Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/C552F48EC80011EAAD578B77C4F9AE02.roa
File: C552F48EC80011EAAD578B77C4F9AE02.roa (raw, json)
Hash identifier: lt2z/i16iGevd+NyEOesnGgIVVz5szDiZpCP8s2poXc=
Subject key identifier: 59:7B:36:0E:59:06:AF:E9:36:9C:56:56:A7:86:C8:92:52:9B:15:2A
Certificate issuer: /CN=A9172878/serialNumber=A3D00626C2F9B462C5507FF180C36DE9C3399CB2
Certificate serial: 33F2
Authority key identifier: A3:D0:06:26:C2:F9:B4:62:C5:50:7F:F1:80:C3:6D:E9:C3:39:9C:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/C552F48EC80011EAAD578B77C4F9AE02.roa
Signing time: Thu 14 Dec 2023 14:40:32 +0000
ROA not before: Thu 14 Dec 2023 14:40:32 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 131322
IP address blocks: 61.4.64.0/20 maxlen: 20
61.4.64.0/24 maxlen: 24
61.4.65.0/24 maxlen: 24
61.4.66.0/24 maxlen: 24
61.4.67.0/24 maxlen: 24
61.4.68.0/24 maxlen: 24
61.4.69.0/24 maxlen: 24
61.4.70.0/24 maxlen: 24
61.4.71.0/24 maxlen: 24
61.4.73.0/24 maxlen: 24
61.4.74.0/24 maxlen: 24
61.4.75.0/24 maxlen: 24
61.4.76.0/24 maxlen: 24
61.4.77.0/24 maxlen: 24
61.4.78.0/24 maxlen: 24
61.4.79.0/24 maxlen: 24
122.248.96.0/19 maxlen: 19
122.248.107.0/24 maxlen: 24
122.248.108.0/24 maxlen: 24
122.248.109.0/24 maxlen: 24
122.248.110.0/24 maxlen: 24
122.248.111.0/24 maxlen: 24
122.248.117.0/24 maxlen: 24
203.81.160.0/20 maxlen: 20
203.81.166.0/24 maxlen: 24
203.81.167.0/24 maxlen: 24
203.81.170.0/24 maxlen: 24
2406:ea00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.crl
rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13298 (0x33f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172878/serialNumber=A3D00626C2F9B462C5507FF180C36DE9C3399CB2
Validity
Not Before: Dec 14 14:40:32 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=657b13df-9678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ec:a5:85:70:8f:81:34:95:c9:f7:18:91:fa:
68:da:e3:39:29:30:e6:3d:d2:f6:fa:2c:0f:91:6b:
20:81:ca:6d:fe:11:9d:95:4f:ab:18:8f:02:bd:33:
46:d1:cf:cc:e3:d0:d3:e3:91:e0:b9:8d:8f:5b:f4:
1f:fe:38:fe:8c:3b:4e:20:22:18:68:57:d8:ba:21:
27:9f:5f:38:5d:a7:b6:39:9a:5d:ca:ce:3b:75:ed:
6f:7e:d0:4d:88:32:11:46:b5:eb:e0:c4:7c:3a:a5:
be:50:53:e2:f8:30:15:bd:ff:86:4a:1a:13:71:50:
b6:50:2e:49:24:ed:ef:07:57:df:3f:ad:04:3b:07:
82:1e:11:52:12:9f:1f:55:bf:95:e1:92:2a:a7:3b:
18:8d:d1:6a:6b:6f:38:6c:d7:e5:49:27:02:04:9e:
9c:cd:c5:5b:93:9f:d8:51:b7:48:b1:30:31:7a:75:
97:8e:12:55:ed:12:ec:30:b7:01:9f:ec:d9:8b:7e:
4a:33:8c:b1:01:67:ed:11:78:c3:fe:9f:8c:2b:6e:
f2:17:f0:0c:86:50:41:b8:3b:31:95:74:d0:99:f8:
4a:82:86:cf:c8:95:00:8f:d0:37:3b:77:ff:b4:6a:
0a:08:f3:7d:bd:ae:ff:b4:e0:86:29:67:7c:66:37:
bc:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:7B:36:0E:59:06:AF:E9:36:9C:56:56:A7:86:C8:92:52:9B:15:2A
X509v3 Authority Key Identifier:
keyid:A3:D0:06:26:C2:F9:B4:62:C5:50:7F:F1:80:C3:6D:E9:C3:39:9C:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9AGJsL5tGLFUH_xgMNt6cM5nLI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172878/4C998A361D8A11E28A1F23E408B02CD2/C552F48EC80011EAAD578B77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.4.64.0/20
122.248.96.0/19
203.81.160.0/20
IPv6:
2406:ea00::/32
Signature Algorithm: sha256WithRSAEncryption
bc:3b:cd:72:dc:b8:e5:c0:c2:a1:d1:bc:78:28:b3:2b:5b:0b:
45:79:32:ea:d8:1e:3f:a3:70:32:a8:4e:0d:28:24:ea:82:ac:
52:18:46:1a:79:6b:25:ce:2d:62:cf:01:88:55:5c:d6:b7:a6:
5f:10:27:9e:9c:22:a6:0f:57:a4:b0:63:e8:39:eb:86:ee:74:
80:05:8d:8f:7d:cf:83:ee:f9:f6:35:22:60:53:fe:87:b6:66:
67:ac:4c:b6:44:95:13:f1:6d:32:dd:7d:09:a5:19:4f:b8:c5:
e0:e8:ac:36:91:69:c6:38:65:98:ed:3d:b0:14:50:83:e6:86:
7b:b4:37:f4:f9:44:1e:42:58:2e:77:99:e2:a1:cf:75:d6:3f:
90:81:3c:e1:20:f6:8c:ea:3e:1c:2d:b1:41:f3:e7:71:e4:33:
28:19:d5:d6:08:5c:f9:8a:7b:f9:53:56:df:fe:58:0f:53:9c:
65:e9:57:ea:db:c3:78:95:ac:a0:c8:f3:91:98:2d:64:f0:35:
bb:74:fc:5f:22:fe:03:1a:b1:ad:2c:e6:a3:7e:63:de:62:a7:
e9:45:3e:ad:0c:ab:e4:54:42:53:2f:eb:4a:28:59:a3:81:be:
e9:2e:61:b0:f6:7e:a0:e4:44:df:d1:f1:42:35:66:fb:59:76:
54:3e:1d:94
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICM/IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzI4NzgxMTAvBgNVBAUTKEEzRDAwNjI2QzJGOUI0NjJDNTUwN0ZGMTgwQzM2REU5
QzMzOTlDQjIwHhcNMjMxMjE0MTQ0MDMyWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTdiMTNkZi05Njc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6uylhXCPgTSVyfcYkfpo2uM5KTDmPdL2+iwPkWsggcpt/hGdlU+rGI8CvTNG
0c/M49DT45HguY2PW/Qf/jj+jDtOICIYaFfYuiEnn184Xae2OZpdys47de1vftBN
iDIRRrXr4MR8OqW+UFPi+DAVvf+GShoTcVC2UC5JJO3vB1ffP60EOweCHhFSEp8f
Vb+V4ZIqpzsYjdFqa284bNflSScCBJ6czcVbk5/YUbdIsTAxenWXjhJV7RLsMLcB
n+zZi35KM4yxAWftEXjD/p+MK27yF/AMhlBBuDsxlXTQmfhKgobPyJUAj9A3O3f/
tGoKCPN9va7/tOCGKWd8Zje8OwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFFl7Ng5Z
Bq/pNpxWVqeGyJJSmxUqMB8GA1UdIwQYMBaAFKPQBibC+bRixVB/8YDDbenDOZyy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Mjg3OC80Qzk5OEEzNjFE
OEExMUUyOEExRjIzRTQwOEIwMkNEMi9vOUFHSnNMNXRHTEZVSF94Z01OdDZjTTVu
TEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL285QUdKc0w1dEdMRlVIX3hnTU50NmNNNW5MSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzI4NzgvNEM5OThBMzYxRDhBMTFFMjhBMUYyM0U0MDhCMDJDRDIvQzU1MkY0OEVD
ODAwMTFFQUFENTc4Qjc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAQ9BEADBAV6+GADBATLUaAwDQQCAAIwBwMFACQG6gAwDQYJ
KoZIhvcNAQELBQADggEBALw7zXLcuOXAwqHRvHgosytbC0V5MurYHj+jcDKoTg0o
JOqCrFIYRhp5ayXOLWLPAYhVXNa3pl8QJ56cIqYPV6SwY+g564budIAFjY99z4Pu
+fY1ImBT/oe2ZmesTLZElRPxbTLdfQmlGU+4xeDorDaRacY4ZZjtPbAUUIPmhnu0
N/T5RB5CWC53meKhz3XWP5CBPOEg9ozqPhwtsUHz53HkMygZ1dYIXPmKe/lTVt/+
WA9TnGXpV+rbw3iVrKDI85GYLWTwNbt0/F8i/gMasa0s5qN+Y95ip+lFPq0Mq+RU
QlMv60ooWaOBvukuYbD2fqDkRN/R8UI1ZvtZdlQ+HZQ=
-----END CERTIFICATE-----
Generated at Fri May 10 16:38:08 2024 by rpki-client on console-ams.rpki-client.org