Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/EAF94CBAA65911EFBBA8C461C4F9AE02.roa
File: EAF94CBAA65911EFBBA8C461C4F9AE02.roa (raw, json)
Hash identifier: RAtGxpgU/FP9prf8UYDx30gl4r/OdAIzofcBMGz27eA=
Subject key identifier: 8C:46:94:86:49:94:75:1A:7E:58:4A:85:21:36:C0:9F:28:CD:53:E9
Certificate issuer: /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial: 1D86
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/EAF94CBAA65911EFBBA8C461C4F9AE02.roa
Signing time: Tue 19 Nov 2024 17:05:12 +0000
ROA not before: Tue 19 Nov 2024 17:05:12 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 213990
IP address blocks: 113.203.208.0/24 maxlen: 24
113.203.209.0/24 maxlen: 24
113.203.212.0/24 maxlen: 24
113.203.233.0/24 maxlen: 24
113.203.242.0/24 maxlen: 24
113.203.245.0/24 maxlen: 24
115.167.6.0/24 maxlen: 24
115.167.16.0/22 maxlen: 22
115.167.60.0/23 maxlen: 23
115.167.62.0/23 maxlen: 23
115.167.102.0/24 maxlen: 24
175.110.64.0/22 maxlen: 22
175.110.89.0/24 maxlen: 24
175.110.91.0/24 maxlen: 24
175.110.105.0/24 maxlen: 24
180.178.146.0/24 maxlen: 24
180.178.164.0/24 maxlen: 24
180.178.190.0/24 maxlen: 24
223.29.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 06:14:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7558 (0x1d86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Validity
Not Before: Nov 19 17:05:12 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=673cc547-cbce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:48:8e:67:c9:a7:49:5e:f2:12:a5:b5:a8:3d:
9b:ad:ca:ff:4a:41:44:70:26:f4:a7:28:d9:b2:c4:
25:41:03:54:0f:b6:06:66:20:d8:5a:71:d8:a6:1f:
5d:ba:22:1b:56:aa:35:be:b6:c8:49:0c:8a:48:0b:
5c:9a:5b:48:e7:bb:39:82:78:76:88:1e:fe:eb:8a:
8c:67:f4:4f:1b:fd:1f:2f:1c:61:6f:6f:a2:db:5d:
1a:83:35:f4:3a:43:cb:b0:da:a9:b4:ff:e7:e8:13:
90:19:5d:c8:f7:ae:c7:dd:46:10:9b:f0:00:13:50:
21:ea:f8:1f:16:c8:26:e6:54:02:5d:e4:9e:db:3b:
c0:5c:42:46:e6:2f:03:c6:a6:71:5c:c9:39:3e:49:
57:36:e1:8b:24:94:1a:bf:7b:51:79:77:71:55:51:
91:3a:47:ff:d4:dc:c2:c4:98:92:f9:49:e7:cd:2c:
15:d6:95:83:25:95:d2:9b:bb:4e:71:34:12:92:29:
29:c1:4d:37:c2:e9:a5:4e:d8:49:b8:20:34:0b:44:
9d:13:af:ce:87:91:16:3a:04:39:91:5e:2f:70:fc:
ca:ab:24:2b:6d:ab:b3:1e:18:8c:51:5d:7f:f0:ff:
06:31:2d:b3:cf:b6:75:14:64:a4:6a:0c:3b:ff:75:
ec:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:46:94:86:49:94:75:1A:7E:58:4A:85:21:36:C0:9F:28:CD:53:E9
X509v3 Authority Key Identifier:
keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/EAF94CBAA65911EFBBA8C461C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.203.208.0/23
113.203.212.0/24
113.203.233.0/24
113.203.242.0/24
113.203.245.0/24
115.167.6.0/24
115.167.16.0/22
115.167.60.0/22
115.167.102.0/24
175.110.64.0/22
175.110.89.0/24
175.110.91.0/24
175.110.105.0/24
180.178.146.0/24
180.178.164.0/24
180.178.190.0/24
223.29.226.0/24
Signature Algorithm: sha256WithRSAEncryption
45:e0:f6:e5:59:f0:b8:8d:65:f1:2a:92:b4:a0:5c:05:ff:7f:
92:c5:19:ec:39:e7:0f:6a:df:76:23:9e:2b:06:95:72:c1:bd:
9c:f7:7a:27:b0:d0:4b:33:26:3e:73:4d:09:87:30:76:0e:6b:
18:41:06:94:52:48:1a:f4:b0:97:6e:9e:c4:88:2b:47:31:ba:
96:d3:81:62:bc:a1:25:2d:b7:0d:16:00:26:b0:b1:48:34:30:
b9:14:cb:8d:2a:53:c7:83:0d:39:55:d7:42:af:90:a1:12:df:
e5:8a:be:71:2a:57:7a:5b:7d:ce:1c:b3:67:ea:93:28:c3:ff:
f9:4e:58:26:6e:44:97:d6:67:b7:1c:4e:70:12:0b:2c:7a:1c:
b6:e9:0f:28:d2:73:2b:11:32:5c:ce:fb:33:71:dd:7c:05:2a:
9d:d2:b3:0f:1c:31:ba:7c:82:7e:0a:0d:27:b1:51:46:90:76:
2c:20:52:c6:9a:4b:06:31:af:63:9d:bd:94:72:0e:d2:c4:8a:
5d:fb:f7:57:97:cd:f7:89:14:33:7c:8a:ce:15:c7:7d:64:6a:
e1:8c:ff:46:7d:07:ff:fd:9a:ed:df:03:00:63:3b:5c:0c:27:
de:16:47:45:e0:a3:5c:4c:cb:28:28:06:ab:32:49:34:02:8f:
3b:1c:76:2c
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgICHYYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjQxMTE5MTcwNTEyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNjYzU0Ny1jYmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyUiOZ8mnSV7yEqW1qD2brcr/SkFEcCb0pyjZssQlQQNUD7YGZiDYWnHYph9d
uiIbVqo1vrbISQyKSAtcmltI57s5gnh2iB7+64qMZ/RPG/0fLxxhb2+i210agzX0
OkPLsNqptP/n6BOQGV3I967H3UYQm/AAE1Ah6vgfFsgm5lQCXeSe2zvAXEJG5i8D
xqZxXMk5PklXNuGLJJQav3tReXdxVVGROkf/1NzCxJiS+UnnzSwV1pWDJZXSm7tO
cTQSkikpwU03wumlTthJuCA0C0SdE6/Oh5EWOgQ5kV4vcPzKqyQrbauzHhiMUV1/
8P8GMS2zz7Z1FGSkagw7/3Xs2QIDAQABo4IC9TCCAvEwHQYDVR0OBBYEFIxGlIZJ
lHUaflhKhSE2wJ8ozVPpMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRUFGOTRDQkFB
NjU5MTFFRkJCQThDNDYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfwYIKwYBBQUHAQcBAf8E
cDBuMGwEAgABMGYDBAFxy9ADBABxy9QDBABxy+kDBABxy/IDBABxy/UDBABzpwYD
BAJzpxADBAJzpzwDBABzp2YDBAKvbkADBACvblkDBACvblsDBACvbmkDBAC0spID
BAC0sqQDBAC0sr4DBADfHeIwDQYJKoZIhvcNAQELBQADggEBAEXg9uVZ8LiNZfEq
krSgXAX/f5LFGew55w9q33YjnisGlXLBvZz3eiew0EszJj5zTQmHMHYOaxhBBpRS
SBr0sJdunsSIK0cxupbTgWK8oSUttw0WACawsUg0MLkUy40qU8eDDTlV10KvkKES
3+WKvnEqV3pbfc4cs2fqkyjD//lOWCZuRJfWZ7ccTnASCyx6HLbpDyjScysRMlzO
+zNx3XwFKp3Ssw8cMbp8gn4KDSexUUaQdiwgUsaaSwYxr2OdvZRyDtLEil3791eX
zfeJFDN8is4Vx31kauGM/0Z9B//9mu3fAwBjO1wMJ94WR0Xgo1xMyygoBqsySTQC
jzscdiw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:14:10 2024 by rpki-client on console-fra.rpki-client.org