Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/D26DDCB6F36C11E88E372D61C4F9AE02.roa
File: D26DDCB6F36C11E88E372D61C4F9AE02.roa (raw, json)
Hash identifier: p079JhzkV3DHxp4PDPvrbepGD7tngZQCKWLeyg6QpnQ=
Subject key identifier: 2A:FF:6C:54:BC:77:92:13:0B:D6:0E:2D:12:65:2A:76:3A:28:95:80
Certificate issuer: /CN=A916BDA4/serialNumber=04E6C9249EE348DCF764DF0B9A40D3E854066444
Certificate serial: 15CE
Authority key identifier: 04:E6:C9:24:9E:E3:48:DC:F7:64:DF:0B:9A:40:D3:E8:54:06:64:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/D26DDCB6F36C11E88E372D61C4F9AE02.roa
Signing time: Mon 07 Oct 2024 18:32:07 +0000
ROA not before: Mon 07 Oct 2024 18:32:07 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 395747
IP address blocks: 2400:cb00:131::/48 maxlen: 48
2400:cb00:133::/48 maxlen: 48
2400:cb00:164::/48 maxlen: 48
2400:cb00:171::/48 maxlen: 48
2400:cb00:251::/48 maxlen: 48
2400:cb00:302::/48 maxlen: 48
2400:cb00:517::/48 maxlen: 48
2400:cb00:518::/48 maxlen: 48
2400:cb00:531::/48 maxlen: 48
2400:cb00:539::/48 maxlen: 48
2400:cb00:692::/48 maxlen: 48
2400:cb00:693::/48 maxlen: 48
2400:cb00:748::/48 maxlen: 48
2400:cb00:922::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.crl
rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 17:11:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5582 (0x15ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916BDA4/serialNumber=04E6C9249EE348DCF764DF0B9A40D3E854066444
Validity
Not Before: Oct 7 18:32:07 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67042926-1f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e9:0a:46:11:c8:2d:42:e5:d2:78:79:47:2d:
ca:2e:3f:4e:b8:0b:75:5f:3c:6e:da:69:94:85:58:
36:c2:a4:8f:27:15:4c:88:83:a4:69:ac:e4:59:57:
5c:ba:24:4e:98:42:82:a5:c0:82:47:af:1e:9f:90:
58:8c:b0:1e:65:a4:ca:b9:5c:1b:e4:34:0d:b2:09:
72:34:11:a3:7f:d3:27:6b:6f:60:5b:cc:35:35:b4:
19:06:11:18:bc:8f:d2:01:63:7f:f6:77:5d:7d:1b:
91:bf:a9:b7:f5:b2:a6:23:94:8c:4d:6c:e9:e8:a0:
be:df:b0:46:07:6b:f6:29:7d:e2:96:a2:41:ea:7e:
cd:44:ec:32:87:d9:95:08:c8:8b:97:6f:6e:5b:2f:
36:7d:71:9e:9e:4f:8f:33:a1:36:41:a3:e6:63:00:
08:88:94:dc:f0:12:c9:75:7f:ec:b6:7a:22:2d:c0:
14:33:06:f0:5d:19:b5:19:fa:88:21:65:1a:a5:07:
c7:54:32:13:c6:b5:1a:6d:a8:ff:83:53:1d:c0:5c:
83:29:29:e6:c8:9f:1d:3f:da:fe:ef:9f:69:7b:88:
b3:7a:d2:c1:69:a2:0a:f4:6d:ac:07:9c:9f:7c:a5:
8c:e7:b4:93:f3:87:86:e8:a9:cf:9a:af:1f:06:5c:
ce:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FF:6C:54:BC:77:92:13:0B:D6:0E:2D:12:65:2A:76:3A:28:95:80
X509v3 Authority Key Identifier:
keyid:04:E6:C9:24:9E:E3:48:DC:F7:64:DF:0B:9A:40:D3:E8:54:06:64:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BObJJJ7jSNz3ZN8LmkDT6FQGZEQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BDA4/1EC702BCF1A711E890F06650C4F9AE02/D26DDCB6F36C11E88E372D61C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:cb00:131::/48
2400:cb00:133::/48
2400:cb00:164::/48
2400:cb00:171::/48
2400:cb00:251::/48
2400:cb00:302::/48
2400:cb00:517::-2400:cb00:518:ffff:ffff:ffff:ffff:ffff
2400:cb00:531::/48
2400:cb00:539::/48
2400:cb00:692::/47
2400:cb00:748::/48
2400:cb00:922::/48
Signature Algorithm: sha256WithRSAEncryption
55:37:74:1d:d6:ef:71:52:2a:05:35:34:97:b3:0b:0b:6a:40:
79:44:af:79:16:b0:40:3e:0f:e4:a1:09:26:fc:6f:5d:ca:06:
24:73:19:a3:82:21:10:e9:1f:00:db:7b:b0:df:dc:be:c8:c0:
a6:07:ad:36:6d:3d:49:42:a7:45:ad:12:37:c5:ff:3c:cf:2c:
b9:40:a4:f9:77:69:a1:37:fb:1b:32:00:50:d6:11:96:27:d3:
e9:6b:5c:b1:c0:3c:b1:8b:76:41:31:b6:ca:ef:26:13:91:27:
22:d5:71:c4:dd:a0:b3:05:c6:51:e4:16:57:63:aa:34:f2:5b:
8a:b1:3a:1b:6e:89:e8:f7:36:9c:06:62:a1:dc:71:66:60:6f:
ba:d2:cb:8b:c5:8a:bd:a0:ab:c8:4b:d3:7a:9e:ae:e6:65:2f:
5b:67:d8:4a:21:d7:bf:81:61:e8:1b:c6:ec:a8:be:79:45:cb:
9c:4b:e7:ca:58:6c:c9:0a:00:ff:c9:72:42:6e:57:2d:c5:b7:
a7:d1:18:c1:62:de:70:92:6d:2f:c9:c8:70:73:28:9a:3d:ba:
6c:de:50:92:64:17:f1:39:72:f2:d7:23:35:95:59:1e:72:00:
ac:0f:e3:c7:3d:fd:46:39:cb:51:2b:bd:09:6f:e7:72:23:4e:
f4:e9:de:71
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgICFc4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkJEQTQxMTAvBgNVBAUTKDA0RTZDOTI0OUVFMzQ4RENGNzY0REYwQjlBNDBEM0U4
NTQwNjY0NDQwHhcNMjQxMDA3MTgzMjA3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA0MjkyNi0xZjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwOkKRhHILULl0nh5Ry3KLj9OuAt1Xzxu2mmUhVg2wqSPJxVMiIOkaazkWVdc
uiROmEKCpcCCR68en5BYjLAeZaTKuVwb5DQNsglyNBGjf9Mna29gW8w1NbQZBhEY
vI/SAWN/9nddfRuRv6m39bKmI5SMTWzp6KC+37BGB2v2KX3ilqJB6n7NROwyh9mV
CMiLl29uWy82fXGenk+PM6E2QaPmYwAIiJTc8BLJdX/stnoiLcAUMwbwXRm1GfqI
IWUapQfHVDITxrUabaj/g1MdwFyDKSnmyJ8dP9r+759pe4izetLBaaIK9G2sB5yf
fKWM57ST84eG6KnPmq8fBlzOtwIDAQABo4IDCDCCAwQwHQYDVR0OBBYEFCr/bFS8
d5ITC9YOLRJlKnY6KJWAMB8GA1UdIwQYMBaAFATmySSe40jc92TfC5pA0+hUBmRE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkRBNC8xRUM3MDJCQ0Yx
QTcxMUU4OTBGMDY2NTBDNEY5QUUwMi9CT2JKSko3alNOejNaTjhMbWtEVDZGUUda
RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JPYkpKSjdqU056M1pOOExta0RUNkZRR1pFUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkJEQTQvMUVDNzAyQkNGMUE3MTFFODkwRjA2NjUwQzRGOUFFMDIvRDI2RERDQjZG
MzZDMTFFODhFMzcyRDYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZEGCCsGAQUFBwEHAQH/
BIGBMH8wfQQCAAIwdwMHACQAywABMQMHACQAywABMwMHACQAywABZAMHACQAywAB
cQMHACQAywACUQMHACQAywADAjASAwcAJADLAAUXAwcAJADLAAUYAwcAJADLAAUx
AwcAJADLAAU5AwcBJADLAAaSAwcAJADLAAdIAwcAJADLAAkiMA0GCSqGSIb3DQEB
CwUAA4IBAQBVN3Qd1u9xUioFNTSXswsLakB5RK95FrBAPg/koQkm/G9dygYkcxmj
giEQ6R8A23uw39y+yMCmB602bT1JQqdFrRI3xf88zyy5QKT5d2mhN/sbMgBQ1hGW
J9Ppa1yxwDyxi3ZBMbbK7yYTkSci1XHE3aCzBcZR5BZXY6o08luKsTobbono9zac
BmKh3HFmYG+60suLxYq9oKvIS9N6nq7mZS9bZ9hKIde/gWHoG8bsqL55RcucS+fK
WGzJCgD/yXJCblctxben0RjBYt5wkm0vychwcyiaPbps3lCSZBfxOXLy1yM1lVke
cgCsD+PHPf1GOctRK70Jb+dyI0706d5x
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:05:20 2024 by rpki-client on console-ams.rpki-client.org