Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/56F533B4A63011EEA6054D52C4F9AE02.roa
File: 56F533B4A63011EEA6054D52C4F9AE02.roa (raw, json)
Hash identifier: fkSFRa17OQbrrMZVQbgWvfMD84ms7LzhBDUdh/usdYk=
Subject key identifier: 8F:F2:33:3A:99:29:B5:54:FD:AF:01:41:8D:B4:7D:C3:8C:B4:B3:8C
Certificate issuer: /CN=A91DCAE8/serialNumber=AAB0E2B62F6343895730C05488E7FC4E26C51A6C
Certificate serial: 33B9
Authority key identifier: AA:B0:E2:B6:2F:63:43:89:57:30:C0:54:88:E7:FC:4E:26:C5:1A:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrDiti9jQ4lXMMBUiOf8TibFGmw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/56F533B4A63011EEA6054D52C4F9AE02.roa
Signing time: Fri 29 Dec 2023 10:05:54 +0000
ROA not before: Fri 29 Dec 2023 10:05:54 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 38235
IP address blocks: 103.120.132.0/22 maxlen: 24
116.212.128.0/19 maxlen: 24
202.57.208.0/24 maxlen: 24
202.57.209.0/24 maxlen: 24
202.57.210.0/23 maxlen: 23
202.57.210.0/24 maxlen: 24
202.57.211.0/24 maxlen: 24
203.176.128.0/21 maxlen: 22
203.176.128.0/23 maxlen: 24
203.176.130.0/24 maxlen: 24
203.176.131.0/24 maxlen: 24
203.176.132.0/24 maxlen: 24
203.176.133.0/24 maxlen: 24
203.176.134.0/24 maxlen: 24
203.176.135.0/24 maxlen: 24
203.176.136.0/21 maxlen: 22
203.176.136.0/24 maxlen: 24
203.176.137.0/24 maxlen: 24
203.176.138.0/23 maxlen: 24
203.176.140.0/22 maxlen: 24
2405:da00::/32 maxlen: 36
2405:da00::/40 maxlen: 40
2405:da00::/48 maxlen: 48
2405:da00:1::/48 maxlen: 48
2405:da00:10::/44 maxlen: 44
2405:da00:99::/48 maxlen: 48
2405:da00:100::/40 maxlen: 40
2405:da00:200::/40 maxlen: 40
2405:da00:300::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/qrDiti9jQ4lXMMBUiOf8TibFGmw.crl
rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/qrDiti9jQ4lXMMBUiOf8TibFGmw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrDiti9jQ4lXMMBUiOf8TibFGmw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 14:53:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13241 (0x33b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DCAE8/serialNumber=AAB0E2B62F6343895730C05488E7FC4E26C51A6C
Validity
Not Before: Dec 29 10:05:54 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=658e9a01-6b0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:80:2b:19:c1:b3:b7:20:0d:36:e8:31:11:60:
22:f4:63:98:36:06:0c:96:b8:ff:9d:3f:1e:9f:18:
ce:c3:84:d7:26:29:d8:7d:b4:d0:29:3d:76:17:4a:
80:eb:f7:6b:d7:ea:68:50:6d:93:9b:a3:b5:e5:83:
c2:7c:f5:f5:67:a9:3a:57:38:d3:44:a6:59:08:d1:
a7:21:c2:e6:18:e1:66:62:e8:bb:a7:fb:65:b3:c4:
82:c7:92:73:ee:74:b7:b1:2d:c0:77:54:21:e0:82:
3b:41:b7:b1:d7:ef:e7:63:b4:5e:40:fb:69:4b:4f:
8e:cf:8b:99:23:11:62:39:6d:d6:9e:e3:b2:33:61:
fe:da:2d:07:73:b0:a0:07:0c:49:5c:c7:2b:66:cb:
e5:d1:7b:b1:32:ec:75:ba:d0:4f:2b:e7:c7:f3:26:
3b:56:56:6e:6b:26:f2:b2:fe:c8:de:3b:f4:df:0d:
ec:da:75:92:a8:2a:04:20:be:ba:7f:27:43:f9:6c:
5b:46:fd:4b:03:85:a0:46:8c:c0:7d:c4:46:3e:ef:
57:4a:9e:ff:06:c0:3e:20:e6:ef:d7:29:9f:f4:f7:
95:d4:29:41:06:86:85:16:71:03:7b:d9:0a:d9:3e:
4f:eb:26:86:2c:7f:33:a2:98:db:51:b7:22:a5:fb:
00:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:F2:33:3A:99:29:B5:54:FD:AF:01:41:8D:B4:7D:C3:8C:B4:B3:8C
X509v3 Authority Key Identifier:
keyid:AA:B0:E2:B6:2F:63:43:89:57:30:C0:54:88:E7:FC:4E:26:C5:1A:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/qrDiti9jQ4lXMMBUiOf8TibFGmw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qrDiti9jQ4lXMMBUiOf8TibFGmw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DCAE8/8B6ADE141D9311E292CB23F708B02CD2/56F533B4A63011EEA6054D52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.120.132.0/22
116.212.128.0/19
202.57.208.0/22
203.176.128.0/20
IPv6:
2405:da00::/32
Signature Algorithm: sha256WithRSAEncryption
0d:29:9d:7e:53:38:75:c7:3c:e7:16:08:ee:1a:55:61:ff:3f:
f1:1e:9c:4a:26:c9:a8:f0:62:91:f8:88:d0:59:c1:09:be:46:
a4:47:9f:bb:56:e9:c9:de:72:d6:2d:64:02:a0:a7:37:60:ce:
e1:71:05:55:e4:91:b5:c5:96:e6:1f:e0:c7:59:7b:2e:07:80:
6e:e9:50:24:c5:3b:8e:27:9e:26:39:c4:6e:60:78:57:3b:c6:
54:13:1b:2d:6f:f4:ae:45:df:cb:3a:c3:92:d6:1e:c2:e0:21:
eb:2b:f4:05:45:38:f5:e8:ba:66:cb:09:e5:bf:6e:d3:7e:7c:
97:78:ef:fb:24:e8:90:8a:5f:04:07:69:a6:36:65:b0:cb:6c:
9f:49:64:c9:fc:57:53:89:b6:cb:4f:b2:ef:11:0b:40:66:ea:
71:dc:85:51:cc:a6:71:3d:bb:d5:e4:0d:d1:fa:e0:79:07:97:
77:28:00:e7:b4:b5:78:26:99:51:7c:8a:af:92:d6:5a:d1:3e:
fb:74:a6:ec:4d:a1:59:fe:d1:d0:84:32:bb:54:8b:93:a3:e9:
fe:95:e5:c1:35:80:c9:35:35:12:27:85:05:3c:92:42:f0:dc:
cd:e7:28:8d:d1:f5:32:e4:33:b9:3d:3d:dd:d5:22:37:1f:f3:
9e:6c:42:26
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICM7kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RENBRTgxMTAvBgNVBAUTKEFBQjBFMkI2MkY2MzQzODk1NzMwQzA1NDg4RTdGQzRF
MjZDNTFBNkMwHhcNMjMxMjI5MTAwNTU0WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThlOWEwMS02YjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvoArGcGztyANNugxEWAi9GOYNgYMlrj/nT8enxjOw4TXJinYfbTQKT12F0qA
6/dr1+poUG2Tm6O15YPCfPX1Z6k6VzjTRKZZCNGnIcLmGOFmYui7p/tls8SCx5Jz
7nS3sS3Ad1Qh4II7Qbex1+/nY7ReQPtpS0+Oz4uZIxFiOW3WnuOyM2H+2i0Hc7Cg
BwxJXMcrZsvl0XuxMux1utBPK+fH8yY7VlZuaybysv7I3jv03w3s2nWSqCoEIL66
fydD+WxbRv1LA4WgRozAfcRGPu9XSp7/BsA+IObv1ymf9PeV1ClBBoaFFnEDe9kK
2T5P6yaGLH8zopjbUbcipfsAqQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFI/yMzqZ
KbVU/a8BQY20fcOMtLOMMB8GA1UdIwQYMBaAFKqw4rYvY0OJVzDAVIjn/E4mxRps
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQ0FFOC84QjZBREUxNDFE
OTMxMUUyOTJDQjIzRjcwOEIwMkNEMi9xckRpdGk5alE0bFhNTUJVaU9mOFRpYkZH
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FyRGl0aTlqUTRsWE1NQlVpT2Y4VGliRkdtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RENBRTgvOEI2QURFMTQxRDkzMTFFMjkyQ0IyM0Y3MDhCMDJDRDIvNTZGNTMzQjRB
NjMwMTFFRUE2MDU0RDUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJneIQDBAV01IADBALKOdADBATLsIAwDQQCAAIwBwMFACQF
2gAwDQYJKoZIhvcNAQELBQADggEBAA0pnX5TOHXHPOcWCO4aVWH/P/EenEomyajw
YpH4iNBZwQm+RqRHn7tW6cnectYtZAKgpzdgzuFxBVXkkbXFluYf4MdZey4HgG7p
UCTFO44nniY5xG5geFc7xlQTGy1v9K5F38s6w5LWHsLgIesr9AVFOPXoumbLCeW/
btN+fJd47/sk6JCKXwQHaaY2ZbDLbJ9JZMn8V1OJtstPsu8RC0Bm6nHchVHMpnE9
u9XkDdH64HkHl3coAOe0tXgmmVF8iq+S1lrRPvt0puxNoVn+0dCEMrtUi5Oj6f6V
5cE1gMk1NRInhQU8kkLw3M3nKI3R9TLkM7k9Pd3VIjcf855sQiY=
-----END CERTIFICATE-----
Generated at Fri May 31 16:41:44 2024 by rpki-client on console-ams.rpki-client.org