Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/DF821D20ABDE11ED954F5C84C4F9AE02.roa
File: DF821D20ABDE11ED954F5C84C4F9AE02.roa (raw, json)
Hash identifier: JmQqndItC47KG/mSkNraiFP1lMlaX4e/4bdLjfvjswU=
Subject key identifier: AD:BB:C9:C7:E0:08:DA:0E:4D:25:1F:24:5F:1B:55:EA:3E:52:07:CC
Certificate issuer: /CN=A916C128/serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Certificate serial: 2B25
Authority key identifier: B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/DF821D20ABDE11ED954F5C84C4F9AE02.roa
Signing time: Mon 22 Jan 2024 23:14:44 +0000
ROA not before: Mon 22 Jan 2024 23:14:44 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 45177
IP address blocks: 14.1.32.0/19 maxlen: 24
45.65.13.0/24 maxlen: 24
45.65.14.0/23 maxlen: 24
103.9.236.0/23 maxlen: 24
103.9.238.0/23 maxlen: 24
103.13.116.0/22 maxlen: 24
103.15.178.0/24 maxlen: 24
103.230.76.0/22 maxlen: 22
103.241.120.0/22 maxlen: 22
103.255.248.0/24 maxlen: 24
113.197.96.0/22 maxlen: 23
116.93.128.0/20 maxlen: 24
119.30.0.0/22 maxlen: 24
119.30.4.0/22 maxlen: 24
120.136.0.0/21 maxlen: 24
150.107.32.0/22 maxlen: 23
163.47.204.0/22 maxlen: 24
202.74.192.0/19 maxlen: 24
203.84.224.0/20 maxlen: 24
203.211.64.0/18 maxlen: 24
2400:ee80::/32 maxlen: 48
2401:7000::/32 maxlen: 32
2401:7000::/32 maxlen: 64
2402:3500::/32 maxlen: 48
2402:3500::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.crl
rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 15:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11045 (0x2b25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C128/serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Validity
Not Before: Jan 22 23:14:44 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65aef6e3-3397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0b:18:2f:a0:14:4e:9f:bb:f3:e7:0d:ce:8f:
28:b7:00:b6:af:b6:d3:b8:c5:b1:20:4e:81:75:ec:
f5:70:cd:86:f1:27:9c:a1:ba:5c:fa:4b:5c:5b:b5:
ab:6f:a2:42:89:ff:e4:ef:b8:d5:13:4b:87:14:5c:
1e:01:92:c8:84:52:53:98:b7:dd:42:f5:2a:9d:ed:
29:ef:0f:1f:fe:04:ea:9c:29:21:13:98:cf:66:61:
c7:f3:3b:db:8d:4c:fb:7c:70:a2:c2:c4:0a:2d:7c:
11:3b:56:13:54:92:48:99:6d:07:27:0b:50:2e:8b:
27:ec:94:ef:59:a8:a7:7a:43:f0:0a:39:66:3f:dc:
d3:8a:4b:db:b6:4f:5c:41:c4:60:58:4d:0f:5d:f3:
a6:2f:b0:df:4e:1a:3e:2c:93:49:47:3a:18:0b:2b:
63:4b:9c:d4:8a:33:70:81:30:45:77:52:de:15:07:
82:01:f1:66:45:6f:2c:c4:e7:9e:e9:f9:82:f5:f3:
f5:07:53:16:e5:5f:1d:5a:6e:bc:83:aa:cd:db:06:
20:0d:83:bb:0d:3b:f5:dd:eb:84:84:a7:ae:cd:0e:
a4:ac:3d:c8:37:f3:bd:f5:6c:de:10:47:e1:43:3f:
ff:f8:fd:0c:2d:a0:d0:0f:8f:0e:48:32:40:37:ee:
6e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:BB:C9:C7:E0:08:DA:0E:4D:25:1F:24:5F:1B:55:EA:3E:52:07:CC
X509v3 Authority Key Identifier:
keyid:B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/DF821D20ABDE11ED954F5C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.32.0/19
45.65.13.0-45.65.15.255
103.9.236.0/22
103.13.116.0/22
103.15.178.0/24
103.230.76.0/22
103.241.120.0/22
103.255.248.0/24
113.197.96.0/22
116.93.128.0/20
119.30.0.0/21
120.136.0.0/21
150.107.32.0/22
163.47.204.0/22
202.74.192.0/19
203.84.224.0/20
203.211.64.0/18
IPv6:
2400:ee80::/32
2401:7000::/32
2402:3500::/32
Signature Algorithm: sha256WithRSAEncryption
d2:5d:74:eb:ec:c9:4e:6d:6a:1d:93:d9:b4:e6:3a:00:76:d9:
51:12:ad:5c:7c:c3:7b:ce:54:13:09:bd:c5:55:65:6e:b1:6d:
a4:6e:eb:44:57:b7:f9:b1:dd:e1:eb:dc:51:d5:0d:9d:bf:20:
81:95:9f:39:2c:56:44:b8:a3:df:4b:a6:a7:25:37:07:94:59:
cc:9a:5d:56:6d:2a:58:81:68:e5:d4:5f:1a:04:f6:da:3b:50:
3f:a0:eb:42:d8:c3:d0:b5:98:43:f5:24:17:a6:d8:f0:43:34:
f6:91:1d:1f:d2:e2:48:c4:30:ec:8d:cf:91:fe:ac:f0:88:cc:
0e:6f:03:fe:e8:4a:c6:98:3a:fe:5f:10:f8:70:7c:8c:b2:90:
0f:64:1e:83:95:1d:59:83:69:42:7f:ff:8e:d1:56:14:ec:21:
67:8d:a0:76:d6:98:26:60:12:6f:50:d6:9d:bc:f3:9a:10:f9:
f2:fd:73:c1:42:b4:7a:3b:a3:bd:03:0a:e8:b8:13:2a:f7:83:
bb:a9:0f:51:07:3a:0f:c8:12:92:89:e3:68:73:56:50:7a:7e:
66:b4:a5:4a:50:ff:fa:a3:d4:73:37:b0:a9:8f:96:ac:fd:65:
0f:bf:15:53:d1:03:64:f6:35:15:35:37:c8:7b:8a:91:3e:f8:
58:90:d6:12
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgICKyUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkMxMjgxMTAvBgNVBAUTKEI1NjQyNzMyMjY1RDQwQkY3NUNBOTRBOUVDODExOTIx
MUMxQjlCMzIwHhcNMjQwMTIyMjMxNDQ0WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWFlZjZlMy0zMzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5QsYL6AUTp+78+cNzo8otwC2r7bTuMWxIE6Bdez1cM2G8Secobpc+ktcW7Wr
b6JCif/k77jVE0uHFFweAZLIhFJTmLfdQvUqne0p7w8f/gTqnCkhE5jPZmHH8zvb
jUz7fHCiwsQKLXwRO1YTVJJImW0HJwtQLosn7JTvWainekPwCjlmP9zTikvbtk9c
QcRgWE0PXfOmL7DfTho+LJNJRzoYCytjS5zUijNwgTBFd1LeFQeCAfFmRW8sxOee
6fmC9fP1B1MW5V8dWm68g6rN2wYgDYO7DTv13euEhKeuzQ6krD3IN/O99WzeEEfh
Qz//+P0MLaDQD48OSDJAN+5uhQIDAQABo4IDHTCCAxkwHQYDVR0OBBYEFK27ycfg
CNoOTSUfJF8bVeo+UgfMMB8GA1UdIwQYMBaAFLVkJzImXUC/dcqUqeyBGSEcG5sy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzEyOC82NjRBOUJDQUZB
NkQxMUUzQjZBQzIzNTA1OTExRUEzMi90V1FuTWlaZFFMOTF5cFNwN0lFWklSd2Jt
ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RXUW5NaVpkUUw5MXlwU3A3SUVaSVJ3Ym16SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkMxMjgvNjY0QTlCQ0FGQTZEMTFFM0I2QUMyMzUwNTkxMUVBMzIvREY4MjFEMjBB
QkRFMTFFRDk1NEY1Qzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaYGCCsGAQUFBwEHAQH/
BIGWMIGTMHQEAgABMG4DBAUOASAwDAMEAC1BDQMEBC1BAAMEAmcJ7AMEAmcNdAME
AGcPsgMEAmfmTAMEAmfxeAMEAGf/+AMEAnHFYAMEBHRdgAMEA3ceAAMEA3iIAAME
ApZrIAMEAqMvzAMEBcpKwAMEBMtU4AMEBsvTQDAbBAIAAjAVAwUAJADugAMFACQB
cAADBQAkAjUAMA0GCSqGSIb3DQEBCwUAA4IBAQDSXXTr7MlObWodk9m05joAdtlR
Eq1cfMN7zlQTCb3FVWVusW2kbutEV7f5sd3h69xR1Q2dvyCBlZ85LFZEuKPfS6an
JTcHlFnMml1WbSpYgWjl1F8aBPbaO1A/oOtC2MPQtZhD9SQXptjwQzT2kR0f0uJI
xDDsjc+R/qzwiMwObwP+6ErGmDr+XxD4cHyMspAPZB6DlR1Zg2lCf/+O0VYU7CFn
jaB21pgmYBJvUNadvPOaEPny/XPBQrR6O6O9AwrouBMq94O7qQ9RBzoPyBKSieNo
c1ZQen5mtKVKUP/6o9RzN7Cpj5as/WUPvxVT0QNk9jUVNTfIe4qRPvhYkNYS
-----END CERTIFICATE-----
Generated at Fri May 31 16:40:57 2024 by rpki-client on console-ams.rpki-client.org