Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/CFAE1776E7C811ECA2BF6554C4F9AE02.roa
File: CFAE1776E7C811ECA2BF6554C4F9AE02.roa (raw, json)
Hash identifier: 2XNlLmhfpHOgeQQ7/CkKeaV/zne5jknB5M+tJSyRedo=
Subject key identifier: E7:10:39:99:A1:C3:F0:FF:AA:B0:B5:76:DF:31:57:61:E0:47:3D:53
Certificate issuer: /CN=A9182CFC/serialNumber=8027E0EF54D00B61F7136F09719BFCF4C4533405
Certificate serial: 3452
Authority key identifier: 80:27:E0:EF:54:D0:0B:61:F7:13:6F:09:71:9B:FC:F4:C4:53:34:05
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/CFAE1776E7C811ECA2BF6554C4F9AE02.roa
Signing time: Thu 21 Nov 2024 08:56:54 +0000
ROA not before: Thu 21 Nov 2024 08:56:54 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 9892
IP address blocks: 114.129.32.0/22 maxlen: 22
114.129.33.0/24 maxlen: 24
114.129.36.0/22 maxlen: 22
114.129.36.0/24 maxlen: 24
114.129.38.0/24 maxlen: 24
114.129.40.0/23 maxlen: 23
114.129.41.0/24 maxlen: 24
114.129.45.0/24 maxlen: 24
114.129.46.0/24 maxlen: 24
114.129.47.0/24 maxlen: 24
123.100.235.0/24 maxlen: 24
123.100.236.0/22 maxlen: 22
123.100.236.0/24 maxlen: 24
123.100.238.0/23 maxlen: 23
123.100.240.0/22 maxlen: 22
123.100.241.0/24 maxlen: 24
123.100.244.0/23 maxlen: 23
123.100.244.0/24 maxlen: 24
123.100.245.0/24 maxlen: 24
123.100.248.0/21 maxlen: 21
123.100.251.0/24 maxlen: 24
123.100.252.0/24 maxlen: 24
202.157.128.0/19 maxlen: 19
202.157.128.0/21 maxlen: 21
202.157.136.0/22 maxlen: 22
202.157.142.0/23 maxlen: 23
202.157.148.0/24 maxlen: 24
202.157.152.0/24 maxlen: 24
202.157.160.0/20 maxlen: 20
202.157.160.0/21 maxlen: 21
202.157.168.0/21 maxlen: 21
202.160.120.0/24 maxlen: 24
202.160.121.0/24 maxlen: 24
202.160.122.0/24 maxlen: 24
202.160.123.0/24 maxlen: 24
203.83.250.0/24 maxlen: 24
203.142.16.0/21 maxlen: 21
203.142.24.0/23 maxlen: 23
203.142.27.0/24 maxlen: 24
203.169.6.0/24 maxlen: 24
203.169.7.0/24 maxlen: 24
2404:4800::/48 maxlen: 48
2404:4800:1::/48 maxlen: 48
2404:4800:2::/48 maxlen: 48
2404:4800:3::/48 maxlen: 48
2404:4800:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/gCfg71TQC2H3E28JcZv89MRTNAU.crl
rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/gCfg71TQC2H3E28JcZv89MRTNAU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:27:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13394 (0x3452)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9182CFC/serialNumber=8027E0EF54D00B61F7136F09719BFCF4C4533405
Validity
Not Before: Nov 21 08:56:54 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=673ef5d6-5d77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:33:99:99:de:6d:7f:e7:53:90:1a:e5:34:00:
a0:3e:d4:18:1c:45:23:b3:a8:56:57:71:1b:71:d8:
4f:91:21:8f:47:14:23:30:e6:46:12:64:b0:31:a6:
4d:b4:14:ea:1f:af:4f:80:0f:2b:2d:84:ef:4e:4a:
f7:0e:e9:b2:72:6d:86:fa:57:0e:fb:6b:d5:4f:5b:
f3:23:5f:1f:6b:12:d6:09:d2:a1:a6:23:e0:26:2e:
31:40:02:8e:07:e4:a5:1a:4f:da:74:ed:7c:98:b7:
87:15:c6:d9:27:82:24:ff:f1:b6:a4:73:8d:41:fa:
cb:1b:b5:2e:9e:8b:ff:02:38:2f:bd:25:9c:68:a8:
aa:1c:59:31:10:9a:ec:6c:57:e4:20:57:60:18:70:
01:af:75:a9:b8:7e:67:db:af:10:cf:7b:69:a5:c6:
bb:14:5d:6f:37:7e:86:70:ca:c0:5e:93:84:9c:3e:
01:84:1a:21:2b:d7:db:3e:29:a8:25:22:3d:79:da:
d4:19:55:04:2c:97:26:9b:a6:24:0d:1b:d8:19:89:
78:ef:bb:7d:d1:cb:13:17:26:b1:a6:e9:e9:16:32:
43:9b:97:a0:79:85:6a:16:5e:0a:36:13:13:fa:db:
15:fc:9c:ed:bf:fb:a4:0b:10:0c:13:01:2e:da:7e:
d4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:10:39:99:A1:C3:F0:FF:AA:B0:B5:76:DF:31:57:61:E0:47:3D:53
X509v3 Authority Key Identifier:
keyid:80:27:E0:EF:54:D0:0B:61:F7:13:6F:09:71:9B:FC:F4:C4:53:34:05
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/gCfg71TQC2H3E28JcZv89MRTNAU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gCfg71TQC2H3E28JcZv89MRTNAU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9182CFC/BF84B5741D8611E2A76344DE08B02CD2/CFAE1776E7C811ECA2BF6554C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
114.129.32.0-114.129.41.255
114.129.45.0-114.129.47.255
123.100.235.0-123.100.245.255
123.100.248.0/21
202.157.128.0-202.157.175.255
202.160.120.0/22
203.83.250.0/24
203.142.16.0-203.142.25.255
203.142.27.0/24
203.169.6.0/23
IPv6:
2404:4800::/46
2404:4800:20::/48
Signature Algorithm: sha256WithRSAEncryption
3b:ac:39:38:cf:45:53:4a:d0:01:d2:6b:ae:e3:38:0e:d0:29:
cc:17:9d:12:4e:6e:69:05:af:d5:d0:78:b8:8a:92:58:7c:c7:
d2:a0:c6:c2:37:3e:96:43:3a:7f:59:4a:35:07:ff:e9:2c:23:
b4:da:78:52:46:68:0d:60:70:34:3c:6a:a7:c3:b7:ab:45:f5:
fd:21:bc:63:2b:9a:bb:b1:da:89:92:91:cc:a4:ad:85:27:10:
0c:d0:d8:bd:34:c8:08:75:2f:75:8c:7e:96:29:39:b8:b1:b9:
93:91:12:d1:8c:8d:a7:d0:29:ec:fb:02:40:fb:b2:47:e5:a5:
92:a0:24:b2:c3:cc:b9:a9:37:dc:a5:1c:15:81:36:b9:79:b0:
0b:08:20:06:d2:6c:86:fe:d0:a5:95:f2:37:ff:40:45:a7:13:
91:6d:94:3b:bb:30:0e:cd:0a:48:79:27:8a:d4:ad:71:30:95:
5a:c5:60:54:15:b0:b4:e0:cd:5f:eb:84:bf:72:9b:db:e1:c4:
9e:e0:73:e0:e0:5c:f3:53:38:57:a4:e9:7d:f5:cb:75:c5:4d:
76:80:0d:98:e3:51:88:a3:ab:26:94:01:94:4f:d6:8a:8e:40:
a4:f2:00:bb:5e:85:8a:8f:85:65:f2:56:6c:90:66:76:69:ec:
7c:ef:28:9f
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgICNFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODJDRkMxMTAvBgNVBAUTKDgwMjdFMEVGNTREMDBCNjFGNzEzNkYwOTcxOUJGQ0Y0
QzQ1MzM0MDUwHhcNMjQxMTIxMDg1NjU0WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNlZjVkNi01ZDc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0DOZmd5tf+dTkBrlNACgPtQYHEUjs6hWV3EbcdhPkSGPRxQjMOZGEmSwMaZN
tBTqH69PgA8rLYTvTkr3Dumycm2G+lcO+2vVT1vzI18faxLWCdKhpiPgJi4xQAKO
B+SlGk/adO18mLeHFcbZJ4Ik//G2pHONQfrLG7Uunov/AjgvvSWcaKiqHFkxEJrs
bFfkIFdgGHABr3WpuH5n268Qz3tppca7FF1vN36GcMrAXpOEnD4BhBohK9fbPimo
JSI9edrUGVUELJcmm6YkDRvYGYl477t90csTFyaxpunpFjJDm5egeYVqFl4KNhMT
+tsV/Jztv/ukCxAMEwEu2n7UowIDAQABo4IDEDCCAwwwHQYDVR0OBBYEFOcQOZmh
w/D/qrC1dt8xV2HgRz1TMB8GA1UdIwQYMBaAFIAn4O9U0Ath9xNvCXGb/PTEUzQF
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MkNGQy9CRjg0QjU3NDFE
ODYxMUUyQTc2MzQ0REUwOEIwMkNEMi9nQ2ZnNzFUUUMySDNFMjhKY1p2ODlNUlRO
QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dDZmc3MVRRQzJIM0UyOEpjWnY4OU1SVE5BVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODJDRkMvQkY4NEI1NzQxRDg2MTFFMkE3NjM0NERFMDhCMDJDRDIvQ0ZBRTE3NzZF
N0M4MTFFQ0EyQkY2NTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZkGCCsGAQUFBwEHAQH/
BIGJMIGGMGoEAgABMGQwDAMEBXKBIAMEAXKBKDAMAwQAcoEtAwQEcoEgMAwDBAB7
ZOsDBAF7ZPQDBAN7ZPgwDAMEB8qdgAMEBMqdoAMEAsqgeAMEAMtT+jAMAwQEy44Q
AwQBy44YAwQAy44bAwQBy6kGMBgEAgACMBIDBwIkBEgAAAADBwAkBEgAACAwDQYJ
KoZIhvcNAQELBQADggEBADusOTjPRVNK0AHSa67jOA7QKcwXnRJObmkFr9XQeLiK
klh8x9KgxsI3PpZDOn9ZSjUH/+ksI7TaeFJGaA1gcDQ8aqfDt6tF9f0hvGMrmrux
2omSkcykrYUnEAzQ2L00yAh1L3WMfpYpObixuZOREtGMjafQKez7AkD7skflpZKg
JLLDzLmpN9ylHBWBNrl5sAsIIAbSbIb+0KWV8jf/QEWnE5FtlDu7MA7NCkh5J4rU
rXEwlVrFYFQVsLTgzV/rhL9ym9vhxJ7gc+DgXPNTOFek6X31y3XFTXaADZjjUYij
qyaUAZRP1oqOQKTyALtehYqPhWXyVmyQZnZp7HzvKJ8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:49:22 2024 by rpki-client on console-ams.rpki-client.org