Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/58273588C2BD11EBA13EC07AC4F9AE02.roa
File: 58273588C2BD11EBA13EC07AC4F9AE02.roa (raw, json)
Hash identifier: h2OFhBlNwJDb0RP45mwwLuzfxkB52CPnh7h95Ouyj8U=
Subject key identifier: 17:23:CE:D1:45:59:90:09:7D:E6:97:8D:1C:4C:CD:57:C8:31:57:67
Certificate issuer: /CN=A919F0DA/serialNumber=94D587B6E75BF108AF5B424922C4A8BAAB3EE946
Certificate serial: 0672
Authority key identifier: 94:D5:87:B6:E7:5B:F1:08:AF:5B:42:49:22:C4:A8:BA:AB:3E:E9:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lNWHtudb8QivW0JJIsSouqs-6UY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/58273588C2BD11EBA13EC07AC4F9AE02.roa
Signing time: Thu 22 Jun 2023 14:40:08 +0000
ROA not before: Thu 22 Jun 2023 14:40:08 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 4758
IP address blocks: 2001:4408::/32 maxlen: 32
2001:4408:4::/48 maxlen: 48
2001:4408:a::/48 maxlen: 48
2001:4408:b::/48 maxlen: 48
2001:4408:100::/48 maxlen: 48
2001:4408:200::/48 maxlen: 48
2001:4408:1080::/44 maxlen: 44
2001:4408:1100::/48 maxlen: 48
2001:4408:4000::/40 maxlen: 40
2001:4408:4400::/40 maxlen: 40
2001:4408:4800::/40 maxlen: 48
2001:4408:4a00::/40 maxlen: 40
2001:4408:4b00::/40 maxlen: 40
2001:4408:4c00::/40 maxlen: 40
2001:4408:5200::/48 maxlen: 48
2001:4408:5202::/48 maxlen: 48
2001:4408:5205::/48 maxlen: 48
2001:4408:5206::/48 maxlen: 48
2001:4408:520a::/48 maxlen: 48
2001:4408:520b::/48 maxlen: 48
2001:4408:5220::/48 maxlen: 48
2001:4408:5222::/48 maxlen: 48
2001:4408:5223::/48 maxlen: 48
2001:4408:5224::/48 maxlen: 48
2001:4408:5226::/48 maxlen: 48
2001:4408:5240::/48 maxlen: 48
2001:4408:5250::/48 maxlen: 48
2001:4408:5600::/48 maxlen: 48
2001:4408:5800::/40 maxlen: 40
2001:4408:5a00::/40 maxlen: 40
2001:4408:5c00::/40 maxlen: 40
2001:4408:5e00::/40 maxlen: 48
2001:4408:6000::/40 maxlen: 40
2001:4408:6200::/40 maxlen: 40
2001:4408:6600::/40 maxlen: 40
2001:4408:6a00::/40 maxlen: 40
2001:4408:6b00::/40 maxlen: 45
2001:4408:6c00::/40 maxlen: 40
2001:4408:6e00::/40 maxlen: 40
2001:4408:7000::/48 maxlen: 48
2001:4408:7200::/40 maxlen: 40
2001:4408:7600::/40 maxlen: 40
2001:4408:7800::/40 maxlen: 40
2001:4408:7a00::/40 maxlen: 40
2001:4408:7c00::/40 maxlen: 48
2001:4408:7e00::/40 maxlen: 40
2001:4408:7f00::/45 maxlen: 45
2001:4408:7f08::/45 maxlen: 45
2001:4408:8000::/40 maxlen: 40
2001:4408:8100::/48 maxlen: 48
2001:4408:8200::/40 maxlen: 40
2001:4408:8308::/45 maxlen: 45
2001:4408:8400::/40 maxlen: 40
2001:4408:8608::/48 maxlen: 48
2001:4408:c000::/48 maxlen: 48
2001:4408:c002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/lNWHtudb8QivW0JJIsSouqs-6UY.crl
rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/lNWHtudb8QivW0JJIsSouqs-6UY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lNWHtudb8QivW0JJIsSouqs-6UY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 14:15:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1650 (0x672)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919F0DA/serialNumber=94D587B6E75BF108AF5B424922C4A8BAAB3EE946
Validity
Not Before: Jun 22 14:40:08 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64945d48-8a1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:90:05:d6:3b:5a:a1:6c:21:6f:9f:78:b3:ee:
3c:fe:92:1d:f6:4f:1c:49:cb:df:fa:b4:68:4f:4f:
9d:4d:12:b5:97:e7:aa:7c:e8:af:ff:a9:65:6d:f9:
c6:79:72:bb:94:17:5e:2d:24:67:8c:8c:00:59:80:
cf:54:cc:3a:de:db:f5:ae:84:a4:a7:22:4d:96:0f:
ac:21:29:68:ce:ee:01:c7:71:fa:2a:3c:04:9f:f0:
60:5e:a9:57:f0:3b:9f:55:76:45:52:b4:09:8d:62:
d1:f6:f6:9d:88:ae:fd:71:85:67:a3:b3:43:fb:e8:
ca:3f:9d:43:3a:fa:f9:c7:02:72:bd:bd:f5:d0:58:
f6:1d:76:d8:cd:90:e1:98:43:db:7d:8a:4b:a8:99:
85:a6:88:b7:0c:e3:39:aa:4a:9c:53:2b:36:d9:f9:
3e:18:ca:41:de:bc:d9:12:1f:13:ac:5b:6e:d8:d6:
7d:2f:97:c8:6c:a8:31:ea:67:09:91:ed:f0:b9:20:
3c:8f:fe:37:37:c8:8f:77:fc:ef:0d:78:90:02:0b:
68:b7:0e:4e:60:e8:02:56:db:65:9d:ad:87:95:69:
69:40:59:70:07:01:67:e9:6e:b7:41:68:17:65:b7:
41:da:e0:fc:fe:a6:e4:81:37:ce:c5:3e:2c:69:4a:
33:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:23:CE:D1:45:59:90:09:7D:E6:97:8D:1C:4C:CD:57:C8:31:57:67
X509v3 Authority Key Identifier:
keyid:94:D5:87:B6:E7:5B:F1:08:AF:5B:42:49:22:C4:A8:BA:AB:3E:E9:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/lNWHtudb8QivW0JJIsSouqs-6UY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lNWHtudb8QivW0JJIsSouqs-6UY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F0DA/150D3EF41D6811E28C1828A408B02CD2/58273588C2BD11EBA13EC07AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:4408::/32
Signature Algorithm: sha256WithRSAEncryption
22:86:15:5c:0d:e6:0e:03:ea:66:24:20:12:64:f6:00:4f:19:
24:65:41:f5:62:95:81:41:cc:a2:97:3c:dd:8c:93:04:18:2e:
f1:b1:7e:06:66:41:25:8f:04:58:27:e9:5c:a5:ce:a3:45:56:
e0:6a:3a:36:c3:ca:13:74:06:34:a7:42:85:46:06:24:ea:d9:
18:e3:54:4d:a4:3f:e7:22:af:7b:f6:bb:15:a9:66:6f:84:35:
d3:63:f7:1b:6d:ca:38:28:18:d5:e3:71:2e:55:95:d3:04:e3:
c1:d3:e7:44:7e:65:8c:1a:51:90:e3:50:56:39:fc:50:9b:b0:
69:53:b2:c5:c2:7c:a1:a4:e7:94:e7:01:b7:1b:45:45:6f:c4:
47:8b:c3:bd:32:05:5a:7f:0f:a2:97:02:4e:78:ea:45:da:7d:
48:ae:0c:1f:b5:7b:fb:7e:bc:13:7b:70:10:34:cd:23:63:39:
1e:85:7a:a2:aa:ca:31:23:07:83:4f:b4:35:6e:85:b5:b3:ff:
78:a2:fc:aa:15:5e:6d:90:e2:74:e2:58:02:a7:be:e5:60:7d:
85:b9:bd:ca:af:f1:77:8c:81:c2:ef:3d:06:97:2b:56:bf:70:
52:d1:b0:bd:18:74:50:38:57:3d:41:2f:1b:61:78:36:24:67:
98:74:d5:b3
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICBnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUYwREExMTAvBgNVBAUTKDk0RDU4N0I2RTc1QkYxMDhBRjVCNDI0OTIyQzRBOEJB
QUIzRUU5NDYwHhcNMjMwNjIyMTQ0MDA4WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDk0NWQ0OC04YTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAppAF1jtaoWwhb594s+48/pId9k8cScvf+rRoT0+dTRK1l+eqfOiv/6llbfnG
eXK7lBdeLSRnjIwAWYDPVMw63tv1roSkpyJNlg+sISlozu4Bx3H6KjwEn/BgXqlX
8DufVXZFUrQJjWLR9vadiK79cYVno7ND++jKP51DOvr5xwJyvb310Fj2HXbYzZDh
mEPbfYpLqJmFpoi3DOM5qkqcUys22fk+GMpB3rzZEh8TrFtu2NZ9L5fIbKgx6mcJ
ke3wuSA8j/43N8iPd/zvDXiQAgtotw5OYOgCVttlna2HlWlpQFlwBwFn6W63QWgX
ZbdB2uD8/qbkgTfOxT4saUozPQIDAQABo4ICljCCApIwHQYDVR0OBBYEFBcjztFF
WZAJfeaXjRxMzVfIMVdnMB8GA1UdIwQYMBaAFJTVh7bnW/EIr1tCSSLEqLqrPulG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjBEQS8xNTBEM0VGNDFE
NjgxMUUyOEMxODI4QTQwOEIwMkNEMi9sTldIdHVkYjhRaXZXMEpKSXNTb3Vxcy02
VVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xOV0h0dWRiOFFpdlcwSkpJc1NvdXFzLTZVWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUYwREEvMTUwRDNFRjQxRDY4MTFFMjhDMTgyOEE0MDhCMDJDRDIvNTgyNzM1ODhD
MkJEMTFFQkExM0VDMDdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAgAUQIMA0GCSqGSIb3DQEBCwUAA4IBAQAihhVcDeYOA+pm
JCASZPYATxkkZUH1YpWBQcyilzzdjJMEGC7xsX4GZkEljwRYJ+lcpc6jRVbgajo2
w8oTdAY0p0KFRgYk6tkY41RNpD/nIq979rsVqWZvhDXTY/cbbco4KBjV43EuVZXT
BOPB0+dEfmWMGlGQ41BWOfxQm7BpU7LFwnyhpOeU5wG3G0VFb8RHi8O9MgVafw+i
lwJOeOpF2n1IrgwftXv7frwTe3AQNM0jYzkehXqiqsoxIweDT7Q1boW1s/94ovyq
FV5tkOJ04lgCp77lYH2Fub3Kr/F3jIHC7z0GlytWv3BS0bC9GHRQOFc9QS8bYXg2
JGeYdNWz
-----END CERTIFICATE-----
Generated at Thu May 16 16:14:57 2024 by rpki-client on console-fra.rpki-client.org