Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/9B4B6C82904911EABE5F0C63C4F9AE02.roa
File: 9B4B6C82904911EABE5F0C63C4F9AE02.roa (raw, json)
Hash identifier: PeyJY8cseoRCQ1T3dMpA/vd6ZQvDMb2M8X2eQTYrfQc=
Subject key identifier: F4:BB:A9:34:1F:89:DF:9E:3F:46:C6:1A:B0:AF:76:66:2A:D9:BA:90
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 34EC
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/9B4B6C82904911EABE5F0C63C4F9AE02.roa
Signing time: Sun 02 Apr 2023 15:01:05 +0000
ROA not before: Sun 02 Apr 2023 15:01:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58895
IP address blocks: 58.181.98.0/24 maxlen: 24
59.103.30.0/23 maxlen: 24
59.103.74.0/24 maxlen: 24
59.103.152.0/23 maxlen: 24
59.103.176.0/24 maxlen: 24
59.103.178.0/23 maxlen: 23
116.71.2.0/23 maxlen: 24
119.152.48.0/22 maxlen: 22
119.152.48.0/24 maxlen: 24
119.152.49.0/24 maxlen: 24
119.152.50.0/24 maxlen: 24
119.152.51.0/24 maxlen: 24
119.152.52.0/23 maxlen: 24
119.152.54.0/24 maxlen: 24
119.152.55.0/24 maxlen: 24
119.152.56.0/24 maxlen: 24
119.152.57.0/24 maxlen: 24
119.152.58.0/24 maxlen: 24
119.152.59.0/24 maxlen: 24
119.152.60.0/24 maxlen: 24
119.152.61.0/24 maxlen: 24
119.152.62.0/24 maxlen: 24
119.152.63.0/24 maxlen: 24
119.152.96.0/20 maxlen: 20
119.152.96.0/24 maxlen: 24
119.152.97.0/24 maxlen: 24
119.152.98.0/24 maxlen: 24
119.152.99.0/24 maxlen: 24
119.152.100.0/24 maxlen: 24
119.152.101.0/24 maxlen: 24
119.152.102.0/24 maxlen: 24
119.152.103.0/24 maxlen: 24
119.152.104.0/24 maxlen: 24
119.152.105.0/24 maxlen: 24
119.152.106.0/24 maxlen: 24
119.152.107.0/24 maxlen: 24
119.152.108.0/24 maxlen: 24
119.152.109.0/24 maxlen: 24
119.152.110.0/24 maxlen: 24
119.152.111.0/24 maxlen: 24
119.152.124.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 09 Apr 2023 14:50:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13548 (0x34ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Validity
Not Before: Apr 2 15:01:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=642998b1-b065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:10:32:42:8f:23:c5:00:12:42:49:d7:4e:7e:
0a:72:66:0a:c0:29:9c:65:6b:46:ab:bf:46:45:82:
1b:0a:a0:70:cb:18:10:cc:cf:29:c5:33:b4:0b:25:
b9:01:8b:63:90:ac:aa:02:84:72:17:01:a9:89:e9:
3c:b3:ab:10:62:11:a3:fa:6f:76:0c:28:15:5f:e3:
0a:a6:10:f5:a9:aa:e1:5b:a5:05:a3:da:88:df:a3:
61:a1:df:94:40:5c:ea:9a:b6:14:fc:ea:03:d4:91:
62:2a:78:d4:e4:99:1d:92:73:b1:a5:a8:86:bf:e3:
42:6b:03:ef:c3:d1:00:93:7f:8a:f8:d7:2f:40:4d:
01:f7:f3:ee:7a:b3:a3:bd:7d:e1:4e:bf:19:af:e9:
1a:cc:5a:89:b2:ee:b1:8c:fa:94:8d:ea:8b:22:57:
c3:69:34:39:86:5a:74:c4:d8:ed:ac:dd:91:57:3c:
d5:eb:ea:e9:00:59:54:3f:23:c6:6b:3e:e7:70:b0:
4e:e4:85:85:03:fe:97:94:74:f8:9d:f1:83:be:13:
68:4f:54:9a:bf:64:97:83:d7:46:6f:c6:8b:23:2e:
16:4e:36:ba:b4:a7:42:1f:87:fb:97:f3:a5:c2:21:
d1:92:b8:65:92:db:6c:c3:9f:86:7f:8e:83:1f:b3:
1c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:BB:A9:34:1F:89:DF:9E:3F:46:C6:1A:B0:AF:76:66:2A:D9:BA:90
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/9B4B6C82904911EABE5F0C63C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.181.98.0/24
59.103.30.0/23
59.103.74.0/24
59.103.152.0/23
59.103.176.0/24
59.103.178.0/23
116.71.2.0/23
119.152.48.0/20
119.152.96.0/20
119.152.124.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:0c:5d:ae:f6:c2:b0:96:d8:08:3a:5a:27:65:59:a8:5d:a2:
da:cc:c1:67:2a:8b:8d:18:b2:ca:ef:a7:3a:8f:72:67:b1:af:
84:05:d7:91:c3:88:20:22:f9:62:ad:58:fa:69:87:06:86:a5:
3a:06:14:92:e8:ea:3f:d6:6e:b3:a4:e8:7f:fa:e8:ef:50:7e:
3c:df:25:2a:c7:01:4d:9d:06:69:f9:73:ac:cb:d6:81:7f:e1:
4b:1b:ee:4c:ee:05:89:b6:a5:f5:97:c3:03:20:1e:2d:36:3d:
fe:6e:86:34:1d:f8:4c:f4:50:cb:7e:7b:85:86:44:37:19:e6:
58:36:43:29:48:1c:df:fa:fb:46:9f:f9:88:5e:ae:b5:64:52:
a2:50:23:0b:7e:51:bf:6e:47:4d:f9:c8:22:78:82:a5:5d:23:
e7:88:93:3a:00:8f:c9:37:e4:79:a7:84:62:4e:de:4e:77:e0:
70:ff:9b:75:4b:8a:33:60:8b:24:0c:15:18:c8:9a:ea:c2:44:
6e:26:54:5e:e8:83:c2:10:2b:2e:f1:a2:ea:80:3f:49:b2:80:
b6:47:b1:ca:ec:ad:61:9f:f1:8b:69:9e:f7:b6:bc:6f:1a:cf:
d6:cd:07:13:df:b7:83:ac:92:d0:d9:3c:3b:65:9b:17:1c:bd:
be:da:9b:55
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICNOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjMwNDAyMTUwMTA1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDI5OThiMS1iMDY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAohAyQo8jxQASQknXTn4KcmYKwCmcZWtGq79GRYIbCqBwyxgQzM8pxTO0CyW5
AYtjkKyqAoRyFwGpiek8s6sQYhGj+m92DCgVX+MKphD1qarhW6UFo9qI36Nhod+U
QFzqmrYU/OoD1JFiKnjU5JkdknOxpaiGv+NCawPvw9EAk3+K+NcvQE0B9/PuerOj
vX3hTr8Zr+kazFqJsu6xjPqUjeqLIlfDaTQ5hlp0xNjtrN2RVzzV6+rpAFlUPyPG
az7ncLBO5IWFA/6XlHT4nfGDvhNoT1Sav2SXg9dGb8aLIy4WTja6tKdCH4f7l/Ol
wiHRkrhlkttsw5+Gf46DH7McSwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFPS7qTQf
id+eP0bGGrCvdmYq2bqQMB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvOUI0QjZDODI5
MDQ5MTFFQUJFNUYwQzYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBAA6tWIDBAE7Zx4DBAA7Z0oDBAE7Z5gDBAA7Z7ADBAE7Z7ID
BAF0RwIDBAR3mDADBAR3mGADBAF3mHwwDQYJKoZIhvcNAQELBQADggEBAKkMXa72
wrCW2Ag6WidlWahdotrMwWcqi40YssrvpzqPcmexr4QF15HDiCAi+WKtWPpphwaG
pToGFJLo6j/WbrOk6H/66O9QfjzfJSrHAU2dBmn5c6zL1oF/4Usb7kzuBYm2pfWX
wwMgHi02Pf5uhjQd+Ez0UMt+e4WGRDcZ5lg2QylIHN/6+0af+YherrVkUqJQIwt+
Ub9uR035yCJ4gqVdI+eIkzoAj8k35HmnhGJO3k534HD/m3VLijNgiyQMFRjImurC
RG4mVF7og8IQKy7xouqAP0mygLZHscrsrWGf8Ytpnve2vG8az9bNBxPft4OsktDZ
PDtlmxccvb7am1U=
-----END CERTIFICATE-----
Generated at Sun Apr 2 15:24:13 2023 by rpki-client on console-fra.rpki-client.org