Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/B04675FC959711EA9F290A33C4F9AE02.roa
File: B04675FC959711EA9F290A33C4F9AE02.roa (raw, json)
Hash identifier: uYFRc83EBaJfN2GivSwIY06UqczGnSbs78PJfa9CAEA=
Subject key identifier: B0:AD:59:21:6C:75:37:91:4D:84:50:E8:BF:D5:77:AA:A6:5D:0A:50
Certificate issuer: /CN=A918495F/serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD
Certificate serial: 1717
Authority key identifier: 90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/B04675FC959711EA9F290A33C4F9AE02.roa
Signing time: Thu 20 Jun 2024 17:26:39 +0000
ROA not before: Thu 20 Jun 2024 17:26:39 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 4515
IP address blocks: 42.3.226.0/24 maxlen: 24
58.152.0.0/21 maxlen: 21
203.198.40.0/23 maxlen: 23
203.198.42.0/23 maxlen: 23
203.198.44.0/23 maxlen: 23
203.198.46.0/23 maxlen: 23
203.198.48.0/21 maxlen: 21
203.198.56.0/21 maxlen: 21
203.198.64.0/24 maxlen: 24
203.198.65.0/24 maxlen: 24
203.198.66.0/23 maxlen: 23
203.198.68.0/23 maxlen: 23
203.198.70.0/23 maxlen: 23
203.198.72.0/22 maxlen: 22
203.198.76.0/22 maxlen: 22
203.198.152.0/22 maxlen: 22
203.198.156.0/22 maxlen: 22
203.198.160.0/21 maxlen: 21
203.198.168.0/21 maxlen: 21
203.198.176.0/22 maxlen: 22
203.198.180.0/22 maxlen: 22
203.198.180.0/24 maxlen: 24
203.198.184.0/22 maxlen: 22
203.198.185.0/24 maxlen: 24
203.198.188.0/22 maxlen: 22
203.198.192.0/22 maxlen: 22
203.198.196.0/22 maxlen: 22
203.198.196.0/24 maxlen: 24
203.198.200.0/22 maxlen: 22
203.198.204.0/23 maxlen: 23
203.198.204.0/24 maxlen: 24
203.198.206.0/23 maxlen: 23
203.198.208.0/21 maxlen: 21
203.198.216.0/21 maxlen: 21
203.198.236.0/22 maxlen: 22
218.103.0.0/19 maxlen: 19
218.103.40.0/22 maxlen: 22
218.103.44.0/22 maxlen: 22
218.103.48.0/21 maxlen: 21
218.103.56.0/23 maxlen: 23
218.103.58.0/23 maxlen: 23
218.103.60.0/22 maxlen: 22
218.103.64.0/22 maxlen: 22
218.103.68.0/22 maxlen: 22
218.103.72.0/22 maxlen: 22
218.103.76.0/22 maxlen: 22
218.103.80.0/20 maxlen: 20
218.103.96.0/20 maxlen: 20
219.76.192.0/19 maxlen: 19
219.76.220.0/22 maxlen: 22
219.76.224.0/20 maxlen: 20
220.246.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5911 (0x1717)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918495F
Validity
Not Before: Jun 20 17:26:39 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6674664f-0175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a8:b4:b5:4a:6b:43:39:6c:9b:2f:ad:09:93:
29:cc:20:49:44:94:a8:0c:80:c4:58:44:45:c9:ea:
06:68:33:f4:8b:bd:9f:49:45:ca:a3:58:0a:3b:04:
81:3d:64:44:de:3d:b8:e5:47:22:4e:a2:0a:a4:e8:
a3:1f:9d:27:14:cc:75:d1:91:18:c5:8f:bb:7c:03:
9f:5b:f4:ef:5d:59:39:6a:bd:aa:31:fd:25:fc:14:
68:f1:ad:1a:41:94:6e:25:fe:63:97:61:85:50:30:
ea:83:0d:e4:01:b2:68:38:b9:88:18:27:20:5a:5a:
07:f6:ad:c2:97:36:3a:1a:8c:63:8b:6c:0c:26:dd:
65:a1:86:5f:cd:7f:20:3e:44:a4:13:12:c0:a9:cb:
5b:38:b8:69:36:1b:f9:b9:5f:15:49:34:13:4a:48:
83:c8:2b:fd:67:48:99:68:e7:a8:dd:f0:02:d4:e4:
c6:1f:af:82:92:83:5b:b8:ff:66:23:a5:9e:a2:18:
95:03:b0:cc:f1:2a:08:6c:83:46:67:8f:49:0c:4e:
b7:84:dd:6b:98:9c:a2:e4:65:6b:77:8e:2b:21:f2:
77:52:24:75:70:f0:a4:72:6f:c8:52:e3:79:f3:1c:
4d:19:97:a4:67:de:e1:e8:c7:59:d2:c7:65:54:50:
a3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AD:59:21:6C:75:37:91:4D:84:50:E8:BF:D5:77:AA:A6:5D:0A:50
X509v3 Authority Key Identifier:
keyid:90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/B04675FC959711EA9F290A33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.3.226.0/24
58.152.0.0/21
203.198.40.0-203.198.79.255
203.198.152.0-203.198.223.255
203.198.236.0/22
218.103.0.0/19
218.103.40.0-218.103.111.255
219.76.192.0-219.76.239.255
220.246.0.0/19
Signature Algorithm: sha256WithRSAEncryption
c2:a0:89:01:c0:43:9f:21:8d:56:f7:61:5b:ee:18:f9:2a:e6:
1e:7a:36:80:1e:c3:e9:8d:74:d1:56:46:fd:96:c5:92:b9:7b:
fc:40:82:89:09:5a:42:24:3d:76:b5:56:2e:4a:30:31:c8:16:
92:2e:ad:a5:9e:30:b1:a6:3b:56:52:2c:6d:2a:04:8d:30:60:
28:55:df:0b:c9:c9:9e:ea:c8:4d:b9:4e:9d:5a:52:2e:70:04:
41:a3:5c:dd:e3:f7:34:8b:f9:ce:d1:97:7a:72:b6:1b:df:53:
fa:b0:4d:cc:32:72:46:92:9d:e2:8b:bd:cf:03:7d:58:81:11:
d0:ad:03:36:c6:6c:6b:d3:46:35:a9:fd:e8:67:d5:e6:0a:c9:
0e:4e:68:52:1a:53:9a:56:66:2d:e7:18:d9:f4:10:6c:8e:66:
d3:24:c9:86:3d:80:de:ce:9c:16:7c:ad:b4:0a:f5:d4:27:10:
f1:87:14:6a:5d:61:be:15:f3:32:27:1e:0b:9f:fb:39:b2:da:
3d:da:a5:69:5c:a1:41:5c:90:0b:00:7c:b1:3e:13:fe:39:90:
0a:0a:91:a0:69:01:49:ef:58:a3:fc:4d:a3:1d:b7:8e:4e:d5:
fe:b7:1f:b7:e2:69:d5:8f:8a:47:51:8b:32:b8:c1:a7:a8:c0:
ff:cf:98:d8
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgICFxcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ5NUYxMTAvBgNVBAUTKDkwQzIyRjczOTM4NTBFOEVDRjZCNUYxRTMyMEQwN0Iy
RDFBQ0Q4RkQwHhcNMjQwNjIwMTcyNjM5WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njc0NjY0Zi0wMTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsai0tUprQzlsmy+tCZMpzCBJRJSoDIDEWERFyeoGaDP0i72fSUXKo1gKOwSB
PWRE3j245UciTqIKpOijH50nFMx10ZEYxY+7fAOfW/TvXVk5ar2qMf0l/BRo8a0a
QZRuJf5jl2GFUDDqgw3kAbJoOLmIGCcgWloH9q3ClzY6Goxji2wMJt1loYZfzX8g
PkSkExLAqctbOLhpNhv5uV8VSTQTSkiDyCv9Z0iZaOeo3fAC1OTGH6+CkoNbuP9m
I6WeohiVA7DM8SoIbINGZ49JDE63hN1rmJyi5GVrd44rIfJ3UiR1cPCkcm/IUuN5
8xxNGZekZ97h6MdZ0sdlVFCjYwIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFLCtWSFs
dTeRTYRQ6L/Vd6qmXQpQMB8GA1UdIwQYMBaAFJDCL3OThQ6Oz2tfHjINB7LRrNj9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDk1Ri84NDhDODU3Q0RG
RUMxMUU3QTI3QTIyMTNDNEY5QUUwMi9rTUl2YzVPRkRvN1BhMThlTWcwSHN0R3My
UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tNSXZjNU9GRG83UGExOGVNZzBIc3RHczJQMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ5NUYvODQ4Qzg1N0NERkVDMTFFN0EyN0EyMjEzQzRGOUFFMDIvQjA0Njc1RkM5
NTk3MTFFQTlGMjkwQTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbwYIKwYBBQUHAQcBAf8E
YDBeMFwEAgABMFYDBAAqA+IDBAM6mAAwDAMEA8vGKAMEBMvGQDAMAwQDy8aYAwQF
y8bAAwQCy8bsAwQF2mcAMAwDBAPaZygDBATaZ2AwDAMEBttMwAMEBNtM4AMEBdz2
ADANBgkqhkiG9w0BAQsFAAOCAQEAwqCJAcBDnyGNVvdhW+4Y+SrmHno2gB7D6Y10
0VZG/ZbFkrl7/ECCiQlaQiQ9drVWLkowMcgWki6tpZ4wsaY7VlIsbSoEjTBgKFXf
C8nJnurITblOnVpSLnAEQaNc3eP3NIv5ztGXenK2G99T+rBNzDJyRpKd4ou9zwN9
WIER0K0DNsZsa9NGNan96GfV5grJDk5oUhpTmlZmLecY2fQQbI5m0yTJhj2A3s6c
FnyttAr11CcQ8YcUal1hvhXzMiceC5/7ObLaPdqlaVyhQVyQCwB8sT4T/jmQCgqR
oGkBSe9Yo/xNox23jk7V/rcft+Jp1Y+KR1GLMrjBp6jA/8+Y2A==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:00:26 2025 by rpki-client