Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFC72/075F6968E60D11EBB09F6A61C4F9AE02/42DB2A2A4E6511ECA2CED527C4F9AE02.roa
File: 42DB2A2A4E6511ECA2CED527C4F9AE02.roa (raw, json)
Hash identifier: V6GGgopQM/9MURG7ZCjHLUUN1Fak1PfMVntGosPl4Vo=
Subject key identifier: 95:2D:C2:D5:67:18:7D:A4:20:C6:D7:26:3E:BC:B6:E5:EA:65:99:73
Certificate issuer: /CN=A91EFC72/serialNumber=B7A7A9FFBEC713F84E0B5180AF76DEB16E729229
Certificate serial: 04E8
Authority key identifier: B7:A7:A9:FF:BE:C7:13:F8:4E:0B:51:80:AF:76:DE:B1:6E:72:92:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t6ep_77HE_hOC1GAr3besW5ykik.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EFC72/075F6968E60D11EBB09F6A61C4F9AE02/42DB2A2A4E6511ECA2CED527C4F9AE02.roa
Signing time: Wed 31 Jul 2024 00:43:11 +0000
ROA not before: Wed 31 Jul 2024 00:43:11 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 10132
IP address blocks: 61.4.0.0/18 maxlen: 18
61.4.9.0/24 maxlen: 24
61.4.10.0/24 maxlen: 24
61.4.11.0/24 maxlen: 24
61.4.12.0/24 maxlen: 24
61.4.13.0/24 maxlen: 24
61.4.14.0/24 maxlen: 24
61.4.15.0/24 maxlen: 24
61.4.16.0/24 maxlen: 24
61.4.23.0/24 maxlen: 24
61.4.24.0/24 maxlen: 24
61.4.25.0/24 maxlen: 24
61.4.26.0/24 maxlen: 24
61.4.27.0/24 maxlen: 24
61.4.28.0/24 maxlen: 24
61.4.29.0/24 maxlen: 24
61.4.30.0/24 maxlen: 24
61.4.31.0/24 maxlen: 24
61.4.32.0/23 maxlen: 23
61.4.36.0/24 maxlen: 24
61.4.37.0/24 maxlen: 24
61.4.39.0/24 maxlen: 24
61.4.40.0/24 maxlen: 24
61.4.42.0/23 maxlen: 23
61.4.44.0/24 maxlen: 24
61.4.48.0/22 maxlen: 22
61.4.52.0/22 maxlen: 22
61.4.56.0/23 maxlen: 23
61.4.58.0/23 maxlen: 23
113.212.192.0/18 maxlen: 18
113.212.196.0/23 maxlen: 23
113.212.198.0/23 maxlen: 23
113.212.200.0/23 maxlen: 23
113.212.202.0/23 maxlen: 23
113.212.208.0/22 maxlen: 22
113.212.212.0/22 maxlen: 22
113.212.216.0/21 maxlen: 21
113.212.216.0/24 maxlen: 24
113.212.217.0/24 maxlen: 24
113.212.219.0/24 maxlen: 24
113.212.220.0/23 maxlen: 23
113.212.222.0/23 maxlen: 23
113.212.224.0/24 maxlen: 24
113.212.225.0/24 maxlen: 24
113.212.229.0/24 maxlen: 24
113.212.230.0/24 maxlen: 24
113.212.231.0/24 maxlen: 24
113.212.232.0/21 maxlen: 21
113.212.232.0/22 maxlen: 22
113.212.232.0/24 maxlen: 24
113.212.233.0/24 maxlen: 24
113.212.234.0/24 maxlen: 24
113.212.235.0/24 maxlen: 24
113.212.236.0/24 maxlen: 24
113.212.237.0/24 maxlen: 24
113.212.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EFC72/075F6968E60D11EBB09F6A61C4F9AE02/t6ep_77HE_hOC1GAr3besW5ykik.crl
rsync://rpki.apnic.net/member_repository/A91EFC72/075F6968E60D11EBB09F6A61C4F9AE02/t6ep_77HE_hOC1GAr3besW5ykik.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t6ep_77HE_hOC1GAr3besW5ykik.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1256 (0x4e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EFC72/serialNumber=B7A7A9FFBEC713F84E0B5180AF76DEB16E729229
Validity
Not Before: Jul 31 00:43:11 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66a9889f-9058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5b:68:7d:41:f2:a4:e5:46:32:66:4d:af:f1:
99:1a:b8:b8:5b:50:df:40:4a:47:e6:72:ae:34:7c:
1d:7c:49:df:cf:30:9c:24:62:3e:c7:a4:ea:63:ec:
7b:33:d7:72:fd:6d:df:96:1c:c8:7b:b1:71:8d:a3:
5c:bc:45:cd:64:67:ef:9f:76:2c:21:52:d3:aa:bc:
d4:1b:c3:dd:87:1d:74:51:de:de:5d:18:98:f0:94:
f8:b8:ea:2b:df:2c:fe:f1:03:68:24:bc:6c:97:b4:
64:24:6e:1a:26:84:76:ee:eb:2c:07:3f:66:08:45:
92:65:66:f6:3d:80:cf:1f:c2:45:bc:e4:04:0e:c6:
cf:06:67:2f:fd:7f:42:6d:50:d2:6d:cb:3f:cc:88:
f4:b3:5f:93:3d:6d:a2:0b:3e:b5:b4:37:47:7d:4b:
48:b5:34:39:a4:e6:19:aa:00:7c:d0:25:ef:fa:ee:
e1:ad:76:dc:55:f4:95:8f:36:c0:8e:95:34:34:fa:
93:64:3d:61:68:91:2b:6e:95:7d:3f:e9:87:dc:b4:
f7:2e:f1:2d:f7:68:3e:59:0d:c5:65:4c:3d:f2:01:
a8:80:86:4e:84:ae:db:0f:45:64:43:45:24:5b:a4:
fe:7f:df:4f:a2:86:3e:ab:13:17:dd:00:9c:6a:8a:
da:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:2D:C2:D5:67:18:7D:A4:20:C6:D7:26:3E:BC:B6:E5:EA:65:99:73
X509v3 Authority Key Identifier:
keyid:B7:A7:A9:FF:BE:C7:13:F8:4E:0B:51:80:AF:76:DE:B1:6E:72:92:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EFC72/075F6968E60D11EBB09F6A61C4F9AE02/t6ep_77HE_hOC1GAr3besW5ykik.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t6ep_77HE_hOC1GAr3besW5ykik.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFC72/075F6968E60D11EBB09F6A61C4F9AE02/42DB2A2A4E6511ECA2CED527C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.4.0.0/18
113.212.192.0/18
Signature Algorithm: sha256WithRSAEncryption
96:a7:84:8c:5e:c5:19:65:4a:ac:0b:18:50:e2:66:22:9e:35:
5d:88:f7:c9:a5:e8:65:10:68:ec:c9:1e:93:60:8d:fc:64:07:
1c:3d:99:1e:35:b1:2a:09:37:ab:af:2f:9a:86:f3:0c:1b:8f:
98:90:04:bf:39:eb:52:45:bc:16:6d:88:4d:7d:3d:02:4c:57:
16:9c:c5:9c:30:5a:bf:0d:ba:0e:d7:92:2f:9c:69:29:da:d3:
76:79:65:6e:d9:4b:aa:b3:e0:3b:35:00:61:3a:44:72:18:54:
0a:4d:19:c0:7d:4a:1d:30:23:4b:b8:e1:fe:e3:2b:1b:96:15:
8a:b2:c2:00:13:81:60:1e:23:77:be:f2:7c:8a:f5:8f:4c:4b:
9b:62:ad:29:77:85:9f:ee:f6:a3:41:65:65:31:63:42:0a:76:
21:31:ee:a4:49:14:ec:95:f2:98:f6:97:fd:8d:31:50:49:d6:
80:ff:be:2e:cd:46:6a:a6:3b:13:57:68:95:a8:89:c5:0c:db:
09:71:2a:6a:d5:21:cc:d9:6a:9c:71:ce:e6:18:02:23:a5:b8:
35:19:68:32:f7:dd:9e:42:81:a0:ca:ca:60:55:64:61:36:b8:
56:03:47:20:1e:ea:56:af:14:6a:18:cb:c6:f5:cb:4b:01:32:
ce:97:07:4b
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUZDNzIxMTAvBgNVBAUTKEI3QTdBOUZGQkVDNzEzRjg0RTBCNTE4MEFGNzZERUIx
NkU3MjkyMjkwHhcNMjQwNzMxMDA0MzExWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE5ODg5Zi05MDU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz1tofUHypOVGMmZNr/GZGri4W1DfQEpH5nKuNHwdfEnfzzCcJGI+x6TqY+x7
M9dy/W3flhzIe7FxjaNcvEXNZGfvn3YsIVLTqrzUG8Pdhx10Ud7eXRiY8JT4uOor
3yz+8QNoJLxsl7RkJG4aJoR27ussBz9mCEWSZWb2PYDPH8JFvOQEDsbPBmcv/X9C
bVDSbcs/zIj0s1+TPW2iCz61tDdHfUtItTQ5pOYZqgB80CXv+u7hrXbcVfSVjzbA
jpU0NPqTZD1haJErbpV9P+mH3LT3LvEt92g+WQ3FZUw98gGogIZOhK7bD0VkQ0Uk
W6T+f99PooY+qxMX3QCcaoraeQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJUtwtVn
GH2kIMbXJj68tuXqZZlzMB8GA1UdIwQYMBaAFLenqf++xxP4TgtRgK923rFucpIp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRkM3Mi8wNzVGNjk2OEU2
MEQxMUVCQjA5RjZBNjFDNEY5QUUwMi90NmVwXzc3SEVfaE9DMUdBcjNiZXNXNXlr
aWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Q2ZXBfNzdIRV9oT0MxR0FyM2Jlc1c1eWtpay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUZDNzIvMDc1RjY5NjhFNjBEMTFFQkIwOUY2QTYxQzRGOUFFMDIvNDJEQjJBMkE0
RTY1MTFFQ0EyQ0VENTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAY9BAADBAZx1MAwDQYJKoZIhvcNAQELBQADggEBAJanhIxe
xRllSqwLGFDiZiKeNV2I98ml6GUQaOzJHpNgjfxkBxw9mR41sSoJN6uvL5qG8wwb
j5iQBL8561JFvBZtiE19PQJMVxacxZwwWr8Nug7Xki+caSna03Z5ZW7ZS6qz4Ds1
AGE6RHIYVApNGcB9Sh0wI0u44f7jKxuWFYqywgATgWAeI3e+8nyK9Y9MS5tirSl3
hZ/u9qNBZWUxY0IKdiEx7qRJFOyV8pj2l/2NMVBJ1oD/vi7NRmqmOxNXaJWoicUM
2wlxKmrVIczZapxxzuYYAiOluDUZaDL33Z5CgaDKymBVZGE2uFYDRyAe6lavFGoY
y8b1y0sBMs6XB0s=
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:08:53 2024 by rpki-client on console-ams.rpki-client.org