Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E68CE444F74D11EAA830607BC4F9AE02.roa
File: E68CE444F74D11EAA830607BC4F9AE02.roa (raw, json)
Hash identifier: 0T2gVbvkrNg88fQ866tRf27vl/PeaT6qb2X3ZVxl1QU=
Subject key identifier: B2:EE:92:0F:5A:4B:69:B0:EB:1B:68:91:54:B8:69:F9:79:8B:E8:C3
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 714A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E68CE444F74D11EAA830607BC4F9AE02.roa
Signing time: Wed 10 May 2023 16:47:31 +0000
ROA not before: Wed 10 May 2023 16:47:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17443
IP address blocks: 202.131.129.0/24 maxlen: 24
202.131.130.0/24 maxlen: 24
202.131.131.0/24 maxlen: 24
202.131.132.0/24 maxlen: 24
202.131.133.0/24 maxlen: 24
202.131.134.0/24 maxlen: 24
202.131.135.0/24 maxlen: 24
202.131.138.0/24 maxlen: 24
202.131.139.0/24 maxlen: 24
202.131.140.0/24 maxlen: 24
202.131.141.0/24 maxlen: 24
202.131.144.0/24 maxlen: 24
202.131.145.0/24 maxlen: 24
202.131.146.0/24 maxlen: 24
202.131.147.0/24 maxlen: 24
202.131.148.0/24 maxlen: 24
202.131.149.0/24 maxlen: 24
202.131.150.0/24 maxlen: 24
202.131.151.0/24 maxlen: 24
202.131.152.0/24 maxlen: 24
202.131.153.0/24 maxlen: 24
202.131.154.0/24 maxlen: 24
202.131.155.0/24 maxlen: 24
202.131.156.0/24 maxlen: 24
202.131.157.0/24 maxlen: 24
202.131.158.0/24 maxlen: 24
202.131.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 15:38:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29002 (0x714a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:47:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bcaa3-aa85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:30:d5:1c:32:f7:03:04:b1:27:44:dd:6a:3b:
bc:b2:8d:35:4d:c3:74:aa:fd:38:f0:62:24:22:e6:
d9:08:55:4b:a5:cb:a9:a7:ca:cc:87:db:d1:d1:a6:
af:53:41:f1:c0:cf:4e:93:c8:d8:0c:97:57:d1:da:
77:d0:ab:3d:e3:1d:64:d5:47:46:89:96:b8:42:76:
77:3d:39:36:c9:e4:06:2a:6e:5d:15:ae:93:e9:c3:
c2:3f:0e:a5:0f:f0:30:fc:32:73:a1:3a:84:4e:f0:
32:75:d2:d3:25:59:41:60:f1:b4:36:53:6a:fa:35:
0b:a6:01:e4:61:66:78:25:35:d9:d6:cd:3a:a0:f9:
c2:c6:5f:c2:70:c5:83:83:f4:33:3f:d8:c1:a3:f0:
df:eb:f2:94:fd:93:65:62:4f:3c:18:06:34:32:43:
c2:02:0e:5a:20:e9:a4:28:21:e8:96:d4:51:d5:27:
84:66:6d:ca:d7:f5:fa:40:5d:22:74:0c:fa:8c:3a:
43:b4:7c:6f:5b:82:8f:02:89:e9:02:98:7e:f3:1d:
72:a2:6b:62:5f:b8:8b:4b:91:68:8e:cd:25:5c:f5:
f7:88:81:34:40:27:d0:c9:43:13:98:a7:42:35:6c:
72:4f:d5:f2:f0:31:6a:31:eb:67:8f:e8:d7:e0:6f:
f6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:EE:92:0F:5A:4B:69:B0:EB:1B:68:91:54:B8:69:F9:79:8B:E8:C3
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E68CE444F74D11EAA830607BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.131.129.0-202.131.135.255
202.131.138.0-202.131.141.255
202.131.144.0/20
Signature Algorithm: sha256WithRSAEncryption
24:3d:5e:9d:46:94:61:35:61:bc:b2:7e:27:82:6b:e1:d5:9a:
7d:82:cf:f2:73:27:22:b1:16:b9:1b:98:26:2e:63:21:a9:99:
00:5e:16:6c:a6:59:76:db:4f:8b:22:19:80:c2:de:be:82:a8:
41:e3:4f:80:08:82:53:78:7b:5b:2e:93:48:b0:3f:42:96:e4:
32:c9:4a:0a:12:28:3c:39:19:fd:65:89:97:e7:2b:ee:46:01:
37:9e:94:32:1b:e8:29:9a:4c:9b:59:56:b0:36:ab:2f:58:4d:
40:7a:e0:b9:d6:51:3a:ab:2a:a5:70:a1:8b:c2:95:2a:e9:af:
83:89:f8:41:2a:18:d1:0d:0c:2f:ee:67:33:1a:68:5a:cb:a2:
75:26:ad:48:92:31:06:1b:76:9f:50:3e:d7:5e:56:30:1e:fd:
fe:75:92:71:a5:56:8b:04:cd:fd:6a:e5:af:46:af:34:17:84:
3f:37:ff:ae:89:de:c9:22:7f:18:e2:56:90:4d:0a:ea:c1:7e:
b6:a3:1f:21:65:02:fd:0f:cb:2e:ea:cf:6f:d3:80:72:57:55:
59:50:48:35:17:ae:18:4a:03:4d:c5:73:90:00:70:46:6e:4d:
c9:f5:18:f3:8e:b7:7a:44:e6:71:ad:66:44:65:72:c1:c0:d8:
24:da:18:55
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICcUowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTY0NzMxWhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViY2FhMy1hYTg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwTDVHDL3AwSxJ0Tdaju8so01TcN0qv048GIkIubZCFVLpcupp8rMh9vR0aav
U0HxwM9Ok8jYDJdX0dp30Ks94x1k1UdGiZa4QnZ3PTk2yeQGKm5dFa6T6cPCPw6l
D/Aw/DJzoTqETvAyddLTJVlBYPG0NlNq+jULpgHkYWZ4JTXZ1s06oPnCxl/CcMWD
g/QzP9jBo/Df6/KU/ZNlYk88GAY0MkPCAg5aIOmkKCHoltRR1SeEZm3K1/X6QF0i
dAz6jDpDtHxvW4KPAonpAph+8x1yomtiX7iLS5Fojs0lXPX3iIE0QCfQyUMTmKdC
NWxyT9Xy8DFqMetnj+jX4G/2PwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFLLukg9a
S2mw6xtokVS4afl5i+jDMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRTY4Q0U0NDRG
NzREMTFFQUE4MzA2MDdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIwDAMEAMqDgQMEA8qDgDAMAwQByoOKAwQByoOMAwQEyoOQMA0G
CSqGSIb3DQEBCwUAA4IBAQAkPV6dRpRhNWG8sn4ngmvh1Zp9gs/ycycisRa5G5gm
LmMhqZkAXhZspll220+LIhmAwt6+gqhB40+ACIJTeHtbLpNIsD9CluQyyUoKEig8
ORn9ZYmX5yvuRgE3npQyG+gpmkybWVawNqsvWE1AeuC51lE6qyqlcKGLwpUq6a+D
ifhBKhjRDQwv7mczGmhay6J1Jq1IkjEGG3afUD7XXlYwHv3+dZJxpVaLBM39auWv
Rq80F4Q/N/+uid7JIn8Y4laQTQrqwX62ox8hZQL9D8su6s9v04ByV1VZUEg1F64Y
SgNNxXOQAHBGbk3J9Rjzjrd6ROZxrWZEZXLBwNgk2hhV
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:19:48 2024 by rpki-client on console-ams.rpki-client.org