Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C39D1/088C1B48A27D11EBA28F9177C4F9AE02/A26500A2A27F11EBBE87837FC4F9AE02.roa
File: A26500A2A27F11EBBE87837FC4F9AE02.roa (raw, json)
Hash identifier: G+cvOyuBaI0mJceOtyargePM5Osl1OnTP7qop5mo/cM=
Subject key identifier: 95:87:69:93:38:41:96:DC:67:0E:DE:15:B2:4E:52:C2:6A:3E:A8:6B
Certificate issuer: /CN=A91C39D1/serialNumber=8DEEAE856E95F3CEACE112C0A1EA97BA45A57A44
Certificate serial: 0527
Authority key identifier: 8D:EE:AE:85:6E:95:F3:CE:AC:E1:12:C0:A1:EA:97:BA:45:A5:7A:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/je6uhW6V886s4RLAoeqXukWlekQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C39D1/088C1B48A27D11EBA28F9177C4F9AE02/A26500A2A27F11EBBE87837FC4F9AE02.roa
Signing time: Sat 17 Feb 2024 00:43:14 +0000
ROA not before: Sat 17 Feb 2024 00:43:13 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 45648
IP address blocks: 27.34.240.0/24 maxlen: 24
27.34.241.0/24 maxlen: 24
27.34.242.0/24 maxlen: 24
27.34.243.0/24 maxlen: 24
27.34.244.0/24 maxlen: 24
27.34.245.0/24 maxlen: 24
27.34.246.0/24 maxlen: 24
27.34.247.0/24 maxlen: 24
27.34.248.0/24 maxlen: 24
27.34.249.0/24 maxlen: 24
27.34.250.0/24 maxlen: 24
27.34.251.0/24 maxlen: 24
27.34.252.0/24 maxlen: 24
27.34.253.0/24 maxlen: 24
27.34.254.0/24 maxlen: 24
27.34.255.0/24 maxlen: 24
43.254.160.0/24 maxlen: 24
43.254.161.0/24 maxlen: 24
43.254.162.0/24 maxlen: 24
43.254.163.0/24 maxlen: 24
103.228.220.0/24 maxlen: 24
103.228.221.0/24 maxlen: 24
103.228.222.0/24 maxlen: 24
103.228.223.0/24 maxlen: 24
111.125.192.0/24 maxlen: 24
111.125.193.0/24 maxlen: 24
111.125.200.0/24 maxlen: 24
111.125.201.0/24 maxlen: 24
111.125.202.0/24 maxlen: 24
111.125.203.0/24 maxlen: 24
111.125.204.0/24 maxlen: 24
111.125.205.0/24 maxlen: 24
111.125.206.0/24 maxlen: 24
111.125.207.0/24 maxlen: 24
111.125.212.0/24 maxlen: 24
183.87.212.0/24 maxlen: 24
183.87.213.0/24 maxlen: 24
183.87.250.0/24 maxlen: 24
203.201.60.0/24 maxlen: 24
203.201.61.0/24 maxlen: 24
203.201.62.0/24 maxlen: 24
203.201.63.0/24 maxlen: 24
2400:d280::/32 maxlen: 32
2400:d280::/36 maxlen: 36
2400:d280:1000::/36 maxlen: 36
2400:d280:2000::/36 maxlen: 36
2400:d280:3000::/36 maxlen: 36
2400:d280:4000::/36 maxlen: 36
2400:d280:5000::/36 maxlen: 36
2400:d280:6000::/36 maxlen: 36
2400:d280:7000::/36 maxlen: 36
2400:d280:8000::/36 maxlen: 36
2400:d280:9000::/36 maxlen: 36
2400:d280:a000::/36 maxlen: 36
2400:d280:b000::/36 maxlen: 36
2400:d280:c000::/36 maxlen: 36
2400:d280:d000::/36 maxlen: 36
2400:d280:e000::/36 maxlen: 36
2400:d280:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C39D1/088C1B48A27D11EBA28F9177C4F9AE02/je6uhW6V886s4RLAoeqXukWlekQ.crl
rsync://rpki.apnic.net/member_repository/A91C39D1/088C1B48A27D11EBA28F9177C4F9AE02/je6uhW6V886s4RLAoeqXukWlekQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/je6uhW6V886s4RLAoeqXukWlekQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1319 (0x527)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C39D1/serialNumber=8DEEAE856E95F3CEACE112C0A1EA97BA45A57A44
Validity
Not Before: Feb 17 00:43:13 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65d00121-d4d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:32:f9:65:e8:97:bc:4f:ed:13:fa:f3:cc:34:
43:7b:e6:ba:64:9f:23:4e:66:66:23:4a:6b:4c:40:
4e:55:b9:c2:c2:1e:46:3d:a7:31:0a:1e:c8:5c:f7:
da:85:56:52:f2:27:39:63:e9:63:ca:ff:2a:60:1b:
3c:7e:ea:da:50:ef:cc:15:7b:a9:62:6b:19:29:72:
df:42:bf:f5:dc:9f:21:f0:61:c5:e6:50:78:90:b4:
4b:46:d7:14:42:72:ed:98:31:b8:cb:ce:e8:b4:38:
37:8a:0b:40:f9:83:8b:86:5d:06:d8:99:04:14:9b:
59:d0:71:68:7f:b0:a3:71:d3:e5:34:5e:ea:90:a0:
f1:d8:a5:04:5a:7a:3f:5d:2b:61:72:8e:4a:c0:3a:
2b:b9:6f:0d:16:f5:d5:77:fa:e5:92:b3:bf:b1:3f:
a3:fa:82:eb:b6:33:08:5a:b5:7b:0a:6e:31:27:3a:
03:f2:26:06:f2:5b:5a:3e:ea:97:5f:0c:ad:13:06:
07:88:bd:38:32:66:eb:8c:8c:ea:18:90:eb:a2:f4:
22:43:56:a9:cf:a0:3c:a4:da:77:66:63:4c:9a:39:
b3:42:95:8c:d6:61:5d:98:f8:88:66:77:3e:a5:92:
95:b7:ef:db:00:33:03:c6:59:b1:48:32:fa:d7:5d:
76:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:87:69:93:38:41:96:DC:67:0E:DE:15:B2:4E:52:C2:6A:3E:A8:6B
X509v3 Authority Key Identifier:
keyid:8D:EE:AE:85:6E:95:F3:CE:AC:E1:12:C0:A1:EA:97:BA:45:A5:7A:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C39D1/088C1B48A27D11EBA28F9177C4F9AE02/je6uhW6V886s4RLAoeqXukWlekQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/je6uhW6V886s4RLAoeqXukWlekQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C39D1/088C1B48A27D11EBA28F9177C4F9AE02/A26500A2A27F11EBBE87837FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.34.240.0/20
43.254.160.0/22
103.228.220.0/22
111.125.192.0/23
111.125.200.0/21
111.125.212.0/24
183.87.212.0/23
183.87.250.0/24
203.201.60.0/22
IPv6:
2400:d280::/32
Signature Algorithm: sha256WithRSAEncryption
cc:45:8d:86:5c:1b:99:85:06:ff:19:a9:c4:22:b2:84:8c:79:
74:19:27:ad:cc:22:1f:e1:13:12:53:5a:99:3f:74:e2:11:32:
c9:31:77:49:66:dd:52:1b:33:c1:ff:5a:7b:9d:29:ef:91:f3:
18:3b:17:1b:83:a3:34:93:a5:a5:fc:13:74:96:bb:7b:de:22:
a7:18:39:db:9e:9e:9a:bf:59:d6:ac:8b:7d:6c:2a:10:e2:97:
ec:f7:b1:75:23:df:a7:11:d6:fb:dd:11:b6:f0:1f:ea:b1:94:
5e:df:52:c4:19:f2:c7:25:98:dd:2d:ba:8c:96:75:ba:c4:51:
9f:9a:c9:de:a4:67:2a:dd:0f:3b:d2:4c:74:75:34:87:73:61:
00:f3:f8:39:22:1c:7b:02:d5:a4:a0:ca:de:a5:79:8d:e3:98:
09:a6:a5:8e:90:b1:f3:15:5e:33:12:eb:ed:0b:99:9f:b9:8f:
e6:e5:5e:a0:ca:7f:41:26:46:44:0b:6b:64:bb:42:3f:db:a0:
f9:96:df:f2:70:41:1a:f9:72:8d:bd:57:a8:8d:f5:70:5b:ca:
4c:55:86:cf:9b:1b:04:57:d8:8b:2e:bd:47:10:ea:d4:20:30:
83:08:35:af:b4:d6:10:fe:d4:9d:76:d0:ca:09:8a:9e:8d:48:
97:76:93:17
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgICBScwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzM5RDExMTAvBgNVBAUTKDhERUVBRTg1NkU5NUYzQ0VBQ0UxMTJDMEExRUE5N0JB
NDVBNTdBNDQwHhcNMjQwMjE3MDA0MzEzWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQwMDEyMS1kNGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0TL5ZeiXvE/tE/rzzDRDe+a6ZJ8jTmZmI0prTEBOVbnCwh5GPacxCh7IXPfa
hVZS8ic5Y+ljyv8qYBs8furaUO/MFXupYmsZKXLfQr/13J8h8GHF5lB4kLRLRtcU
QnLtmDG4y87otDg3igtA+YOLhl0G2JkEFJtZ0HFof7CjcdPlNF7qkKDx2KUEWno/
XSthco5KwDoruW8NFvXVd/rlkrO/sT+j+oLrtjMIWrV7Cm4xJzoD8iYG8ltaPuqX
XwytEwYHiL04MmbrjIzqGJDrovQiQ1apz6A8pNp3ZmNMmjmzQpWM1mFdmPiIZnc+
pZKVt+/bADMDxlmxSDL61112zQIDAQABo4IC1DCCAtAwHQYDVR0OBBYEFJWHaZM4
QZbcZw7eFbJOUsJqPqhrMB8GA1UdIwQYMBaAFI3uroVulfPOrOESwKHql7pFpXpE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzlEMS8wODhDMUI0OEEy
N0QxMUVCQTI4RjkxNzdDNEY5QUUwMi9qZTZ1aFc2Vjg4NnM0UkxBb2VxWHVrV2xl
a1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2plNnVoVzZWODg2czRSTEFvZXFYdWtXbGVrUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzM5RDEvMDg4QzFCNDhBMjdEMTFFQkEyOEY5MTc3QzRGOUFFMDIvQTI2NTAwQTJB
MjdGMTFFQkJFODc4MzdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXgYIKwYBBQUHAQcBAf8E
TzBNMDwEAgABMDYDBAQbIvADBAIr/qADBAJn5NwDBAFvfcADBANvfcgDBABvfdQD
BAG3V9QDBAC3V/oDBALLyTwwDQQCAAIwBwMFACQA0oAwDQYJKoZIhvcNAQELBQAD
ggEBAMxFjYZcG5mFBv8ZqcQisoSMeXQZJ63MIh/hExJTWpk/dOIRMskxd0lm3VIb
M8H/WnudKe+R8xg7FxuDozSTpaX8E3SWu3veIqcYOduenpq/Wdasi31sKhDil+z3
sXUj36cR1vvdEbbwH+qxlF7fUsQZ8sclmN0tuoyWdbrEUZ+ayd6kZyrdDzvSTHR1
NIdzYQDz+DkiHHsC1aSgyt6leY3jmAmmpY6QsfMVXjMS6+0LmZ+5j+blXqDKf0Em
RkQLa2S7Qj/boPmW3/JwQRr5co29V6iN9XBbykxVhs+bGwRX2IsuvUcQ6tQgMIMI
Na+01hD+1J120MoJip6NSJd2kxc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:08:49 2024 by rpki-client on console-ams.rpki-client.org