Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/58273588C2BD11EBA13EC07AC4F9AE02.roa
File: 58273588C2BD11EBA13EC07AC4F9AE02.roa (raw, json)
Hash identifier: 3mG/DAHD47ieP+pHQ6Ko9KqnRvDpTJqoMQIZjKg03d8=
Subject key identifier: 7F:44:0E:CE:91:B5:79:BF:8A:91:82:7F:5A:46:7A:B4:C3:8B:61:EC
Certificate issuer: /CN=A919F0DA/serialNumber=94D587B6E75BF108AF5B424922C4A8BAAB3EE946
Certificate serial: 0739
Authority key identifier: 94:D5:87:B6:E7:5B:F1:08:AF:5B:42:49:22:C4:A8:BA:AB:3E:E9:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lNWHtudb8QivW0JJIsSouqs-6UY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/58273588C2BD11EBA13EC07AC4F9AE02.roa
Signing time: Thu 04 Jul 2024 04:30:09 +0000
ROA not before: Thu 04 Jul 2024 04:30:09 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 4758
IP address blocks: 2001:4408::/32 maxlen: 32
2001:4408:4::/48 maxlen: 48
2001:4408:a::/48 maxlen: 48
2001:4408:b::/48 maxlen: 48
2001:4408:100::/48 maxlen: 48
2001:4408:200::/48 maxlen: 48
2001:4408:1080::/44 maxlen: 44
2001:4408:1100::/48 maxlen: 48
2001:4408:4000::/40 maxlen: 40
2001:4408:4400::/40 maxlen: 40
2001:4408:4800::/40 maxlen: 48
2001:4408:4a00::/40 maxlen: 40
2001:4408:4b00::/40 maxlen: 40
2001:4408:4c00::/40 maxlen: 40
2001:4408:5200::/48 maxlen: 48
2001:4408:5202::/48 maxlen: 48
2001:4408:5205::/48 maxlen: 48
2001:4408:5206::/48 maxlen: 48
2001:4408:520a::/48 maxlen: 48
2001:4408:520b::/48 maxlen: 48
2001:4408:5220::/48 maxlen: 48
2001:4408:5222::/48 maxlen: 48
2001:4408:5223::/48 maxlen: 48
2001:4408:5224::/48 maxlen: 48
2001:4408:5226::/48 maxlen: 48
2001:4408:5240::/48 maxlen: 48
2001:4408:5250::/48 maxlen: 48
2001:4408:5600::/48 maxlen: 48
2001:4408:5800::/40 maxlen: 40
2001:4408:5a00::/40 maxlen: 40
2001:4408:5c00::/40 maxlen: 40
2001:4408:5e00::/40 maxlen: 48
2001:4408:6000::/40 maxlen: 40
2001:4408:6200::/40 maxlen: 40
2001:4408:6600::/40 maxlen: 40
2001:4408:6a00::/40 maxlen: 40
2001:4408:6b00::/40 maxlen: 45
2001:4408:6c00::/40 maxlen: 40
2001:4408:6e00::/40 maxlen: 40
2001:4408:7000::/48 maxlen: 48
2001:4408:7200::/40 maxlen: 40
2001:4408:7600::/40 maxlen: 40
2001:4408:7800::/40 maxlen: 40
2001:4408:7a00::/40 maxlen: 40
2001:4408:7c00::/40 maxlen: 48
2001:4408:7e00::/40 maxlen: 40
2001:4408:7f00::/45 maxlen: 45
2001:4408:7f08::/45 maxlen: 45
2001:4408:8000::/40 maxlen: 40
2001:4408:8100::/48 maxlen: 48
2001:4408:8200::/40 maxlen: 40
2001:4408:8308::/45 maxlen: 45
2001:4408:8400::/40 maxlen: 40
2001:4408:8608::/48 maxlen: 48
2001:4408:c000::/48 maxlen: 48
2001:4408:c002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/lNWHtudb8QivW0JJIsSouqs-6UY.crl
rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/lNWHtudb8QivW0JJIsSouqs-6UY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lNWHtudb8QivW0JJIsSouqs-6UY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:15:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1849 (0x739)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919F0DA/serialNumber=94D587B6E75BF108AF5B424922C4A8BAAB3EE946
Validity
Not Before: Jul 4 04:30:09 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66862551-1658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:aa:9c:8d:6c:00:1f:92:f8:4b:d2:72:f7:c1:
41:95:79:86:e3:12:fd:35:56:9f:ea:5f:5b:d3:e4:
3f:5c:e0:e3:df:6e:8f:7c:18:fb:4f:cc:30:ee:8b:
77:e8:64:39:21:84:5e:2f:e5:2d:2e:fb:5f:1c:94:
bd:eb:ba:24:cd:94:f0:fa:5e:9a:c0:71:f9:5f:87:
4b:ae:47:01:2a:cf:e4:83:c9:ce:59:91:52:0d:95:
65:49:8e:fe:38:c8:81:3d:de:b9:e2:d9:8f:6a:59:
2a:e5:e3:5d:e2:71:c0:6b:5d:4c:43:6e:1f:d4:20:
be:cb:aa:82:4b:22:c5:2e:c0:0f:7c:dd:c5:87:0f:
5b:eb:ac:7a:25:b4:a2:ac:6c:f8:be:f0:93:47:9f:
b0:eb:37:28:21:bf:8a:a7:20:14:5d:c1:bb:00:bb:
a0:bc:98:53:9a:06:23:57:b3:a0:a5:41:e4:63:d2:
bd:b1:b5:5e:70:e5:28:28:ae:05:8f:86:36:f0:6a:
ae:e0:40:00:21:25:cc:e8:a0:f2:11:63:7d:00:ae:
96:36:c2:86:70:01:2f:a5:6a:23:cb:56:95:86:0e:
63:7a:39:0f:f1:0b:0c:07:52:dd:d4:e9:b5:ca:a0:
1c:24:00:61:c9:7b:3d:c0:14:4c:1a:7e:fd:a4:61:
44:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:44:0E:CE:91:B5:79:BF:8A:91:82:7F:5A:46:7A:B4:C3:8B:61:EC
X509v3 Authority Key Identifier:
keyid:94:D5:87:B6:E7:5B:F1:08:AF:5B:42:49:22:C4:A8:BA:AB:3E:E9:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/lNWHtudb8QivW0JJIsSouqs-6UY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lNWHtudb8QivW0JJIsSouqs-6UY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/58273588C2BD11EBA13EC07AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:4408::/32
Signature Algorithm: sha256WithRSAEncryption
9e:41:94:07:99:8b:31:1c:43:f2:8e:c1:05:6c:24:0d:bc:0b:
5d:00:03:21:19:ae:c7:48:68:08:c5:92:ec:f8:c4:b4:bd:60:
cd:7d:34:9f:d1:37:23:7e:b0:dd:9d:8d:9d:17:23:19:06:00:
84:f0:1e:83:ce:11:b4:9a:71:11:63:6b:26:1b:d6:0f:49:0e:
25:d7:39:10:f7:5c:53:ee:c0:34:c8:5f:55:51:16:cb:c3:b0:
8d:0c:2f:0a:1f:b2:30:6e:6a:09:f2:fd:5d:8d:9d:39:1c:3d:
6f:d5:2a:87:7f:1c:40:1a:71:d5:ba:aa:ad:a2:b2:f6:26:26:
89:6f:28:50:4f:34:f5:7d:3a:44:bd:6b:64:bc:2b:ba:66:7c:
87:1f:45:7f:1b:c1:24:dd:95:a4:7e:74:1c:15:42:be:04:11:
4b:8a:48:45:00:32:3d:7c:e2:7d:33:f4:70:6e:86:5d:fd:06:
e0:c4:71:68:a3:a4:52:07:3b:00:06:b4:a0:3a:90:31:5b:81:
28:c0:8e:1d:82:76:81:84:a8:64:a0:53:9d:bd:a1:a5:25:e7:
3c:bb:2c:12:30:0e:59:b0:4d:48:f5:ee:f5:13:af:c3:18:31:
3c:09:ed:07:14:8f:15:c7:b0:38:ce:42:bf:0c:c5:5e:4a:f0:
f2:8c:bf:34
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICBzkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUYwREExMTAvBgNVBAUTKDk0RDU4N0I2RTc1QkYxMDhBRjVCNDI0OTIyQzRBOEJB
QUIzRUU5NDYwHhcNMjQwNzA0MDQzMDA5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg2MjU1MS0xNjU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3KqcjWwAH5L4S9Jy98FBlXmG4xL9NVaf6l9b0+Q/XODj326PfBj7T8ww7ot3
6GQ5IYReL+UtLvtfHJS967okzZTw+l6awHH5X4dLrkcBKs/kg8nOWZFSDZVlSY7+
OMiBPd654tmPalkq5eNd4nHAa11MQ24f1CC+y6qCSyLFLsAPfN3Fhw9b66x6JbSi
rGz4vvCTR5+w6zcoIb+KpyAUXcG7ALugvJhTmgYjV7OgpUHkY9K9sbVecOUoKK4F
j4Y28Gqu4EAAISXM6KDyEWN9AK6WNsKGcAEvpWojy1aVhg5jejkP8QsMB1Ld1Om1
yqAcJABhyXs9wBRMGn79pGFESQIDAQABo4ICljCCApIwHQYDVR0OBBYEFH9EDs6R
tXm/ipGCf1pGerTDi2HsMB8GA1UdIwQYMBaAFJTVh7bnW/EIr1tCSSLEqLqrPulG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjBEQS8xNTBEM0VGNDFE
NjgxMUUyOEMxODI4QTQwOEIwMkNEMi9sTldIdHVkYjhRaXZXMEpKSXNTb3Vxcy02
VVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xOV0h0dWRiOFFpdlcwSkpJc1NvdXFzLTZVWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUYwREEvMTUwRDNFRjQxRDY4MTFFMjhDMTgyOEE0MDhCMDJDRDIvNTgyNzM1ODhD
MkJEMTFFQkExM0VDMDdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAgAUQIMA0GCSqGSIb3DQEBCwUAA4IBAQCeQZQHmYsxHEPy
jsEFbCQNvAtdAAMhGa7HSGgIxZLs+MS0vWDNfTSf0TcjfrDdnY2dFyMZBgCE8B6D
zhG0mnERY2smG9YPSQ4l1zkQ91xT7sA0yF9VURbLw7CNDC8KH7IwbmoJ8v1djZ05
HD1v1SqHfxxAGnHVuqqtorL2JiaJbyhQTzT1fTpEvWtkvCu6ZnyHH0V/G8Ek3ZWk
fnQcFUK+BBFLikhFADI9fOJ9M/RwboZd/QbgxHFoo6RSBzsABrSgOpAxW4EowI4d
gnaBhKhkoFOdvaGlJec8uywSMA5ZsE1I9e71E6/DGDE8Ce0HFI8Vx7A4zkK/DMVe
SvDyjL80
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:49:58 2024 by rpki-client on console-ams.rpki-client.org