Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/B883270E356B11E7A51C314CC4F9AE02.roa
File: B883270E356B11E7A51C314CC4F9AE02.roa (raw, json)
Hash identifier: 8rXmVd0Z/YHCbkA41zn86r2DoJ+Coko/30/1qDTIbLg=
Subject key identifier: 87:EE:73:78:B6:90:A7:D4:1A:56:7C:2F:B7:D0:8A:34:8D:3C:21:9E
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 341C
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/B883270E356B11E7A51C314CC4F9AE02.roa
Signing time: Tue 30 Jul 2024 16:02:47 +0000
ROA not before: Tue 30 Jul 2024 16:02:47 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 38778
IP address blocks: 45.64.4.0/22 maxlen: 22
45.64.4.0/23 maxlen: 23
45.64.4.0/24 maxlen: 24
45.64.5.0/24 maxlen: 24
45.64.6.0/23 maxlen: 23
45.64.6.0/24 maxlen: 24
45.64.7.0/24 maxlen: 24
103.228.236.0/22 maxlen: 22
103.228.236.0/23 maxlen: 23
103.228.236.0/24 maxlen: 24
103.228.237.0/24 maxlen: 24
103.228.238.0/23 maxlen: 23
103.228.238.0/24 maxlen: 24
103.228.239.0/24 maxlen: 24
115.69.216.0/21 maxlen: 21
115.69.216.0/22 maxlen: 22
115.69.216.0/23 maxlen: 23
115.69.216.0/24 maxlen: 24
115.69.217.0/24 maxlen: 24
115.69.218.0/23 maxlen: 23
115.69.218.0/24 maxlen: 24
115.69.219.0/24 maxlen: 24
115.69.220.0/22 maxlen: 22
115.69.220.0/23 maxlen: 23
115.69.220.0/24 maxlen: 24
115.69.221.0/24 maxlen: 24
115.69.222.0/23 maxlen: 23
115.69.222.0/24 maxlen: 24
115.69.223.0/24 maxlen: 24
2407:f900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 15:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13340 (0x341c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Validity
Not Before: Jul 30 16:02:47 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66a90ea6-a80a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ff:ae:57:00:16:d6:1b:ed:b2:5c:f5:1b:9e:
e3:3d:77:46:b5:6e:3a:0d:fd:7f:36:b0:2b:0d:cc:
71:1d:e6:54:4a:26:3e:11:88:42:05:25:ed:77:15:
1f:4b:9e:26:61:6f:72:5f:af:77:e8:5f:31:d3:ec:
43:51:34:77:54:e0:88:1f:f3:c3:1a:88:d8:20:c1:
0d:63:c8:69:ab:82:1d:15:26:d4:68:8a:80:a4:d7:
70:64:a8:7a:9b:1c:48:80:7e:26:2d:21:20:94:47:
89:dc:47:81:de:d1:77:43:4a:a1:84:11:f4:f7:9d:
df:e4:ed:3c:33:ef:5a:eb:95:44:61:ee:75:63:13:
55:b6:ad:36:be:75:2e:51:4a:6b:38:a3:cd:8c:66:
45:9b:d7:d1:3c:ea:e8:5a:54:7b:08:e7:14:b8:89:
cd:21:92:7d:d2:d4:d0:0d:df:24:b2:85:14:21:2b:
b3:23:92:66:a2:45:85:3f:f5:d3:2c:2d:34:7f:c7:
d2:c0:e6:90:33:07:ec:22:70:a6:4c:e6:ed:2c:4e:
83:3b:1c:94:55:54:93:8e:32:67:1b:0c:76:68:b6:
73:17:5e:15:ce:90:4a:c6:18:e3:c0:66:ec:96:92:
92:35:23:6b:9a:90:bb:be:f0:1b:88:45:3d:b3:d0:
1f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:EE:73:78:B6:90:A7:D4:1A:56:7C:2F:B7:D0:8A:34:8D:3C:21:9E
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/B883270E356B11E7A51C314CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.4.0/22
103.228.236.0/22
115.69.216.0/21
IPv6:
2407:f900::/32
Signature Algorithm: sha256WithRSAEncryption
43:67:ba:fc:e0:56:e9:13:12:d8:97:f9:2f:68:f1:6b:66:50:
2c:0a:41:b7:38:89:88:98:a4:71:fd:98:fb:23:5e:b2:ae:02:
73:94:44:82:a4:16:91:09:e6:08:5a:23:4c:c5:98:94:14:dc:
fd:26:63:fb:04:7e:f1:b9:0b:ee:70:bb:b7:0a:a4:21:d1:9f:
5c:d5:ae:2f:1b:e6:be:26:53:a0:9d:0d:3b:d7:2b:9e:6a:42:
fc:f0:98:6f:9f:f8:54:2f:24:5e:d3:91:8a:31:1b:f2:a6:9d:
b6:d0:0f:c1:1f:19:79:f1:c4:b1:b2:82:f1:ec:5e:9b:66:fe:
6b:51:99:bd:27:ae:76:fb:4e:31:37:cf:90:5b:e1:37:aa:7b:
5e:6b:1b:e7:7e:7e:b5:09:93:e5:26:bd:d3:e1:0a:18:e8:e7:
26:55:fe:a9:a0:77:b0:22:d1:33:af:ec:29:f5:97:64:68:13:
01:04:44:2e:e2:f6:5e:51:71:bb:28:3d:53:29:41:ca:4c:45:
e4:9a:9a:9f:a0:34:38:18:c9:8f:c6:11:a0:33:0b:9c:46:ea:
ee:86:2b:86:b9:b4:52:5c:f9:72:b5:c4:59:e9:b8:15:89:08:
3f:c1:32:e6:ee:1e:b7:25:76:d0:16:3f:26:14:36:81:c6:23:
63:29:e3:8e
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICNBwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjQwNzMwMTYwMjQ3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE5MGVhNi1hODBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2v+uVwAW1hvtslz1G57jPXdGtW46Df1/NrArDcxxHeZUSiY+EYhCBSXtdxUf
S54mYW9yX6936F8x0+xDUTR3VOCIH/PDGojYIMENY8hpq4IdFSbUaIqApNdwZKh6
mxxIgH4mLSEglEeJ3EeB3tF3Q0qhhBH0953f5O08M+9a65VEYe51YxNVtq02vnUu
UUprOKPNjGZFm9fRPOroWlR7COcUuInNIZJ90tTQDd8ksoUUISuzI5JmokWFP/XT
LC00f8fSwOaQMwfsInCmTObtLE6DOxyUVVSTjjJnGwx2aLZzF14VzpBKxhjjwGbs
lpKSNSNrmpC7vvAbiEU9s9AfsQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFIfuc3i2
kKfUGlZ8L7fQijSNPCGeMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvQjg4MzI3MEUz
NTZCMTFFN0E1MUMzMTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAItQAQDBAJn5OwDBANzRdgwDQQCAAIwBwMFACQH+QAwDQYJ
KoZIhvcNAQELBQADggEBAENnuvzgVukTEtiX+S9o8WtmUCwKQbc4iYiYpHH9mPsj
XrKuAnOURIKkFpEJ5ghaI0zFmJQU3P0mY/sEfvG5C+5wu7cKpCHRn1zVri8b5r4m
U6CdDTvXK55qQvzwmG+f+FQvJF7TkYoxG/KmnbbQD8EfGXnxxLGygvHsXptm/mtR
mb0nrnb7TjE3z5Bb4Teqe15rG+d+frUJk+UmvdPhChjo5yZV/qmgd7Ai0TOv7Cn1
l2RoEwEERC7i9l5RcbsoPVMpQcpMReSamp+gNDgYyY/GEaAzC5xG6u6GK4a5tFJc
+XK1xFnpuBWJCD/BMubuHrcldtAWPyYUNoHGI2Mp444=
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:24:19 2024 by rpki-client on console-ams.rpki-client.org