Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
File: EE375CF036BD11E7B9B7251EC4F9AE02.roa (raw, json)
Hash identifier: oAMN3Hv+FrxmGc6WWivme2gl9rs4/jmndz5EfWvV6Og=
Subject key identifier: 04:F0:8B:FF:16:1C:49:B2:BE:DD:7A:BA:08:B3:72:8C:36:B9:F0:48
Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Certificate serial: 1DC2
Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
Signing time: Mon 29 Jan 2024 16:49:47 +0000
ROA not before: Mon 29 Jan 2024 16:49:47 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 134963
IP address blocks: 14.1.112.0/22 maxlen: 24
43.96.0.0/16 maxlen: 24
43.97.0.0/16 maxlen: 24
43.98.0.0/16 maxlen: 24
43.99.0.0/16 maxlen: 24
43.100.0.0/16 maxlen: 24
43.101.0.0/16 maxlen: 24
43.102.0.0/16 maxlen: 24
43.103.0.0/16 maxlen: 24
43.104.0.0/16 maxlen: 24
43.105.0.0/16 maxlen: 24
43.106.0.0/16 maxlen: 24
43.107.0.0/16 maxlen: 24
43.108.0.0/16 maxlen: 24
43.109.0.0/16 maxlen: 24
43.110.0.0/16 maxlen: 24
43.111.0.0/16 maxlen: 24
43.112.0.0/16 maxlen: 24
43.113.0.0/16 maxlen: 24
43.114.0.0/16 maxlen: 24
43.115.0.0/16 maxlen: 24
43.116.0.0/16 maxlen: 24
43.117.0.0/16 maxlen: 24
43.118.0.0/16 maxlen: 24
43.119.0.0/16 maxlen: 24
43.120.0.0/16 maxlen: 24
43.121.0.0/16 maxlen: 24
43.122.0.0/16 maxlen: 24
43.123.0.0/16 maxlen: 24
43.124.0.0/16 maxlen: 24
43.125.0.0/16 maxlen: 24
43.126.0.0/16 maxlen: 24
43.127.0.0/16 maxlen: 16
43.127.0.0/16 maxlen: 24
103.206.40.0/22 maxlen: 24
240b:4000::/32 maxlen: 48
240b:4001::/32 maxlen: 48
240b:4002::/32 maxlen: 48
240b:4003::/32 maxlen: 48
240b:4004::/32 maxlen: 48
240b:4005::/32 maxlen: 48
240b:4006::/32 maxlen: 48
240b:4007::/32 maxlen: 48
240b:4008::/32 maxlen: 48
240b:4009::/32 maxlen: 48
240b:400a::/32 maxlen: 48
240b:400b::/32 maxlen: 48
240b:400c::/32 maxlen: 48
240b:400d::/32 maxlen: 48
240b:400e::/32 maxlen: 48
240b:400f::/32 maxlen: 48
240b:4010::/32 maxlen: 48
240b:4011::/32 maxlen: 48
240b:4012::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 16:09:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7618 (0x1dc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Validity
Not Before: Jan 29 16:49:47 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65b7d72a-bdae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:be:16:1f:4b:5b:d5:0c:7f:42:66:79:9d:7e:
80:af:87:a0:76:ef:79:7d:63:06:04:0b:ff:83:eb:
02:2c:ef:42:af:cd:85:fc:33:7c:8a:66:44:e0:f4:
76:8e:51:ad:32:1b:1b:fb:98:49:a6:18:7d:55:a6:
c2:d0:62:21:cd:6b:b0:ce:32:94:2f:56:33:7d:05:
70:35:81:9e:49:c9:35:88:f4:d2:6e:a3:91:e9:c0:
9f:43:1d:09:4f:9d:20:b6:76:e9:3b:29:6c:13:36:
70:06:53:ed:ea:cd:2c:2b:e9:aa:fd:a4:fc:7e:fa:
cc:29:0d:e2:05:e5:11:be:c5:f9:8f:c8:7b:e0:a7:
9f:a2:57:3a:5c:b1:fb:85:26:fb:79:b9:3f:1f:18:
66:30:ef:70:7a:69:40:35:47:b7:13:5a:4c:28:29:
79:9f:3d:e2:56:57:4d:63:bd:81:bd:6d:71:d5:1e:
db:69:b2:25:22:2e:82:83:c7:21:d6:b2:bc:97:7a:
f0:d3:f9:e7:fd:4a:43:39:d7:c6:d7:83:f0:f5:01:
3f:ea:ff:aa:6f:98:ae:8b:8d:35:49:cf:3d:93:5c:
1a:f2:e0:d0:00:94:36:1c:82:2b:e1:72:f5:73:95:
95:db:97:1f:87:87:83:f6:6c:80:cf:0d:dc:5b:fa:
da:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:F0:8B:FF:16:1C:49:B2:BE:DD:7A:BA:08:B3:72:8C:36:B9:F0:48
X509v3 Authority Key Identifier:
keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/EE375CF036BD11E7B9B7251EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.1.112.0/22
43.96.0.0/11
103.206.40.0/22
IPv6:
240b:4000::-240b:4012:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
48:42:c5:35:aa:77:8a:51:0b:d8:0a:92:ce:32:13:e0:cf:b8:
5d:b5:60:0e:6a:87:5d:93:ca:57:5e:93:43:88:38:dc:7e:3c:
1b:c4:9f:ae:4a:26:9d:13:4b:42:94:cb:f9:9a:92:e2:20:82:
a4:4f:34:72:4d:45:29:f7:e7:f8:c7:36:56:55:0c:42:2d:3a:
03:17:fc:46:bf:96:2d:c2:af:94:c6:40:fc:fb:95:44:8d:0a:
85:50:48:46:79:7c:42:a4:11:3c:50:83:a5:20:f3:51:2a:23:
68:84:ef:ae:be:28:19:57:8b:d9:df:90:ef:5c:f6:20:13:5f:
a6:44:2e:7f:17:22:5e:1b:ca:12:55:cd:af:c7:aa:06:a0:a2:
ed:55:7d:27:37:79:9c:15:aa:c5:bd:89:97:11:ea:2d:18:d0:
19:06:81:59:21:97:42:e9:ee:35:e0:d3:78:db:f8:5b:c5:b2:
73:60:27:6f:50:47:a2:37:7c:33:e3:76:73:4c:59:e9:36:b4:
1b:44:31:58:06:78:bb:f9:e7:22:01:b3:3e:a6:c7:9b:e1:ed:
d0:51:7b:d2:41:9f:1a:76:47:25:ec:43:f2:67:d9:1f:36:94:
3d:d6:35:a9:3c:de:34:6e:20:80:c4:d9:9e:22:f5:49:88:14:
85:cf:0c:f5
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICHcIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG
QkNCQkQ4QkQwHhcNMjQwMTI5MTY0OTQ3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI3ZDcyYS1iZGFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA374WH0tb1Qx/QmZ5nX6Ar4egdu95fWMGBAv/g+sCLO9Cr82F/DN8imZE4PR2
jlGtMhsb+5hJphh9VabC0GIhzWuwzjKUL1YzfQVwNYGeSck1iPTSbqOR6cCfQx0J
T50gtnbpOylsEzZwBlPt6s0sK+mq/aT8fvrMKQ3iBeURvsX5j8h74Kefolc6XLH7
hSb7ebk/HxhmMO9wemlANUe3E1pMKCl5nz3iVldNY72BvW1x1R7babIlIi6Cg8ch
1rK8l3rw0/nn/UpDOdfG14Pw9QE/6v+qb5iui401Sc89k1wa8uDQAJQ2HIIr4XL1
c5WV25cfh4eD9myAzw3cW/raTwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFATwi/8W
HEmyvt16ugizcow2ufBIMB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC
QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvRUUzNzVDRjAz
NkJEMTFFN0I5QjcyNTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMBcEAgABMBEDBAIOAXADAwUrYAMEAmfOKDAVBAIAAjAPMA0DBAYkC0ADBQAk
C0ASMA0GCSqGSIb3DQEBCwUAA4IBAQBIQsU1qneKUQvYCpLOMhPgz7hdtWAOaodd
k8pXXpNDiDjcfjwbxJ+uSiadE0tClMv5mpLiIIKkTzRyTUUp9+f4xzZWVQxCLToD
F/xGv5Ytwq+UxkD8+5VEjQqFUEhGeXxCpBE8UIOlIPNRKiNohO+uvigZV4vZ35Dv
XPYgE1+mRC5/FyJeG8oSVc2vx6oGoKLtVX0nN3mcFarFvYmXEeotGNAZBoFZIZdC
6e414NN42/hbxbJzYCdvUEeiN3wz43ZzTFnpNrQbRDFYBni7+eciAbM+pseb4e3Q
UXvSQZ8adkcl7EPyZ9kfNpQ91jWpPN40biCAxNmeIvVJiBSFzwz1
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:56:22 2024 by rpki-client on console-fra.rpki-client.org