Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/FED80F56E19811EC860C6F38C4F9AE02.roa
File: FED80F56E19811EC860C6F38C4F9AE02.roa (raw, json)
Hash identifier: K1rAuJOED+6Q4BLx8v57fInKqUu+2+FMuirq4Ojpcg4=
Subject key identifier: FF:C4:26:E4:CB:EC:3E:8D:0F:19:C4:12:22:20:84:EF:24:76:23:67
Certificate issuer: /CN=A91E2364/serialNumber=647B149EF016CC5356A7ED730F133E002C0E7FAA
Certificate serial: 0B7D
Authority key identifier: 64:7B:14:9E:F0:16:CC:53:56:A7:ED:73:0F:13:3E:00:2C:0E:7F:AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/FED80F56E19811EC860C6F38C4F9AE02.roa
Signing time: Tue 28 Nov 2023 19:26:44 +0000
ROA not before: Tue 28 Nov 2023 19:26:44 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 45498
IP address blocks: 27.109.112.0/22 maxlen: 22
27.109.112.0/23 maxlen: 23
27.109.112.0/24 maxlen: 24
27.109.113.0/24 maxlen: 24
27.109.114.0/23 maxlen: 23
27.109.114.0/24 maxlen: 24
27.109.115.0/24 maxlen: 24
103.145.136.0/23 maxlen: 23
103.145.136.0/24 maxlen: 24
103.145.137.0/24 maxlen: 24
117.20.112.0/21 maxlen: 21
117.20.112.0/22 maxlen: 24
117.20.116.0/22 maxlen: 24
202.93.153.0/24 maxlen: 24
202.129.236.0/24 maxlen: 24
203.118.242.0/24 maxlen: 24
2401:9700:1000::/40 maxlen: 42
2401:9700:1010::/48 maxlen: 48
2401:9700:2000::/40 maxlen: 42
2401:9700:2100::/40 maxlen: 42
2401:9700:2200::/40 maxlen: 42
2401:9700:2300::/40 maxlen: 42
2401:9700:2400::/40 maxlen: 42
2401:9700:2500::/40 maxlen: 42
2401:9700:3000::/40 maxlen: 42
2401:9700:4000::/40 maxlen: 42
2401:9700:5000::/40 maxlen: 42
2401:9700:6000::/40 maxlen: 42
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.crl
rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 18:17:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2941 (0xb7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E2364/serialNumber=647B149EF016CC5356A7ED730F133E002C0E7FAA
Validity
Not Before: Nov 28 19:26:44 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65663ef4-9f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:17:99:fe:fd:b7:bc:80:b2:87:9e:ce:ea:32:
fa:a8:23:e6:35:b1:c2:8f:e6:e7:b4:f3:c3:87:21:
67:5f:15:19:1b:7c:c1:a8:4c:21:c1:1c:e1:a8:0d:
bf:98:66:f4:42:41:fa:1b:f8:2d:cc:0d:fd:2d:f1:
2f:d2:25:16:b0:d8:c6:d5:de:84:b1:c2:b1:a2:d8:
7e:de:ff:bc:07:f7:3e:d2:4b:70:85:ea:23:3c:f4:
bd:a0:67:b4:21:c5:00:86:57:2e:a1:fd:02:39:aa:
58:05:62:00:89:80:77:ab:e2:1f:37:47:e3:08:fe:
00:c1:81:f4:f3:54:52:77:9f:6d:b5:cf:4c:96:24:
d0:fd:fa:a6:57:bd:fb:10:89:b7:c5:45:96:74:86:
f4:0a:0d:1f:98:34:62:bb:69:d2:60:ae:b0:fd:15:
fe:5d:ea:aa:4a:7c:8e:a1:78:c6:e5:52:2f:db:eb:
33:44:f0:5d:4e:8a:1f:52:db:2f:bb:10:f7:d1:76:
22:0a:cf:6e:b3:af:58:9c:6f:93:8d:40:68:6b:f5:
78:0f:10:2a:ca:5b:96:c7:1f:8f:4e:26:97:04:d6:
c9:a6:36:0e:4c:66:d3:01:e2:31:6b:ee:2b:d1:7b:
d3:b8:8e:82:11:98:5b:7d:ab:93:48:07:b5:34:6a:
ee:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C4:26:E4:CB:EC:3E:8D:0F:19:C4:12:22:20:84:EF:24:76:23:67
X509v3 Authority Key Identifier:
keyid:64:7B:14:9E:F0:16:CC:53:56:A7:ED:73:0F:13:3E:00:2C:0E:7F:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZHsUnvAWzFNWp-1zDxM-ACwOf6o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2364/8FE71786FF9B11E9B7F4A772C4F9AE02/FED80F56E19811EC860C6F38C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.109.112.0/22
103.145.136.0/23
117.20.112.0/21
202.93.153.0/24
202.129.236.0/24
203.118.242.0/24
IPv6:
2401:9700:1000::/40
2401:9700:2000::-2401:9700:25ff:ffff:ffff:ffff:ffff:ffff
2401:9700:3000::/40
2401:9700:4000::/40
2401:9700:5000::/40
2401:9700:6000::/40
Signature Algorithm: sha256WithRSAEncryption
93:39:88:36:05:af:3e:9a:cd:5c:33:56:21:b6:b3:18:d2:91:
cb:af:31:06:a0:16:4b:8f:bf:e7:19:a7:93:9e:46:f9:0d:41:
12:0b:cd:17:01:5b:9d:8e:aa:66:20:b9:1b:4d:99:5e:81:07:
4e:6e:3f:1f:ea:9a:aa:2c:4e:81:5c:f9:98:2e:33:fb:ab:d2:
ce:f2:33:8b:e5:ec:7c:0a:ca:eb:f5:79:65:6a:cf:9f:ba:1b:
f2:7f:55:2f:f9:01:29:9b:a3:9f:1b:7f:bb:7c:9b:d7:f6:29:
a4:21:58:55:dd:a4:09:36:a5:06:60:e1:1b:30:82:33:f9:eb:
66:91:3e:ed:93:69:86:79:85:c8:4f:d2:75:d2:2a:08:df:e9:
a7:de:80:07:1c:5f:9b:73:c1:a2:5f:b0:8f:89:07:49:01:31:
3b:a7:d9:40:b2:3d:b2:4f:92:6d:6d:b0:dc:67:a3:53:aa:e3:
7c:3f:04:89:87:bc:3b:2c:87:87:26:72:a6:58:6c:84:22:8b:
94:ca:b3:d5:12:04:19:f2:17:65:da:0c:e1:91:6f:ec:25:fe:
b8:e4:0a:d9:90:2f:70:c2:f8:a0:a4:fb:42:2d:49:b0:b1:7f:
4c:43:fe:0b:e0:aa:9f:96:a2:8c:e0:af:a2:46:f4:a8:41:cd:
c6:14:ce:15
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgICC30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTIzNjQxMTAvBgNVBAUTKDY0N0IxNDlFRjAxNkNDNTM1NkE3RUQ3MzBGMTMzRTAw
MkMwRTdGQUEwHhcNMjMxMTI4MTkyNjQ0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY2M2VmNC05ZjhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9ReZ/v23vICyh57O6jL6qCPmNbHCj+bntPPDhyFnXxUZG3zBqEwhwRzhqA2/
mGb0QkH6G/gtzA39LfEv0iUWsNjG1d6EscKxoth+3v+8B/c+0ktwheojPPS9oGe0
IcUAhlcuof0COapYBWIAiYB3q+IfN0fjCP4AwYH081RSd59ttc9MliTQ/fqmV737
EIm3xUWWdIb0Cg0fmDRiu2nSYK6w/RX+XeqqSnyOoXjG5VIv2+szRPBdToofUtsv
uxD30XYiCs9us69YnG+TjUBoa/V4DxAqyluWxx+PTiaXBNbJpjYOTGbTAeIxa+4r
0XvTuI6CEZhbfauTSAe1NGruIQIDAQABo4IC9TCCAvEwHQYDVR0OBBYEFP/EJuTL
7D6NDxnEEiIghO8kdiNnMB8GA1UdIwQYMBaAFGR7FJ7wFsxTVqftcw8TPgAsDn+q
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjM2NC84RkU3MTc4NkZG
OUIxMUU5QjdGNEE3NzJDNEY5QUUwMi9aSHNVbnZBV3pGTldwLTF6RHhNLUFDd09m
Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pIc1VudkFXekZOV3AtMXpEeE0tQUN3T2Y2by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTIzNjQvOEZFNzE3ODZGRjlCMTFFOUI3RjRBNzcyQzRGOUFFMDIvRkVEODBGNTZF
MTk4MTFFQzg2MEM2RjM4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfwYIKwYBBQUHAQcBAf8E
cDBuMCoEAgABMCQDBAIbbXADBAFnkYgDBAN1FHADBADKXZkDBADKgewDBADLdvIw
QAQCAAIwOgMGACQBlwAQMBADBgUkAZcAIAMGASQBlwAkAwYAJAGXADADBgAkAZcA
QAMGACQBlwBQAwYAJAGXAGAwDQYJKoZIhvcNAQELBQADggEBAJM5iDYFrz6azVwz
ViG2sxjSkcuvMQagFkuPv+cZp5OeRvkNQRILzRcBW52OqmYguRtNmV6BB05uPx/q
mqosToFc+ZguM/ur0s7yM4vl7HwKyuv1eWVqz5+6G/J/VS/5ASmbo58bf7t8m9f2
KaQhWFXdpAk2pQZg4RswgjP562aRPu2TaYZ5hchP0nXSKgjf6afegAccX5tzwaJf
sI+JB0kBMTun2UCyPbJPkm1tsNxno1Oq43w/BImHvDssh4cmcqZYbIQii5TKs9US
BBnyF2XaDOGRb+wl/rjkCtmQL3DC+KCk+0ItSbCxf0xD/gvgqp+Woozgr6JG9KhB
zcYUzhU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:45:04 2024 by rpki-client on console-fra.rpki-client.org