Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/DF821D20ABDE11ED954F5C84C4F9AE02.roa
File: DF821D20ABDE11ED954F5C84C4F9AE02.roa (raw, json)
Hash identifier: ZzwjjjV43983S9z3YZGjXBw9c3x4QvReAm0radZl0Rc=
Subject key identifier: A8:FF:57:12:3B:F3:C9:9A:EA:70:B9:19:9C:97:9F:E5:50:D2:40:9A
Certificate issuer: /CN=A916C128/serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Certificate serial: 2B70
Authority key identifier: B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/DF821D20ABDE11ED954F5C84C4F9AE02.roa
Signing time: Thu 06 Jun 2024 16:03:54 +0000
ROA not before: Thu 06 Jun 2024 16:03:54 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 45177
IP address blocks: 14.1.32.0/19 maxlen: 24
45.65.13.0/24 maxlen: 24
45.65.14.0/23 maxlen: 24
103.9.236.0/23 maxlen: 24
103.9.238.0/23 maxlen: 24
103.13.116.0/22 maxlen: 24
103.15.178.0/24 maxlen: 24
103.230.76.0/22 maxlen: 22
103.241.120.0/22 maxlen: 22
103.255.248.0/24 maxlen: 24
113.197.96.0/22 maxlen: 23
116.93.128.0/20 maxlen: 24
119.30.0.0/22 maxlen: 24
119.30.4.0/22 maxlen: 24
120.136.0.0/21 maxlen: 24
150.107.32.0/22 maxlen: 23
163.47.204.0/22 maxlen: 24
202.74.192.0/19 maxlen: 24
203.84.224.0/20 maxlen: 24
203.211.64.0/18 maxlen: 24
2400:ee80::/32 maxlen: 48
2401:7000::/32 maxlen: 32
2401:7000::/32 maxlen: 64
2402:3500::/32 maxlen: 48
2402:3500::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.crl
rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 15:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11120 (0x2b70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C128/serialNumber=B5642732265D40BF75CA94A9EC8119211C1B9B32
Validity
Not Before: Jun 6 16:03:54 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6661ddea-2203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:35:9d:81:bc:fc:fc:58:57:3a:a9:39:e6:54:
4a:68:c0:40:66:e0:e5:31:2c:b7:9b:d4:67:e0:54:
6a:3c:07:1f:3d:df:a1:fc:fc:fa:44:00:87:4b:01:
f0:48:58:4a:03:f2:cf:5e:c9:da:8c:a4:fc:d3:f7:
fa:7d:4c:fd:b5:8a:0c:b9:3f:d9:d1:68:01:f5:7b:
c8:c4:4e:dd:22:af:3f:af:c3:e9:29:a2:b2:93:d1:
4f:a6:06:35:0e:ed:89:13:91:34:c7:33:e5:65:3f:
e0:81:12:f0:3a:ec:d1:b8:cf:2e:78:e9:3e:83:ec:
6b:45:53:1a:e5:d6:c8:18:02:dd:6d:44:01:1d:be:
dc:57:6e:2e:59:f4:e9:49:e3:9b:12:95:b1:df:80:
2e:a8:6b:6a:fe:f5:ce:57:e5:8e:b1:dd:f6:fb:0b:
e0:4d:62:74:cf:f3:75:86:0a:b5:34:20:a7:79:95:
0f:02:50:5a:6a:f3:c1:ff:38:f0:e8:97:ff:72:68:
d1:4b:83:00:b4:eb:16:8f:82:80:75:6c:38:64:b5:
0e:e7:fc:51:03:78:d9:ec:5e:e8:1d:d5:38:f2:40:
69:14:9e:b4:1e:55:a5:e8:a7:c1:4d:2a:c4:92:82:
e6:51:55:36:35:a3:b6:ab:83:e0:6a:1b:81:72:bd:
7c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:FF:57:12:3B:F3:C9:9A:EA:70:B9:19:9C:97:9F:E5:50:D2:40:9A
X509v3 Authority Key Identifier:
keyid:B5:64:27:32:26:5D:40:BF:75:CA:94:A9:EC:81:19:21:1C:1B:9B:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/tWQnMiZdQL91ypSp7IEZIRwbmzI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tWQnMiZdQL91ypSp7IEZIRwbmzI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C128/664A9BCAFA6D11E3B6AC23505911EA32/DF821D20ABDE11ED954F5C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.32.0/19
45.65.13.0-45.65.15.255
103.9.236.0/22
103.13.116.0/22
103.15.178.0/24
103.230.76.0/22
103.241.120.0/22
103.255.248.0/24
113.197.96.0/22
116.93.128.0/20
119.30.0.0/21
120.136.0.0/21
150.107.32.0/22
163.47.204.0/22
202.74.192.0/19
203.84.224.0/20
203.211.64.0/18
IPv6:
2400:ee80::/32
2401:7000::/32
2402:3500::/32
Signature Algorithm: sha256WithRSAEncryption
8e:6a:b0:64:21:5a:e5:3c:55:cd:61:bc:7f:28:38:c8:a9:93:
c4:b9:42:76:21:08:b3:a0:fe:91:35:f1:5c:81:99:a0:d8:cd:
ae:05:d7:c2:2b:0a:1c:41:6f:0e:57:f0:be:b3:f6:8d:cf:eb:
9c:ac:da:b6:f1:16:ac:b9:e3:bd:56:b8:2f:a9:9e:6d:a1:c4:
ba:42:d0:4d:f2:21:fc:24:50:65:09:33:84:e6:ac:cc:a0:98:
e0:ad:57:a2:b9:ec:f0:b7:bd:a5:a4:15:ec:f4:a2:de:00:51:
bc:5b:0b:c0:d4:2e:df:3b:29:a7:e8:0b:0a:37:ad:43:1d:85:
a6:91:ea:c7:e1:fd:23:20:e9:fb:69:fa:17:3b:fc:12:be:1d:
82:e0:81:7f:52:97:4a:ed:56:40:1a:cd:9f:15:89:79:8d:fd:
cd:a1:a7:8d:cc:3b:58:d1:b6:49:be:d7:66:01:6f:4e:56:9d:
8b:d8:f3:5b:40:91:08:b0:5f:31:2e:08:99:8f:39:9d:6d:6b:
1c:63:a1:3a:6a:fb:d4:48:5d:9c:21:20:a3:a6:f8:3e:75:d9:
93:58:05:0b:da:ec:7b:f9:96:ad:40:89:44:26:28:23:e8:6d:
74:57:b4:37:79:b0:93:62:ee:c0:7c:51:77:b3:2f:b8:be:18:
39:70:9b:2b
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgICK3AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkMxMjgxMTAvBgNVBAUTKEI1NjQyNzMyMjY1RDQwQkY3NUNBOTRBOUVDODExOTIx
MUMxQjlCMzIwHhcNMjQwNjA2MTYwMzU0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYxZGRlYS0yMjAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmzWdgbz8/FhXOqk55lRKaMBAZuDlMSy3m9Rn4FRqPAcfPd+h/Pz6RACHSwHw
SFhKA/LPXsnajKT80/f6fUz9tYoMuT/Z0WgB9XvIxE7dIq8/r8PpKaKyk9FPpgY1
Du2JE5E0xzPlZT/ggRLwOuzRuM8ueOk+g+xrRVMa5dbIGALdbUQBHb7cV24uWfTp
SeObEpWx34AuqGtq/vXOV+WOsd32+wvgTWJ0z/N1hgq1NCCneZUPAlBaavPB/zjw
6Jf/cmjRS4MAtOsWj4KAdWw4ZLUO5/xRA3jZ7F7oHdU48kBpFJ60HlWl6KfBTSrE
koLmUVU2NaO2q4PgahuBcr18swIDAQABo4IDHTCCAxkwHQYDVR0OBBYEFKj/VxI7
88ma6nC5GZyXn+VQ0kCaMB8GA1UdIwQYMBaAFLVkJzImXUC/dcqUqeyBGSEcG5sy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzEyOC82NjRBOUJDQUZB
NkQxMUUzQjZBQzIzNTA1OTExRUEzMi90V1FuTWlaZFFMOTF5cFNwN0lFWklSd2Jt
ekkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RXUW5NaVpkUUw5MXlwU3A3SUVaSVJ3Ym16SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkMxMjgvNjY0QTlCQ0FGQTZEMTFFM0I2QUMyMzUwNTkxMUVBMzIvREY4MjFEMjBB
QkRFMTFFRDk1NEY1Qzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaYGCCsGAQUFBwEHAQH/
BIGWMIGTMHQEAgABMG4DBAUOASAwDAMEAC1BDQMEBC1BAAMEAmcJ7AMEAmcNdAME
AGcPsgMEAmfmTAMEAmfxeAMEAGf/+AMEAnHFYAMEBHRdgAMEA3ceAAMEA3iIAAME
ApZrIAMEAqMvzAMEBcpKwAMEBMtU4AMEBsvTQDAbBAIAAjAVAwUAJADugAMFACQB
cAADBQAkAjUAMA0GCSqGSIb3DQEBCwUAA4IBAQCOarBkIVrlPFXNYbx/KDjIqZPE
uUJ2IQizoP6RNfFcgZmg2M2uBdfCKwocQW8OV/C+s/aNz+ucrNq28RasueO9Vrgv
qZ5tocS6QtBN8iH8JFBlCTOE5qzMoJjgrVeiuezwt72lpBXs9KLeAFG8WwvA1C7f
Oymn6AsKN61DHYWmkerH4f0jIOn7afoXO/wSvh2C4IF/UpdK7VZAGs2fFYl5jf3N
oaeNzDtY0bZJvtdmAW9OVp2L2PNbQJEIsF8xLgiZjzmdbWscY6E6avvUSF2cISCj
pvg+ddmTWAUL2ux7+ZatQIlEJigj6G10V7Q3ebCTYu7AfFF3sy+4vhg5cJsr
-----END CERTIFICATE-----
Generated at Sun Nov 24 17:20:07 2024 by rpki-client on console-fra.rpki-client.org