Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/653CF2F6F25A11E9937D9D73C4F9AE02.roa
File: 653CF2F6F25A11E9937D9D73C4F9AE02.roa (raw, json)
Hash identifier: hHf2SbMW3u32L4IvHDMk8yx84zsf4PVX3irK53Ib1xc=
Subject key identifier: 8D:3E:C1:0F:B6:8B:61:7F:ED:7B:9D:32:4A:44:A5:51:AF:A2:63:60
Certificate issuer: /CN=A919A998/serialNumber=5EA1A7B802E7E7EFC77CA1A38E52F72ACD463930
Certificate serial: 0C0F
Authority key identifier: 5E:A1:A7:B8:02:E7:E7:EF:C7:7C:A1:A3:8E:52:F7:2A:CD:46:39:30
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqGnuALn5-_HfKGjjlL3Ks1GOTA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/653CF2F6F25A11E9937D9D73C4F9AE02.roa
Signing time: Thu 02 May 2024 14:27:01 +0000
ROA not before: Thu 02 May 2024 14:27:01 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 58715
IP address blocks: 45.113.132.0/22 maxlen: 24
59.152.96.0/20 maxlen: 24
103.21.40.0/22 maxlen: 24
103.85.156.0/22 maxlen: 24
144.48.116.0/22 maxlen: 24
182.48.64.0/19 maxlen: 24
2404:4f80::/32 maxlen: 36
2404:4f80::/48 maxlen: 48
2404:4f80:f::/48 maxlen: 48
2404:4f80:10::/48 maxlen: 48
2404:4f80:11::/48 maxlen: 48
2404:4f80:12::/48 maxlen: 48
2404:4f80:13::/48 maxlen: 48
2404:4f80:14::/48 maxlen: 48
2404:4f80:15::/48 maxlen: 48
2404:4f80:16::/48 maxlen: 48
2404:4f80:17::/48 maxlen: 48
2404:4f80:18::/48 maxlen: 48
2404:4f80:19::/48 maxlen: 48
2404:4f80:1a::/48 maxlen: 48
2404:4f80:1b::/48 maxlen: 48
2404:4f80:30::/48 maxlen: 48
2404:4f80:31::/48 maxlen: 48
2404:4f80:32::/48 maxlen: 48
2404:4f80:33::/48 maxlen: 48
2404:4f80:34::/48 maxlen: 48
2404:4f80:35::/48 maxlen: 48
2404:4f80:36::/48 maxlen: 48
2404:4f80:37::/48 maxlen: 48
2404:4f80:38::/48 maxlen: 48
2404:4f80:39::/48 maxlen: 48
2404:4f80:3a::/48 maxlen: 48
2404:4f80:3b::/48 maxlen: 48
2404:4f80:3c::/48 maxlen: 48
2404:4f80:3d::/48 maxlen: 48
2404:4f80:73::/48 maxlen: 48
2404:4f80:31f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.crl
rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqGnuALn5-_HfKGjjlL3Ks1GOTA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3087 (0xc0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919A998/serialNumber=5EA1A7B802E7E7EFC77CA1A38E52F72ACD463930
Validity
Not Before: May 2 14:27:01 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6633a2b4-198c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2e:17:c0:2b:24:d8:1a:4a:0f:a1:05:4a:71:
5a:f4:65:48:74:37:7a:ce:94:fa:3e:4b:66:c5:e7:
60:d1:d2:d5:0f:0a:97:a9:92:6e:3c:29:10:94:03:
f4:a0:ab:7d:c1:8b:66:8a:e3:da:06:55:86:36:09:
5d:31:06:d4:03:2f:29:21:32:0e:46:b0:7e:d5:1e:
68:6c:04:0a:69:2b:7e:2c:81:78:42:e2:c8:25:31:
62:0b:55:cc:70:13:3a:60:8d:ed:ee:a9:c1:2d:2d:
41:df:33:de:42:08:49:be:46:e0:d0:9b:ef:14:9f:
18:6f:bc:0f:c4:47:3f:f2:11:b1:1c:4b:9d:da:ae:
da:08:cc:ff:e8:76:5f:cf:3d:37:ed:72:d7:51:6d:
98:95:72:8f:e7:3c:e1:ca:c3:fe:d6:47:9f:09:4c:
78:08:e9:bf:e7:67:da:31:21:30:35:6f:e7:92:7c:
60:03:66:96:88:b7:9d:1f:c1:41:a3:c7:62:1c:bb:
93:c6:13:59:9a:37:86:a0:ad:8e:8e:a4:48:dc:9d:
0b:d6:f5:0f:99:fc:43:1e:b7:a1:57:33:72:9a:ac:
39:92:28:13:c4:da:c6:7e:4d:23:c8:59:e3:c5:10:
8e:97:5f:60:d1:71:2e:c8:83:ea:8a:81:b5:b8:d5:
49:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:3E:C1:0F:B6:8B:61:7F:ED:7B:9D:32:4A:44:A5:51:AF:A2:63:60
X509v3 Authority Key Identifier:
keyid:5E:A1:A7:B8:02:E7:E7:EF:C7:7C:A1:A3:8E:52:F7:2A:CD:46:39:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/XqGnuALn5-_HfKGjjlL3Ks1GOTA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XqGnuALn5-_HfKGjjlL3Ks1GOTA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A998/AB34FBD4F25811E9B75E3C70C4F9AE02/653CF2F6F25A11E9937D9D73C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.113.132.0/22
59.152.96.0/20
103.21.40.0/22
103.85.156.0/22
144.48.116.0/22
182.48.64.0/19
IPv6:
2404:4f80::/32
Signature Algorithm: sha256WithRSAEncryption
30:b0:81:c2:f0:6e:7a:d4:b2:2c:d0:27:ff:ca:6c:cb:f0:61:
08:b6:13:af:14:11:72:be:70:20:29:cb:02:02:72:3d:a3:f9:
99:25:43:c7:be:f0:31:71:de:73:ad:d8:47:a4:24:85:e7:55:
6a:3f:40:38:13:0b:4c:fc:b6:fb:59:62:06:1c:1a:df:fe:e7:
e9:2f:0e:22:87:7e:21:65:ac:dc:b6:08:b1:6b:42:dc:bf:c7:
46:84:b9:50:e6:55:01:b7:12:e9:cf:fc:10:8c:e4:c6:08:05:
3f:8e:32:34:84:c9:6f:2f:17:66:5a:ab:7c:e9:a3:90:1b:a1:
fe:98:df:82:ef:da:61:78:4f:59:89:fe:ce:76:d6:72:b1:be:
9b:23:a4:f5:db:70:37:c4:e2:a4:3d:b2:2d:b0:3e:a2:08:e6:
11:af:30:24:7a:53:0e:66:5f:73:34:53:26:58:96:30:b7:26:
e5:b7:45:f1:c1:75:66:3c:32:d1:ac:b5:53:3e:ea:c9:75:3f:
a8:41:6e:34:2b:b6:83:fa:2a:2b:31:1e:d2:3d:9e:14:0a:6c:
2d:f4:06:d9:d7:82:99:b6:5a:ba:15:03:8a:b3:45:b5:9a:da:
92:90:85:86:bd:9b:8b:1a:1a:d9:e7:67:28:da:a0:ff:1b:88:
17:c4:dd:15
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICDA8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUE5OTgxMTAvBgNVBAUTKDVFQTFBN0I4MDJFN0U3RUZDNzdDQTFBMzhFNTJGNzJB
Q0Q0NjM5MzAwHhcNMjQwNTAyMTQyNzAxWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMzYTJiNC0xOThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxy4XwCsk2BpKD6EFSnFa9GVIdDd6zpT6Pktmxedg0dLVDwqXqZJuPCkQlAP0
oKt9wYtmiuPaBlWGNgldMQbUAy8pITIORrB+1R5obAQKaSt+LIF4QuLIJTFiC1XM
cBM6YI3t7qnBLS1B3zPeQghJvkbg0JvvFJ8Yb7wPxEc/8hGxHEud2q7aCMz/6HZf
zz037XLXUW2YlXKP5zzhysP+1kefCUx4COm/52faMSEwNW/nknxgA2aWiLedH8FB
o8diHLuTxhNZmjeGoK2OjqRI3J0L1vUPmfxDHrehVzNymqw5kigTxNrGfk0jyFnj
xRCOl19g0XEuyIPqioG1uNVJDwIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFI0+wQ+2
i2F/7XudMkpEpVGvomNgMB8GA1UdIwQYMBaAFF6hp7gC5+fvx3yho45S9yrNRjkw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTk5OC9BQjM0RkJENEYy
NTgxMUU5Qjc1RTNDNzBDNEY5QUUwMi9YcUdudUFMbjUtX0hmS0dqamxMM0tzMUdP
VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hxR251QUxuNS1fSGZLR2pqbEwzS3MxR09UQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUE5OTgvQUIzNEZCRDRGMjU4MTFFOUI3NUUzQzcwQzRGOUFFMDIvNjUzQ0YyRjZG
MjVBMTFFOTkzN0Q5RDczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTAYIKwYBBQUHAQcBAf8E
PTA7MCoEAgABMCQDBAItcYQDBAQ7mGADBAJnFSgDBAJnVZwDBAKQMHQDBAW2MEAw
DQQCAAIwBwMFACQET4AwDQYJKoZIhvcNAQELBQADggEBADCwgcLwbnrUsizQJ//K
bMvwYQi2E68UEXK+cCApywICcj2j+ZklQ8e+8DFx3nOt2EekJIXnVWo/QDgTC0z8
tvtZYgYcGt/+5+kvDiKHfiFlrNy2CLFrQty/x0aEuVDmVQG3EunP/BCM5MYIBT+O
MjSEyW8vF2Zaq3zpo5Abof6Y34Lv2mF4T1mJ/s521nKxvpsjpPXbcDfE4qQ9si2w
PqII5hGvMCR6Uw5mX3M0UyZYljC3JuW3RfHBdWY8MtGstVM+6sl1P6hBbjQrtoP6
KisxHtI9nhQKbC30BtnXgpm2WroVA4qzRbWa2pKQhYa9m4saGtnnZyjaoP8biBfE
3RU=
-----END CERTIFICATE-----
Generated at Wed May 8 21:04:01 2024 by rpki-client on console-fra.rpki-client.org