Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5AD4/11226B7E8F8A11EA9828C65DC4F9AE02/67A60C64441E11EB861F005AC4F9AE02.roa
File: 67A60C64441E11EB861F005AC4F9AE02.roa (raw, json)
Hash identifier: 64lTU6HFby5BegD1+Uu1tjRR9NUUxrJlKQqqFASdN5I=
Subject key identifier: 3F:B8:E6:48:FC:10:05:30:EC:35:40:C1:8F:F9:6A:F1:5B:F2:F1:E9
Certificate issuer: /CN=A91B5AD4/serialNumber=3352886A8394F3ACF5E635E3C4756F4D0A6E45E9
Certificate serial: 0886
Authority key identifier: 33:52:88:6A:83:94:F3:AC:F5:E6:35:E3:C4:75:6F:4D:0A:6E:45:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M1KIaoOU86z15jXjxHVvTQpuRek.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5AD4/11226B7E8F8A11EA9828C65DC4F9AE02/67A60C64441E11EB861F005AC4F9AE02.roa
Signing time: Thu 04 Jan 2024 20:38:47 +0000
ROA not before: Thu 04 Jan 2024 20:38:47 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 138654
IP address blocks: 120.88.96.0/24 maxlen: 24
120.88.97.0/24 maxlen: 24
120.88.98.0/24 maxlen: 24
120.88.99.0/24 maxlen: 24
120.88.100.0/24 maxlen: 24
120.88.101.0/24 maxlen: 24
120.88.102.0/24 maxlen: 24
120.88.103.0/24 maxlen: 24
120.88.104.0/24 maxlen: 24
120.88.105.0/24 maxlen: 24
120.88.106.0/24 maxlen: 24
120.88.107.0/24 maxlen: 24
120.88.108.0/24 maxlen: 24
120.88.109.0/24 maxlen: 24
120.88.110.0/24 maxlen: 24
120.88.111.0/24 maxlen: 24
2406:f0c0::/32 maxlen: 32
2406:f0c0::/32 maxlen: 40
2406:f0c0:96::/48 maxlen: 48
2406:f0c0:97::/48 maxlen: 48
2406:f0c0:98::/48 maxlen: 48
2406:f0c0:99::/48 maxlen: 48
2406:f0c0:100::/48 maxlen: 48
2406:f0c0:101::/48 maxlen: 48
2406:f0c0:102::/48 maxlen: 48
2406:f0c0:103::/48 maxlen: 48
2406:f0c0:104::/48 maxlen: 48
2406:f0c0:105::/48 maxlen: 48
2406:f0c0:106::/48 maxlen: 48
2406:f0c0:107::/48 maxlen: 48
2406:f0c0:108::/48 maxlen: 48
2406:f0c0:109::/48 maxlen: 48
2406:f0c0:110::/48 maxlen: 48
2406:f0c0:111::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B5AD4/11226B7E8F8A11EA9828C65DC4F9AE02/M1KIaoOU86z15jXjxHVvTQpuRek.crl
rsync://rpki.apnic.net/member_repository/A91B5AD4/11226B7E8F8A11EA9828C65DC4F9AE02/M1KIaoOU86z15jXjxHVvTQpuRek.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M1KIaoOU86z15jXjxHVvTQpuRek.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 21:26:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2182 (0x886)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5AD4/serialNumber=3352886A8394F3ACF5E635E3C4756F4D0A6E45E9
Validity
Not Before: Jan 4 20:38:47 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65971756-2f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:00:15:b3:3b:73:84:1e:18:b9:eb:2d:8c:a7:
09:e1:6c:bf:ff:f6:91:a9:26:6f:90:44:4c:fd:0a:
68:45:50:42:79:e1:ce:9f:c3:90:1f:7d:8e:51:0c:
90:c9:30:a0:76:34:c0:0a:82:4c:06:ad:50:9c:66:
b4:f9:54:dd:0c:64:81:c3:62:e4:60:c2:80:2f:3d:
42:74:8b:84:1b:1c:74:72:5e:ab:e0:9f:a6:f2:cc:
1f:52:71:24:88:e4:07:7e:7e:65:3d:9e:c9:c0:d3:
b4:98:97:fe:07:fd:23:f6:3b:e3:07:28:bc:76:b2:
31:87:67:13:92:da:32:d6:09:40:a0:b7:37:f2:89:
5f:03:36:c6:df:93:6b:b9:6c:e7:2a:b4:63:f6:27:
5b:bf:2f:31:94:6c:d8:8d:30:87:10:ed:f1:de:c9:
d9:ff:4a:ca:6b:e7:45:24:cc:b8:d2:47:e2:e3:6e:
bb:f2:50:e6:85:03:7c:7c:40:01:cd:56:d1:90:a1:
82:f6:28:e9:3b:78:54:39:71:3c:28:9a:cb:7e:d8:
68:53:00:12:2a:b8:a9:98:3f:b2:45:49:28:8c:1e:
e2:3c:27:11:67:fa:a3:10:2e:21:79:63:90:af:93:
89:15:0a:79:4f:87:ed:4f:8d:5f:2b:a7:ea:00:a4:
15:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:B8:E6:48:FC:10:05:30:EC:35:40:C1:8F:F9:6A:F1:5B:F2:F1:E9
X509v3 Authority Key Identifier:
keyid:33:52:88:6A:83:94:F3:AC:F5:E6:35:E3:C4:75:6F:4D:0A:6E:45:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5AD4/11226B7E8F8A11EA9828C65DC4F9AE02/M1KIaoOU86z15jXjxHVvTQpuRek.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M1KIaoOU86z15jXjxHVvTQpuRek.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5AD4/11226B7E8F8A11EA9828C65DC4F9AE02/67A60C64441E11EB861F005AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.88.96.0/20
IPv6:
2406:f0c0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:28:4c:52:fd:d8:aa:77:dc:cf:00:ac:8a:4e:01:4d:2f:54:
d6:87:d2:a5:ab:2c:4e:ce:54:6d:fa:77:7d:83:80:19:ce:9b:
b7:56:56:3e:85:32:89:e2:e9:fd:ea:6e:42:e9:ce:33:ec:df:
f5:5b:6a:c2:ee:f2:6d:a0:14:a3:f2:fc:3d:64:c1:f0:9f:ea:
83:de:f9:5d:3b:12:60:f8:03:91:3c:32:77:09:ce:b1:48:c3:
e9:66:f8:2e:0c:18:33:9f:b4:46:38:e0:49:77:92:ae:8e:ef:
3a:86:ba:2f:8a:36:d9:25:6e:ff:93:b4:71:b3:2e:c3:80:57:
44:3e:a2:03:00:ae:6a:57:dc:d9:5a:99:2e:1f:cf:69:4e:52:
02:84:12:d9:b2:db:dc:fb:6d:a6:b9:37:32:bb:d3:5a:63:ef:
80:76:33:78:af:bb:19:2e:6a:bd:16:a0:f0:ad:a0:57:aa:89:
60:88:03:02:bf:49:85:81:fb:3f:9f:c3:ef:2e:80:19:6b:d8:
be:cc:12:e2:30:a2:f0:e6:94:1e:2a:bd:e4:56:31:c3:25:bf:
df:77:32:24:e5:15:44:05:1e:b5:70:e2:c4:d3:f3:be:9e:d5:
72:57:75:64:da:64:c7:ea:99:c6:b1:33:fa:de:e9:72:5b:70:
d0:11:68:1e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVBRDQxMTAvBgNVBAUTKDMzNTI4ODZBODM5NEYzQUNGNUU2MzVFM0M0NzU2RjRE
MEE2RTQ1RTkwHhcNMjQwMTA0MjAzODQ3WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk3MTc1Ni0yZjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1gAVsztzhB4YuestjKcJ4Wy///aRqSZvkERM/QpoRVBCeeHOn8OQH32OUQyQ
yTCgdjTACoJMBq1QnGa0+VTdDGSBw2LkYMKALz1CdIuEGxx0cl6r4J+m8swfUnEk
iOQHfn5lPZ7JwNO0mJf+B/0j9jvjByi8drIxh2cTktoy1glAoLc38olfAzbG35Nr
uWznKrRj9idbvy8xlGzYjTCHEO3x3snZ/0rKa+dFJMy40kfi42678lDmhQN8fEAB
zVbRkKGC9ijpO3hUOXE8KJrLfthoUwASKripmD+yRUkojB7iPCcRZ/qjEC4heWOQ
r5OJFQp5T4ftT41fK6fqAKQVvQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFD+45kj8
EAUw7DVAwY/5avFb8vHpMB8GA1UdIwQYMBaAFDNSiGqDlPOs9eY148R1b00KbkXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUFENC8xMTIyNkI3RThG
OEExMUVBOTgyOEM2NURDNEY5QUUwMi9NMUtJYW9PVTg2ejE1alhqeEhWdlRRcHVS
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL00xS0lhb09VODZ6MTVqWGp4SFZ2VFFwdVJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVBRDQvMTEyMjZCN0U4RjhBMTFFQTk4MjhDNjVEQzRGOUFFMDIvNjdBNjBDNjQ0
NDFFMTFFQjg2MUYwMDVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAR4WGAwDQQCAAIwBwMFACQG8MAwDQYJKoZIhvcNAQELBQAD
ggEBAC0oTFL92Kp33M8ArIpOAU0vVNaH0qWrLE7OVG36d32DgBnOm7dWVj6FMoni
6f3qbkLpzjPs3/VbasLu8m2gFKPy/D1kwfCf6oPe+V07EmD4A5E8MncJzrFIw+lm
+C4MGDOftEY44El3kq6O7zqGui+KNtklbv+TtHGzLsOAV0Q+ogMArmpX3NlamS4f
z2lOUgKEEtmy29z7baa5NzK701pj74B2M3ivuxkuar0WoPCtoFeqiWCIAwK/SYWB
+z+fw+8ugBlr2L7MEuIwovDmlB4qveRWMcMlv993MiTlFUQFHrVw4sTT876e1XJX
dWTaZMfqmcaxM/re6XJbcNARaB4=
-----END CERTIFICATE-----
Generated at Fri May 31 22:13:10 2024 by rpki-client on console-fra.rpki-client.org