Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/B04675FC959711EA9F290A33C4F9AE02.roa
File: B04675FC959711EA9F290A33C4F9AE02.roa (raw, json)
Hash identifier: hQAAdUrLdQChVkkQeP4ltYAaknVzXk9TFAgmcS5lSJE=
Subject key identifier: F9:19:E4:20:38:E1:56:19:39:D6:01:2F:C4:6A:20:6C:2C:C3:20:BE
Certificate issuer: /CN=A918495F/serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD
Certificate serial: 1637
Authority key identifier: 90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/B04675FC959711EA9F290A33C4F9AE02.roa
Signing time: Fri 26 May 2023 17:57:23 +0000
ROA not before: Fri 26 May 2023 17:57:23 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 4515
IP address blocks: 42.3.226.0/24 maxlen: 24
58.152.0.0/21 maxlen: 21
203.198.40.0/23 maxlen: 23
203.198.42.0/23 maxlen: 23
203.198.44.0/23 maxlen: 23
203.198.46.0/23 maxlen: 23
203.198.48.0/21 maxlen: 21
203.198.56.0/21 maxlen: 21
203.198.64.0/24 maxlen: 24
203.198.65.0/24 maxlen: 24
203.198.66.0/23 maxlen: 23
203.198.68.0/23 maxlen: 23
203.198.70.0/23 maxlen: 23
203.198.72.0/22 maxlen: 22
203.198.76.0/22 maxlen: 22
203.198.152.0/22 maxlen: 22
203.198.156.0/22 maxlen: 22
203.198.160.0/21 maxlen: 21
203.198.168.0/21 maxlen: 21
203.198.176.0/22 maxlen: 22
203.198.180.0/22 maxlen: 22
203.198.180.0/24 maxlen: 24
203.198.184.0/22 maxlen: 22
203.198.185.0/24 maxlen: 24
203.198.188.0/22 maxlen: 22
203.198.192.0/22 maxlen: 22
203.198.196.0/22 maxlen: 22
203.198.196.0/24 maxlen: 24
203.198.200.0/22 maxlen: 22
203.198.204.0/23 maxlen: 23
203.198.204.0/24 maxlen: 24
203.198.206.0/23 maxlen: 23
203.198.208.0/21 maxlen: 21
203.198.216.0/21 maxlen: 21
203.198.236.0/22 maxlen: 22
218.103.0.0/19 maxlen: 19
218.103.40.0/22 maxlen: 22
218.103.44.0/22 maxlen: 22
218.103.48.0/21 maxlen: 21
218.103.56.0/23 maxlen: 23
218.103.58.0/23 maxlen: 23
218.103.60.0/22 maxlen: 22
218.103.64.0/22 maxlen: 22
218.103.68.0/22 maxlen: 22
218.103.72.0/22 maxlen: 22
218.103.76.0/22 maxlen: 22
218.103.80.0/20 maxlen: 20
218.103.96.0/20 maxlen: 20
219.76.192.0/19 maxlen: 19
219.76.220.0/22 maxlen: 22
219.76.224.0/20 maxlen: 20
220.246.0.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 17:21:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5687 (0x1637)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918495F/serialNumber=90C22F7393850E8ECF6B5F1E320D07B2D1ACD8FD
Validity
Not Before: May 26 17:57:23 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=6470f303-d968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:2d:99:ac:00:81:25:f0:5d:b4:3a:c9:f1:b4:
2e:04:19:b1:0b:39:62:41:6d:43:93:77:d2:09:56:
ef:6a:29:2b:33:06:a0:c5:8f:74:3e:43:8e:cf:aa:
8b:aa:b2:30:01:f7:1d:85:b9:99:c7:e1:f6:fc:aa:
b5:e4:90:fc:66:9f:4b:6f:9e:1b:0e:12:0b:0a:e7:
9b:a3:2d:2e:78:b3:b1:dd:0b:c4:aa:fa:46:18:93:
6f:2f:15:16:07:34:78:1e:03:ea:dd:f5:8d:42:71:
2f:22:d3:7c:59:bf:fc:90:31:0a:0f:a0:7a:70:94:
8b:76:ac:f4:4e:bf:4d:7f:75:74:67:87:80:3e:17:
13:0e:b2:4b:c7:fb:ca:09:0e:b1:52:52:68:16:e6:
d7:b7:03:79:f9:84:fe:5a:b3:6a:59:15:95:9e:61:
d2:14:75:1c:f2:08:fc:ee:7e:e9:4b:8f:f7:53:06:
98:14:45:bb:e6:57:e3:63:15:30:83:1f:a5:e9:a8:
e1:d9:62:9e:62:74:d2:43:4f:9f:8a:fb:4e:b9:04:
64:b4:a7:95:70:8c:88:2c:6f:c7:d7:6a:82:2b:1e:
71:7b:83:da:76:64:8f:07:50:29:96:ee:84:8b:c3:
c0:8e:6a:e5:0f:bf:ad:64:5e:e1:60:f1:8e:56:71:
80:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:19:E4:20:38:E1:56:19:39:D6:01:2F:C4:6A:20:6C:2C:C3:20:BE
X509v3 Authority Key Identifier:
keyid:90:C2:2F:73:93:85:0E:8E:CF:6B:5F:1E:32:0D:07:B2:D1:AC:D8:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/kMIvc5OFDo7Pa18eMg0HstGs2P0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kMIvc5OFDo7Pa18eMg0HstGs2P0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918495F/848C857CDFEC11E7A27A2213C4F9AE02/B04675FC959711EA9F290A33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.3.226.0/24
58.152.0.0/21
203.198.40.0-203.198.79.255
203.198.152.0-203.198.223.255
203.198.236.0/22
218.103.0.0/19
218.103.40.0-218.103.111.255
219.76.192.0-219.76.239.255
220.246.0.0/19
Signature Algorithm: sha256WithRSAEncryption
c1:fa:b9:ce:24:58:0f:a5:fe:59:10:c3:3b:c4:b7:3f:37:fb:
70:80:55:e7:e2:d2:b2:34:96:cf:88:80:62:cc:e5:fb:ff:66:
00:fe:12:46:db:f5:08:2a:00:ce:fb:49:dd:fa:d8:a1:8d:07:
02:d2:49:6d:11:eb:d1:d9:43:0b:ae:5a:59:e0:4c:ca:ba:89:
e8:ad:3b:08:8b:7d:86:2c:9d:60:18:f7:3e:96:eb:b6:9c:86:
c2:3a:0c:27:76:78:fb:5d:71:8e:e2:61:1d:fe:98:84:d8:ec:
b4:ce:03:b2:63:e8:13:c6:ab:07:30:7f:ed:5c:05:9f:2b:8a:
e1:fa:01:bf:ce:d9:1d:4b:c6:2f:09:20:04:3f:17:65:c4:fe:
8e:3b:9f:0d:dd:d0:8a:af:6b:d6:37:ba:5c:0b:07:b8:80:b5:
e4:e5:50:47:40:92:5d:fd:9c:87:da:42:30:eb:e1:a6:9e:0e:
54:4d:63:1e:d5:80:32:87:b8:d5:79:b8:93:ad:59:37:1e:69:
b3:77:f7:64:44:06:00:60:62:29:e7:93:54:16:3f:5d:28:d4:
76:20:00:8d:ff:01:1b:c6:81:95:b6:40:d2:7f:a7:4a:1c:fe:
2f:af:83:66:9c:3e:85:cd:c1:56:e8:ac:b0:de:0d:96:41:8c:
df:ad:97:2b
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgICFjcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQ5NUYxMTAvBgNVBAUTKDkwQzIyRjczOTM4NTBFOEVDRjZCNUYxRTMyMEQwN0Iy
RDFBQ0Q4RkQwHhcNMjMwNTI2MTc1NzIzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDcwZjMwMy1kOTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7y2ZrACBJfBdtDrJ8bQuBBmxCzliQW1Dk3fSCVbvaikrMwagxY90PkOOz6qL
qrIwAfcdhbmZx+H2/Kq15JD8Zp9Lb54bDhILCueboy0ueLOx3QvEqvpGGJNvLxUW
BzR4HgPq3fWNQnEvItN8Wb/8kDEKD6B6cJSLdqz0Tr9Nf3V0Z4eAPhcTDrJLx/vK
CQ6xUlJoFubXtwN5+YT+WrNqWRWVnmHSFHUc8gj87n7pS4/3UwaYFEW75lfjYxUw
gx+l6ajh2WKeYnTSQ0+fivtOuQRktKeVcIyILG/H12qCKx5xe4PadmSPB1Aplu6E
i8PAjmrlD7+tZF7hYPGOVnGAXQIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFPkZ5CA4
4VYZOdYBL8RqIGwswyC+MB8GA1UdIwQYMBaAFJDCL3OThQ6Oz2tfHjINB7LRrNj9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDk1Ri84NDhDODU3Q0RG
RUMxMUU3QTI3QTIyMTNDNEY5QUUwMi9rTUl2YzVPRkRvN1BhMThlTWcwSHN0R3My
UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tNSXZjNU9GRG83UGExOGVNZzBIc3RHczJQMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ5NUYvODQ4Qzg1N0NERkVDMTFFN0EyN0EyMjEzQzRGOUFFMDIvQjA0Njc1RkM5
NTk3MTFFQTlGMjkwQTMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbwYIKwYBBQUHAQcBAf8E
YDBeMFwEAgABMFYDBAAqA+IDBAM6mAAwDAMEA8vGKAMEBMvGQDAMAwQDy8aYAwQF
y8bAAwQCy8bsAwQF2mcAMAwDBAPaZygDBATaZ2AwDAMEBttMwAMEBNtM4AMEBdz2
ADANBgkqhkiG9w0BAQsFAAOCAQEAwfq5ziRYD6X+WRDDO8S3Pzf7cIBV5+LSsjSW
z4iAYszl+/9mAP4SRtv1CCoAzvtJ3frYoY0HAtJJbRHr0dlDC65aWeBMyrqJ6K07
CIt9hiydYBj3PpbrtpyGwjoMJ3Z4+11xjuJhHf6YhNjstM4DsmPoE8arBzB/7VwF
nyuK4foBv87ZHUvGLwkgBD8XZcT+jjufDd3Qiq9r1je6XAsHuIC15OVQR0CSXf2c
h9pCMOvhpp4OVE1jHtWAMoe41Xm4k61ZNx5ps3f3ZEQGAGBiKeeTVBY/XSjUdiAA
jf8BG8aBlbZA0n+nShz+L6+DZpw+hc3BVuissN4NlkGM362XKw==
-----END CERTIFICATE-----
Generated at Fri May 31 20:34:07 2024 by rpki-client on console-ams.rpki-client.org