Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/22F72E28725311EBA9C51756C4F9AE02.roa
File: 22F72E28725311EBA9C51756C4F9AE02.roa (raw, json)
Hash identifier: jYjWFz3EGxandnR9opo8f6aMMLeOf+7OXo3+jH6tu9c=
Subject key identifier: 99:1E:82:BC:DC:7F:26:B0:10:D7:E7:ED:A4:4D:8A:13:53:E5:D0:19
Certificate issuer: /CN=A91B477B/serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9
Certificate serial: 0605
Authority key identifier: 1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/22F72E28725311EBA9C51756C4F9AE02.roa
Signing time: Tue 30 Jul 2024 23:41:07 +0000
ROA not before: Tue 30 Jul 2024 23:41:07 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 18018
IP address blocks: 110.50.224.0/23 maxlen: 23
110.50.224.0/24 maxlen: 24
110.50.225.0/24 maxlen: 24
110.50.226.0/23 maxlen: 23
110.50.226.0/24 maxlen: 24
110.50.227.0/24 maxlen: 24
110.50.228.0/23 maxlen: 23
110.50.228.0/24 maxlen: 24
110.50.229.0/24 maxlen: 24
110.50.230.0/23 maxlen: 23
110.50.230.0/24 maxlen: 24
110.50.231.0/24 maxlen: 24
110.50.232.0/24 maxlen: 24
110.50.233.0/24 maxlen: 24
110.50.234.0/24 maxlen: 24
110.50.235.0/24 maxlen: 24
110.50.236.0/24 maxlen: 24
110.50.237.0/24 maxlen: 24
110.50.238.0/24 maxlen: 24
110.50.239.0/24 maxlen: 24
114.141.216.0/21 maxlen: 21
114.141.216.0/24 maxlen: 24
114.141.217.0/24 maxlen: 24
114.141.218.0/24 maxlen: 24
114.141.219.0/24 maxlen: 24
114.141.220.0/24 maxlen: 24
114.141.221.0/24 maxlen: 24
114.141.222.0/24 maxlen: 24
114.141.223.0/24 maxlen: 24
202.129.220.0/24 maxlen: 24
202.129.221.0/24 maxlen: 24
202.129.222.0/23 maxlen: 23
202.129.222.0/24 maxlen: 24
202.129.223.0/24 maxlen: 24
202.151.34.0/23 maxlen: 24
202.165.60.0/24 maxlen: 24
202.165.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl
rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1541 (0x605)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B477B/serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9
Validity
Not Before: Jul 30 23:41:07 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66a97a12-ec9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ae:26:11:d0:cd:65:c9:51:4e:4b:45:22:4c:
8f:c3:3c:e9:f8:1b:c3:17:03:11:64:50:2e:5b:c3:
bf:6a:62:cb:30:1a:7d:b5:f8:39:61:97:22:8b:f6:
c0:fc:50:b9:a7:d6:b9:da:8e:89:56:5b:f0:59:d0:
f1:28:d1:36:67:92:26:36:f3:11:a0:92:8f:5d:fa:
72:05:ca:ca:c2:ed:65:3d:c3:89:e4:65:60:75:6a:
3b:0b:e5:4c:d5:48:8c:73:c1:0c:82:f2:4d:a1:a9:
a0:88:f3:1d:53:a8:8a:c4:eb:07:3b:f3:a3:ac:78:
c6:ee:54:08:8f:c4:49:ed:c1:27:40:02:a5:47:b2:
eb:56:d9:ef:af:7c:f2:ed:14:e7:53:9a:fb:49:e2:
cd:20:ed:f9:03:16:42:ef:54:79:6e:4d:9d:96:51:
09:f3:3a:69:55:35:f2:a0:3f:5d:71:4f:cb:a6:10:
94:38:25:f0:5b:06:f7:eb:91:4b:4b:9e:c6:98:05:
0e:0e:7d:1e:c9:d3:f1:51:6f:d8:ed:db:24:cd:5f:
25:c1:69:ed:3c:f5:a8:9e:ee:1c:3a:3a:dd:b2:85:
b1:36:8a:f8:0d:6b:c9:0a:16:ec:c8:94:68:d5:63:
4e:61:54:21:7b:15:b0:e0:9c:dd:9e:e2:ed:cd:12:
86:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:1E:82:BC:DC:7F:26:B0:10:D7:E7:ED:A4:4D:8A:13:53:E5:D0:19
X509v3 Authority Key Identifier:
keyid:1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/22F72E28725311EBA9C51756C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.50.224.0/20
114.141.216.0/21
202.129.220.0/22
202.151.34.0/23
202.165.60.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:57:36:f1:d2:63:57:09:0f:0c:6c:5d:ab:1d:96:e3:3e:6c:
c5:dd:03:ad:7a:b8:e3:61:4e:43:45:a9:79:56:21:47:e5:8f:
08:2b:cf:cd:a5:9d:d7:37:bc:61:63:48:37:ed:6d:de:13:72:
2f:68:c4:60:56:70:fa:81:29:6c:cd:aa:92:9a:85:79:a1:c7:
68:52:fb:98:55:e3:6d:71:6f:ac:69:09:ed:ac:62:75:cf:2c:
8b:d1:72:18:f0:4b:c4:db:5e:58:90:7c:fd:e9:11:a9:31:a8:
64:55:41:7d:94:39:0e:73:32:58:fc:73:69:77:88:30:0b:27:
d5:b8:cd:96:46:e6:d8:8d:59:7f:2a:4f:5c:bc:31:b3:63:60:
2a:07:e8:6f:fa:29:26:18:b8:d6:59:92:d3:b2:c1:61:90:a2:
69:d1:2a:9e:57:fe:76:7a:89:9f:f6:a8:c3:c9:8b:06:2d:7b:
c8:f1:b6:9b:81:68:08:3e:46:5c:84:f1:1f:c8:c1:3e:9c:7e:
7c:57:3c:20:cd:b1:13:9f:eb:42:51:03:39:4f:b1:6c:ef:19:
29:94:56:88:9f:a0:7e:f2:75:1f:4c:2c:7a:4f:7c:5a:ad:61:
ab:a0:33:3e:ef:03:73:bb:78:52:9e:c0:92:f0:40:12:ae:db:
bc:6e:e2:a1
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBgUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQ3N0IxMTAvBgNVBAUTKDFGQzRERkQwMERBQzM0QThFQjg0NjNEMzk1MUMyMkEz
NDU4MzdBQzkwHhcNMjQwNzMwMjM0MTA3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE5N2ExMi1lYzliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw64mEdDNZclRTktFIkyPwzzp+BvDFwMRZFAuW8O/amLLMBp9tfg5YZcii/bA
/FC5p9a52o6JVlvwWdDxKNE2Z5ImNvMRoJKPXfpyBcrKwu1lPcOJ5GVgdWo7C+VM
1UiMc8EMgvJNoamgiPMdU6iKxOsHO/OjrHjG7lQIj8RJ7cEnQAKlR7LrVtnvr3zy
7RTnU5r7SeLNIO35AxZC71R5bk2dllEJ8zppVTXyoD9dcU/LphCUOCXwWwb365FL
S57GmAUODn0eydPxUW/Y7dskzV8lwWntPPWonu4cOjrdsoWxNor4DWvJChbsyJRo
1WNOYVQhexWw4JzdnuLtzRKGgQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFJkegrzc
fyawENfn7aRNihNT5dAZMB8GA1UdIwQYMBaAFB/E39ANrDSo64Rj05UcIqNFg3rJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDc3Qi8xQzI1NjI3MDcy
NTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05LanJoR1BUbFJ3aW8wV0Rl
c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0g4VGYwQTJzTktqcmhHUFRsUndpbzBXRGVzay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjQ3N0IvMUMyNTYyNzA3MjUwMTFFQkI2NDhGODRFQzRGOUFFMDIvMjJGNzJFMjg3
MjUzMTFFQkE5QzUxNzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBARuMuADBANyjdgDBALKgdwDBAHKlyIDBAHKpTwwDQYJKoZI
hvcNAQELBQADggEBAA1XNvHSY1cJDwxsXasdluM+bMXdA616uONhTkNFqXlWIUfl
jwgrz82lndc3vGFjSDftbd4Tci9oxGBWcPqBKWzNqpKahXmhx2hS+5hV421xb6xp
Ce2sYnXPLIvRchjwS8TbXliQfP3pEakxqGRVQX2UOQ5zMlj8c2l3iDALJ9W4zZZG
5tiNWX8qT1y8MbNjYCoH6G/6KSYYuNZZktOywWGQomnRKp5X/nZ6iZ/2qMPJiwYt
e8jxtpuBaAg+RlyE8R/IwT6cfnxXPCDNsROf60JRAzlPsWzvGSmUVoifoH7ydR9M
LHpPfFqtYaugMz7vA3O7eFKewJLwQBKu27xu4qE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:08:48 2024 by rpki-client on console-ams.rpki-client.org