Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/C56AA228721511EF9D7B9F3DC4F9AE02.roa
File: C56AA228721511EF9D7B9F3DC4F9AE02.roa (raw, json)
Hash identifier: HRIGXbMczvFribXDDobrskTMEJrX/SQQ8/lLj5otISw=
Subject key identifier: FC:52:F4:F9:8E:61:B1:56:81:04:06:D0:4A:6C:28:1D:B8:E8:1C:57
Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126
Certificate serial: 56
Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/C56AA228721511EF9D7B9F3DC4F9AE02.roa
Signing time: Fri 13 Sep 2024 22:28:43 +0000
ROA not before: Fri 13 Sep 2024 22:28:43 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 4762
IP address blocks: 202.28.128.0/18 maxlen: 18
202.28.128.0/20 maxlen: 20
202.28.128.0/24 maxlen: 24
202.28.129.0/24 maxlen: 24
202.28.130.0/24 maxlen: 24
202.28.131.0/24 maxlen: 24
202.28.132.0/24 maxlen: 24
202.28.133.0/24 maxlen: 24
202.28.134.0/24 maxlen: 24
202.28.135.0/24 maxlen: 24
202.28.136.0/22 maxlen: 22
202.28.136.0/24 maxlen: 24
202.28.137.0/24 maxlen: 24
202.28.138.0/23 maxlen: 24
202.28.140.0/24 maxlen: 24
202.28.141.0/24 maxlen: 24
202.28.142.0/24 maxlen: 24
202.28.143.0/24 maxlen: 24
202.28.144.0/20 maxlen: 20
202.28.144.0/22 maxlen: 22
202.28.144.0/24 maxlen: 24
202.28.145.0/24 maxlen: 24
202.28.146.0/24 maxlen: 24
202.28.147.0/24 maxlen: 24
202.28.148.0/22 maxlen: 22
202.28.148.0/24 maxlen: 24
202.28.149.0/24 maxlen: 24
202.28.150.0/23 maxlen: 24
202.28.152.0/21 maxlen: 21
202.28.152.0/24 maxlen: 24
202.28.153.0/24 maxlen: 24
202.28.154.0/24 maxlen: 24
202.28.155.0/24 maxlen: 24
202.28.156.0/24 maxlen: 24
202.28.157.0/24 maxlen: 24
202.28.158.0/24 maxlen: 24
202.28.159.0/24 maxlen: 24
202.28.160.0/20 maxlen: 20
202.28.160.0/24 maxlen: 24
202.28.161.0/24 maxlen: 24
202.28.162.0/24 maxlen: 24
202.28.163.0/24 maxlen: 24
202.28.164.0/24 maxlen: 24
202.28.165.0/24 maxlen: 24
202.28.166.0/24 maxlen: 24
202.28.167.0/24 maxlen: 24
202.28.168.0/24 maxlen: 24
202.28.169.0/24 maxlen: 24
202.28.170.0/24 maxlen: 24
202.28.171.0/24 maxlen: 24
202.28.172.0/24 maxlen: 24
202.28.173.0/24 maxlen: 24
202.28.174.0/24 maxlen: 24
202.28.175.0/24 maxlen: 24
202.28.176.0/20 maxlen: 20
202.28.176.0/24 maxlen: 24
202.28.177.0/24 maxlen: 24
202.28.178.0/24 maxlen: 24
202.28.179.0/24 maxlen: 24
202.28.180.0/24 maxlen: 24
202.28.181.0/24 maxlen: 24
202.28.182.0/24 maxlen: 24
202.28.183.0/24 maxlen: 24
202.28.184.0/24 maxlen: 24
202.28.185.0/24 maxlen: 24
202.28.186.0/24 maxlen: 24
202.28.187.0/24 maxlen: 24
202.28.188.0/24 maxlen: 24
202.28.189.0/24 maxlen: 24
202.28.190.0/24 maxlen: 24
202.28.191.0/24 maxlen: 24
2001:3c8:1202::/48 maxlen: 48
2001:3c8:1606::/48 maxlen: 48
2001:3c8:2707::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl
rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86 (0x56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126
Validity
Not Before: Sep 13 22:28:43 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66e4bc9b-31f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:68:7c:a4:6b:a6:f1:06:fb:a6:a0:7c:7b:95:
bc:db:a4:e3:9b:0d:93:c6:37:e0:03:3b:ba:23:f9:
62:ed:02:31:25:cb:95:b5:e8:45:2f:4c:90:0f:0a:
bd:64:d1:48:c9:1d:c4:c6:46:f6:da:2d:bc:7c:dc:
f4:cc:70:f9:f0:bb:21:7c:ea:01:bd:b3:c6:7c:01:
0f:3f:32:b2:c1:75:36:b0:b2:15:7e:7c:9a:03:11:
d8:53:ef:76:c3:b0:7b:9d:ee:c9:c1:08:08:c5:4b:
8e:97:e2:10:03:4d:53:cc:9b:a4:82:2d:b2:25:8c:
47:c4:b9:05:71:4b:65:27:f4:2c:ec:86:99:fa:ab:
e3:95:15:fa:18:1c:f9:21:fa:d1:9e:94:33:c6:ec:
d6:92:bb:ae:fa:17:db:07:da:02:49:47:a8:bd:ff:
ae:04:e1:21:23:8b:ed:4c:02:f0:dc:64:c7:58:8d:
79:bb:5f:b3:95:51:35:e7:cc:54:03:db:eb:6a:c6:
bb:67:1f:93:5e:ab:ac:1e:c9:ae:c0:1b:36:9d:97:
17:d2:98:8d:9c:b6:89:d3:62:ed:2a:63:f4:01:b5:
80:d0:30:b2:bc:6d:8d:c5:a6:c8:c5:5a:94:7f:83:
62:5f:67:fb:bd:44:09:18:44:64:a8:95:21:a4:ac:
24:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:52:F4:F9:8E:61:B1:56:81:04:06:D0:4A:6C:28:1D:B8:E8:1C:57
X509v3 Authority Key Identifier:
keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/C56AA228721511EF9D7B9F3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.28.128.0/18
IPv6:
2001:3c8:1202::/48
2001:3c8:1606::/48
2001:3c8:2707::/48
Signature Algorithm: sha256WithRSAEncryption
97:7f:fb:9c:3f:4a:20:86:f7:ad:48:06:96:e8:dd:31:de:01:
f3:19:ac:fa:3b:22:ed:96:c3:d9:9d:69:c8:c5:22:c6:2d:cf:
24:9a:7d:36:04:e5:ab:95:86:86:bb:9b:1e:ca:66:44:aa:f1:
0a:68:ea:3a:a4:64:72:a9:0c:1f:45:17:70:2a:a2:5a:99:dc:
3b:69:4d:aa:47:28:28:2b:ca:c4:b0:2c:5b:1e:f3:cc:c9:db:
c0:1f:0f:83:90:da:0d:50:a9:fc:3f:64:20:cb:7a:be:bd:0b:
64:4a:57:78:c6:7b:c4:27:e3:b9:8b:b0:2c:b0:cf:61:05:20:
8a:50:95:e8:63:10:80:14:da:c5:9a:38:f2:12:68:1f:8b:cd:
87:fd:94:90:97:4c:d8:97:9d:7b:1f:e9:b1:6b:d0:46:cc:c9:
92:d5:fc:32:02:ba:e3:71:06:48:b6:06:14:4c:41:24:69:d5:
a2:c7:cd:15:54:9d:6d:ea:6f:d4:57:06:be:fb:fd:82:50:35:
14:00:88:c6:3a:1e:72:ae:22:be:55:3d:b0:ac:d3:c8:78:cd:
a4:bf:cb:f5:26:c7:62:1a:80:c3:6f:25:1a:af:ab:f1:c0:e4:
2a:c8:a8:cd:2e:3a:63:8c:85:c4:9e:0c:42:bf:66:08:93:d3:
6e:d2:36:f7
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBVjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
QUVCMjExMC8GA1UEBRMoOUI5OEZCN0Q0Njg5ODNBMkMxNDc3MjczMzI0OEVGRkEz
NDYyRTEyNjAeFw0yNDA5MTMyMjI4NDNaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZTRiYzliLTMxZjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFaHyka6bxBvumoHx7lbzbpOObDZPGN+ADO7oj+WLtAjEly5W16EUvTJAPCr1k
0UjJHcTGRvbaLbx83PTMcPnwuyF86gG9s8Z8AQ8/MrLBdTawshV+fJoDEdhT73bD
sHud7snBCAjFS46X4hADTVPMm6SCLbIljEfEuQVxS2Un9Czshpn6q+OVFfoYHPkh
+tGelDPG7NaSu676F9sH2gJJR6i9/64E4SEji+1MAvDcZMdYjXm7X7OVUTXnzFQD
2+tqxrtnH5Neq6weya7AGzadlxfSmI2ctonTYu0qY/QBtYDQMLK8bY3FpsjFWpR/
g2JfZ/u9RAkYRGSolSGkrCSpAgMBAAGjggK4MIICtDAdBgNVHQ4EFgQU/FL0+Y5h
sVaBBAbQSmwoHbjoHFcwHwYDVR0jBBgwFoAUm5j7fUaJg6LBR3JzMkjv+jRi4SYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFBRUIyLzM5NTIxMDBFNkU4
MzExRUZBQjcyNjE4MEM0RjlBRTAyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRT
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbTVqN2ZVYUpnNkxCUjNKek1ranYtalJpNFNZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
QUVCMi8zOTUyMTAwRTZFODMxMUVGQUI3MjYxODBDNEY5QUUwMi9DNTZBQTIyODcy
MTUxMUVGOUQ3QjlGM0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBCBggrBgEFBQcBBwEB/wQz
MDEwDAQCAAEwBgMEBsocgDAhBAIAAjAbAwcAIAEDyBICAwcAIAEDyBYGAwcAIAED
yCcHMA0GCSqGSIb3DQEBCwUAA4IBAQCXf/ucP0oghvetSAaW6N0x3gHzGaz6OyLt
lsPZnWnIxSLGLc8kmn02BOWrlYaGu5seymZEqvEKaOo6pGRyqQwfRRdwKqJamdw7
aU2qRygoK8rEsCxbHvPMydvAHw+DkNoNUKn8P2Qgy3q+vQtkSld4xnvEJ+O5i7As
sM9hBSCKUJXoYxCAFNrFmjjyEmgfi82H/ZSQl0zYl517H+mxa9BGzMmS1fwyArrj
cQZItgYUTEEkadWix80VVJ1t6m/UVwa++/2CUDUUAIjGOh5yriK+VT2wrNPIeM2k
v8v1JsdiGoDDbyUar6vxwOQqyKjNLjpjjIXEngxCv2YIk9Nu0jb3
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:45:04 2024 by rpki-client on console-ams.rpki-client.org