Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD60C/188F1172973D11EFA5196058C4F9AE02/AC8EE79E975B11EFB1D18E82C4F9AE02.roa
File: AC8EE79E975B11EFB1D18E82C4F9AE02.roa (raw, json)
Hash identifier: kMM0jFEoPR+G6/cERfYwCAE7TUEU6HaJy9v+jML5/oY=
Subject key identifier: 20:2E:18:6D:E0:CE:B1:CF:45:30:22:34:A9:CA:98:05:1C:0D:42:AC
Certificate issuer: /CN=A91CD60C/serialNumber=E72376339DBD5D302A59CCFA77AC09CD1723954D
Certificate serial: 0A
Authority key identifier: E7:23:76:33:9D:BD:5D:30:2A:59:CC:FA:77:AC:09:CD:17:23:95:4D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5yN2M529XTAqWcz6d6wJzRcjlU0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD60C/188F1172973D11EFA5196058C4F9AE02/AC8EE79E975B11EFB1D18E82C4F9AE02.roa
Signing time: Thu 31 Oct 2024 08:06:49 +0000
ROA not before: Thu 31 Oct 2024 08:06:49 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 56190
IP address blocks: 202.51.128.0/24 maxlen: 24
202.51.129.0/24 maxlen: 24
202.51.130.0/24 maxlen: 24
202.51.131.0/24 maxlen: 24
202.51.132.0/24 maxlen: 24
202.51.133.0/24 maxlen: 24
202.51.134.0/24 maxlen: 24
202.51.135.0/24 maxlen: 24
202.51.136.0/24 maxlen: 24
202.51.137.0/24 maxlen: 24
202.51.138.0/24 maxlen: 24
202.51.139.0/24 maxlen: 24
202.51.140.0/24 maxlen: 24
202.51.141.0/24 maxlen: 24
202.51.142.0/24 maxlen: 24
202.51.143.0/24 maxlen: 24
202.51.144.0/24 maxlen: 24
202.51.145.0/24 maxlen: 24
202.51.146.0/24 maxlen: 24
202.51.147.0/24 maxlen: 24
202.51.148.0/24 maxlen: 24
202.51.149.0/24 maxlen: 24
202.51.150.0/24 maxlen: 24
202.51.151.0/24 maxlen: 24
202.51.152.0/24 maxlen: 24
202.51.153.0/24 maxlen: 24
202.51.154.0/24 maxlen: 24
202.51.155.0/24 maxlen: 24
202.51.156.0/24 maxlen: 24
202.51.157.0/24 maxlen: 24
202.51.158.0/24 maxlen: 24
202.51.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CD60C/188F1172973D11EFA5196058C4F9AE02/5yN2M529XTAqWcz6d6wJzRcjlU0.crl
rsync://rpki.apnic.net/member_repository/A91CD60C/188F1172973D11EFA5196058C4F9AE02/5yN2M529XTAqWcz6d6wJzRcjlU0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5yN2M529XTAqWcz6d6wJzRcjlU0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD60C/serialNumber=E72376339DBD5D302A59CCFA77AC09CD1723954D
Validity
Not Before: Oct 31 08:06:49 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67233a99-938f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:77:3c:6b:ef:f8:2c:52:37:8f:32:66:cf:b6:
bf:6d:27:f9:20:2f:5c:82:c7:a4:05:e5:b5:7b:97:
29:10:d0:13:60:02:5c:2f:5e:7c:0c:7b:95:04:89:
20:9e:02:dd:4d:84:0c:50:0b:25:ac:7e:ab:5d:08:
2c:9d:a7:ca:4e:f6:d1:af:70:2c:62:0f:0d:2c:12:
56:0e:8d:d4:52:39:4a:68:07:a7:2b:76:4e:de:1a:
3f:e6:2e:d2:b2:ce:3c:43:bd:39:80:37:0c:5c:e4:
78:b8:e2:09:e2:f5:8a:84:bb:b3:d7:e7:25:fa:e9:
ee:d5:27:54:41:16:cc:50:52:97:17:65:3b:f9:a0:
1e:aa:9b:0a:a7:d2:93:d0:0b:3c:4c:40:80:a0:86:
02:96:c6:2e:81:68:f4:c6:48:0a:cd:4e:ac:17:54:
77:04:7b:54:8a:15:58:0b:4d:67:da:c1:61:52:23:
e7:14:a8:31:d7:71:0e:32:14:23:41:17:1c:f0:48:
91:b5:38:00:42:8c:59:27:09:3a:63:b6:b2:b3:bc:
5e:b9:53:94:41:f3:b4:76:0e:aa:87:05:ab:f9:b6:
cb:9d:5d:d1:37:70:51:70:f9:bf:19:a1:e1:3d:55:
26:01:ca:df:4d:24:59:68:8c:c3:fb:b7:4d:04:fa:
05:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2E:18:6D:E0:CE:B1:CF:45:30:22:34:A9:CA:98:05:1C:0D:42:AC
X509v3 Authority Key Identifier:
keyid:E7:23:76:33:9D:BD:5D:30:2A:59:CC:FA:77:AC:09:CD:17:23:95:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD60C/188F1172973D11EFA5196058C4F9AE02/5yN2M529XTAqWcz6d6wJzRcjlU0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5yN2M529XTAqWcz6d6wJzRcjlU0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD60C/188F1172973D11EFA5196058C4F9AE02/AC8EE79E975B11EFB1D18E82C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.51.128.0/19
Signature Algorithm: sha256WithRSAEncryption
d8:21:39:f3:dc:f7:98:f6:4f:f2:ba:e1:63:6e:c1:af:65:dd:
3e:5b:7e:c6:03:97:9e:c7:52:6b:ec:3b:6d:0e:83:e6:a0:1c:
d7:83:1a:e8:5d:e7:ff:aa:82:8f:db:67:ed:13:9b:64:c4:ab:
b8:8c:44:db:21:ee:e7:47:fe:fa:71:46:3f:6b:4f:11:a9:0b:
cb:cc:87:bb:cf:af:a8:18:6b:ac:94:2d:d7:40:06:bd:ce:79:
f4:78:d6:21:55:a9:79:48:96:c9:5b:23:aa:cd:ba:93:9e:c8:
0d:83:2a:98:7d:c3:e3:3a:db:80:15:a6:0f:4c:a8:86:e0:7b:
f9:e5:a9:40:9d:14:41:72:91:d1:f0:31:9a:74:9a:db:4b:c1:
da:62:e6:13:85:2c:b3:c1:e1:a7:e7:7d:1d:82:c4:1a:65:0e:
6e:de:2b:d6:5f:27:2e:98:b9:a3:44:3c:af:5f:25:bc:96:5b:
4f:21:4a:d4:57:d6:5f:bb:5b:1c:3a:9a:4d:25:bc:f0:54:36:
de:1b:54:86:ab:e7:dc:b5:1b:b9:a8:0f:0d:24:13:dd:50:e4:
1c:99:74:c0:16:1a:c2:d2:e7:2e:47:ef:12:33:b8:75:f6:4f:
82:3c:84:c1:41:06:a0:75:a3:84:31:6d:ac:f7:8f:56:2d:82:
66:16:52:83
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
RDYwQzExMC8GA1UEBRMoRTcyMzc2MzM5REJENUQzMDJBNTlDQ0ZBNzdBQzA5Q0Qx
NzIzOTU0RDAeFw0yNDEwMzEwODA2NDlaFw0yNTA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MjMzYTk5LTkzOGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD1dzxr7/gsUjePMmbPtr9tJ/kgL1yCx6QF5bV7lykQ0BNgAlwvXnwMe5UEiSCe
At1NhAxQCyWsfqtdCCydp8pO9tGvcCxiDw0sElYOjdRSOUpoB6crdk7eGj/mLtKy
zjxDvTmANwxc5Hi44gni9YqEu7PX5yX66e7VJ1RBFsxQUpcXZTv5oB6qmwqn0pPQ
CzxMQICghgKWxi6BaPTGSArNTqwXVHcEe1SKFVgLTWfawWFSI+cUqDHXcQ4yFCNB
FxzwSJG1OABCjFknCTpjtrKzvF65U5RB87R2DqqHBav5tsudXdE3cFFw+b8ZoeE9
VSYByt9NJFlojMP7t00E+gW9AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUIC4YbeDO
sc9FMCI0qcqYBRwNQqwwHwYDVR0jBBgwFoAU5yN2M529XTAqWcz6d6wJzRcjlU0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNENjBDLzE4OEYxMTcyOTcz
RDExRUZBNTE5NjA1OEM0RjlBRTAyLzV5TjJNNTI5WFRBcVdjejZkNndKelJjamxV
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNXlOMk01MjlYVEFxV2N6NmQ2d0p6UmNqbFUwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
RDYwQy8xODhGMTE3Mjk3M0QxMUVGQTUxOTYwNThDNEY5QUUwMi9BQzhFRTc5RTk3
NUIxMUVGQjFEMThFODJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBcozgDANBgkqhkiG9w0BAQsFAAOCAQEA2CE589z3mPZP8rrh
Y27Br2XdPlt+xgOXnsdSa+w7bQ6D5qAc14Ma6F3n/6qCj9tn7RObZMSruIxE2yHu
50f++nFGP2tPEakLy8yHu8+vqBhrrJQt10AGvc559HjWIVWpeUiWyVsjqs26k57I
DYMqmH3D4zrbgBWmD0yohuB7+eWpQJ0UQXKR0fAxmnSa20vB2mLmE4Uss8Hhp+d9
HYLEGmUObt4r1l8nLpi5o0Q8r18lvJZbTyFK1FfWX7tbHDqaTSW88FQ23htUhqvn
3LUbuagPDSQT3VDkHJl0wBYawtLnLkfvEjO4dfZPgjyEwUEGoHWjhDFtrPePVi2C
ZhZSgw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:45:05 2024 by rpki-client on console-ams.rpki-client.org