16
165.21.12.0/24 maxlen: 24
165.21.18.0/24 maxlen: 24
165.21.19.0/24 maxlen: 24
165.21.31.0/24 maxlen: 24
165.21.36.0/23 maxlen: 23
165.21.39.0/24 maxlen: 24
165.21.49.0/24 maxlen: 24
165.21.50.0/24 maxlen: 24
165.21.52.0/24 maxlen: 24
165.21.70.0/24 maxlen: 24
165.21.71.0/24 maxlen: 24
165.21.72.0/24 maxlen: 24
165.21.74.0/24 maxlen: 24
165.21.84.0/24 maxlen: 24
165.21.88.0/24 maxlen: 24
165.21.91.0/24 maxlen: 24
165.21.93.0/24 maxlen: 24
165.21.94.0/24 maxlen: 24
165.21.95.0/24 maxlen: 24
165.21.100.0/24 maxlen: 24
165.21.104.0/24 maxlen: 24
165.21.108.0/24 maxlen: 24
165.21.109.0/24 maxlen: 24
165.21.122.0/24 maxlen: 24
165.21.123.0/24 maxlen: 24
165.21.138.0/24 maxlen: 24
165.21.139.0/24 maxlen: 24
165.21.238.0/24 maxlen: 24
165.21.244.0/24 maxlen: 24
165.21.246.0/24 maxlen: 24
165.21.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/1pe7bz-Z6USA7gu609JoAKtBYmA.crl
rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/1pe7bz-Z6USA7gu609JoAKtBYmA.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1pe7bz-Z6USA7gu609JoAKtBYmA.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 02 Jun 2024 14:24:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13318 (0x3406)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915F89C/serialNumber=D697BB6F3F99E94480EE0BBAD3D26800AB416260
Validity
Not Before: Feb 22 05:27:22 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=65d6db3a-5edf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a7:f7:1d:10:ef:d1:d9:b9:a0:fb:0f:f9:a7:
c3:99:a9:80:53:17:46:cb:e6:af:24:8e:98:dd:0b:
da:26:fd:81:67:76:80:bf:b0:1d:80:69:5b:a0:af:
da:26:3a:7a:18:3f:e0:06:2b:53:c0:17:97:2c:a9:
5b:12:99:b8:2b:f1:73:ac:ac:c4:ff:f0:6e:c4:40:
92:05:93:af:82:6f:e3:36:aa:24:78:a9:67:98:0b:
b7:1e:54:04:c8:9b:b6:52:ce:54:9e:b9:93:c1:bf:
68:f9:12:6b:c7:78:f8:d4:f9:a9:32:19:8a:2d:7b:
1c:87:6e:c1:5c:d3:74:9f:af:1d:08:b9:e6:97:eb:
ad:d5:94:be:d6:5a:e3:24:14:b4:32:64:87:f7:d6:
5c:81:4b:1d:1e:01:b9:c7:b8:ef:08:e1:5f:f7:cd:
8b:ff:55:a8:0b:f4:9f:e5:59:1f:1e:bd:76:77:7a:
14:1c:ac:06:d4:2d:01:c6:9e:06:56:75:fc:ec:9d:
02:f0:71:1f:2e:77:45:5d:72:67:e0:54:a4:f9:89:
dd:d3:ff:a9:95:80:5d:fd:1a:05:2c:22:03:47:1d:
e3:e6:63:a4:cc:56:fc:f1:71:00:27:22:cb:91:5b:
99:ca:1e:77:dc:26:4e:63:06:19:7f:62:c0:c0:bd:
91:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:07:CF:10:FC:A1:EC:F5:30:A3:34:BC:57:79:7E:1F:5F:71:72:CA
X509v3 Authority Key Identifier:
keyid:D6:97:BB:6F:3F:99:E9:44:80:EE:0B:BA:D3:D2:68:00:AB:41:62:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/1pe7bz-Z6USA7gu609JoAKtBYmA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1pe7bz-Z6USA7gu609JoAKtBYmA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915F89C/5B07F3AC1D8311E29B35A5D808B02CD2/6480462C1F5511EC999E640AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
128.106.0.0/16
165.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:ed:35:c1:99:02:92:50:65:33:68:77:db:d7:23:7a:44:9d:
8a:a9:97:05:48:54:a4:04:c6:eb:32:fc:77:2a:84:92:8e:81:
f4:f4:85:72:30:2d:9b:59:69:f6:dd:fd:47:e4:ac:25:15:a4:
9c:1f:d6:e9:bb:bf:33:84:40:07:d8:00:e4:11:16:23:bc:38:
99:cf:92:99:61:41:a0:a9:19:22:ac:b1:4a:f9:fb:7d:a0:ff:
c2:6f:1e:4e:f9:73:f2:78:5e:8a:72:d4:8f:76:f9:23:46:5d:
cb:72:c6:19:94:01:91:c4:0b:6b:f7:bb:cc:12:c8:34:53:a3:
c3:f0:f6:a3:e7:cd:88:c4:4c:83:38:16:6c:0a:08:4f:59:13:
72:05:4c:b5:3c:f7:f8:48:63:f5:af:da:02:f1:6f:c3:db:33:
a8:2a:cc:df:33:92:56:57:7c:9b:cf:18:16:a1:70:80:bd:ea:
ce:a6:97:2c:2a:39:5f:43:43:8d:2d:92:a9:aa:40:39:9e:7e:
f8:46:ed:7b:f6:19:c6:ed:7f:31:70:fe:57:02:52:21:b4:40:
c3:dc:f3:5e:5f:1e:d3:f6:c5:59:c1:50:29:75:10:95:fd:86:
f1:7a:94:9e:0d:d4:a0:a3:f7:8a:74:8c:84:d3:ef:3b:86:8b:
a5:09:29:ec
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgICNAYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUY4OUMxMTAvBgNVBAUTKEQ2OTdCQjZGM0Y5OUU5NDQ4MEVFMEJCQUQzRDI2ODAw
QUI0MTYyNjAwHhcNMjQwMjIyMDUyNzIyWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ2ZGIzYS01ZWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Kf3HRDv0dm5oPsP+afDmamAUxdGy+avJI6Y3QvaJv2BZ3aAv7AdgGlboK/a
Jjp6GD/gBitTwBeXLKlbEpm4K/FzrKzE//BuxECSBZOvgm/jNqokeKlnmAu3HlQE
yJu2Us5UnrmTwb9o+RJrx3j41PmpMhmKLXsch27BXNN0n68dCLnml+ut1ZS+1lrj
JBS0MmSH99ZcgUsdHgG5x7jvCOFf982L/1WoC/Sf5VkfHr12d3oUHKwG1C0Bxp4G
VnX87J0C8HEfLndFXXJn4FSk+Ynd0/+plYBd/RoFLCIDRx3j5mOkzFb88XEAJyLL
kVuZyh533CZOYwYZf2LAwL2RaQIDAQABo4ICmTCCApUwHQYDVR0OBBYEFFQHzxD8
oez1MKM0vFd5fh9fcXLKMB8GA1UdIwQYMBaAFNaXu28/melEgO4LutPSaACrQWJg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Rjg5Qy81QjA3RjNBQzFE
ODMxMUUyOUIzNUE1RDgwOEIwMkNEMi8xcGU3YnotWjZVU0E3Z3U2MDlKb0FLdEJZ
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzFwZTdiei1aNlVTQTdndTYwOUpvQUt0QlltQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUY4OUMvNUIwN0YzQUMxRDgzMTFFMjlCMzVBNUQ4MDhCMDJDRDIvNjQ4MDQ2MkMx
RjU1MTFFQzk5OUU2NDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIwYIKwYBBQUHAQcBAf8E
FDASMBAEAgABMAoDAwCAagMDAKUVMA0GCSqGSIb3DQEBCwUAA4IBAQAE7TXBmQKS
UGUzaHfb1yN6RJ2KqZcFSFSkBMbrMvx3KoSSjoH09IVyMC2bWWn23f1H5KwlFaSc
H9bpu78zhEAH2ADkERYjvDiZz5KZYUGgqRkirLFK+ft9oP/Cbx5O+XPyeF6KctSP
dvkjRl3LcsYZlAGRxAtr97vMEsg0U6PD8Paj582IxEyDOBZsCghPWRNyBUy1PPf4
SGP1r9oC8W/D2zOoKszfM5JWV3ybzxgWoXCAverOppcsKjlfQ0ONLZKpqkA5nn74
Ru179hnG7X8xcP5XAlIhtEDD3PNeXx7T9sVZwVApdRCV/YbxepSeDdSgo/eKdIyE
0+87houlCSns
-----END CERTIFICATE-----
Generated at Sun May 26 16:40:09 2024 by rpki-client on console-fra.rpki-client.org