Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/B883270E356B11E7A51C314CC4F9AE02.roa
File: B883270E356B11E7A51C314CC4F9AE02.roa (raw, json)
Hash identifier: A/qJ2f6RBq9G1KDp8W4H8o7cKnSPcXwH8FO487zmgrk=
Subject key identifier: 21:7D:AA:D2:1E:A0:99:E5:67:84:2F:F3:89:C2:62:16:75:39:81:50
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 3362
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/B883270E356B11E7A51C314CC4F9AE02.roa
Signing time: Tue 30 Jan 2024 16:12:50 +0000
ROA not before: Tue 30 Jan 2024 16:12:50 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 38778
IP address blocks: 45.64.4.0/22 maxlen: 22
45.64.4.0/23 maxlen: 23
45.64.4.0/24 maxlen: 24
45.64.5.0/24 maxlen: 24
45.64.6.0/23 maxlen: 23
45.64.6.0/24 maxlen: 24
45.64.7.0/24 maxlen: 24
103.228.236.0/22 maxlen: 22
103.228.236.0/23 maxlen: 23
103.228.236.0/24 maxlen: 24
103.228.237.0/24 maxlen: 24
103.228.238.0/23 maxlen: 23
103.228.238.0/24 maxlen: 24
103.228.239.0/24 maxlen: 24
115.69.216.0/21 maxlen: 21
115.69.216.0/22 maxlen: 22
115.69.216.0/23 maxlen: 23
115.69.216.0/24 maxlen: 24
115.69.217.0/24 maxlen: 24
115.69.218.0/23 maxlen: 23
115.69.218.0/24 maxlen: 24
115.69.219.0/24 maxlen: 24
115.69.220.0/22 maxlen: 22
115.69.220.0/23 maxlen: 23
115.69.220.0/24 maxlen: 24
115.69.221.0/24 maxlen: 24
115.69.222.0/23 maxlen: 23
115.69.222.0/24 maxlen: 24
115.69.223.0/24 maxlen: 24
2407:f900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 29 Apr 2024 15:54:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13154 (0x3362)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Validity
Not Before: Jan 30 16:12:50 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65b92002-e67b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:10:33:7e:e8:ec:51:c2:0e:ac:9d:4f:fb:99:
76:a8:b1:d2:ff:bc:af:c2:b5:86:76:e4:10:5c:a6:
fd:2c:cc:9b:07:20:31:6b:7f:61:49:32:0f:7b:ce:
98:e1:10:15:57:53:b9:02:11:25:4c:48:5b:1f:55:
dd:a3:56:6b:12:05:59:9d:e8:7f:26:02:14:1c:7f:
5d:9d:de:c6:04:2a:b2:6e:44:03:3d:7c:78:93:c9:
ae:fe:55:58:3d:79:2a:5a:4e:48:a1:0a:ea:7a:0a:
0d:51:aa:f3:08:11:be:60:00:3c:db:92:38:45:e7:
99:de:3e:ea:ec:09:bb:87:d4:3c:ea:70:27:29:7d:
ed:00:c7:43:9b:fb:2d:53:1f:c8:84:c2:dd:26:08:
07:e2:d0:05:cb:72:4d:0d:5f:84:39:4f:b3:25:c7:
b1:bc:96:36:0b:8f:9c:18:82:ae:f4:8f:ca:da:52:
94:7b:d4:be:b2:e9:c1:e8:7d:ea:0f:e1:fb:26:e8:
85:ed:14:51:b7:06:52:7e:9d:d2:af:77:67:eb:cf:
a9:f3:69:21:84:f5:e3:bd:7f:c0:1f:82:22:10:ae:
7b:21:0e:e0:97:f2:cc:1f:40:5d:a6:d0:20:8b:b9:
c0:dd:24:c6:6d:7f:f7:d9:1b:95:34:65:e0:31:78:
ef:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:7D:AA:D2:1E:A0:99:E5:67:84:2F:F3:89:C2:62:16:75:39:81:50
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/B883270E356B11E7A51C314CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.4.0/22
103.228.236.0/22
115.69.216.0/21
IPv6:
2407:f900::/32
Signature Algorithm: sha256WithRSAEncryption
75:82:fc:81:86:69:18:67:be:ad:c8:eb:dc:60:1e:d7:b5:b5:
bd:ad:21:6f:c9:15:e6:0c:f4:e3:f1:3c:c1:43:31:47:a1:a5:
c3:e9:b7:ab:a4:31:70:6c:5a:3f:f4:a1:48:6f:7e:6c:b5:b5:
49:b9:17:5f:a9:34:cb:8e:9a:4b:6b:3f:84:97:2a:f3:3a:c9:
37:36:37:b4:3a:9e:46:85:44:92:a9:6a:f5:43:01:46:92:de:
87:b8:18:13:fd:01:0d:ab:d3:e3:46:23:aa:dc:b9:48:c8:53:
e8:d4:71:b4:94:2a:b5:1c:19:f5:05:2f:44:77:1d:c0:98:a7:
c6:ed:b4:7a:26:32:3f:88:eb:50:6d:a7:0a:d5:58:72:60:32:
08:a4:46:01:8d:0e:2e:6c:5e:7e:03:6a:d7:3e:39:af:ed:17:
d3:2d:e0:a6:1a:dd:45:7d:2f:01:49:30:47:1d:8b:6b:51:b2:
5a:22:85:8d:07:37:15:94:c0:73:53:12:ec:c8:76:c0:98:40:
f8:48:68:9e:5e:38:d2:1a:05:01:e2:62:b0:bf:83:c3:2a:30:
fc:6a:4c:10:52:d2:9e:42:db:0e:a9:f5:33:f4:dc:4d:63:72:
9d:ea:dc:2a:31:94:08:27:96:b2:5e:ee:be:8a:16:c7:ad:15:
f4:b3:65:9e
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICM2IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjQwMTMwMTYxMjUwWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5MjAwMi1lNjdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7xAzfujsUcIOrJ1P+5l2qLHS/7yvwrWGduQQXKb9LMybByAxa39hSTIPe86Y
4RAVV1O5AhElTEhbH1Xdo1ZrEgVZneh/JgIUHH9dnd7GBCqybkQDPXx4k8mu/lVY
PXkqWk5IoQrqegoNUarzCBG+YAA825I4ReeZ3j7q7Am7h9Q86nAnKX3tAMdDm/st
Ux/IhMLdJggH4tAFy3JNDV+EOU+zJcexvJY2C4+cGIKu9I/K2lKUe9S+sunB6H3q
D+H7JuiF7RRRtwZSfp3Sr3dn68+p82khhPXjvX/AH4IiEK57IQ7gl/LMH0BdptAg
i7nA3STGbX/32RuVNGXgMXjvdwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFCF9qtIe
oJnlZ4Qv84nCYhZ1OYFQMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvQjg4MzI3MEUz
NTZCMTFFN0E1MUMzMTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAItQAQDBAJn5OwDBANzRdgwDQQCAAIwBwMFACQH+QAwDQYJ
KoZIhvcNAQELBQADggEBAHWC/IGGaRhnvq3I69xgHte1tb2tIW/JFeYM9OPxPMFD
MUehpcPpt6ukMXBsWj/0oUhvfmy1tUm5F1+pNMuOmktrP4SXKvM6yTc2N7Q6nkaF
RJKpavVDAUaS3oe4GBP9AQ2r0+NGI6rcuUjIU+jUcbSUKrUcGfUFL0R3HcCYp8bt
tHomMj+I61BtpwrVWHJgMgikRgGNDi5sXn4Datc+Oa/tF9Mt4KYa3UV9LwFJMEcd
i2tRsloihY0HNxWUwHNTEuzIdsCYQPhIaJ5eONIaBQHiYrC/g8MqMPxqTBBS0p5C
2w6p9TP03E1jcp3q3CoxlAgnlrJe7r6KFsetFfSzZZ4=
-----END CERTIFICATE-----
Generated at Tue Apr 23 18:33:01 2024 by rpki-client on console-fra.rpki-client.org