Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/1E7AFF46066811ED8098BF45C4F9AE02.roa
File: 1E7AFF46066811ED8098BF45C4F9AE02.roa (raw, json)
Hash identifier: XLYYPV2+GfUItb2XTPmy56mqwEEOcWm0XjBG4n+9Fbc=
Subject key identifier: 60:66:95:59:A7:53:5B:AD:ED:CF:15:5E:B0:92:55:0B:C4:6C:04:D3
Certificate issuer: /CN=A917E678/serialNumber=1E1238456371E744894622E98AC1EE55B4145E10
Certificate serial: 1481
Authority key identifier: 1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/1E7AFF46066811ED8098BF45C4F9AE02.roa
Signing time: Thu 07 Nov 2024 10:15:04 +0000
ROA not before: Thu 07 Nov 2024 10:15:04 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 136907
IP address blocks: 146.174.128.0/18 maxlen: 18
146.174.128.0/20 maxlen: 20
146.174.144.0/20 maxlen: 20
146.174.160.0/20 maxlen: 20
146.174.176.0/20 maxlen: 20
148.145.128.0/17 maxlen: 19
148.145.128.0/20 maxlen: 20
148.145.144.0/20 maxlen: 20
149.232.128.0/19 maxlen: 19
149.232.128.0/20 maxlen: 20
149.232.144.0/20 maxlen: 20
159.138.0.0/20 maxlen: 20
159.138.16.0/22 maxlen: 22
159.138.20.0/22 maxlen: 22
159.138.24.0/21 maxlen: 21
159.138.32.0/20 maxlen: 20
159.138.48.0/20 maxlen: 20
159.138.64.0/21 maxlen: 21
159.138.67.0/24 maxlen: 24
159.138.77.0/24 maxlen: 24
159.138.78.0/24 maxlen: 24
159.138.80.0/20 maxlen: 20
159.138.96.0/20 maxlen: 20
159.138.112.0/21 maxlen: 21
159.138.113.0/24 maxlen: 24
159.138.114.0/24 maxlen: 24
159.138.116.0/24 maxlen: 24
159.138.120.0/22 maxlen: 22
159.138.124.0/24 maxlen: 24
159.138.125.0/24 maxlen: 24
159.138.126.0/23 maxlen: 23
159.138.128.0/20 maxlen: 20
159.138.144.0/21 maxlen: 21
159.138.152.0/21 maxlen: 21
159.138.208.0/21 maxlen: 21
166.108.192.0/18 maxlen: 18
166.108.192.0/20 maxlen: 20
166.108.208.0/20 maxlen: 20
166.108.224.0/20 maxlen: 20
166.108.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl
rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 15:22:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5249 (0x1481)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E678/serialNumber=1E1238456371E744894622E98AC1EE55B4145E10
Validity
Not Before: Nov 7 10:15:04 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=672c9328-7345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:20:18:5a:02:40:8e:b2:65:e9:42:96:5e:cb:
f3:5a:b8:0a:45:76:15:a2:82:68:48:a9:fd:4d:0d:
09:b4:8c:26:1c:72:44:50:1d:df:e0:d6:db:26:48:
84:e8:db:9c:de:03:ea:ff:c8:08:69:ee:77:03:ce:
ce:3b:9d:fc:ba:45:6d:34:b9:68:de:2c:2c:89:80:
ed:8f:47:69:cd:54:36:09:a1:1e:bf:6f:90:fb:a9:
06:cd:69:6d:b0:e4:65:46:15:0d:3e:9a:b3:68:0f:
ec:8f:f7:8c:c0:3d:42:d5:a5:fa:5f:9c:12:54:c6:
70:37:b3:ee:53:28:27:a6:c8:f3:c1:bd:ee:5c:97:
6a:96:05:cf:fd:22:52:89:61:b2:cb:f9:ac:a2:19:
b7:ff:b3:8d:13:10:72:b1:a6:e2:dc:a3:91:1c:61:
88:ba:60:f5:c5:84:b6:40:a4:d9:f4:d2:fd:01:ac:
4d:de:ec:1d:de:b0:25:09:63:fd:a4:70:a0:f7:57:
c3:29:7d:46:92:7a:f1:66:2a:22:43:66:c5:31:e8:
f9:f9:ea:35:cd:ec:02:3d:39:10:73:6a:d8:d7:c8:
da:a4:c6:d0:d6:9e:54:4e:14:5a:96:68:19:91:2b:
5f:6a:27:77:d3:4b:ee:84:f9:6d:92:a7:1d:86:d2:
38:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:66:95:59:A7:53:5B:AD:ED:CF:15:5E:B0:92:55:0B:C4:6C:04:D3
X509v3 Authority Key Identifier:
keyid:1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/1E7AFF46066811ED8098BF45C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
146.174.128.0/18
148.145.128.0/17
149.232.128.0/19
159.138.0.0-159.138.71.255
159.138.77.0-159.138.78.255
159.138.80.0-159.138.159.255
159.138.208.0/21
166.108.192.0/18
Signature Algorithm: sha256WithRSAEncryption
be:bf:34:8c:51:f1:44:b6:d3:32:fa:cb:82:3d:68:97:bf:4f:
19:13:7a:7c:4e:b7:0f:40:6e:04:e9:8c:a8:c0:3c:f4:b0:e7:
aa:b8:ae:e1:4d:c6:0e:f6:ea:b6:6d:c6:df:2d:9c:72:16:0a:
99:1b:1d:5d:58:7f:81:34:bc:a9:73:e0:92:1b:a2:fe:10:b2:
69:ac:7e:79:7f:3f:d9:f4:dc:ff:ba:f5:b4:71:a3:26:8b:3d:
ce:db:ae:eb:30:b3:70:4f:6f:73:d2:e4:e3:a5:4f:6c:38:1b:
a7:5a:9b:c9:c2:fe:ee:f5:e5:5f:de:4d:28:80:fc:9d:c0:cc:
63:40:0b:2b:c1:50:f9:56:fd:c2:1b:4d:50:4c:00:94:92:4d:
35:52:8f:00:08:59:6c:2b:4d:6e:a9:e3:5e:52:3e:30:69:e7:
cc:ca:fc:5f:e7:93:28:0d:21:0a:c7:29:c7:67:75:fa:b5:c8:
81:46:dc:a7:d7:dd:8b:a0:42:e6:4d:20:01:75:54:dc:b8:8f:
ec:e9:1c:f5:6f:da:e9:e0:41:39:d6:60:7d:2b:31:da:76:b3:
22:04:3b:7d:b7:2f:5a:53:ea:db:92:2e:38:46:eb:60:7a:aa:
72:a8:1b:5c:6f:36:56:06:03:be:d9:7b:f4:14:02:5a:62:ae:
67:ec:2f:25
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgICFIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U2NzgxMTAvBgNVBAUTKDFFMTIzODQ1NjM3MUU3NDQ4OTQ2MjJFOThBQzFFRTU1
QjQxNDVFMTAwHhcNMjQxMTA3MTAxNTA0WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJjOTMyOC03MzQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoSAYWgJAjrJl6UKWXsvzWrgKRXYVooJoSKn9TQ0JtIwmHHJEUB3f4NbbJkiE
6Nuc3gPq/8gIae53A87OO538ukVtNLlo3iwsiYDtj0dpzVQ2CaEev2+Q+6kGzWlt
sORlRhUNPpqzaA/sj/eMwD1C1aX6X5wSVMZwN7PuUygnpsjzwb3uXJdqlgXP/SJS
iWGyy/msohm3/7ONExBysabi3KORHGGIumD1xYS2QKTZ9NL9AaxN3uwd3rAlCWP9
pHCg91fDKX1GknrxZioiQ2bFMej5+eo1zewCPTkQc2rY18japMbQ1p5UThRalmgZ
kStfaid300vuhPltkqcdhtI4DQIDAQABo4IC1jCCAtIwHQYDVR0OBBYEFGBmlVmn
U1ut7c8VXrCSVQvEbATTMB8GA1UdIwQYMBaAFB4SOEVjcedEiUYi6YrB7lW0FF4Q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC82OTdFMzU2QTY5
NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9IaEk0UldOeDUwU0pSaUxwaXNIdVZiUVVY
aEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0hoSTRSV054NTBTSlJpTHBpc0h1VmJRVVhoQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U2NzgvNjk3RTM1NkE2OTU3MTFFOEE0MkJFNjgwQzRGOUFFMDIvMUU3QUZGNDYw
NjY4MTFFRDgwOThCRjQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYAYIKwYBBQUHAQcBAf8E
UTBPME0EAgABMEcDBAaSroADBAeUkYADBAWV6IAwCwMDAZ+KAwQDn4pAMAwDBACf
ik0DBACfik4wDAMEBJ+KUAMEBZ+KgAMEA5+K0AMEBqZswDANBgkqhkiG9w0BAQsF
AAOCAQEAvr80jFHxRLbTMvrLgj1ol79PGRN6fE63D0BuBOmMqMA89LDnqriu4U3G
Dvbqtm3G3y2cchYKmRsdXVh/gTS8qXPgkhui/hCyaax+eX8/2fTc/7r1tHGjJos9
ztuu6zCzcE9vc9Lk46VPbDgbp1qbycL+7vXlX95NKID8ncDMY0ALK8FQ+Vb9whtN
UEwAlJJNNVKPAAhZbCtNbqnjXlI+MGnnzMr8X+eTKA0hCscpx2d1+rXIgUbcp9fd
i6BC5k0gAXVU3LiP7Okc9W/a6eBBOdZgfSsx2nazIgQ7fbcvWlPq25IuOEbrYHqq
cqgbXG82VgYDvtl79BQCWmKuZ+wvJQ==
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:05:21 2024 by rpki-client on console-ams.rpki-client.org