Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917576D/2E767E3282CD11EA895C7B5CC4F9AE02/7DE09496DDD911EA90D9B84CC4F9AE02.roa
File: 7DE09496DDD911EA90D9B84CC4F9AE02.roa (raw, json)
Hash identifier: /SND4cbujhT7TqEgt/0aWxeQoWtrbzsjgSVcPJIkIEo=
Subject key identifier: 78:56:0C:28:7B:51:50:C5:47:7B:24:5B:9D:92:D2:8D:7C:B8:51:2C
Certificate issuer: /CN=A917576D/serialNumber=B70318D71AA0E804324E013C3097FDBCD60134D4
Certificate serial: 0995
Authority key identifier: B7:03:18:D7:1A:A0:E8:04:32:4E:01:3C:30:97:FD:BC:D6:01:34:D4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/twMY1xqg6AQyTgE8MJf9vNYBNNQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917576D/2E767E3282CD11EA895C7B5CC4F9AE02/7DE09496DDD911EA90D9B84CC4F9AE02.roa
Signing time: Thu 14 Nov 2024 19:58:56 +0000
ROA not before: Thu 14 Nov 2024 19:58:56 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 23764
IP address blocks: 63.140.3.0/24 maxlen: 24
63.140.4.0/24 maxlen: 24
63.140.5.0/24 maxlen: 24
63.140.6.0/24 maxlen: 24
63.140.7.0/24 maxlen: 24
63.140.8.0/24 maxlen: 24
63.140.9.0/24 maxlen: 24
63.140.10.0/24 maxlen: 24
63.140.11.0/24 maxlen: 24
63.140.13.0/24 maxlen: 24
63.140.14.0/24 maxlen: 24
63.140.15.0/24 maxlen: 24
69.194.160.0/24 maxlen: 24
69.194.161.0/24 maxlen: 24
69.194.162.0/24 maxlen: 24
69.194.163.0/24 maxlen: 24
69.194.164.0/24 maxlen: 24
69.194.165.0/24 maxlen: 24
69.194.166.0/24 maxlen: 24
69.194.167.0/24 maxlen: 24
69.194.168.0/24 maxlen: 24
69.194.170.0/24 maxlen: 24
69.194.171.0/24 maxlen: 24
69.194.172.0/24 maxlen: 24
69.194.173.0/24 maxlen: 24
69.194.174.0/24 maxlen: 24
69.194.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917576D/2E767E3282CD11EA895C7B5CC4F9AE02/twMY1xqg6AQyTgE8MJf9vNYBNNQ.crl
rsync://rpki.apnic.net/member_repository/A917576D/2E767E3282CD11EA895C7B5CC4F9AE02/twMY1xqg6AQyTgE8MJf9vNYBNNQ.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/twMY1xqg6AQyTgE8MJf9vNYBNNQ.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 19:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2453 (0x995)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917576D/serialNumber=B70318D71AA0E804324E013C3097FDBCD60134D4
Validity
Not Before: Nov 14 19:58:56 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67365680-1aa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:17:a4:0d:52:fe:f7:80:90:9e:8a:fe:9f:bf:
cc:59:dd:7e:f5:4d:04:bb:a1:e0:89:b3:5b:fa:3a:
f7:74:58:f5:a4:55:e6:fd:31:a4:ed:a8:89:30:1e:
e9:c5:d0:60:27:c2:ec:b2:a0:ae:75:1d:b2:4d:77:
7a:17:6e:ea:d8:30:92:f7:dc:d4:8f:69:dc:51:4b:
9a:e3:e1:30:f0:eb:59:10:a7:cd:b5:dc:88:cf:02:
5b:5a:4a:c7:e9:5a:1e:2e:4b:ff:2e:2c:b8:7f:bb:
aa:47:e5:cc:95:d5:d4:18:82:43:b1:96:4f:62:91:
7d:1a:30:7f:25:7a:d6:22:ef:ec:3c:b1:51:05:9b:
68:57:97:51:29:79:10:2f:43:ab:43:02:62:3d:af:
b8:64:7e:f3:72:99:cd:6e:c0:93:1f:51:93:9e:2e:
99:50:0a:c9:77:39:b3:9e:52:cd:9f:2c:c2:11:94:
bd:33:fe:8e:6e:3c:53:4e:8c:c6:46:cb:98:d5:5c:
d7:50:4e:1a:97:65:12:7b:58:5d:fd:ee:d3:9d:9d:
2e:f7:d7:ed:82:51:cf:f6:bf:b5:0a:09:ab:23:bd:
0b:a6:41:f4:56:1b:c5:e7:2f:0b:3a:ca:c2:fb:4e:
7d:39:96:70:65:6a:eb:e5:34:5a:6e:53:b8:03:56:
d4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:56:0C:28:7B:51:50:C5:47:7B:24:5B:9D:92:D2:8D:7C:B8:51:2C
X509v3 Authority Key Identifier:
keyid:B7:03:18:D7:1A:A0:E8:04:32:4E:01:3C:30:97:FD:BC:D6:01:34:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917576D/2E767E3282CD11EA895C7B5CC4F9AE02/twMY1xqg6AQyTgE8MJf9vNYBNNQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/twMY1xqg6AQyTgE8MJf9vNYBNNQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917576D/2E767E3282CD11EA895C7B5CC4F9AE02/7DE09496DDD911EA90D9B84CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
63.140.3.0-63.140.11.255
63.140.13.0-63.140.15.255
69.194.160.0-69.194.168.255
69.194.170.0-69.194.175.255
Signature Algorithm: sha256WithRSAEncryption
32:fb:c5:e4:d2:58:77:d1:eb:32:27:c2:e3:30:45:e2:b3:0b:
a7:54:af:49:fa:bb:3b:15:37:06:30:d7:00:cc:9b:65:d3:96:
e1:d1:16:aa:b9:10:9a:37:fb:6e:2f:8a:97:fc:87:c0:40:c2:
e8:02:0a:fc:cf:70:76:01:16:19:90:2e:94:e5:cc:c2:1e:c4:
86:85:a9:cb:20:40:c6:72:58:71:6b:b1:35:25:3f:41:be:98:
50:54:27:ee:bf:82:cd:59:28:f4:4d:9e:73:ef:1f:b1:12:58:
83:9a:ed:bd:b0:98:21:26:9f:fc:98:24:c5:ed:52:b5:3a:da:
b4:61:a6:f6:9f:a4:7f:6d:6c:0f:db:d5:9b:9c:2d:7e:1f:cc:
a6:dc:2e:04:b4:f7:ce:cc:04:88:da:24:96:7b:70:e6:17:30:
45:69:b7:da:4b:77:28:76:3c:92:30:4e:90:e9:1f:07:9b:34:
2b:b1:0a:73:67:37:65:b3:64:5c:dd:33:1f:ec:2f:6b:21:3b:
c1:63:74:17:7e:a0:71:71:a3:44:78:45:2d:2f:02:92:70:2b:
4e:20:11:ba:a4:af:19:43:13:af:e3:02:5a:99:dc:6a:37:3a:
97:79:7a:2c:50:9c:33:0f:f5:4b:bc:67:58:68:5f:55:0a:c2:
c9:64:1f:8f
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgICCZUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU3NkQxMTAvBgNVBAUTKEI3MDMxOEQ3MUFBMEU4MDQzMjRFMDEzQzMwOTdGREJD
RDYwMTM0RDQwHhcNMjQxMTE0MTk1ODU2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzM2NTY4MC0xYWE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtRekDVL+94CQnor+n7/MWd1+9U0Eu6HgibNb+jr3dFj1pFXm/TGk7aiJMB7p
xdBgJ8LssqCudR2yTXd6F27q2DCS99zUj2ncUUua4+Ew8OtZEKfNtdyIzwJbWkrH
6VoeLkv/Liy4f7uqR+XMldXUGIJDsZZPYpF9GjB/JXrWIu/sPLFRBZtoV5dRKXkQ
L0OrQwJiPa+4ZH7zcpnNbsCTH1GTni6ZUArJdzmznlLNnyzCEZS9M/6ObjxTTozG
RsuY1VzXUE4al2USe1hd/e7TnZ0u99ftglHP9r+1CgmrI70LpkH0VhvF5y8LOsrC
+059OZZwZWrr5TRablO4A1bUqwIDAQABo4ICxzCCAsMwHQYDVR0OBBYEFHhWDCh7
UVDFR3skW52S0o18uFEsMB8GA1UdIwQYMBaAFLcDGNcaoOgEMk4BPDCX/bzWATTU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTc2RC8yRTc2N0UzMjgy
Q0QxMUVBODk1QzdCNUNDNEY5QUUwMi90d01ZMXhxZzZBUXlUZ0U4TUpmOXZOWUJO
TlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3R3TVkxeHFnNkFReVRnRThNSmY5dk5ZQk5OUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU3NkQvMkU3NjdFMzI4MkNEMTFFQTg5NUM3QjVDQzRGOUFFMDIvN0RFMDk0OTZE
REQ5MTFFQTkwRDlCODRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUQYIKwYBBQUHAQcBAf8E
QjBAMD4EAgABMDgwDAMEAD+MAwMEAj+MCDAMAwQAP4wNAwQEP4wAMAwDBAVFwqAD
BABFwqgwDAMEAUXCqgMEBEXCoDANBgkqhkiG9w0BAQsFAAOCAQEAMvvF5NJYd9Hr
MifC4zBF4rMLp1SvSfq7OxU3BjDXAMybZdOW4dEWqrkQmjf7bi+Kl/yHwEDC6AIK
/M9wdgEWGZAulOXMwh7EhoWpyyBAxnJYcWuxNSU/Qb6YUFQn7r+CzVko9E2ec+8f
sRJYg5rtvbCYISaf/Jgkxe1StTratGGm9p+kf21sD9vVm5wtfh/MptwuBLT3zswE
iNoklntw5hcwRWm32kt3KHY8kjBOkOkfB5s0K7EKc2c3ZbNkXN0zH+wvayE7wWN0
F36gcXGjRHhFLS8CknArTiARuqSvGUMTr+MCWpncajc6l3l6LFCcMw/1S7xnWGhf
VQrCyWQfjw==
-----END CERTIFICATE-----
Generated at Wed Nov 20 21:34:52 2024 by rpki-client on console-ams.rpki-client.org