Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/1064D8C44AE111EDA148B02CC4F9AE02.roa
File: 1064D8C44AE111EDA148B02CC4F9AE02.roa (raw, json)
Hash identifier: 1+JGVwzIIHprkzmrxwkBBfHqJVa8xnnw1OTcwfbq1F0=
Subject key identifier: 89:24:79:3A:B1:9A:CB:B3:E3:E6:E2:F3:C8:78:03:4A:68:0C:4A:F2
Certificate issuer: /CN=A918AA78/serialNumber=09CFFE467F3B09C3D06F24919CFAC7E003E4BB75
Certificate serial: 1AE0
Authority key identifier: 09:CF:FE:46:7F:3B:09:C3:D0:6F:24:91:9C:FA:C7:E0:03:E4:BB:75
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cc_-Rn87CcPQbySRnPrH4APku3U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/1064D8C44AE111EDA148B02CC4F9AE02.roa
Signing time: Wed 14 Feb 2024 16:53:51 +0000
ROA not before: Wed 14 Feb 2024 16:53:51 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 0
IP address blocks: 203.144.49.0/24 maxlen: 24
203.144.51.0/24 maxlen: 24
203.144.52.0/24 maxlen: 24
203.144.54.0/23 maxlen: 23
203.144.56.0/23 maxlen: 23
203.144.60.0/24 maxlen: 24
203.144.62.0/23 maxlen: 23
2402:79c0::/47 maxlen: 47
2402:79c0:4::/46 maxlen: 46
2402:79c0:8::/45 maxlen: 45
2402:79c0:10::/44 maxlen: 44
2402:79c0:20::/43 maxlen: 43
2402:79c0:40::/42 maxlen: 42
2402:79c0:80::/41 maxlen: 41
2402:79c0:10b::/48 maxlen: 48
2402:79c0:10c::/46 maxlen: 46
2402:79c0:110::/44 maxlen: 44
2402:79c0:120::/43 maxlen: 43
2402:79c0:140::/42 maxlen: 42
2402:79c0:180::/41 maxlen: 41
2402:79c0:200::/39 maxlen: 39
2402:79c0:400::/38 maxlen: 38
2402:79c0:800::/37 maxlen: 37
2402:79c0:1000::/40 maxlen: 40
2402:79c0:1100::/43 maxlen: 43
2402:79c0:1120::/46 maxlen: 46
2402:79c0:1124::/47 maxlen: 47
2402:79c0:1128::/45 maxlen: 45
2402:79c0:1130::/44 maxlen: 44
2402:79c0:1140::/46 maxlen: 46
2402:79c0:1144::/48 maxlen: 48
2402:79c0:1146::/47 maxlen: 47
2402:79c0:1148::/48 maxlen: 48
2402:79c0:114a::/47 maxlen: 47
2402:79c0:114c::/46 maxlen: 46
2402:79c0:1150::/46 maxlen: 46
2402:79c0:1158::/45 maxlen: 45
2402:79c0:1160::/43 maxlen: 43
2402:79c0:1180::/41 maxlen: 41
2402:79c0:1200::/39 maxlen: 39
2402:79c0:1400::/38 maxlen: 38
2402:79c0:1800::/37 maxlen: 37
2402:79c0:2000::/35 maxlen: 35
2402:79c0:4000::/34 maxlen: 34
2402:79c0:8000::/34 maxlen: 34
2402:79c0:c000::/35 maxlen: 35
2402:79c0:e000::/36 maxlen: 36
2402:79c0:f000::/45 maxlen: 45
2402:79c0:f00c::/46 maxlen: 46
2402:79c0:f010::/44 maxlen: 44
2402:79c0:f020::/43 maxlen: 43
2402:79c0:f040::/42 maxlen: 42
2402:79c0:f080::/42 maxlen: 42
2402:79c0:f0c0::/43 maxlen: 43
2402:79c0:f0e0::/44 maxlen: 44
2402:79c0:f0f0::/45 maxlen: 45
2402:79c0:f0f8::/48 maxlen: 48
2402:79c0:f0fa::/47 maxlen: 47
2402:79c0:f0fc::/46 maxlen: 46
2402:79c0:f100::/40 maxlen: 40
2402:79c0:f200::/39 maxlen: 39
2402:79c0:f400::/38 maxlen: 38
2402:79c0:f800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/Cc_-Rn87CcPQbySRnPrH4APku3U.crl
rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/Cc_-Rn87CcPQbySRnPrH4APku3U.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cc_-Rn87CcPQbySRnPrH4APku3U.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 May 2024 16:43:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6880 (0x1ae0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918AA78/serialNumber=09CFFE467F3B09C3D06F24919CFAC7E003E4BB75
Validity
Not Before: Feb 14 16:53:51 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65ccf01f-cab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b1:02:4b:ae:a9:8d:76:db:f9:ef:6a:4a:81:
e3:a3:b9:19:b9:5e:41:08:6f:d6:22:7e:c3:72:1c:
93:6a:bd:88:b7:18:29:cd:12:7f:9d:7d:07:9f:d6:
b2:39:44:35:94:72:6f:e6:fb:7c:81:6e:98:8e:5c:
25:79:04:2b:09:f4:1e:f5:85:00:94:87:76:37:94:
36:6e:ff:a9:aa:a1:a3:a6:f8:f1:7a:aa:13:4f:11:
a7:2f:c5:ea:9a:1f:81:6e:75:1e:b3:b5:2d:38:c5:
99:8a:f7:e0:13:de:2c:25:da:91:ec:0f:38:0c:74:
97:73:20:80:54:6e:53:ac:01:e5:d9:a8:28:47:c1:
d0:7a:ca:01:1b:17:86:ba:87:4f:a7:36:57:94:54:
13:72:2d:34:2c:81:cc:44:e9:83:8f:aa:64:a4:c4:
0e:d8:c3:c4:2f:da:c0:52:52:dd:ad:c9:86:88:f5:
7a:28:f3:70:fe:11:43:8d:a0:bf:34:a1:09:95:71:
a3:83:81:52:82:e5:33:d0:1e:69:93:e4:b5:d3:33:
37:a0:42:fc:7e:bc:49:a9:e3:4c:94:d3:71:c2:dc:
ba:63:02:fa:9f:c8:50:5a:80:6e:71:46:33:95:08:
bd:e7:21:68:69:20:fb:c1:0c:e7:be:26:35:35:83:
d5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:24:79:3A:B1:9A:CB:B3:E3:E6:E2:F3:C8:78:03:4A:68:0C:4A:F2
X509v3 Authority Key Identifier:
keyid:09:CF:FE:46:7F:3B:09:C3:D0:6F:24:91:9C:FA:C7:E0:03:E4:BB:75
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/Cc_-Rn87CcPQbySRnPrH4APku3U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Cc_-Rn87CcPQbySRnPrH4APku3U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918AA78/68D33490FD6411E6A1095483C4F9AE02/1064D8C44AE111EDA148B02CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.144.49.0/24
203.144.51.0-203.144.52.255
203.144.54.0-203.144.57.255
203.144.60.0/24
203.144.62.0/23
IPv6:
2402:79c0::/47
2402:79c0:4::-2402:79c0:ff:ffff:ffff:ffff:ffff:ffff
2402:79c0:10b::-2402:79c0:1125:ffff:ffff:ffff:ffff:ffff
2402:79c0:1128::-2402:79c0:1144:ffff:ffff:ffff:ffff:ffff
2402:79c0:1146::-2402:79c0:1148:ffff:ffff:ffff:ffff:ffff
2402:79c0:114a::-2402:79c0:1153:ffff:ffff:ffff:ffff:ffff
2402:79c0:1158::-2402:79c0:f007:ffff:ffff:ffff:ffff:ffff
2402:79c0:f00c::-2402:79c0:f0f8:ffff:ffff:ffff:ffff:ffff
2402:79c0:f0fa::-2402:79c0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b6:48:5e:ff:1b:f7:3e:78:22:7b:74:fe:ae:45:c5:51:c3:ca:
05:bd:e8:e1:cf:d0:7b:eb:41:cb:94:45:8b:ee:b8:00:57:0a:
e2:df:f7:46:ef:21:81:dd:8d:6f:98:7b:53:54:d7:78:f9:d5:
84:04:4a:fc:98:98:b1:7d:f6:27:94:c4:ca:62:fb:ba:cd:55:
27:10:8a:f0:ed:98:10:83:1e:c3:e5:0e:81:e0:ef:c0:72:ce:
32:3a:2d:07:30:e2:a8:04:4e:f5:7b:47:42:b3:a3:2b:e6:69:
9e:97:f9:dd:32:a8:25:dc:89:b3:64:b2:0f:e4:c9:ec:50:67:
f5:6a:0f:e4:9a:d6:12:1c:cd:4a:5c:0a:88:91:4d:e5:65:7d:
f1:84:79:bd:2e:9c:e3:40:d2:9e:fe:94:e2:48:2b:14:8b:8d:
69:5c:12:87:ab:36:be:b3:d1:72:26:c6:03:d1:05:74:8d:fc:
d5:e1:38:2c:e5:d8:1e:ba:42:db:7d:3d:b3:68:ff:47:e0:5d:
55:88:9e:f4:36:e8:2a:cc:1e:88:2f:ef:ac:a5:6b:60:13:4b:
fc:99:7f:c4:fd:d0:54:e5:9b:9d:38:e5:ee:64:3e:43:32:94:
1d:9b:96:87:19:00:3b:76:51:f3:66:5e:b9:20:ca:bc:c8:2a:
b3:bd:7d:51
-----BEGIN CERTIFICATE-----
MIIGTDCCBTSgAwIBAgICGuAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEFBNzgxMTAvBgNVBAUTKDA5Q0ZGRTQ2N0YzQjA5QzNEMDZGMjQ5MTlDRkFDN0Uw
MDNFNEJCNzUwHhcNMjQwMjE0MTY1MzUxWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWNjZjAxZi1jYWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt7ECS66pjXbb+e9qSoHjo7kZuV5BCG/WIn7DchyTar2ItxgpzRJ/nX0Hn9ay
OUQ1lHJv5vt8gW6YjlwleQQrCfQe9YUAlId2N5Q2bv+pqqGjpvjxeqoTTxGnL8Xq
mh+BbnUes7UtOMWZivfgE94sJdqR7A84DHSXcyCAVG5TrAHl2agoR8HQesoBGxeG
uodPpzZXlFQTci00LIHMROmDj6pkpMQO2MPEL9rAUlLdrcmGiPV6KPNw/hFDjaC/
NKEJlXGjg4FSguUz0B5pk+S10zM3oEL8frxJqeNMlNNxwty6YwL6n8hQWoBucUYz
lQi95yFoaSD7wQznviY1NYPVJQIDAQABo4IDcDCCA2wwHQYDVR0OBBYEFIkkeTqx
msuz4+bi88h4A0poDEryMB8GA1UdIwQYMBaAFAnP/kZ/OwnD0G8kkZz6x+AD5Lt1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QUE3OC82OEQzMzQ5MEZE
NjQxMUU2QTEwOTU0ODNDNEY5QUUwMi9DY18tUm44N0NjUFFieVNSblBySDRBUGt1
M1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NjXy1Sbjg3Q2NQUWJ5U1JuUHJINEFQa3UzVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEFBNzgvNjhEMzM0OTBGRDY0MTFFNkExMDk1NDgzQzRGOUFFMDIvMTA2NEQ4QzQ0
QUUxMTFFREExNDhCMDJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfkGCCsGAQUFBwEHAQH/
BIHpMIHmMDQEAgABMC4DBADLkDEwDAMEAMuQMwMEAMuQNDAMAwQBy5A2AwQBy5A4
AwQAy5A8AwQBy5A+MIGtBAIAAjCBpgMHASQCecAAADARAwcCJAJ5wAAEAwYAJAJ5
wAAwEgMHACQCecABCwMHASQCecARJDASAwcDJAJ5wBEoAwcAJAJ5wBFEMBIDBwEk
AnnAEUYDBwAkAnnAEUgwEgMHASQCecARSgMHAiQCecARUDASAwcDJAJ5wBFYAwcD
JAJ5wPAAMBIDBwIkAnnA8AwDBwAkAnnA8PgwEAMHASQCecDw+gMFACQCecAwDQYJ
KoZIhvcNAQELBQADggEBALZIXv8b9z54Int0/q5FxVHDygW96OHP0HvrQcuURYvu
uABXCuLf90bvIYHdjW+Ye1NU13j51YQESvyYmLF99ieUxMpi+7rNVScQivDtmBCD
HsPlDoHg78ByzjI6LQcw4qgETvV7R0KzoyvmaZ6X+d0yqCXcibNksg/kyexQZ/Vq
D+Sa1hIczUpcCoiRTeVlffGEeb0unONA0p7+lOJIKxSLjWlcEoerNr6z0XImxgPR
BXSN/NXhOCzl2B66Qtt9PbNo/0fgXVWInvQ26CrMHogv76yla2ATS/yZf8T90FTl
m5045e5kPkMylB2blocZADt2UfNmXrkgyrzIKrO9fVE=
-----END CERTIFICATE-----
Generated at Wed Apr 24 18:31:04 2024 by rpki-client on console-fra.rpki-client.org