Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/37A46070F6F211EA922F482BC4F9AE02.roa
File: 37A46070F6F211EA922F482BC4F9AE02.roa (raw, json)
Hash identifier: abpHjZAvbs4qC9WBBPzqi+c7CmMUiHDfmwHOTCh+x/k=
Subject key identifier: 12:7C:82:A5:09:5A:88:FC:28:30:B9:F0:8D:6D:77:DD:4B:32:7E:7B
Certificate issuer: /CN=A91E1BAB/serialNumber=48B9945987F676B46CED3DE12849A8A38F4068B5
Certificate serial: 06CD
Authority key identifier: 48:B9:94:59:87:F6:76:B4:6C:ED:3D:E1:28:49:A8:A3:8F:40:68:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SLmUWYf2drRs7T3hKEmoo49AaLU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/37A46070F6F211EA922F482BC4F9AE02.roa
Signing time: Mon 20 Nov 2023 03:38:58 +0000
ROA not before: Mon 20 Nov 2023 03:38:58 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 17978
IP address blocks: 61.28.192.0/24 maxlen: 24
61.28.193.0/24 maxlen: 24
61.28.194.0/24 maxlen: 24
61.28.195.0/24 maxlen: 24
61.28.196.0/24 maxlen: 24
61.28.197.0/24 maxlen: 24
61.28.198.0/24 maxlen: 24
61.28.199.0/24 maxlen: 24
61.28.200.0/24 maxlen: 24
61.28.201.0/24 maxlen: 24
61.28.202.0/24 maxlen: 24
61.28.203.0/24 maxlen: 24
61.28.204.0/24 maxlen: 24
61.28.205.0/24 maxlen: 24
61.28.206.0/24 maxlen: 24
61.28.207.0/24 maxlen: 24
61.28.208.0/24 maxlen: 24
61.28.209.0/24 maxlen: 24
61.28.210.0/24 maxlen: 24
61.28.211.0/24 maxlen: 24
61.28.212.0/24 maxlen: 24
61.28.213.0/24 maxlen: 24
61.28.214.0/24 maxlen: 24
61.28.215.0/24 maxlen: 24
61.28.216.0/24 maxlen: 24
61.28.217.0/24 maxlen: 24
61.28.218.0/24 maxlen: 24
61.28.219.0/24 maxlen: 24
61.28.220.0/24 maxlen: 24
61.28.221.0/24 maxlen: 24
61.28.222.0/24 maxlen: 24
61.28.223.0/24 maxlen: 24
103.1.60.0/22 maxlen: 24
115.85.129.0/24 maxlen: 24
115.85.130.0/24 maxlen: 24
115.85.132.0/24 maxlen: 24
115.85.133.0/24 maxlen: 24
115.85.134.0/24 maxlen: 24
115.85.135.0/24 maxlen: 24
203.215.128.0/24 maxlen: 24
203.215.129.0/24 maxlen: 24
203.215.130.0/24 maxlen: 24
203.215.131.0/24 maxlen: 24
203.215.132.0/24 maxlen: 24
203.215.133.0/24 maxlen: 24
203.215.134.0/24 maxlen: 24
203.215.135.0/24 maxlen: 24
203.215.136.0/24 maxlen: 24
203.215.137.0/24 maxlen: 24
203.215.138.0/24 maxlen: 24
203.215.139.0/24 maxlen: 24
203.215.140.0/24 maxlen: 24
203.215.141.0/24 maxlen: 24
203.215.142.0/24 maxlen: 24
203.215.143.0/24 maxlen: 24
203.215.144.0/24 maxlen: 24
203.215.145.0/24 maxlen: 24
203.215.146.0/24 maxlen: 24
203.215.147.0/24 maxlen: 24
203.215.148.0/24 maxlen: 24
203.215.149.0/24 maxlen: 24
203.215.150.0/24 maxlen: 24
203.215.151.0/24 maxlen: 24
203.215.152.0/24 maxlen: 24
203.215.154.0/24 maxlen: 24
203.215.155.0/24 maxlen: 24
203.215.156.0/24 maxlen: 24
203.215.157.0/24 maxlen: 24
203.215.158.0/24 maxlen: 24
203.215.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/SLmUWYf2drRs7T3hKEmoo49AaLU.crl
rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/SLmUWYf2drRs7T3hKEmoo49AaLU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SLmUWYf2drRs7T3hKEmoo49AaLU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 09 Jun 2024 23:03:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1741 (0x6cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E1BAB/serialNumber=48B9945987F676B46CED3DE12849A8A38F4068B5
Validity
Not Before: Nov 20 03:38:58 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=655ad4d2-a18f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2b:73:34:38:63:28:c3:fc:d4:93:8d:76:03:
e2:7a:70:54:1d:d9:be:36:06:4a:7d:53:69:38:ce:
9b:fb:a3:18:3e:0d:62:56:2b:75:93:d5:a0:a5:c9:
50:73:b6:c5:77:b4:df:e9:09:6a:d8:ad:50:5c:e3:
a8:0a:a5:c3:0e:d2:2f:01:ed:9b:cb:da:81:86:73:
3b:5a:b3:b4:5c:bb:18:91:e8:ad:f7:bd:47:34:bb:
5c:71:fd:c7:7a:2c:29:23:d8:af:59:d8:ea:13:c0:
c9:e6:9a:4c:e6:35:5f:d4:87:bb:13:8e:1f:09:2c:
31:52:d8:dc:0f:ac:76:38:cc:b8:4e:ae:5e:c3:41:
33:ff:79:ee:75:2d:13:b1:53:aa:49:84:e1:3b:d0:
dd:5a:95:e7:99:70:c9:25:73:07:4b:b2:dd:6b:08:
ce:8f:36:3b:83:bb:27:44:71:c5:af:30:03:f5:50:
23:43:9f:3c:1c:54:e0:ed:70:9e:d3:5a:30:75:9a:
09:30:13:f4:fb:57:31:0d:4f:3b:16:fa:15:bb:a7:
06:b3:56:ef:6f:74:04:01:07:be:c9:25:08:e6:9f:
26:e8:a5:27:c4:e7:e4:87:7f:6c:6a:0c:16:26:44:
8b:f0:95:74:c0:10:0a:7c:9d:1d:1a:42:76:e4:be:
95:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:7C:82:A5:09:5A:88:FC:28:30:B9:F0:8D:6D:77:DD:4B:32:7E:7B
X509v3 Authority Key Identifier:
keyid:48:B9:94:59:87:F6:76:B4:6C:ED:3D:E1:28:49:A8:A3:8F:40:68:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/SLmUWYf2drRs7T3hKEmoo49AaLU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SLmUWYf2drRs7T3hKEmoo49AaLU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/37A46070F6F211EA922F482BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.28.192.0/19
103.1.60.0/22
115.85.129.0-115.85.130.255
115.85.132.0/22
203.215.128.0-203.215.152.255
203.215.154.0-203.215.159.255
Signature Algorithm: sha256WithRSAEncryption
84:ad:82:46:a2:92:9b:f9:21:f2:4d:2c:58:25:25:00:23:98:
52:a1:37:fc:69:ee:76:72:fe:99:33:48:1c:b5:bb:4d:39:d8:
eb:ea:4f:4b:cb:25:9c:c1:56:06:3f:25:34:fd:c7:ec:5e:3b:
f8:87:c3:87:8d:46:62:01:e4:2f:a9:57:8a:08:bd:a6:58:e2:
63:63:33:e0:6c:49:cb:7e:91:79:f5:35:15:e9:2f:dc:39:5a:
c8:ec:3d:25:80:81:5a:54:c4:b4:0b:df:66:dd:06:c3:9f:65:
a7:a8:26:20:9e:71:ee:0f:74:8e:82:78:0b:cc:ac:bf:54:e0:
6e:6a:4e:fb:81:a8:14:b7:c9:6f:a2:b8:fb:3d:23:bd:7a:52:
6b:93:36:bf:e3:6d:77:da:8e:f8:d7:89:02:f6:c7:12:1f:6b:
cc:a0:34:9f:be:a9:f3:b7:d6:e4:64:18:f1:64:eb:6d:14:02:
ba:a0:2b:69:00:64:da:f1:46:df:a0:27:15:3c:73:7c:ac:c4:
57:f6:95:ad:75:db:4a:00:37:ef:ef:85:1d:06:fe:f3:46:79:
b6:f9:31:9e:c2:4f:a8:a2:fd:21:29:2c:79:e8:99:01:7f:a2:
ed:76:80:84:1d:e9:d5:49:96:ce:73:4a:91:f4:53:63:8e:81:
21:a5:3d:52
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICBs0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTFCQUIxMTAvBgNVBAUTKDQ4Qjk5NDU5ODdGNjc2QjQ2Q0VEM0RFMTI4NDlBOEEz
OEY0MDY4QjUwHhcNMjMxMTIwMDMzODU4WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVhZDRkMi1hMThmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyytzNDhjKMP81JONdgPienBUHdm+NgZKfVNpOM6b+6MYPg1iVit1k9WgpclQ
c7bFd7Tf6Qlq2K1QXOOoCqXDDtIvAe2by9qBhnM7WrO0XLsYkeit971HNLtccf3H
eiwpI9ivWdjqE8DJ5ppM5jVf1Ie7E44fCSwxUtjcD6x2OMy4Tq5ew0Ez/3nudS0T
sVOqSYThO9DdWpXnmXDJJXMHS7LdawjOjzY7g7snRHHFrzAD9VAjQ588HFTg7XCe
01owdZoJMBP0+1cxDU87FvoVu6cGs1bvb3QEAQe+ySUI5p8m6KUnxOfkh39sagwW
JkSL8JV0wBAKfJ0dGkJ25L6VQwIDAQABo4ICyzCCAscwHQYDVR0OBBYEFBJ8gqUJ
Woj8KDC58I1td91LMn57MB8GA1UdIwQYMBaAFEi5lFmH9na0bO094ShJqKOPQGi1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMUJBQi8wQjk3NjAxQUY2
NjQxMUVBOTFDRDJBNTNDNEY5QUUwMi9TTG1VV1lmMmRyUnM3VDNoS0Vtb280OUFh
TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NMbVVXWWYyZHJSczdUM2hLRW1vbzQ5QWFMVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTFCQUIvMEI5NzYwMUFGNjY0MTFFQTkxQ0QyQTUzQzRGOUFFMDIvMzdBNDYwNzBG
NkYyMTFFQTkyMkY0ODJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBAU9HMADBAJnATwwDAMEAHNVgQMEAHNVggMEAnNVhDAMAwQH
y9eAAwQAy9eYMAwDBAHL15oDBAXL14AwDQYJKoZIhvcNAQELBQADggEBAIStgkai
kpv5IfJNLFglJQAjmFKhN/xp7nZy/pkzSBy1u0052OvqT0vLJZzBVgY/JTT9x+xe
O/iHw4eNRmIB5C+pV4oIvaZY4mNjM+BsSct+kXn1NRXpL9w5WsjsPSWAgVpUxLQL
32bdBsOfZaeoJiCece4PdI6CeAvMrL9U4G5qTvuBqBS3yW+iuPs9I716UmuTNr/j
bXfajvjXiQL2xxIfa8ygNJ++qfO31uRkGPFk620UArqgK2kAZNrxRt+gJxU8c3ys
xFf2la1120oAN+/vhR0G/vNGebb5MZ7CT6ii/SEpLHnomQF/ou12gIQd6dVJls5z
SpH0U2OOgSGlPVI=
-----END CERTIFICATE-----
Generated at Mon Jun 3 01:08:49 2024 by rpki-client on console-fra.rpki-client.org