Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/D7FEF354562111EFA7B3F00AC4F9AE02.roa
File: D7FEF354562111EFA7B3F00AC4F9AE02.roa (raw, json)
Hash identifier: MRsE6FySGursbE9bMMfyMXoRUt/2zkb9g3aNfB/OTgo=
Subject key identifier: E8:44:39:28:53:E0:AD:66:17:A0:E8:1B:E0:46:D6:50:BB:20:BC:37
Certificate issuer: /CN=A9195F7B/serialNumber=890B1DEFE88D59196BCC7B65268C62E86E54D46D
Certificate serial: 7C
Authority key identifier: 89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/D7FEF354562111EFA7B3F00AC4F9AE02.roa
Signing time: Fri 09 Aug 2024 07:35:25 +0000
ROA not before: Fri 09 Aug 2024 07:35:25 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 38819
IP address blocks: 120.88.192.0/18 maxlen: 18
120.88.192.0/19 maxlen: 19
120.88.224.0/20 maxlen: 20
120.88.224.0/24 maxlen: 24
120.88.225.0/24 maxlen: 24
120.88.226.0/24 maxlen: 24
120.88.227.0/24 maxlen: 24
120.88.230.0/24 maxlen: 24
120.88.232.0/24 maxlen: 24
120.88.236.0/24 maxlen: 24
120.88.237.0/24 maxlen: 24
120.88.240.0/24 maxlen: 24
120.88.241.0/24 maxlen: 24
120.88.242.0/24 maxlen: 24
120.88.243.0/24 maxlen: 24
120.88.245.0/24 maxlen: 24
120.88.246.0/24 maxlen: 24
120.88.252.0/24 maxlen: 24
120.88.253.0/24 maxlen: 24
120.88.254.0/24 maxlen: 24
202.4.192.0/19 maxlen: 19
202.4.196.0/24 maxlen: 24
202.4.208.0/24 maxlen: 24
223.130.32.0/19 maxlen: 19
2405:b200::/32 maxlen: 32
2405:b200:110:2600::/56 maxlen: 56
2405:b200:140:2600::/56 maxlen: 56
2405:b200:150:2600::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl
rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 28 Nov 2024 04:28:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124 (0x7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9195F7B/serialNumber=890B1DEFE88D59196BCC7B65268C62E86E54D46D
Validity
Not Before: Aug 9 07:35:25 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66b5c6bc-4d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b1:bf:55:40:3a:1d:bd:6c:9e:01:81:fd:9f:
54:6f:1c:61:44:a2:17:2b:40:0d:aa:50:8c:b5:83:
87:84:d5:18:d0:d5:f2:6f:6f:1d:4d:a6:93:f8:3a:
54:3b:54:a3:8b:df:3d:36:6f:db:0a:6c:5b:6d:ba:
c2:05:d9:0c:68:b5:32:40:64:96:ca:d4:31:60:9b:
d1:10:08:33:7a:64:67:cf:56:f5:45:a6:ed:99:7f:
57:16:a4:8f:d8:5c:cd:10:99:c8:79:0a:90:de:c0:
f2:e4:a7:b0:a1:a7:3b:9f:6f:44:59:5d:2d:35:e3:
48:56:b1:b1:1a:c7:b5:ab:0d:88:d1:4a:4c:15:e4:
d3:1f:b0:59:ad:1e:9d:cf:61:44:a6:9b:ab:56:f9:
64:2d:ac:e4:c7:78:61:75:91:e5:e2:24:5b:98:d8:
47:8b:3c:5a:eb:65:32:21:07:78:d7:7c:b6:4e:08:
cc:26:05:f9:56:19:45:9e:a8:7c:69:ce:0e:24:5b:
36:b1:04:0c:ec:c4:66:5a:c5:0c:86:9a:0b:29:99:
50:4d:a8:24:a6:4f:6f:0c:da:ff:e4:ad:6e:38:10:
b4:29:83:1d:d9:d2:4c:ce:04:10:d4:b5:54:ee:9b:
bf:6c:a7:91:1a:c8:d2:7c:3f:ef:4c:02:ba:c7:e4:
fe:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:44:39:28:53:E0:AD:66:17:A0:E8:1B:E0:46:D6:50:BB:20:BC:37
X509v3 Authority Key Identifier:
keyid:89:0B:1D:EF:E8:8D:59:19:6B:CC:7B:65:26:8C:62:E8:6E:54:D4:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/iQsd7-iNWRlrzHtlJoxi6G5U1G0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQsd7-iNWRlrzHtlJoxi6G5U1G0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195F7B/A131B394BB3911EEA655417EC4F9AE02/D7FEF354562111EFA7B3F00AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.88.192.0/18
202.4.192.0/19
223.130.32.0/19
IPv6:
2405:b200::/32
Signature Algorithm: sha256WithRSAEncryption
42:c1:94:e5:ea:bc:41:63:77:4b:f1:ce:90:b4:d5:77:7e:46:
a4:02:99:30:66:94:f9:64:a2:9f:40:6e:d5:ab:79:ff:5b:ff:
d5:11:a6:cd:8e:2f:7c:24:31:9e:ef:06:bd:6c:76:ea:21:57:
d2:29:d7:53:25:ad:70:b3:07:29:74:df:c2:8b:fa:f7:6e:5a:
3e:12:6e:fb:59:ef:78:83:08:51:36:2d:65:68:82:de:3b:65:
59:9d:da:76:91:42:0b:bb:52:55:b3:fb:77:ef:be:02:94:82:
01:8a:0a:af:46:c2:a6:8a:22:00:96:9b:11:f5:e1:c4:6a:8d:
0b:58:cb:a7:be:ab:f7:59:6a:7a:0c:5a:75:c5:01:4d:f8:2f:
70:43:5f:bd:26:12:43:cf:f5:aa:e2:6e:3a:36:d8:7b:c7:d8:
bd:9e:44:af:29:d1:6d:c0:bf:4b:98:23:41:06:4e:b9:32:e4:
66:11:36:f3:58:ef:9d:a4:b9:fe:0f:63:8e:7d:cd:07:61:d6:
c9:03:02:ca:20:d9:ff:20:45:2b:fc:0a:05:e4:a0:fd:d2:db:
21:73:39:83:07:f7:87:84:a6:b3:35:72:00:e1:69:18:93:0b:
0c:95:3e:b7:05:71:c0:13:15:a5:47:1d:c2:c6:37:54:1c:5d:
43:4d:c8:f0
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIBfDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NUY3QjExMC8GA1UEBRMoODkwQjFERUZFODhENTkxOTZCQ0M3QjY1MjY4QzYyRTg2
RTU0RDQ2RDAeFw0yNDA4MDkwNzM1MjVaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2YjVjNmJjLTRkMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMsb9VQDodvWyeAYH9n1RvHGFEohcrQA2qUIy1g4eE1RjQ1fJvbx1NppP4OlQ7
VKOL3z02b9sKbFttusIF2QxotTJAZJbK1DFgm9EQCDN6ZGfPVvVFpu2Zf1cWpI/Y
XM0Qmch5CpDewPLkp7Chpzufb0RZXS0140hWsbEax7WrDYjRSkwV5NMfsFmtHp3P
YUSmm6tW+WQtrOTHeGF1keXiJFuY2EeLPFrrZTIhB3jXfLZOCMwmBflWGUWeqHxp
zg4kWzaxBAzsxGZaxQyGmgspmVBNqCSmT28M2v/krW44ELQpgx3Z0kzOBBDUtVTu
m79sp5EayNJ8P+9MArrH5P7PAgMBAAGjggKwMIICrDAdBgNVHQ4EFgQU6EQ5KFPg
rWYXoOgb4EbWULsgvDcwHwYDVR0jBBgwFoAUiQsd7+iNWRlrzHtlJoxi6G5U1G0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1RjdCL0ExMzFCMzk0QkIz
OTExRUVBNjU1NDE3RUM0RjlBRTAyL2lRc2Q3LWlOV1JscnpIdGxKb3hpNkc1VTFH
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaVFzZDctaU5XUmxyekh0bEpveGk2RzVVMUcwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NUY3Qi9BMTMxQjM5NEJCMzkxMUVFQTY1NTQxN0VDNEY5QUUwMi9EN0ZFRjM1NDU2
MjExMUVGQTdCM0YwMEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA6BggrBgEFBQcBBwEB/wQr
MCkwGAQCAAEwEgMEBnhYwAMEBcoEwAMEBd+CIDANBAIAAjAHAwUAJAWyADANBgkq
hkiG9w0BAQsFAAOCAQEAQsGU5eq8QWN3S/HOkLTVd35GpAKZMGaU+WSin0Bu1at5
/1v/1RGmzY4vfCQxnu8GvWx26iFX0inXUyWtcLMHKXTfwov6925aPhJu+1nveIMI
UTYtZWiC3jtlWZ3adpFCC7tSVbP7d+++ApSCAYoKr0bCpooiAJabEfXhxGqNC1jL
p76r91lqegxadcUBTfgvcENfvSYSQ8/1quJuOjbYe8fYvZ5ErynRbcC/S5gjQQZO
uTLkZhE281jvnaS5/g9jjn3NB2HWyQMCyiDZ/yBFK/wKBeSg/dLbIXM5gwf3h4Sm
szVyAOFpGJMLDJU+twVxwBMVpUcdwsY3VBxdQ03I8A==
-----END CERTIFICATE-----
Generated at Thu Nov 21 05:37:13 2024 by rpki-client on console-ams.rpki-client.org