Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/22F72E28725311EBA9C51756C4F9AE02.roa
File: 22F72E28725311EBA9C51756C4F9AE02.roa (raw, json)
Hash identifier: U8yOqqyinkGohtgaJVbN4ufpnUUgzbbWeO85VJ52bis=
Subject key identifier: 25:D3:E0:5D:C4:E4:A3:64:F8:D0:88:9E:D0:47:B3:91:4D:19:71:D3
Certificate issuer: /CN=A91B477B/serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9
Certificate serial: 0550
Authority key identifier: 1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/22F72E28725311EBA9C51756C4F9AE02.roa
Signing time: Wed 16 Aug 2023 23:41:00 +0000
ROA not before: Wed 16 Aug 2023 23:41:00 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 18018
IP address blocks: 110.50.224.0/23 maxlen: 23
110.50.224.0/24 maxlen: 24
110.50.225.0/24 maxlen: 24
110.50.226.0/23 maxlen: 23
110.50.226.0/24 maxlen: 24
110.50.227.0/24 maxlen: 24
110.50.228.0/23 maxlen: 23
110.50.228.0/24 maxlen: 24
110.50.229.0/24 maxlen: 24
110.50.230.0/23 maxlen: 23
110.50.230.0/24 maxlen: 24
110.50.231.0/24 maxlen: 24
110.50.232.0/24 maxlen: 24
110.50.233.0/24 maxlen: 24
110.50.234.0/24 maxlen: 24
110.50.235.0/24 maxlen: 24
110.50.236.0/24 maxlen: 24
110.50.237.0/24 maxlen: 24
110.50.238.0/24 maxlen: 24
110.50.239.0/24 maxlen: 24
114.141.216.0/21 maxlen: 21
114.141.216.0/24 maxlen: 24
114.141.217.0/24 maxlen: 24
114.141.218.0/24 maxlen: 24
114.141.219.0/24 maxlen: 24
114.141.220.0/24 maxlen: 24
114.141.221.0/24 maxlen: 24
114.141.222.0/24 maxlen: 24
114.141.223.0/24 maxlen: 24
202.129.220.0/24 maxlen: 24
202.129.221.0/24 maxlen: 24
202.129.222.0/23 maxlen: 23
202.129.222.0/24 maxlen: 24
202.129.223.0/24 maxlen: 24
202.151.34.0/23 maxlen: 24
202.165.60.0/24 maxlen: 24
202.165.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl
rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 19:51:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1360 (0x550)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B477B/serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9
Validity
Not Before: Aug 16 23:41:00 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64dd5e8c-53fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:73:f3:6b:2a:fa:44:4e:59:3b:46:64:46:c4:
f5:49:6c:6b:47:81:64:29:03:04:a0:f2:9d:3d:5d:
01:92:06:00:95:bb:12:22:7b:fd:5e:81:64:ca:fd:
7e:1c:07:e2:e8:6b:69:0f:54:0c:be:2f:bb:8e:16:
4b:d9:31:ca:e3:07:10:60:92:94:f1:66:50:a4:54:
88:4f:54:68:3e:86:b4:34:2c:f2:56:25:c5:b0:c4:
8a:82:62:14:e1:ea:85:32:00:a9:13:7e:4a:1c:fd:
29:58:b0:19:25:49:f4:67:13:79:b0:82:f0:96:d2:
83:e4:b8:06:66:e6:f8:01:18:30:a2:12:5a:bc:fc:
2c:a4:bf:f7:81:3f:74:3a:c7:34:d9:95:28:d3:4b:
29:22:be:dc:01:53:8b:17:46:ac:39:ed:9a:50:6c:
8f:80:f6:50:6d:a4:8a:3d:f8:70:2b:e6:49:f0:aa:
93:d6:bd:98:fc:6d:85:ff:76:8e:99:b9:af:6f:f6:
8a:97:90:52:30:cc:41:25:f8:3c:75:a7:c4:51:58:
5a:14:3b:4e:aa:11:23:f5:be:54:06:a2:2b:cb:67:
42:e2:ec:bf:e3:98:18:12:03:64:2f:58:fd:ad:e7:
1e:c7:29:3e:69:ae:58:a1:a9:cc:30:36:13:73:b8:
a7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D3:E0:5D:C4:E4:A3:64:F8:D0:88:9E:D0:47:B3:91:4D:19:71:D3
X509v3 Authority Key Identifier:
keyid:1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/22F72E28725311EBA9C51756C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.50.224.0/20
114.141.216.0/21
202.129.220.0/22
202.151.34.0/23
202.165.60.0/23
Signature Algorithm: sha256WithRSAEncryption
49:f8:a1:5e:41:61:e3:a9:e6:34:e0:29:62:1e:74:60:3f:30:
22:a2:7a:ce:c0:dc:14:d1:a9:a0:4e:a4:cd:64:35:55:a3:48:
5a:7a:ee:7d:ea:b1:9c:52:93:ed:4c:10:eb:c2:2b:19:5a:0f:
e2:62:5f:78:a9:fb:49:62:8c:f6:fc:4a:d6:40:5b:67:9a:04:
59:cd:aa:96:c5:ed:3f:8c:12:19:a7:f9:b6:79:49:58:0c:e2:
51:d2:19:a3:8e:79:dc:05:55:17:c5:0f:b9:0a:06:d2:f8:18:
a1:7e:d8:1f:a9:30:2c:bc:d6:94:3c:c1:40:12:6f:2a:cf:ad:
9c:c8:88:5a:1a:b2:a7:fe:1b:99:43:df:20:a9:95:f9:e4:2a:
86:05:b6:0c:e5:c5:4b:3c:55:a9:2e:0a:ef:15:8b:d1:b4:fb:
1d:f1:ae:c0:04:c5:59:b5:bf:82:d7:be:12:ba:fe:60:71:8e:
6c:e4:dc:d6:61:fe:74:6c:ac:c3:66:38:90:38:6b:1c:3e:6b:
d8:0b:84:fe:81:57:5b:b2:32:e0:ea:3b:d8:19:ac:ef:3e:1f:
9e:e3:cd:8a:09:3e:96:1b:02:d7:ca:3b:ec:15:30:d9:48:65:
ad:46:f9:76:f0:ea:2a:d7:31:58:78:f3:ea:b4:d8:86:23:bf:
25:15:14:aa
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQ3N0IxMTAvBgNVBAUTKDFGQzRERkQwMERBQzM0QThFQjg0NjNEMzk1MUMyMkEz
NDU4MzdBQzkwHhcNMjMwODE2MjM0MTAwWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRkNWU4Yy01M2ZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtnPzayr6RE5ZO0ZkRsT1SWxrR4FkKQMEoPKdPV0BkgYAlbsSInv9XoFkyv1+
HAfi6GtpD1QMvi+7jhZL2THK4wcQYJKU8WZQpFSIT1RoPoa0NCzyViXFsMSKgmIU
4eqFMgCpE35KHP0pWLAZJUn0ZxN5sILwltKD5LgGZub4ARgwohJavPwspL/3gT90
Osc02ZUo00spIr7cAVOLF0asOe2aUGyPgPZQbaSKPfhwK+ZJ8KqT1r2Y/G2F/3aO
mbmvb/aKl5BSMMxBJfg8dafEUVhaFDtOqhEj9b5UBqIry2dC4uy/45gYEgNkL1j9
recexyk+aa5YoanMMDYTc7inOwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFCXT4F3E
5KNk+NCIntBHs5FNGXHTMB8GA1UdIwQYMBaAFB/E39ANrDSo64Rj05UcIqNFg3rJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDc3Qi8xQzI1NjI3MDcy
NTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05LanJoR1BUbFJ3aW8wV0Rl
c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0g4VGYwQTJzTktqcmhHUFRsUndpbzBXRGVzay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjQ3N0IvMUMyNTYyNzA3MjUwMTFFQkI2NDhGODRFQzRGOUFFMDIvMjJGNzJFMjg3
MjUzMTFFQkE5QzUxNzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBARuMuADBANyjdgDBALKgdwDBAHKlyIDBAHKpTwwDQYJKoZI
hvcNAQELBQADggEBAEn4oV5BYeOp5jTgKWIedGA/MCKies7A3BTRqaBOpM1kNVWj
SFp67n3qsZxSk+1MEOvCKxlaD+JiX3ip+0lijPb8StZAW2eaBFnNqpbF7T+MEhmn
+bZ5SVgM4lHSGaOOedwFVRfFD7kKBtL4GKF+2B+pMCy81pQ8wUASbyrPrZzIiFoa
sqf+G5lD3yCplfnkKoYFtgzlxUs8VakuCu8Vi9G0+x3xrsAExVm1v4LXvhK6/mBx
jmzk3NZh/nRsrMNmOJA4axw+a9gLhP6BV1uyMuDqO9gZrO8+H57jzYoJPpYbAtfK
O+wVMNlIZa1G+Xbw6irXMVh48+q02IYjvyUVFKo=
-----END CERTIFICATE-----
Generated at Sun May 19 01:47:15 2024 by rpki-client on console-ams.rpki-client.org