Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
File: FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa (raw, json)
Hash identifier: ReJQ8HIC2R5yBSJTVm0slRiqIXMJhZgkUgweOwx/T4w=
Subject key identifier: 13:6F:3D:39:D2:E3:03:07:E6:EA:93:46:25:79:1E:E6:82:82:EF:8F
Certificate issuer: /CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Certificate serial: 056A
Authority key identifier: B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
Signing time: Thu 21 Dec 2023 08:18:00 +0000
ROA not before: Thu 21 Dec 2023 08:18:00 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 45820
IP address blocks: 14.96.8.0/21 maxlen: 24
14.97.0.0/21 maxlen: 24
14.97.8.0/21 maxlen: 24
14.97.16.0/21 maxlen: 24
14.97.24.0/21 maxlen: 24
14.97.32.0/21 maxlen: 24
14.97.40.0/21 maxlen: 24
14.97.48.0/21 maxlen: 24
14.97.56.0/21 maxlen: 24
14.97.64.0/21 maxlen: 24
14.97.72.0/21 maxlen: 24
14.97.80.0/21 maxlen: 24
14.97.88.0/21 maxlen: 24
14.97.96.0/21 maxlen: 24
14.97.104.0/21 maxlen: 24
14.97.112.0/21 maxlen: 24
14.97.120.0/21 maxlen: 24
14.97.128.0/21 maxlen: 24
14.97.136.0/21 maxlen: 24
14.97.144.0/21 maxlen: 24
14.97.152.0/21 maxlen: 24
14.97.160.0/21 maxlen: 24
14.97.168.0/21 maxlen: 24
14.97.176.0/21 maxlen: 24
14.97.184.0/21 maxlen: 24
14.97.192.0/21 maxlen: 24
14.97.200.0/21 maxlen: 24
14.97.208.0/21 maxlen: 24
14.97.216.0/21 maxlen: 24
14.97.224.0/21 maxlen: 24
14.97.240.0/21 maxlen: 24
14.97.248.0/21 maxlen: 24
14.99.0.0/21 maxlen: 24
14.99.8.0/21 maxlen: 24
14.99.16.0/21 maxlen: 24
14.99.24.0/21 maxlen: 24
14.99.32.0/20 maxlen: 24
14.99.48.0/21 maxlen: 24
14.99.56.0/21 maxlen: 24
14.99.64.0/21 maxlen: 24
14.99.72.0/21 maxlen: 24
14.99.80.0/21 maxlen: 24
14.99.88.0/21 maxlen: 24
14.99.96.0/20 maxlen: 24
14.99.112.0/21 maxlen: 24
14.99.120.0/21 maxlen: 24
14.99.128.0/21 maxlen: 24
14.99.136.0/21 maxlen: 24
14.99.144.0/21 maxlen: 24
14.99.152.0/21 maxlen: 24
14.99.160.0/21 maxlen: 24
14.99.168.0/21 maxlen: 24
14.99.176.0/21 maxlen: 24
14.99.184.0/21 maxlen: 24
14.99.192.0/21 maxlen: 24
14.99.200.0/21 maxlen: 24
14.99.208.0/21 maxlen: 24
14.99.216.0/21 maxlen: 24
14.99.224.0/21 maxlen: 24
14.99.232.0/21 maxlen: 24
14.99.240.0/21 maxlen: 24
14.99.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl
rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 10 Jun 2024 01:10:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1386 (0x56a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917DEA4/serialNumber=B4D6FFD5DFF9EAC413AB4408E09637B09494DBC8
Validity
Not Before: Dec 21 08:18:00 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=6583f4b8-8987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:18:78:e8:1b:33:e8:09:9d:79:4f:71:33:48:
15:eb:e7:94:95:59:5c:75:d6:23:83:b9:4e:4c:5a:
fc:26:7c:8c:54:a5:40:43:0c:4c:a2:b3:ae:e9:27:
48:18:83:ef:fb:3f:0a:01:95:d0:80:19:11:81:4c:
59:1a:eb:de:4b:61:52:99:c5:68:ef:a5:e1:fd:a9:
b7:1b:8b:36:b3:25:1e:33:5c:59:62:62:bd:2d:ce:
43:4e:b9:0f:87:ce:cd:73:d5:b3:d6:7c:d8:29:b0:
e0:fd:47:15:eb:7b:f8:34:49:f7:4a:26:ee:bc:df:
40:a4:83:ba:83:68:dc:d8:a9:71:ec:f8:9f:bf:ea:
da:50:11:9e:83:e1:5f:69:e7:67:1c:20:44:fa:98:
ac:31:75:61:71:36:b1:57:1c:41:5a:5d:e9:ff:1f:
d8:16:13:a9:09:6d:bb:60:68:12:9c:4b:d0:40:fc:
06:69:a3:66:f1:08:20:9b:b2:2c:ad:79:8a:62:e3:
a9:8b:66:11:47:45:e2:ef:f9:0c:08:33:5c:aa:6c:
a0:58:57:ee:00:45:49:5e:38:ec:0f:63:84:68:1a:
0a:6d:86:1d:ae:b6:cf:0e:87:65:8d:00:29:e8:ab:
eb:3e:ba:51:5b:a3:ad:33:4a:69:86:a1:1a:e2:13:
19:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:6F:3D:39:D2:E3:03:07:E6:EA:93:46:25:79:1E:E6:82:82:EF:8F
X509v3 Authority Key Identifier:
keyid:B4:D6:FF:D5:DF:F9:EA:C4:13:AB:44:08:E0:96:37:B0:94:94:DB:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/tNb_1d_56sQTq0QI4JY3sJSU28g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tNb_1d_56sQTq0QI4JY3sJSU28g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DEA4/A2426B60982911EBB7882081C4F9AE02/FFFBCAEE9A9511EBB49D7E1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.96.8.0/21
14.97.0.0-14.97.231.255
14.97.240.0/20
14.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:8a:86:e4:a7:af:36:e2:46:a6:30:27:c8:d7:1a:d9:7a:69:
8e:62:e1:05:ca:d7:9a:db:6e:a3:c5:68:7a:79:6e:a9:e7:f8:
de:24:4a:7b:0f:67:36:2b:54:ac:3e:51:5c:95:52:f1:6c:39:
9d:db:05:93:ff:c9:7b:27:25:e2:08:9f:09:00:58:ff:de:28:
6d:9e:70:45:77:a0:0d:1d:c8:3a:09:8f:c0:24:aa:63:a7:27:
ca:23:32:e3:2b:28:5c:fa:bb:fa:be:81:9a:ae:d6:30:ed:91:
1b:94:57:17:91:bb:08:64:84:4c:71:14:0b:6b:27:2d:47:fe:
9e:18:07:dc:e5:0f:5d:f4:9c:6b:bb:bd:c2:2a:3c:04:8d:ec:
95:ad:9b:72:93:a9:de:0e:9e:38:50:d9:c5:f3:83:9f:8f:b5:
82:91:18:9f:b3:65:70:a7:da:bb:87:ab:09:3d:73:be:7e:bc:
bc:ba:1f:5f:c3:c6:54:35:fe:c9:55:f0:dd:fd:1c:b3:f6:09:
86:15:8f:5e:26:57:08:56:fe:94:f6:39:c7:25:07:38:7e:e7:
b2:8a:30:70:6e:53:59:56:d1:4c:2e:71:da:1f:a9:3e:bd:40:
6d:ff:ea:79:08:8f:85:11:ff:b1:49:61:fc:91:8a:6f:9c:01:
40:f4:21:8b
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBWowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0RFQTQxMTAvBgNVBAUTKEI0RDZGRkQ1REZGOUVBQzQxM0FCNDQwOEUwOTYzN0Iw
OTQ5NERCQzgwHhcNMjMxMjIxMDgxODAwWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgzZjRiOC04OTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwBh46Bsz6AmdeU9xM0gV6+eUlVlcddYjg7lOTFr8JnyMVKVAQwxMorOu6SdI
GIPv+z8KAZXQgBkRgUxZGuveS2FSmcVo76Xh/am3G4s2syUeM1xZYmK9Lc5DTrkP
h87Nc9Wz1nzYKbDg/UcV63v4NEn3SibuvN9ApIO6g2jc2Klx7Pifv+raUBGeg+Ff
aednHCBE+pisMXVhcTaxVxxBWl3p/x/YFhOpCW27YGgSnEvQQPwGaaNm8Qggm7Is
rXmKYuOpi2YRR0Xi7/kMCDNcqmygWFfuAEVJXjjsD2OEaBoKbYYdrrbPDodljQAp
6KvrPrpRW6OtM0pphqEa4hMZywIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFBNvPTnS
4wMH5uqTRiV5HuaCgu+PMB8GA1UdIwQYMBaAFLTW/9Xf+erEE6tECOCWN7CUlNvI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REVBNC9BMjQyNkI2MDk4
MjkxMUVCQjc4ODIwODFDNEY5QUUwMi90TmJfMWRfNTZzUVRxMFFJNEpZM3NKU1Uy
OGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ROYl8xZF81NnNRVHEwUUk0Slkzc0pTVTI4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0RFQTQvQTI0MjZCNjA5ODI5MTFFQkI3ODgyMDgxQzRGOUFFMDIvRkZGQkNBRUU5
QTk1MTFFQkI0OUQ3RTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAMOYAgwCwMDAA5hAwQDDmHgAwQEDmHwAwMADmMwDQYJKoZI
hvcNAQELBQADggEBABuKhuSnrzbiRqYwJ8jXGtl6aY5i4QXK15rbbqPFaHp5bqnn
+N4kSnsPZzYrVKw+UVyVUvFsOZ3bBZP/yXsnJeIInwkAWP/eKG2ecEV3oA0dyDoJ
j8AkqmOnJ8ojMuMrKFz6u/q+gZqu1jDtkRuUVxeRuwhkhExxFAtrJy1H/p4YB9zl
D130nGu7vcIqPASN7JWtm3KTqd4OnjhQ2cXzg5+PtYKRGJ+zZXCn2ruHqwk9c75+
vLy6H1/DxlQ1/slV8N39HLP2CYYVj14mVwhW/pT2OcclBzh+57KKMHBuU1lW0Uwu
cdofqT69QG3/6nkIj4UR/7FJYfyRim+cAUD0IYs=
-----END CERTIFICATE-----
Generated at Mon Jun 3 02:23:44 2024 by rpki-client on console-fra.rpki-client.org