Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916FA49/A4C0CA96900911EE9E54A033C4F9AE02/A265A002901611EE89038D46C4F9AE02.roa
File: A265A002901611EE89038D46C4F9AE02.roa (raw, json)
Hash identifier: Zt5qvo7bdT8x4NuI4JryFe04Cr3lcEVUUTE57WJ4weQ=
Subject key identifier: AF:7C:D6:3A:E4:E3:A5:10:38:EE:34:C2:89:0C:E3:6B:DC:A8:A4:2B
Certificate issuer: /CN=A916FA49/serialNumber=CD65E6740BAE7EB33BD5E538C9EE6DE8B3354431
Certificate serial: 45
Authority key identifier: CD:65:E6:74:0B:AE:7E:B3:3B:D5:E5:38:C9:EE:6D:E8:B3:35:44:31
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zWXmdAuufrM71eU4ye5t6LM1RDE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916FA49/A4C0CA96900911EE9E54A033C4F9AE02/A265A002901611EE89038D46C4F9AE02.roa
Signing time: Tue 26 Mar 2024 17:35:17 +0000
ROA not before: Tue 26 Mar 2024 17:35:17 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 9411
IP address blocks: 158.108.0.0/16 maxlen: 16
158.108.0.0/20 maxlen: 20
158.108.0.0/22 maxlen: 22
158.108.4.0/22 maxlen: 22
158.108.8.0/22 maxlen: 22
158.108.12.0/22 maxlen: 22
158.108.16.0/20 maxlen: 20
158.108.16.0/22 maxlen: 22
158.108.20.0/22 maxlen: 22
158.108.24.0/22 maxlen: 22
158.108.28.0/22 maxlen: 22
158.108.32.0/20 maxlen: 20
158.108.32.0/22 maxlen: 22
158.108.36.0/22 maxlen: 22
158.108.40.0/22 maxlen: 22
158.108.44.0/22 maxlen: 22
158.108.48.0/20 maxlen: 20
158.108.48.0/22 maxlen: 22
158.108.52.0/22 maxlen: 22
158.108.56.0/22 maxlen: 22
158.108.60.0/22 maxlen: 22
158.108.64.0/20 maxlen: 20
158.108.64.0/22 maxlen: 22
158.108.68.0/22 maxlen: 22
158.108.72.0/22 maxlen: 22
158.108.76.0/22 maxlen: 22
158.108.80.0/20 maxlen: 20
158.108.80.0/22 maxlen: 22
158.108.84.0/22 maxlen: 22
158.108.88.0/22 maxlen: 22
158.108.92.0/22 maxlen: 22
158.108.96.0/20 maxlen: 20
158.108.96.0/22 maxlen: 22
158.108.100.0/22 maxlen: 22
158.108.104.0/22 maxlen: 22
158.108.108.0/22 maxlen: 22
158.108.112.0/20 maxlen: 20
158.108.112.0/22 maxlen: 22
158.108.116.0/22 maxlen: 22
158.108.120.0/22 maxlen: 22
158.108.124.0/22 maxlen: 22
158.108.128.0/20 maxlen: 20
158.108.128.0/22 maxlen: 22
158.108.132.0/22 maxlen: 22
158.108.136.0/22 maxlen: 22
158.108.140.0/22 maxlen: 22
158.108.144.0/20 maxlen: 20
158.108.144.0/22 maxlen: 22
158.108.148.0/22 maxlen: 22
158.108.152.0/22 maxlen: 22
158.108.156.0/22 maxlen: 22
158.108.160.0/20 maxlen: 20
158.108.160.0/22 maxlen: 22
158.108.164.0/22 maxlen: 22
158.108.168.0/22 maxlen: 22
158.108.172.0/22 maxlen: 22
158.108.176.0/20 maxlen: 20
158.108.176.0/22 maxlen: 22
158.108.180.0/22 maxlen: 22
158.108.184.0/22 maxlen: 22
158.108.188.0/22 maxlen: 22
158.108.192.0/20 maxlen: 20
158.108.192.0/22 maxlen: 22
158.108.196.0/22 maxlen: 22
158.108.200.0/22 maxlen: 22
158.108.204.0/22 maxlen: 22
158.108.208.0/20 maxlen: 20
158.108.208.0/22 maxlen: 22
158.108.212.0/22 maxlen: 22
158.108.216.0/22 maxlen: 22
158.108.220.0/22 maxlen: 22
158.108.224.0/20 maxlen: 20
158.108.224.0/22 maxlen: 22
158.108.228.0/22 maxlen: 22
158.108.232.0/22 maxlen: 22
158.108.236.0/22 maxlen: 22
158.108.240.0/20 maxlen: 20
158.108.240.0/22 maxlen: 22
158.108.244.0/22 maxlen: 22
158.108.248.0/22 maxlen: 22
158.108.252.0/22 maxlen: 22
192.102.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916FA49/A4C0CA96900911EE9E54A033C4F9AE02/zWXmdAuufrM71eU4ye5t6LM1RDE.crl
rsync://rpki.apnic.net/member_repository/A916FA49/A4C0CA96900911EE9E54A033C4F9AE02/zWXmdAuufrM71eU4ye5t6LM1RDE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zWXmdAuufrM71eU4ye5t6LM1RDE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 17:42:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69 (0x45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916FA49/serialNumber=CD65E6740BAE7EB33BD5E538C9EE6DE8B3354431
Validity
Not Before: Mar 26 17:35:17 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66030755-922b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1b:8d:3f:80:29:df:30:5b:38:4e:84:1f:bb:
20:9b:da:d4:74:85:72:1c:42:ca:5b:1b:f7:a4:0a:
fb:5c:35:ee:80:a9:7c:8b:67:61:15:d9:f7:85:4b:
06:83:e9:2f:b0:95:3f:16:b6:c4:94:61:8a:7a:51:
36:21:e7:07:6f:68:cc:9e:53:7d:25:bb:84:34:e8:
59:ea:a1:60:2d:05:5d:06:33:a4:bf:e1:7d:f4:30:
eb:04:16:9b:c5:cb:9f:95:f2:df:c4:bf:8e:f1:c5:
47:d6:3a:87:b1:99:8d:f9:bb:bf:9f:ed:8e:76:29:
84:f9:1e:e0:65:18:23:90:7c:e8:88:3c:39:a5:45:
5d:33:1c:63:22:da:a5:67:e5:ea:69:99:fa:cb:ff:
83:46:82:8f:8b:72:8d:bc:73:ad:41:62:4c:e4:b5:
8a:69:e4:80:e4:71:b4:6b:5a:35:3e:7a:bd:b2:6c:
c6:47:a3:ea:fe:83:9a:d6:e4:6a:10:af:95:26:01:
16:78:6f:95:49:a3:9d:a3:7a:b8:e4:f5:fe:1a:e0:
3d:3c:60:55:8f:37:0e:75:fd:d9:84:45:95:b6:ce:
8f:d1:33:50:80:40:07:70:0e:a9:7a:fc:5f:27:eb:
57:4c:85:19:1f:cf:5d:37:9e:a4:df:7a:e3:b3:49:
91:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:7C:D6:3A:E4:E3:A5:10:38:EE:34:C2:89:0C:E3:6B:DC:A8:A4:2B
X509v3 Authority Key Identifier:
keyid:CD:65:E6:74:0B:AE:7E:B3:3B:D5:E5:38:C9:EE:6D:E8:B3:35:44:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916FA49/A4C0CA96900911EE9E54A033C4F9AE02/zWXmdAuufrM71eU4ye5t6LM1RDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/zWXmdAuufrM71eU4ye5t6LM1RDE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916FA49/A4C0CA96900911EE9E54A033C4F9AE02/A265A002901611EE89038D46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
158.108.0.0/16
192.102.83.0/24
Signature Algorithm: sha256WithRSAEncryption
26:4f:88:0d:c3:be:e1:e1:22:be:44:3f:55:20:b5:e1:e6:2c:
0b:6a:06:42:84:04:d9:14:eb:fd:de:75:be:eb:ea:e4:34:fa:
85:fe:5c:eb:7d:0b:f3:28:c0:c7:f9:4c:43:e4:3d:71:8d:5f:
e9:24:53:9d:de:f8:4d:3f:44:a0:4e:c1:46:7f:c4:bf:ec:42:
67:5a:af:49:f0:80:e4:0c:88:4a:0c:d8:b0:3b:8a:32:bb:17:
c3:29:12:3e:b2:96:68:b1:11:31:b6:9c:8f:14:77:84:fe:a6:
a7:3d:ea:05:46:e2:b3:dd:8e:60:be:f0:ec:6b:13:d2:25:d7:
1a:8a:3e:04:bf:c6:b4:f6:06:f6:a1:84:95:1a:6c:a4:57:45:
3c:1f:a1:75:e9:09:d8:99:f6:4e:18:2a:1d:de:43:b0:b7:59:
af:a9:5b:97:8a:8e:36:b8:95:db:c8:85:21:5d:b8:2b:b0:61:
8a:87:8c:43:3d:06:ed:30:25:44:f8:5a:20:c0:c9:30:ef:9a:
bf:a6:6f:9f:ee:53:43:31:da:54:6a:f8:49:55:5f:7d:e8:6f:
94:a0:b2:d7:9d:51:b8:18:79:bc:ce:63:22:22:83:7f:d8:21:
8e:89:1d:03:9a:46:e8:37:de:cf:62:77:59:0e:63:e0:df:c8:
18:f4:d7:0f
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIBRTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
RkE0OTExMC8GA1UEBRMoQ0Q2NUU2NzQwQkFFN0VCMzNCRDVFNTM4QzlFRTZERThC
MzM1NDQzMTAeFw0yNDAzMjYxNzM1MTdaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MDMwNzU1LTkyMmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDgG40/gCnfMFs4ToQfuyCb2tR0hXIcQspbG/ekCvtcNe6AqXyLZ2EV2feFSwaD
6S+wlT8WtsSUYYp6UTYh5wdvaMyeU30lu4Q06FnqoWAtBV0GM6S/4X30MOsEFpvF
y5+V8t/Ev47xxUfWOoexmY35u7+f7Y52KYT5HuBlGCOQfOiIPDmlRV0zHGMi2qVn
5eppmfrL/4NGgo+Lco28c61BYkzktYpp5IDkcbRrWjU+er2ybMZHo+r+g5rW5GoQ
r5UmARZ4b5VJo52jerjk9f4a4D08YFWPNw51/dmERZW2zo/RM1CAQAdwDql6/F8n
61dMhRkfz103nqTfeuOzSZE5AgMBAAGjggKaMIICljAdBgNVHQ4EFgQUr3zWOuTj
pRA47jTCiQzja9yopCswHwYDVR0jBBgwFoAUzWXmdAuufrM71eU4ye5t6LM1RDEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZGQTQ5L0E0QzBDQTk2OTAw
OTExRUU5RTU0QTAzM0M0RjlBRTAyL3pXWG1kQXV1ZnJNNzFlVTR5ZTV0NkxNMVJE
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIveldYbWRBdXVmck03MWVVNHllNXQ2TE0xUkRFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
RkE0OS9BNEMwQ0E5NjkwMDkxMUVFOUU1NEEwMzNDNEY5QUUwMi9BMjY1QTAwMjkw
MTYxMUVFODkwMzhENDZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAkBggrBgEFBQcBBwEB/wQV
MBMwEQQCAAEwCwMDAJ5sAwQAwGZTMA0GCSqGSIb3DQEBCwUAA4IBAQAmT4gNw77h
4SK+RD9VILXh5iwLagZChATZFOv93nW+6+rkNPqF/lzrfQvzKMDH+UxD5D1xjV/p
JFOd3vhNP0SgTsFGf8S/7EJnWq9J8IDkDIhKDNiwO4oyuxfDKRI+spZosRExtpyP
FHeE/qanPeoFRuKz3Y5gvvDsaxPSJdcaij4Ev8a09gb2oYSVGmykV0U8H6F16QnY
mfZOGCod3kOwt1mvqVuXio42uJXbyIUhXbgrsGGKh4xDPQbtMCVE+FogwMkw75q/
pm+f7lNDMdpUavhJVV996G+UoLLXnVG4GHm8zmMiIoN/2CGOiR0DmkboN97PYndZ
DmPg38gY9NcP
-----END CERTIFICATE-----
Generated at Fri May 31 20:34:06 2024 by rpki-client on console-ams.rpki-client.org