Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/AD3B2582EF9A11EDA4E50366C4F9AE02.roa
File: AD3B2582EF9A11EDA4E50366C4F9AE02.roa (raw, json)
Hash identifier: PYYCavuhAA+f/ueVXIOx+Y7Qa/9Rk10a4dCrxkGb3ko=
Subject key identifier: 17:94:D3:55:31:ED:FF:24:93:A9:C9:56:F5:6C:F0:FF:E1:4F:FD:41
Certificate issuer: /CN=A91798AD/serialNumber=7C1A0F48EA43231FA3343D592821EF29E8D2B31B
Certificate serial: 1BAF
Authority key identifier: 7C:1A:0F:48:EA:43:23:1F:A3:34:3D:59:28:21:EF:29:E8:D2:B3:1B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/AD3B2582EF9A11EDA4E50366C4F9AE02.roa
Signing time: Fri 30 Aug 2024 16:54:25 +0000
ROA not before: Fri 30 Aug 2024 16:54:25 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 4761
IP address blocks: 114.0.0.0/16 maxlen: 24
114.1.0.0/16 maxlen: 24
114.2.0.0/16 maxlen: 24
114.3.0.0/16 maxlen: 24
114.4.0.0/16 maxlen: 24
114.5.0.0/16 maxlen: 24
114.6.0.0/16 maxlen: 24
114.7.0.0/16 maxlen: 24
114.8.0.0/16 maxlen: 24
114.9.0.0/16 maxlen: 24
114.10.0.0/16 maxlen: 23
114.10.0.0/19 maxlen: 24
114.10.33.0/24 maxlen: 24
114.10.34.0/23 maxlen: 24
114.10.36.0/22 maxlen: 24
114.10.40.0/21 maxlen: 24
114.10.48.0/20 maxlen: 24
114.10.64.0/18 maxlen: 24
114.10.128.0/17 maxlen: 24
114.11.0.0/16 maxlen: 24
114.12.0.0/16 maxlen: 24
114.13.0.0/16 maxlen: 24
114.14.0.0/16 maxlen: 24
114.15.0.0/16 maxlen: 24
124.195.6.0/23 maxlen: 24
124.195.8.0/23 maxlen: 24
124.195.12.0/23 maxlen: 24
124.195.26.0/23 maxlen: 24
124.195.28.0/23 maxlen: 24
124.195.32.0/23 maxlen: 24
124.195.34.0/23 maxlen: 24
124.195.36.0/23 maxlen: 24
124.195.52.0/24 maxlen: 24
124.195.54.0/23 maxlen: 24
124.195.58.0/23 maxlen: 24
124.195.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.crl
rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 16:14:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7087 (0x1baf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91798AD/serialNumber=7C1A0F48EA43231FA3343D592821EF29E8D2B31B
Validity
Not Before: Aug 30 16:54:25 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d1f940-cd1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:00:f7:c6:7f:30:28:99:05:75:49:cd:fe:29:
fb:3d:31:e4:92:67:79:9c:af:79:d0:f5:00:ae:12:
d9:22:e3:85:50:7e:cf:e3:26:31:84:bc:44:cc:17:
33:60:27:ca:02:5a:8b:33:2d:90:6f:dd:c7:f9:32:
27:54:6a:34:d2:0b:d8:67:3e:65:a7:f0:d3:6e:7c:
eb:25:8e:20:2b:b1:98:d9:8f:51:68:da:78:b8:fa:
5c:43:46:df:9b:94:81:08:ab:b5:8f:b7:83:eb:4c:
08:e4:f9:8f:4c:ca:62:b6:bd:5a:b3:8f:94:c3:c5:
b2:82:39:e2:00:00:c2:77:9d:a9:50:87:02:82:4a:
28:96:33:42:fc:81:52:01:57:c3:81:73:2a:f5:ff:
18:a8:24:6e:0d:ea:42:1b:64:7b:38:c7:84:3d:27:
9f:95:89:eb:c0:a2:66:bc:c0:eb:f4:6b:95:05:e6:
72:65:9a:de:65:64:36:05:f4:5b:47:ad:f1:54:8b:
b6:da:50:73:a7:8b:9d:5a:b4:3f:38:1b:98:82:24:
b3:64:9c:4e:52:91:42:fd:ef:75:e5:e4:4a:27:6f:
5c:6a:b9:30:39:0b:67:57:c2:2a:0e:70:15:71:95:
48:4d:fd:dc:5d:bc:0c:26:77:36:ef:85:0f:8b:e0:
53:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:94:D3:55:31:ED:FF:24:93:A9:C9:56:F5:6C:F0:FF:E1:4F:FD:41
X509v3 Authority Key Identifier:
keyid:7C:1A:0F:48:EA:43:23:1F:A3:34:3D:59:28:21:EF:29:E8:D2:B3:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/fBoPSOpDIx-jND1ZKCHvKejSsxs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fBoPSOpDIx-jND1ZKCHvKejSsxs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91798AD/70EFB4ACFE2A11E68F2C5A13C4F9AE02/AD3B2582EF9A11EDA4E50366C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.0.0.0/12
124.195.6.0-124.195.9.255
124.195.12.0/23
124.195.26.0-124.195.29.255
124.195.32.0-124.195.37.255
124.195.52.0/24
124.195.54.0/23
124.195.58.0/23
124.195.124.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:99:ff:d8:34:8f:d0:b1:33:e1:d1:ac:fb:63:75:49:c0:7a:
9e:3a:0f:36:9d:d3:61:ba:df:f8:8c:49:6f:59:1d:83:66:2a:
b2:23:73:62:00:4c:1f:dc:97:6a:3a:2c:a4:8f:66:4c:a0:9b:
e9:44:52:2a:37:91:f2:04:aa:25:46:5e:db:89:de:f8:c9:83:
e3:11:e7:9d:ce:59:00:75:8e:7f:40:0d:a8:12:8e:75:e5:d0:
92:3a:2a:41:7f:17:12:da:df:95:d7:d8:c9:87:5c:30:53:49:
5a:2b:f9:2c:92:07:97:ba:1a:2a:68:bd:6a:3d:2d:59:78:62:
8a:bb:26:e1:77:02:c5:cd:03:55:1c:41:08:36:b2:32:df:78:
4c:3f:3d:76:d2:3b:7c:01:1c:92:be:39:d0:3a:d0:99:09:b6:
09:3d:41:6c:a4:3e:d5:eb:0b:a1:68:ab:76:23:07:ac:73:bf:
ab:fd:ff:ac:bc:fa:95:89:0a:aa:f0:ce:39:65:f5:e1:be:ce:
97:bd:6c:d4:f1:d5:f4:fd:0d:0a:e5:23:70:49:84:38:4d:dd:
06:ac:53:cd:66:81:48:e1:ed:c9:07:4b:36:ea:98:12:be:7a:
44:1d:f0:0c:b3:29:2d:a9:b4:8e:60:ab:a7:c2:82:bf:b9:9a:
fd:5b:f1:d6
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgICG68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Nzk4QUQxMTAvBgNVBAUTKDdDMUEwRjQ4RUE0MzIzMUZBMzM0M0Q1OTI4MjFFRjI5
RThEMkIzMUIwHhcNMjQwODMwMTY1NDI1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQxZjk0MC1jZDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArAD3xn8wKJkFdUnN/in7PTHkkmd5nK950PUArhLZIuOFUH7P4yYxhLxEzBcz
YCfKAlqLMy2Qb93H+TInVGo00gvYZz5lp/DTbnzrJY4gK7GY2Y9RaNp4uPpcQ0bf
m5SBCKu1j7eD60wI5PmPTMpitr1as4+Uw8WygjniAADCd52pUIcCgkooljNC/IFS
AVfDgXMq9f8YqCRuDepCG2R7OMeEPSeflYnrwKJmvMDr9GuVBeZyZZreZWQ2BfRb
R63xVIu22lBzp4udWrQ/OBuYgiSzZJxOUpFC/e915eRKJ29carkwOQtnV8IqDnAV
cZVITf3cXbwMJnc274UPi+BT9wIDAQABo4IC3DCCAtgwHQYDVR0OBBYEFBeU01Ux
7f8kk6nJVvVs8P/hT/1BMB8GA1UdIwQYMBaAFHwaD0jqQyMfozQ9WSgh7yno0rMb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OThBRC83MEVGQjRBQ0ZF
MkExMUU2OEYyQzVBMTNDNEY5QUUwMi9mQm9QU09wREl4LWpORDFaS0NIdktlalNz
eHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZCb1BTT3BESXgtak5EMVpLQ0h2S2VqU3N4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzk4QUQvNzBFRkI0QUNGRTJBMTFFNjhGMkM1QTEzQzRGOUFFMDIvQUQzQjI1ODJF
RjlBMTFFREE0RTUwMzY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZgYIKwYBBQUHAQcBAf8E
VzBVMFMEAgABME0DAwRyADAMAwQBfMMGAwQBfMMIAwQBfMMMMAwDBAF8wxoDBAF8
wxwwDAMEBXzDIAMEAXzDJAMEAHzDNAMEAXzDNgMEAXzDOgMEAXzDfDANBgkqhkiG
9w0BAQsFAAOCAQEAXpn/2DSP0LEz4dGs+2N1ScB6njoPNp3TYbrf+IxJb1kdg2Yq
siNzYgBMH9yXajospI9mTKCb6URSKjeR8gSqJUZe24ne+MmD4xHnnc5ZAHWOf0AN
qBKOdeXQkjoqQX8XEtrfldfYyYdcMFNJWiv5LJIHl7oaKmi9aj0tWXhiirsm4XcC
xc0DVRxBCDayMt94TD89dtI7fAEckr450DrQmQm2CT1BbKQ+1esLoWirdiMHrHO/
q/3/rLz6lYkKqvDOOWX14b7Ol71s1PHV9P0NCuUjcEmEOE3dBqxTzWaBSOHtyQdL
NuqYEr56RB3wDLMpLam0jmCrp8KCv7ma/Vvx1g==
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:05:21 2024 by rpki-client on console-ams.rpki-client.org