Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/4A479BB45A7911E998A6BE80C4F9AE02.roa
File: 4A479BB45A7911E998A6BE80C4F9AE02.roa (raw, json)
Hash identifier: 7w5j+dyzSy7t29HEAco9XLxp6MYZWlL3SdlWBrNw0GY=
Subject key identifier: 14:89:47:B9:02:5E:19:E3:53:85:DF:56:05:E4:47:DF:29:9E:64:17
Certificate issuer: /CN=A91D1136/serialNumber=B7B73E89B621081609CD689AB0AEF7FAF148926C
Certificate serial: 25AF
Authority key identifier: B7:B7:3E:89:B6:21:08:16:09:CD:68:9A:B0:AE:F7:FA:F1:48:92:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t7c-ibYhCBYJzWiasK73-vFIkmw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/4A479BB45A7911E998A6BE80C4F9AE02.roa
Signing time: Tue 24 Sep 2024 15:53:00 +0000
ROA not before: Tue 24 Sep 2024 15:53:00 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 133543
IP address blocks: 115.67.8.0/21 maxlen: 21
115.67.8.0/24 maxlen: 24
115.67.9.0/24 maxlen: 24
115.67.10.0/24 maxlen: 24
115.67.11.0/24 maxlen: 24
115.67.12.0/24 maxlen: 24
115.67.13.0/24 maxlen: 24
115.67.14.0/24 maxlen: 24
115.67.15.0/24 maxlen: 24
2404:8d06::/31 maxlen: 32
2404:8d06::/36 maxlen: 36
2404:8d06:1000::/36 maxlen: 36
2404:8d06:2000::/36 maxlen: 36
2404:8d06:2000::/40 maxlen: 40
2404:8d06:3000::/36 maxlen: 36
2404:8d06:4000::/36 maxlen: 36
2404:8d06:4000::/40 maxlen: 40
2404:8d06:5000::/36 maxlen: 36
2404:8d06:6000::/36 maxlen: 36
2404:8d06:6000::/40 maxlen: 48
2404:8d06:7000::/36 maxlen: 36
2404:8d06:7000::/40 maxlen: 40
2404:8d06:8000::/36 maxlen: 36
2404:8d06:8000::/40 maxlen: 40
2404:8d06:9000::/36 maxlen: 36
2404:8d06:9000::/40 maxlen: 40
2404:8d06:a000::/36 maxlen: 36
2404:8d06:a000::/40 maxlen: 40
2404:8d06:b000::/36 maxlen: 36
2404:8d06:b000::/40 maxlen: 40
2404:8d06:c000::/36 maxlen: 36
2404:8d06:d000::/36 maxlen: 36
2404:8d06:e000::/36 maxlen: 36
2404:8d06:f000::/36 maxlen: 36
2404:8d07::/36 maxlen: 36
2404:8d07:1000::/36 maxlen: 36
2404:8d07:2000::/36 maxlen: 36
2404:8d07:3000::/36 maxlen: 36
2404:8d07:4000::/36 maxlen: 36
2404:8d07:5000::/36 maxlen: 36
2404:8d07:6000::/36 maxlen: 36
2404:8d07:7000::/36 maxlen: 36
2404:8d07:8000::/36 maxlen: 36
2404:8d07:9000::/36 maxlen: 36
2404:8d07:a000::/36 maxlen: 36
2404:8d07:b000::/36 maxlen: 36
2404:8d07:c000::/36 maxlen: 36
2404:8d07:d000::/36 maxlen: 36
2404:8d07:e000::/36 maxlen: 36
2404:8d07:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/t7c-ibYhCBYJzWiasK73-vFIkmw.crl
rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/t7c-ibYhCBYJzWiasK73-vFIkmw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t7c-ibYhCBYJzWiasK73-vFIkmw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 15:41:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9647 (0x25af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1136/serialNumber=B7B73E89B621081609CD689AB0AEF7FAF148926C
Validity
Not Before: Sep 24 15:53:00 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f2e05c-1fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:47:a5:0b:d5:6f:d3:6a:20:dc:d7:cd:1b:5c:
fb:0d:21:9d:5c:95:c9:4f:1d:33:90:02:8d:87:41:
f7:e9:9a:e7:7a:57:ae:c0:c4:b6:37:1d:e3:ba:0c:
a8:46:a7:cb:4d:11:02:93:52:3b:58:57:53:87:f2:
db:81:c1:41:fb:fb:b1:e4:f0:11:cf:53:fe:62:ee:
5d:ee:a1:39:41:9f:74:56:26:89:a7:d4:9b:46:75:
4f:4b:af:d4:6d:74:40:6f:a2:9a:47:c9:4a:25:da:
2c:ab:47:a5:af:bd:8e:dc:d8:16:38:15:aa:e3:3b:
a7:c9:14:cd:c9:c5:be:11:fd:f9:e7:b7:67:3d:4e:
9d:a3:46:60:2d:51:53:30:1f:08:e5:f0:01:5d:16:
08:ee:07:9f:37:56:4f:fa:f0:15:22:97:31:66:0a:
28:69:f8:c7:a8:77:4e:76:c2:3d:3f:8c:a5:cc:45:
6c:42:db:7d:47:8e:4b:6e:7e:7e:7d:69:dc:e7:88:
bb:da:19:5c:c1:36:f5:b9:ca:c0:18:29:f0:33:7f:
f5:dc:80:78:72:00:d6:a4:a7:e8:8f:69:3f:79:c3:
1e:f5:a7:08:ed:e5:88:f4:85:a1:15:55:9f:0c:65:
89:35:cd:4b:01:2e:a9:be:41:25:5f:15:18:66:76:
1b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:89:47:B9:02:5E:19:E3:53:85:DF:56:05:E4:47:DF:29:9E:64:17
X509v3 Authority Key Identifier:
keyid:B7:B7:3E:89:B6:21:08:16:09:CD:68:9A:B0:AE:F7:FA:F1:48:92:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/t7c-ibYhCBYJzWiasK73-vFIkmw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t7c-ibYhCBYJzWiasK73-vFIkmw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/4A479BB45A7911E998A6BE80C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.67.8.0/21
IPv6:
2404:8d06::/31
Signature Algorithm: sha256WithRSAEncryption
03:a9:93:da:73:95:7f:07:e3:4d:22:bb:40:2a:eb:8c:56:74:
49:fc:fa:34:bd:f8:b7:de:98:c7:8b:63:e5:32:ad:5d:72:7f:
10:fc:8f:f4:08:86:df:44:ef:9e:91:90:71:31:36:60:59:e7:
f3:91:0e:77:c8:0e:e1:67:f0:b3:d7:78:88:9c:ce:56:d2:07:
45:11:30:48:cb:19:8e:c6:b6:f1:0a:13:00:04:75:76:e7:4a:
fe:e2:62:64:99:cc:23:ce:3d:c8:71:36:7b:81:43:bb:60:9f:
dc:ea:95:19:57:4a:cf:ef:1c:76:48:3d:c8:df:ce:ac:28:73:
8c:24:df:21:0d:bd:31:ad:4e:cf:72:d1:82:90:20:aa:b8:34:
62:0c:a5:b5:1a:4e:2f:52:09:93:87:53:a2:28:ad:b5:72:43:
54:d9:68:5d:a3:02:b9:67:6e:34:a0:e3:3c:33:3a:2e:c4:00:
2b:cf:e8:e8:bb:fd:ea:4b:f8:5e:ea:31:ec:59:b0:18:60:d7:
33:93:26:25:f9:52:bf:be:c6:03:b7:ae:59:6f:c5:25:01:31:
de:9e:f7:a8:01:7b:9f:b2:30:2e:0b:44:6d:37:5c:64:34:55:
d2:74:0a:3f:a6:9f:b6:d4:96:46:09:4a:3d:58:a1:66:9b:49:
8d:3b:38:76
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICJa8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDExMzYxMTAvBgNVBAUTKEI3QjczRTg5QjYyMTA4MTYwOUNENjg5QUIwQUVGN0ZB
RjE0ODkyNkMwHhcNMjQwOTI0MTU1MzAwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYyZTA1Yy0xZmI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtkelC9Vv02og3NfNG1z7DSGdXJXJTx0zkAKNh0H36ZrneleuwMS2Nx3jugyo
RqfLTRECk1I7WFdTh/LbgcFB+/ux5PARz1P+Yu5d7qE5QZ90ViaJp9SbRnVPS6/U
bXRAb6KaR8lKJdosq0elr72O3NgWOBWq4zunyRTNycW+Ef3557dnPU6do0ZgLVFT
MB8I5fABXRYI7gefN1ZP+vAVIpcxZgooafjHqHdOdsI9P4ylzEVsQtt9R45Lbn5+
fWnc54i72hlcwTb1ucrAGCnwM3/13IB4cgDWpKfoj2k/ecMe9acI7eWI9IWhFVWf
DGWJNc1LAS6pvkElXxUYZnYbuQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFBSJR7kC
XhnjU4XfVgXkR98pnmQXMB8GA1UdIwQYMBaAFLe3Pom2IQgWCc1omrCu9/rxSJJs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTEzNi9DRjMyODFDODIx
NUIxMUU1QTdCRjg5MEVDNEY5QUUwMi90N2MtaWJZaENCWUp6V2lhc0s3My12Rklr
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Q3Yy1pYlloQ0JZSnpXaWFzSzczLXZGSWttdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDExMzYvQ0YzMjgxQzgyMTVCMTFFNUE3QkY4OTBFQzRGOUFFMDIvNEE0NzlCQjQ1
QTc5MTFFOTk4QTZCRTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBANzQwgwDQQCAAIwBwMFASQEjQYwDQYJKoZIhvcNAQELBQAD
ggEBAAOpk9pzlX8H400iu0Aq64xWdEn8+jS9+LfemMeLY+UyrV1yfxD8j/QIht9E
756RkHExNmBZ5/ORDnfIDuFn8LPXeIiczlbSB0URMEjLGY7GtvEKEwAEdXbnSv7i
YmSZzCPOPchxNnuBQ7tgn9zqlRlXSs/vHHZIPcjfzqwoc4wk3yENvTGtTs9y0YKQ
IKq4NGIMpbUaTi9SCZOHU6IorbVyQ1TZaF2jArlnbjSg4zwzOi7EACvP6Oi7/epL
+F7qMexZsBhg1zOTJiX5Ur++xgO3rllvxSUBMd6e96gBe5+yMC4LRG03XGQ0VdJ0
Cj+mn7bUlkYJSj1YoWabSY07OHY=
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:24:57 2024 by rpki-client on console-ams.rpki-client.org