Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916A3BE/89B4F678841911EA98FF0637C4F9AE02/9FC3DC92883311EDB7271C62C4F9AE02.roa
File: 9FC3DC92883311EDB7271C62C4F9AE02.roa (raw, json)
Hash identifier: edRF5NmnUhALz+kYtW9yGNAWlG19b9huZPqLRyT0OOw=
Subject key identifier: 3A:F1:80:8E:96:79:FE:CE:81:75:79:DD:A8:33:45:CC:4E:2B:53:FE
Certificate issuer: /CN=A916A3BE/serialNumber=A10603302BFEC82A07F8C5D42E458B76C5FF91A4
Certificate serial: 08EE
Authority key identifier: A1:06:03:30:2B:FE:C8:2A:07:F8:C5:D4:2E:45:8B:76:C5:FF:91:A4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oQYDMCv-yCoH-MXULkWLdsX_kaQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916A3BE/89B4F678841911EA98FF0637C4F9AE02/9FC3DC92883311EDB7271C62C4F9AE02.roa
Signing time: Mon 04 Mar 2024 21:19:56 +0000
ROA not before: Mon 04 Mar 2024 21:19:56 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 45280
IP address blocks: 114.134.160.0/20 maxlen: 20
114.134.160.0/24 maxlen: 24
114.134.161.0/24 maxlen: 24
114.134.162.0/24 maxlen: 24
114.134.163.0/24 maxlen: 24
114.134.164.0/24 maxlen: 24
114.134.165.0/24 maxlen: 24
114.134.166.0/24 maxlen: 24
114.134.167.0/24 maxlen: 24
114.134.168.0/24 maxlen: 24
114.134.169.0/24 maxlen: 24
114.134.170.0/24 maxlen: 24
114.134.171.0/24 maxlen: 24
114.134.172.0/24 maxlen: 24
114.134.173.0/24 maxlen: 24
114.134.174.0/24 maxlen: 24
114.134.175.0/24 maxlen: 24
114.134.176.0/21 maxlen: 21
114.134.176.0/24 maxlen: 24
114.134.177.0/24 maxlen: 24
114.134.178.0/24 maxlen: 24
114.134.179.0/24 maxlen: 24
114.134.180.0/24 maxlen: 24
114.134.181.0/24 maxlen: 24
114.134.182.0/24 maxlen: 24
114.134.183.0/24 maxlen: 24
203.80.60.0/22 maxlen: 22
203.80.60.0/23 maxlen: 24
203.80.62.0/24 maxlen: 24
203.80.63.0/24 maxlen: 24
2402:7e00::/32 maxlen: 32
2407:ca00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916A3BE/89B4F678841911EA98FF0637C4F9AE02/oQYDMCv-yCoH-MXULkWLdsX_kaQ.crl
rsync://rpki.apnic.net/member_repository/A916A3BE/89B4F678841911EA98FF0637C4F9AE02/oQYDMCv-yCoH-MXULkWLdsX_kaQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oQYDMCv-yCoH-MXULkWLdsX_kaQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 20:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2286 (0x8ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916A3BE/serialNumber=A10603302BFEC82A07F8C5D42E458B76C5FF91A4
Validity
Not Before: Mar 4 21:19:56 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65e63afb-0877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:71:04:70:dc:49:04:8e:32:43:ce:da:0f:f2:
c0:9d:d3:f9:34:c1:d8:41:45:49:48:06:da:b6:10:
b5:0c:6f:94:94:aa:60:56:be:7b:c8:34:6d:10:be:
3e:d3:6f:5d:b4:12:14:64:d9:1e:03:74:0d:31:87:
a5:d8:2e:c1:43:78:3c:35:d0:e8:9c:fa:b8:83:ad:
69:ce:18:a1:08:da:7a:4e:9e:7e:8b:62:7c:04:cd:
23:1c:c5:ab:4a:71:a3:ac:00:bb:25:30:98:b6:59:
a8:cc:05:85:58:90:ec:e0:d4:01:6b:f1:80:c8:f0:
c8:09:ec:22:a9:bd:d3:17:71:d4:e2:a7:dd:9e:bd:
1f:4b:94:87:fc:a1:df:b2:00:65:15:36:1e:e7:71:
3c:49:af:0d:86:47:27:bb:ef:5e:a3:8f:2c:60:4e:
4f:c3:85:62:f3:40:04:e7:22:dc:8c:a9:51:e9:d2:
c1:54:ea:7e:f0:98:5e:47:6b:d8:fb:79:da:35:fc:
f1:2f:1d:1e:22:95:a4:d0:4f:03:e8:d7:ef:45:0d:
89:28:6d:0b:ed:99:42:08:8b:75:29:cb:fa:f2:af:
f4:69:a0:03:88:7c:18:65:e5:30:aa:ea:9f:3b:cd:
43:31:5f:c2:3e:68:70:09:93:0d:2a:ae:8e:34:a6:
ce:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F1:80:8E:96:79:FE:CE:81:75:79:DD:A8:33:45:CC:4E:2B:53:FE
X509v3 Authority Key Identifier:
keyid:A1:06:03:30:2B:FE:C8:2A:07:F8:C5:D4:2E:45:8B:76:C5:FF:91:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916A3BE/89B4F678841911EA98FF0637C4F9AE02/oQYDMCv-yCoH-MXULkWLdsX_kaQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oQYDMCv-yCoH-MXULkWLdsX_kaQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A3BE/89B4F678841911EA98FF0637C4F9AE02/9FC3DC92883311EDB7271C62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.134.160.0-114.134.183.255
203.80.60.0/22
IPv6:
2402:7e00::/32
2407:ca00::/32
Signature Algorithm: sha256WithRSAEncryption
b8:9b:0f:fc:d5:a5:36:59:d4:c9:de:02:fa:06:80:69:84:6e:
8f:47:a1:e2:b8:3d:89:8a:f1:49:09:e5:7d:3e:9b:98:2e:ec:
c4:83:8e:b2:20:73:11:3b:f6:42:95:bf:58:4e:37:00:e4:bd:
58:f0:c2:59:74:d6:84:c9:0c:b1:1d:b6:c5:06:7a:52:f7:fc:
f3:08:e5:55:f1:45:92:e9:ec:a0:3c:bb:8b:1e:94:f3:0e:b6:
39:d6:55:e4:92:90:ed:53:1f:18:d1:b9:74:c9:35:dc:02:92:
7e:f3:72:48:50:93:f0:63:d7:67:1d:a8:77:40:1a:f5:04:85:
49:a6:b8:32:c8:62:29:e7:bb:53:13:79:e8:bf:d8:45:26:d9:
42:49:d9:15:fe:f6:96:2f:0b:e2:10:ed:2a:54:f1:51:cd:7b:
73:da:e6:b0:55:30:eb:cd:ef:62:9e:be:51:34:3f:b7:f4:89:
e0:c4:be:9e:05:1e:75:da:86:3e:d3:b6:5f:d2:41:a9:fa:d5:
b4:2e:dd:0b:fe:c3:4f:9d:56:2a:d3:92:1d:7a:80:7e:3c:0b:
6c:43:8d:c3:d3:61:67:54:bb:92:c4:45:45:22:1f:a2:21:a0:
69:6f:5a:03:75:dc:56:a1:c6:b9:ec:e7:f4:36:96:68:e8:82:
d9:50:11:33
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgICCO4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkEzQkUxMTAvBgNVBAUTKEExMDYwMzMwMkJGRUM4MkEwN0Y4QzVENDJFNDU4Qjc2
QzVGRjkxQTQwHhcNMjQwMzA0MjExOTU2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWU2M2FmYi0wODc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA03EEcNxJBI4yQ87aD/LAndP5NMHYQUVJSAbathC1DG+UlKpgVr57yDRtEL4+
029dtBIUZNkeA3QNMYel2C7BQ3g8NdDonPq4g61pzhihCNp6Tp5+i2J8BM0jHMWr
SnGjrAC7JTCYtlmozAWFWJDs4NQBa/GAyPDICewiqb3TF3HU4qfdnr0fS5SH/KHf
sgBlFTYe53E8Sa8Nhkcnu+9eo48sYE5Pw4Vi80AE5yLcjKlR6dLBVOp+8JheR2vY
+3naNfzxLx0eIpWk0E8D6NfvRQ2JKG0L7ZlCCIt1Kcv68q/0aaADiHwYZeUwquqf
O81DMV/CPmhwCZMNKq6ONKbOWwIDAQABo4ICuTCCArUwHQYDVR0OBBYEFDrxgI6W
ef7OgXV53agzRcxOK1P+MB8GA1UdIwQYMBaAFKEGAzAr/sgqB/jF1C5Fi3bF/5Gk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTNCRS84OUI0RjY3ODg0
MTkxMUVBOThGRjA2MzdDNEY5QUUwMi9vUVlETUN2LXlDb0gtTVhVTGtXTGRzWF9r
YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29RWURNQ3YteUNvSC1NWFVMa1dMZHNYX2thUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkEzQkUvODlCNEY2Nzg4NDE5MTFFQTk4RkYwNjM3QzRGOUFFMDIvOUZDM0RDOTI4
ODMzMTFFREI3MjcxQzYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQwYIKwYBBQUHAQcBAf8E
NDAyMBoEAgABMBQwDAMEBXKGoAMEA3KGsAMEAstQPDAUBAIAAjAOAwUAJAJ+AAMF
ACQHygAwDQYJKoZIhvcNAQELBQADggEBALibD/zVpTZZ1MneAvoGgGmEbo9HoeK4
PYmK8UkJ5X0+m5gu7MSDjrIgcxE79kKVv1hONwDkvVjwwll01oTJDLEdtsUGelL3
/PMI5VXxRZLp7KA8u4selPMOtjnWVeSSkO1THxjRuXTJNdwCkn7zckhQk/Bj12cd
qHdAGvUEhUmmuDLIYinnu1MTeei/2EUm2UJJ2RX+9pYvC+IQ7SpU8VHNe3Pa5rBV
MOvN72KevlE0P7f0ieDEvp4FHnXahj7Ttl/SQan61bQu3Qv+w0+dVirTkh16gH48
C2xDjcPTYWdUu5LERUUiH6IhoGlvWgN13Fahxrns5/Q2lmjogtlQETM=
-----END CERTIFICATE-----
Generated at Thu May 16 22:34:46 2024 by rpki-client on console-ams.rpki-client.org