Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/8D2DEDF4C2A811EBA79A7055C4F9AE02.roa
File: 8D2DEDF4C2A811EBA79A7055C4F9AE02.roa (raw, json)
Hash identifier: Oshcmtad/KvmUpSI93xZ/kh7sRubX6+t4AuZaFJtzXY=
Subject key identifier: E1:37:25:74:39:78:18:D0:CC:5E:E3:CD:E6:5A:E7:6B:30:D8:F9:0C
Certificate issuer: /CN=A9172878/serialNumber=A3D00626C2F9B462C5507FF180C36DE9C3399CB2
Certificate serial: 33F3
Authority key identifier: A3:D0:06:26:C2:F9:B4:62:C5:50:7F:F1:80:C3:6D:E9:C3:39:9C:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/8D2DEDF4C2A811EBA79A7055C4F9AE02.roa
Signing time: Thu 14 Dec 2023 14:40:33 +0000
ROA not before: Thu 14 Dec 2023 14:40:33 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 18399
IP address blocks: 61.4.65.0/24 maxlen: 24
61.4.68.0/24 maxlen: 24
61.4.69.0/24 maxlen: 24
61.4.70.0/24 maxlen: 24
61.4.71.0/24 maxlen: 24
61.4.72.0/24 maxlen: 24
61.4.73.0/24 maxlen: 24
61.4.74.0/24 maxlen: 24
61.4.75.0/24 maxlen: 24
61.4.76.0/24 maxlen: 24
61.4.77.0/24 maxlen: 24
61.4.78.0/24 maxlen: 24
61.4.79.0/24 maxlen: 24
122.248.100.0/24 maxlen: 24
122.248.101.0/24 maxlen: 24
122.248.102.0/24 maxlen: 24
122.248.103.0/24 maxlen: 24
122.248.104.0/24 maxlen: 24
122.248.105.0/24 maxlen: 24
122.248.106.0/24 maxlen: 24
122.248.112.0/24 maxlen: 24
122.248.113.0/24 maxlen: 24
122.248.118.0/24 maxlen: 24
122.248.119.0/24 maxlen: 24
122.248.120.0/24 maxlen: 24
122.248.121.0/24 maxlen: 24
122.248.122.0/24 maxlen: 24
122.248.126.0/24 maxlen: 24
203.81.160.0/24 maxlen: 24
203.81.161.0/24 maxlen: 24
203.81.162.0/24 maxlen: 24
203.81.163.0/24 maxlen: 24
203.81.164.0/24 maxlen: 24
203.81.165.0/24 maxlen: 24
203.81.168.0/24 maxlen: 24
203.81.169.0/24 maxlen: 24
203.81.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.crl
rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:32:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13299 (0x33f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172878/serialNumber=A3D00626C2F9B462C5507FF180C36DE9C3399CB2
Validity
Not Before: Dec 14 14:40:33 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=657b13e0-204a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:86:dd:1f:8a:43:ac:dd:a5:e8:4a:08:74:d4:
c2:9a:11:e8:ab:7d:47:0c:4c:fd:a2:d0:c5:1d:80:
78:73:1b:81:51:b7:d8:c8:2f:09:0f:87:1c:0b:31:
fe:f5:31:74:6f:c2:39:4d:ec:97:dd:30:ff:ba:48:
e2:23:6d:7d:6a:0f:50:87:ef:a9:f1:27:e8:42:85:
7e:4f:5d:36:9e:d0:3e:58:d7:dc:4c:b3:f4:cf:d6:
8c:e4:83:08:76:04:41:9b:c1:04:60:7d:f8:03:d7:
ff:3f:bc:2d:62:72:78:e0:37:45:dc:93:43:19:4f:
da:fc:46:99:51:52:49:ed:0b:c8:41:71:f7:54:c3:
67:0f:e1:4c:e2:f5:b7:9e:61:8b:6f:83:d7:89:16:
c4:77:85:23:ac:6a:79:8d:67:35:14:86:00:bc:05:
03:61:d6:06:5b:83:55:7e:93:95:d6:e5:bc:c7:c1:
7f:4d:d3:ef:07:2f:72:f4:d0:6e:b9:1d:02:ff:98:
a2:1d:9e:33:0d:43:b4:86:b7:2e:a0:78:ce:67:6a:
1b:f2:2b:01:a9:5e:52:aa:1c:c3:ad:d0:42:aa:cc:
5a:1d:d0:b8:82:b2:3c:e0:d0:02:b3:f5:1a:10:97:
55:2c:9e:b3:62:ca:ab:45:4d:1c:f0:ae:86:3e:7d:
46:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:37:25:74:39:78:18:D0:CC:5E:E3:CD:E6:5A:E7:6B:30:D8:F9:0C
X509v3 Authority Key Identifier:
keyid:A3:D0:06:26:C2:F9:B4:62:C5:50:7F:F1:80:C3:6D:E9:C3:39:9C:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/8D2DEDF4C2A811EBA79A7055C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.4.65.0/24
61.4.68.0-61.4.79.255
122.248.100.0-122.248.106.255
122.248.112.0/23
122.248.118.0-122.248.122.255
122.248.126.0/24
203.81.160.0-203.81.165.255
203.81.168.0/23
203.81.172.0/22
Signature Algorithm: sha256WithRSAEncryption
df:dd:85:a3:97:92:97:88:c1:84:64:45:8d:a5:e3:64:ce:ea:
cc:9c:1e:fd:17:40:96:d5:7c:41:d0:3f:7c:83:89:5d:20:bb:
28:20:1e:cf:d9:d1:5c:72:20:5b:21:65:9f:db:05:e9:15:61:
5d:e4:c7:9f:bf:c7:c6:94:f7:67:64:f5:e7:cd:f1:7f:56:31:
ff:37:de:9d:43:d8:ec:2d:61:d3:fd:11:f2:01:ca:94:c2:b3:
c4:55:ad:c4:3d:31:29:75:e1:d4:fc:fe:96:2a:24:24:d4:bf:
be:5f:8c:1c:bc:c5:d1:2b:b6:6f:59:f4:fe:ee:20:9d:2b:bc:
86:84:0b:37:da:2a:d7:2d:72:f1:11:19:6d:22:e0:a7:19:4e:
66:02:26:10:77:ed:57:2e:48:d1:17:1c:09:a4:99:05:92:d5:
05:24:86:39:d3:28:2c:f6:35:9f:21:f4:83:96:84:7b:10:75:
8f:af:2c:23:e4:90:43:fe:8e:e1:9d:d3:8a:31:1b:4c:c1:82:
4c:ea:0c:3f:fe:8b:01:d4:ac:b9:93:58:b9:fe:62:3a:3e:cd:
20:66:2c:8d:d0:81:e8:8f:3d:e4:1f:74:c0:39:99:69:36:ac:
98:00:44:0c:93:b5:3d:d2:d7:6d:7f:62:4a:2c:e5:95:1f:e4:
87:71:6d:3e
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgICM/MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzI4NzgxMTAvBgNVBAUTKEEzRDAwNjI2QzJGOUI0NjJDNTUwN0ZGMTgwQzM2REU5
QzMzOTlDQjIwHhcNMjMxMjE0MTQ0MDMzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTdiMTNlMC0yMDRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuobdH4pDrN2l6EoIdNTCmhHoq31HDEz9otDFHYB4cxuBUbfYyC8JD4ccCzH+
9TF0b8I5TeyX3TD/ukjiI219ag9Qh++p8SfoQoV+T102ntA+WNfcTLP0z9aM5IMI
dgRBm8EEYH34A9f/P7wtYnJ44DdF3JNDGU/a/EaZUVJJ7QvIQXH3VMNnD+FM4vW3
nmGLb4PXiRbEd4UjrGp5jWc1FIYAvAUDYdYGW4NVfpOV1uW8x8F/TdPvBy9y9NBu
uR0C/5iiHZ4zDUO0hrcuoHjOZ2ob8isBqV5SqhzDrdBCqsxaHdC4grI84NACs/Ua
EJdVLJ6zYsqrRU0c8K6GPn1GcwIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFOE3JXQ5
eBjQzF7jzeZa52sw2PkMMB8GA1UdIwQYMBaAFKPQBibC+bRixVB/8YDDbenDOZyy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Mjg3OC80Qzk5OEEzNjFE
OEExMUUyOEExRjIzRTQwOEIwMkNEMi9vOUFHSnNMNXRHTEZVSF94Z01OdDZjTTVu
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL285QUdKc0w1dEdMRlVIX3hnTU50NmNNNW5MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzI4NzgvNEM5OThBMzYxRDhBMTFFMjhBMUYyM0U0MDhCMDJDRDIvOEQyREVERjRD
MkE4MTFFQkE3OUE3MDU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbwYIKwYBBQUHAQcBAf8E
YDBeMFwEAgABMFYDBAA9BEEwDAMEAj0ERAMEBD0EQDAMAwQCevhkAwQAevhqAwQB
evhwMAwDBAF6+HYDBAB6+HoDBAB6+H4wDAMEBctRoAMEActRpAMEActRqAMEAstR
rDANBgkqhkiG9w0BAQsFAAOCAQEA392Fo5eSl4jBhGRFjaXjZM7qzJwe/RdAltV8
QdA/fIOJXSC7KCAez9nRXHIgWyFln9sF6RVhXeTHn7/HxpT3Z2T1583xf1Yx/zfe
nUPY7C1h0/0R8gHKlMKzxFWtxD0xKXXh1Pz+liokJNS/vl+MHLzF0Su2b1n0/u4g
nSu8hoQLN9oq1y1y8REZbSLgpxlOZgImEHftVy5I0RccCaSZBZLVBSSGOdMoLPY1
nyH0g5aEexB1j68sI+SQQ/6O4Z3TijEbTMGCTOoMP/6LAdSsuZNYuf5iOj7NIGYs
jdCB6I895B90wDmZaTasmABEDJO1PdLXbX9iSizllR/kh3FtPg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:25:38 2024 by rpki-client on console-fra.rpki-client.org