Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/EEFB07CCB8A311ED8F694046C4F9AE02.roa
File: EEFB07CCB8A311ED8F694046C4F9AE02.roa (raw, json)
Hash identifier: oAhOsIRZKzn8oGm73RuC520wGrl8tzxqzdqMFZJePBc=
Subject key identifier: 7A:9B:9C:84:56:8A:1A:DF:7C:A2:0E:9B:AE:2B:BF:72:1B:85:A6:74
Certificate issuer: /CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60
Certificate serial: 20B7
Authority key identifier: 72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/EEFB07CCB8A311ED8F694046C4F9AE02.roa
Signing time: Tue 12 Mar 2024 16:33:00 +0000
ROA not before: Tue 12 Mar 2024 16:33:00 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 17551
IP address blocks: 14.192.56.0/22 maxlen: 22
14.192.56.0/23 maxlen: 23
14.192.58.0/23 maxlen: 23
103.15.148.0/22 maxlen: 22
103.53.117.0/24 maxlen: 24
103.53.118.0/24 maxlen: 24
103.53.119.0/24 maxlen: 24
103.227.64.0/23 maxlen: 23
103.232.252.0/22 maxlen: 22
110.232.240.0/21 maxlen: 21
117.53.128.0/20 maxlen: 20
125.214.80.0/21 maxlen: 21
202.47.120.0/22 maxlen: 22
203.22.132.0/24 maxlen: 24
203.27.231.0/24 maxlen: 24
203.30.68.0/24 maxlen: 24
203.83.4.0/22 maxlen: 22
203.147.96.0/21 maxlen: 21
2400:b880::/32 maxlen: 32
2407:5400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl
rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 16:25:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8375 (0x20b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FDD4D/serialNumber=72AFBAEBC9ECDDA2EED2D49B13E6048EA3E41E60
Validity
Not Before: Mar 12 16:33:00 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65f083bc-7007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:17:6d:68:7b:33:6a:15:3f:dd:87:83:c8:8b:
ac:79:42:ec:aa:37:fd:09:10:12:32:d2:72:13:b4:
10:fd:f5:d6:26:2d:22:e7:a8:b9:ae:dc:40:53:d1:
69:03:ce:0e:e0:d7:eb:80:a4:0a:73:04:bd:da:f2:
60:9c:7e:de:0b:b2:4a:91:f4:3c:f5:b7:59:8e:b4:
1c:92:dc:7d:44:ed:f6:b0:68:d5:d4:7e:dc:ab:2a:
42:ab:57:46:67:92:b9:bd:ae:fd:63:0e:9b:85:4d:
66:18:e8:32:29:ea:02:1f:19:1d:c5:ce:22:37:2b:
03:ec:82:ed:67:4d:86:e2:20:f0:9f:c1:1c:7e:a0:
46:44:ec:02:77:02:51:21:6e:7f:88:ff:67:db:3c:
64:b4:0f:ea:5e:fc:e7:60:c6:71:3d:dd:6f:5d:59:
db:cb:91:38:57:ce:d6:1d:27:fe:90:8f:c9:38:20:
58:ac:71:01:81:8a:45:c4:ef:1e:52:6c:cf:5d:7b:
b4:14:44:2f:46:ad:d9:c9:a1:88:5e:25:dd:a7:04:
4b:35:54:24:fd:f2:04:d0:30:1a:09:ba:33:93:bd:
71:9a:44:a9:4f:2a:77:89:c3:f9:f6:5f:35:91:6a:
ca:8f:01:2f:21:27:ed:02:c7:15:6a:94:8f:9c:4c:
b2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:9B:9C:84:56:8A:1A:DF:7C:A2:0E:9B:AE:2B:BF:72:1B:85:A6:74
X509v3 Authority Key Identifier:
keyid:72:AF:BA:EB:C9:EC:DD:A2:EE:D2:D4:9B:13:E6:04:8E:A3:E4:1E:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/cq-668ns3aLu0tSbE-YEjqPkHmA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cq-668ns3aLu0tSbE-YEjqPkHmA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDD4D/BAE108C4EA6011E58815770CC4F9AE02/EEFB07CCB8A311ED8F694046C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.56.0/22
103.15.148.0/22
103.53.117.0-103.53.119.255
103.227.64.0/23
103.232.252.0/22
110.232.240.0/21
117.53.128.0/20
125.214.80.0/21
202.47.120.0/22
203.22.132.0/24
203.27.231.0/24
203.30.68.0/24
203.83.4.0/22
203.147.96.0/21
IPv6:
2400:b880::/32
2407:5400::/32
Signature Algorithm: sha256WithRSAEncryption
7b:5c:11:05:6d:b8:b4:e1:fd:55:e3:84:06:14:b5:55:b7:0b:
57:1c:74:c6:26:99:ee:ca:8b:bf:7e:f4:74:c4:85:70:5a:53:
0e:10:6f:34:70:ca:6e:fb:5b:92:86:ae:20:c5:f7:e9:bb:54:
5e:4a:6d:ce:a6:2e:fb:33:10:67:2a:5e:fe:34:ae:30:61:01:
57:ce:52:e6:c4:36:3a:a0:7d:93:66:78:ed:ef:77:6c:3d:d2:
b4:af:2d:7b:c7:3a:16:7d:46:90:1a:f3:dd:b9:78:48:df:ef:
c5:5a:28:5a:1f:d5:b3:fb:28:00:df:39:53:3e:34:aa:1c:e6:
8e:62:8e:37:5c:23:23:df:f2:c3:ec:3d:ac:d0:15:a9:b3:33:
7e:8c:5b:bb:db:88:98:b5:96:24:2d:d5:50:4c:e1:16:b3:9f:
cd:8f:9d:83:17:09:46:ef:79:82:e1:c1:67:9c:fd:80:f3:2e:
48:d9:e5:75:a7:13:49:6c:db:54:7e:b3:8d:c1:70:01:0c:b7:
a8:8d:71:66:39:9a:37:38:cb:03:4e:9b:96:b4:e8:d7:ce:ac:
77:94:69:3f:28:92:f7:3c:a8:d1:e8:86:aa:50:af:79:7d:fc:
53:df:1b:25:df:1b:9e:1b:ca:b6:b6:3d:9e:d7:dd:56:80:a0:
cd:1b:7b:b9
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgICILcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkRENEQxMTAvBgNVBAUTKDcyQUZCQUVCQzlFQ0REQTJFRUQyRDQ5QjEzRTYwNDhF
QTNFNDFFNjAwHhcNMjQwMzEyMTYzMzAwWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWYwODNiYy03MDA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqxdtaHszahU/3YeDyIuseULsqjf9CRASMtJyE7QQ/fXWJi0i56i5rtxAU9Fp
A84O4NfrgKQKcwS92vJgnH7eC7JKkfQ89bdZjrQcktx9RO32sGjV1H7cqypCq1dG
Z5K5va79Yw6bhU1mGOgyKeoCHxkdxc4iNysD7ILtZ02G4iDwn8EcfqBGROwCdwJR
IW5/iP9n2zxktA/qXvznYMZxPd1vXVnby5E4V87WHSf+kI/JOCBYrHEBgYpFxO8e
UmzPXXu0FEQvRq3ZyaGIXiXdpwRLNVQk/fIE0DAaCbozk71xmkSpTyp3icP59l81
kWrKjwEvISftAscVapSPnEyy/wIDAQABo4IDAjCCAv4wHQYDVR0OBBYEFHqbnIRW
ihrffKIOm64rv3IbhaZ0MB8GA1UdIwQYMBaAFHKvuuvJ7N2i7tLUmxPmBI6j5B5g
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREQ0RC9CQUUxMDhDNEVB
NjAxMUU1ODgxNTc3MENDNEY5QUUwMi9jcS02NjhuczNhTHUwdFNiRS1ZRWpxUGtI
bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NxLTY2OG5zM2FMdTB0U2JFLVlFanFQa0htQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkRENEQvQkFFMTA4QzRFQTYwMTFFNTg4MTU3NzBDQzRGOUFFMDIvRUVGQjA3Q0NC
OEEzMTFFRDhGNjk0MDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYsGCCsGAQUFBwEHAQH/
BHwwejBiBAIAATBcAwQCDsA4AwQCZw+UMAwDBABnNXUDBANnNXADBAFn40ADBAJn
6PwDBANu6PADBAR1NYADBAN91lADBALKL3gDBADLFoQDBADLG+cDBADLHkQDBALL
UwQDBAPLk2AwFAQCAAIwDgMFACQAuIADBQAkB1QAMA0GCSqGSIb3DQEBCwUAA4IB
AQB7XBEFbbi04f1V44QGFLVVtwtXHHTGJpnuyou/fvR0xIVwWlMOEG80cMpu+1uS
hq4gxffpu1ReSm3Opi77MxBnKl7+NK4wYQFXzlLmxDY6oH2TZnjt73dsPdK0ry17
xzoWfUaQGvPduXhI3+/FWihaH9Wz+ygA3zlTPjSqHOaOYo43XCMj3/LD7D2s0BWp
szN+jFu724iYtZYkLdVQTOEWs5/Nj52DFwlG73mC4cFnnP2A8y5I2eV1pxNJbNtU
frONwXABDLeojXFmOZo3OMsDTpuWtOjXzqx3lGk/KJL3PKjR6IaqUK95ffxT3xsl
3xueG8q2tj2e191WgKDNG3u5
-----END CERTIFICATE-----
Generated at Thu May 16 18:26:11 2024 by rpki-client on console-fra.rpki-client.org