Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/37A46070F6F211EA922F482BC4F9AE02.roa
File: 37A46070F6F211EA922F482BC4F9AE02.roa (raw, json)
Hash identifier: ulbSY28XJFQuMyMRnX4bdktKm/xcu3tL1ZMG0ew7F2I=
Subject key identifier: E0:F6:3F:A9:A0:26:65:21:2E:7B:3A:80:CC:1B:60:35:91:9E:92:CD
Certificate issuer: /CN=A91E1BAB/serialNumber=48B9945987F676B46CED3DE12849A8A38F4068B5
Certificate serial: 0746
Authority key identifier: 48:B9:94:59:87:F6:76:B4:6C:ED:3D:E1:28:49:A8:A3:8F:40:68:B5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SLmUWYf2drRs7T3hKEmoo49AaLU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/37A46070F6F211EA922F482BC4F9AE02.roa
Signing time: Sat 06 Jul 2024 22:10:32 +0000
ROA not before: Sat 06 Jul 2024 22:10:32 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 17978
IP address blocks: 61.28.192.0/24 maxlen: 24
61.28.193.0/24 maxlen: 24
61.28.194.0/24 maxlen: 24
61.28.195.0/24 maxlen: 24
61.28.196.0/24 maxlen: 24
61.28.197.0/24 maxlen: 24
61.28.198.0/24 maxlen: 24
61.28.199.0/24 maxlen: 24
61.28.200.0/24 maxlen: 24
61.28.201.0/24 maxlen: 24
61.28.202.0/24 maxlen: 24
61.28.203.0/24 maxlen: 24
61.28.204.0/24 maxlen: 24
61.28.205.0/24 maxlen: 24
61.28.206.0/24 maxlen: 24
61.28.207.0/24 maxlen: 24
61.28.208.0/24 maxlen: 24
61.28.209.0/24 maxlen: 24
61.28.210.0/24 maxlen: 24
61.28.211.0/24 maxlen: 24
61.28.212.0/24 maxlen: 24
61.28.213.0/24 maxlen: 24
61.28.214.0/24 maxlen: 24
61.28.215.0/24 maxlen: 24
61.28.216.0/24 maxlen: 24
61.28.217.0/24 maxlen: 24
61.28.218.0/24 maxlen: 24
61.28.219.0/24 maxlen: 24
61.28.220.0/24 maxlen: 24
61.28.221.0/24 maxlen: 24
61.28.222.0/24 maxlen: 24
61.28.223.0/24 maxlen: 24
103.1.60.0/22 maxlen: 24
115.85.129.0/24 maxlen: 24
115.85.130.0/24 maxlen: 24
115.85.132.0/24 maxlen: 24
115.85.133.0/24 maxlen: 24
115.85.134.0/24 maxlen: 24
115.85.135.0/24 maxlen: 24
203.215.128.0/24 maxlen: 24
203.215.129.0/24 maxlen: 24
203.215.130.0/24 maxlen: 24
203.215.131.0/24 maxlen: 24
203.215.132.0/24 maxlen: 24
203.215.133.0/24 maxlen: 24
203.215.134.0/24 maxlen: 24
203.215.135.0/24 maxlen: 24
203.215.136.0/24 maxlen: 24
203.215.137.0/24 maxlen: 24
203.215.138.0/24 maxlen: 24
203.215.139.0/24 maxlen: 24
203.215.140.0/24 maxlen: 24
203.215.141.0/24 maxlen: 24
203.215.142.0/24 maxlen: 24
203.215.143.0/24 maxlen: 24
203.215.144.0/24 maxlen: 24
203.215.145.0/24 maxlen: 24
203.215.146.0/24 maxlen: 24
203.215.147.0/24 maxlen: 24
203.215.148.0/24 maxlen: 24
203.215.149.0/24 maxlen: 24
203.215.150.0/24 maxlen: 24
203.215.151.0/24 maxlen: 24
203.215.152.0/24 maxlen: 24
203.215.154.0/24 maxlen: 24
203.215.155.0/24 maxlen: 24
203.215.156.0/24 maxlen: 24
203.215.157.0/24 maxlen: 24
203.215.158.0/24 maxlen: 24
203.215.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/SLmUWYf2drRs7T3hKEmoo49AaLU.crl
rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/SLmUWYf2drRs7T3hKEmoo49AaLU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SLmUWYf2drRs7T3hKEmoo49AaLU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1862 (0x746)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E1BAB/serialNumber=48B9945987F676B46CED3DE12849A8A38F4068B5
Validity
Not Before: Jul 6 22:10:32 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6689c0d8-668f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f9:d1:2a:49:be:5e:a9:3e:b3:bf:8c:b6:50:
b3:a1:ea:15:9b:b9:66:85:c0:5a:c9:74:c8:e3:c9:
27:8e:f4:e5:69:40:33:d1:46:dd:18:1f:98:7d:a6:
e8:6b:39:c9:53:93:1e:61:ad:29:e6:f5:05:a1:f4:
85:b1:23:a1:f8:d8:4f:61:a3:88:55:3b:ed:a6:1e:
01:ce:6a:29:e5:df:2f:a9:11:97:dc:0e:5f:d1:e1:
b1:31:62:80:3d:69:43:d0:04:48:4a:ba:bb:a7:31:
56:ce:fe:e8:e8:0f:fe:95:9d:cf:5c:a5:4d:11:4b:
b0:ae:fa:cb:89:f2:9e:c9:01:87:13:db:b3:c7:c1:
d4:18:2e:92:3c:f7:f1:77:7b:b5:48:a5:86:d9:6c:
c1:d4:61:4f:0e:9b:c5:1c:ad:fb:5b:27:63:09:87:
ad:3b:30:3b:db:5f:c3:05:66:6c:e6:27:8f:f4:01:
0d:f9:fd:70:57:d7:57:1e:c6:37:50:60:5e:49:a2:
43:cf:00:37:c0:b9:ee:21:94:c9:72:26:24:96:0c:
1b:7a:57:f5:af:03:dc:11:d6:82:5e:3a:ac:85:b9:
7c:d9:69:54:99:71:23:ee:98:a4:10:17:12:cb:86:
bc:1c:61:82:55:31:8c:99:5c:33:b6:b4:c1:29:07:
29:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F6:3F:A9:A0:26:65:21:2E:7B:3A:80:CC:1B:60:35:91:9E:92:CD
X509v3 Authority Key Identifier:
keyid:48:B9:94:59:87:F6:76:B4:6C:ED:3D:E1:28:49:A8:A3:8F:40:68:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/SLmUWYf2drRs7T3hKEmoo49AaLU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SLmUWYf2drRs7T3hKEmoo49AaLU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E1BAB/0B97601AF66411EA91CD2A53C4F9AE02/37A46070F6F211EA922F482BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.28.192.0/19
103.1.60.0/22
115.85.129.0-115.85.130.255
115.85.132.0/22
203.215.128.0-203.215.152.255
203.215.154.0-203.215.159.255
Signature Algorithm: sha256WithRSAEncryption
48:ad:9f:89:bd:b5:6f:92:2a:df:92:f4:12:b1:e6:1f:2c:86:
26:be:9c:7e:b1:e5:d6:08:9a:1c:7a:0d:96:b6:85:cb:cf:13:
e2:67:e2:aa:a2:58:14:48:13:a1:57:41:61:99:ad:57:3a:a4:
1c:f1:9e:66:f4:62:25:09:6e:6b:1e:49:cf:f9:78:df:00:61:
6a:f8:29:99:4a:ce:46:45:3f:c7:37:37:75:2a:b5:f7:1c:cc:
3b:2f:80:00:39:5d:7c:4b:5a:94:03:1d:b6:c0:5d:81:18:1f:
e8:7f:8f:1d:aa:f5:f5:60:43:e6:5b:33:af:39:62:77:bc:95:
49:50:09:7f:0d:b7:2b:2a:7e:21:bc:9e:1b:0d:66:68:c3:e4:
9c:2a:05:5f:0c:f3:4a:8f:f7:fc:27:cc:ac:92:a0:2e:a2:a7:
db:e9:50:82:72:1e:15:3d:b0:8a:e6:e7:1c:a1:b3:32:a5:6b:
36:26:49:cb:5b:05:10:36:ca:ad:23:7d:87:9a:2c:a5:b0:5a:
3e:4e:99:4f:ad:33:e0:14:02:09:fa:ac:da:06:25:d3:12:a4:
af:92:79:5a:6f:0b:57:9f:db:2b:6e:8b:66:b5:96:d3:48:50:
b8:a9:41:33:a9:3d:6c:43:02:82:ed:02:78:35:3b:14:ed:5c:
87:1a:88:7b
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgICB0YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTFCQUIxMTAvBgNVBAUTKDQ4Qjk5NDU5ODdGNjc2QjQ2Q0VEM0RFMTI4NDlBOEEz
OEY0MDY4QjUwHhcNMjQwNzA2MjIxMDMyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg5YzBkOC02NjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAovnRKkm+Xqk+s7+MtlCzoeoVm7lmhcBayXTI48knjvTlaUAz0UbdGB+Yfabo
aznJU5MeYa0p5vUFofSFsSOh+NhPYaOIVTvtph4Bzmop5d8vqRGX3A5f0eGxMWKA
PWlD0ARISrq7pzFWzv7o6A/+lZ3PXKVNEUuwrvrLifKeyQGHE9uzx8HUGC6SPPfx
d3u1SKWG2WzB1GFPDpvFHK37WydjCYetOzA721/DBWZs5ieP9AEN+f1wV9dXHsY3
UGBeSaJDzwA3wLnuIZTJciYklgwbelf1rwPcEdaCXjqshbl82WlUmXEj7pikEBcS
y4a8HGGCVTGMmVwztrTBKQcpRQIDAQABo4ICyzCCAscwHQYDVR0OBBYEFOD2P6mg
JmUhLns6gMwbYDWRnpLNMB8GA1UdIwQYMBaAFEi5lFmH9na0bO094ShJqKOPQGi1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMUJBQi8wQjk3NjAxQUY2
NjQxMUVBOTFDRDJBNTNDNEY5QUUwMi9TTG1VV1lmMmRyUnM3VDNoS0Vtb280OUFh
TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NMbVVXWWYyZHJSczdUM2hLRW1vbzQ5QWFMVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTFCQUIvMEI5NzYwMUFGNjY0MTFFQTkxQ0QyQTUzQzRGOUFFMDIvMzdBNDYwNzBG
NkYyMTFFQTkyMkY0ODJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVQYIKwYBBQUHAQcBAf8E
RjBEMEIEAgABMDwDBAU9HMADBAJnATwwDAMEAHNVgQMEAHNVggMEAnNVhDAMAwQH
y9eAAwQAy9eYMAwDBAHL15oDBAXL14AwDQYJKoZIhvcNAQELBQADggEBAEitn4m9
tW+SKt+S9BKx5h8shia+nH6x5dYImhx6DZa2hcvPE+Jn4qqiWBRIE6FXQWGZrVc6
pBzxnmb0YiUJbmseSc/5eN8AYWr4KZlKzkZFP8c3N3UqtfcczDsvgAA5XXxLWpQD
HbbAXYEYH+h/jx2q9fVgQ+ZbM685Yne8lUlQCX8NtysqfiG8nhsNZmjD5JwqBV8M
80qP9/wnzKySoC6ip9vpUIJyHhU9sIrm5xyhszKlazYmSctbBRA2yq0jfYeaLKWw
Wj5OmU+tM+AUAgn6rNoGJdMSpK+SeVpvC1ef2ytui2a1ltNIULipQTOpPWxDAoLt
Ang1OxTtXIcaiHs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:24:13 2024 by rpki-client on console-fra.rpki-client.org