Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/81CA43EEAD7811EB905E2C41C4F9AE02.roa
File: 81CA43EEAD7811EB905E2C41C4F9AE02.roa (raw, json)
Hash identifier: twcj5cD600ozwl+LH65FC7h60q+thDGwgx4YQo1a3TQ=
Subject key identifier: B5:58:99:97:05:FB:EB:FC:21:30:C0:DF:FD:6E:5C:9A:D5:26:42:D4
Certificate issuer: /CN=A91F91EB/serialNumber=9BC16900802772BE629260C4AAED5F3FEF7EB3E7
Certificate serial: 0C65
Authority key identifier: 9B:C1:69:00:80:27:72:BE:62:92:60:C4:AA:ED:5F:3F:EF:7E:B3:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8FpAIAncr5ikmDEqu1fP-9-s-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/81CA43EEAD7811EB905E2C41C4F9AE02.roa
Signing time: Mon 02 Dec 2024 18:36:46 +0000
ROA not before: Mon 02 Dec 2024 18:36:46 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 45474
IP address blocks: 27.126.192.0/24 maxlen: 24
27.126.193.0/24 maxlen: 24
27.126.194.0/24 maxlen: 24
27.126.195.0/24 maxlen: 24
27.126.196.0/24 maxlen: 24
27.126.197.0/24 maxlen: 24
27.126.198.0/24 maxlen: 24
27.126.199.0/24 maxlen: 24
27.126.200.0/24 maxlen: 24
27.126.201.0/24 maxlen: 24
27.126.202.0/24 maxlen: 24
27.126.203.0/24 maxlen: 24
27.126.204.0/24 maxlen: 24
27.126.205.0/24 maxlen: 24
27.126.206.0/24 maxlen: 24
27.126.207.0/24 maxlen: 24
27.126.208.0/24 maxlen: 24
27.126.210.0/24 maxlen: 24
27.126.211.0/24 maxlen: 24
27.126.212.0/24 maxlen: 24
27.126.213.0/24 maxlen: 24
27.126.214.0/24 maxlen: 24
27.126.215.0/24 maxlen: 24
27.126.216.0/24 maxlen: 24
27.126.217.0/24 maxlen: 24
27.126.218.0/24 maxlen: 24
27.126.219.0/24 maxlen: 24
27.126.220.0/24 maxlen: 24
27.126.224.0/24 maxlen: 24
27.126.225.0/24 maxlen: 24
27.126.226.0/24 maxlen: 24
27.126.227.0/24 maxlen: 24
27.126.230.0/24 maxlen: 24
27.126.231.0/24 maxlen: 24
27.126.232.0/21 maxlen: 24
27.126.240.0/21 maxlen: 24
27.126.248.0/21 maxlen: 24
45.116.40.0/22 maxlen: 24
103.3.24.0/22 maxlen: 24
113.21.192.0/19 maxlen: 19
113.21.192.0/24 maxlen: 24
113.21.193.0/24 maxlen: 24
113.21.194.0/24 maxlen: 24
113.21.195.0/24 maxlen: 24
113.21.196.0/24 maxlen: 24
113.21.197.0/24 maxlen: 24
113.21.198.0/24 maxlen: 24
113.21.199.0/24 maxlen: 24
113.21.200.0/24 maxlen: 24
113.21.201.0/24 maxlen: 24
113.21.202.0/24 maxlen: 24
113.21.203.0/24 maxlen: 24
113.21.204.0/24 maxlen: 24
113.21.205.0/24 maxlen: 24
113.21.206.0/24 maxlen: 24
113.21.207.0/24 maxlen: 24
113.21.208.0/24 maxlen: 24
113.21.209.0/24 maxlen: 24
113.21.210.0/24 maxlen: 24
113.21.211.0/24 maxlen: 24
113.21.212.0/24 maxlen: 24
113.21.213.0/24 maxlen: 24
113.21.214.0/24 maxlen: 24
113.21.215.0/24 maxlen: 24
113.21.216.0/24 maxlen: 24
113.21.217.0/24 maxlen: 24
113.21.218.0/24 maxlen: 24
113.21.219.0/24 maxlen: 24
113.21.220.0/24 maxlen: 24
113.21.221.0/24 maxlen: 24
113.21.222.0/24 maxlen: 24
113.21.223.0/24 maxlen: 24
180.233.160.0/19 maxlen: 19
180.233.160.0/24 maxlen: 24
180.233.161.0/24 maxlen: 24
180.233.162.0/24 maxlen: 24
180.233.163.0/24 maxlen: 24
180.233.164.0/24 maxlen: 24
180.233.165.0/24 maxlen: 24
180.233.166.0/24 maxlen: 24
180.233.167.0/24 maxlen: 24
180.233.168.0/24 maxlen: 24
180.233.169.0/24 maxlen: 24
180.233.170.0/24 maxlen: 24
180.233.171.0/24 maxlen: 24
180.233.172.0/24 maxlen: 24
180.233.173.0/24 maxlen: 24
180.233.174.0/24 maxlen: 24
180.233.175.0/24 maxlen: 24
180.233.176.0/24 maxlen: 24
180.233.177.0/24 maxlen: 24
180.233.178.0/24 maxlen: 24
180.233.179.0/24 maxlen: 24
180.233.180.0/24 maxlen: 24
180.233.181.0/24 maxlen: 24
180.233.182.0/24 maxlen: 24
180.233.183.0/24 maxlen: 24
180.233.184.0/24 maxlen: 24
180.233.185.0/24 maxlen: 24
180.233.186.0/24 maxlen: 24
180.233.187.0/24 maxlen: 24
180.233.188.0/24 maxlen: 24
180.233.189.0/24 maxlen: 24
180.233.190.0/24 maxlen: 24
180.233.191.0/24 maxlen: 24
2404:ae00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/m8FpAIAncr5ikmDEqu1fP-9-s-c.crl
rsync://rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/m8FpAIAncr5ikmDEqu1fP-9-s-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8FpAIAncr5ikmDEqu1fP-9-s-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 18:14:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3173 (0xc65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F91EB
Validity
Not Before: Dec 2 18:36:46 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674dfe3e-c8b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d8:43:96:99:27:c8:96:50:ea:27:9e:0b:f1:
4d:11:df:75:ce:2d:d2:18:f9:8a:1e:98:08:e5:96:
76:e2:97:3b:3f:2e:cb:89:d5:85:e0:e4:33:c7:52:
5c:9d:e7:05:ce:59:ac:58:76:c6:00:de:9f:62:13:
88:3d:aa:15:32:15:dc:77:1c:c0:21:e8:f9:38:6e:
36:bd:fb:03:94:12:5a:70:be:c5:ee:3a:bb:6c:48:
fe:55:6f:ce:76:5c:c9:87:5f:76:75:f3:53:3a:f8:
9a:5e:c5:18:49:74:3a:78:f5:7b:ff:dc:65:c4:77:
63:25:5f:c2:7e:0a:c7:87:18:58:08:17:7c:1d:e7:
2d:0e:66:dd:e3:ad:74:06:3f:08:cd:10:1f:73:90:
d7:36:0c:5a:2e:01:04:f5:5c:9f:35:f3:b7:d6:bb:
f1:60:e4:e5:4a:15:50:a2:d7:de:61:87:35:01:f3:
1f:55:ea:92:e9:33:f2:58:42:66:bb:e3:8f:4d:67:
f2:15:af:c6:3f:5f:95:29:5a:88:a5:cb:79:21:91:
02:3c:57:00:22:ab:86:3c:40:62:60:4f:3c:63:62:
48:39:3a:24:fd:30:39:e9:de:29:a4:4a:ac:e9:1c:
00:07:61:52:5a:cc:66:dd:dd:63:45:1d:dd:f8:04:
df:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:58:99:97:05:FB:EB:FC:21:30:C0:DF:FD:6E:5C:9A:D5:26:42:D4
X509v3 Authority Key Identifier:
keyid:9B:C1:69:00:80:27:72:BE:62:92:60:C4:AA:ED:5F:3F:EF:7E:B3:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/m8FpAIAncr5ikmDEqu1fP-9-s-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8FpAIAncr5ikmDEqu1fP-9-s-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/81CA43EEAD7811EB905E2C41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.126.192.0-27.126.208.255
27.126.210.0-27.126.220.255
27.126.224.0/22
27.126.230.0-27.126.255.255
45.116.40.0/22
103.3.24.0/22
113.21.192.0/19
180.233.160.0/19
IPv6:
2404:ae00::/32
Signature Algorithm: sha256WithRSAEncryption
15:6d:82:f3:68:68:88:61:a8:dd:0a:4b:5c:79:5c:c4:fb:83:
1a:e3:66:ca:99:4e:b0:49:b5:b0:14:3b:18:ae:fa:87:df:81:
14:06:e6:b8:81:d6:a8:c9:03:a5:ad:64:aa:23:bd:70:d0:69:
a5:43:70:9d:4e:1f:12:e0:9b:3f:b2:8a:5b:50:61:57:39:f4:
fb:32:f0:f2:98:39:e5:90:61:75:07:eb:85:ef:6f:40:2a:12:
4e:5e:58:c1:06:dc:c5:1f:60:fb:34:be:62:be:84:ab:69:72:
41:73:40:76:78:fe:59:1b:fc:27:f7:d6:23:e9:18:55:de:df:
ce:6f:0d:35:f6:6a:53:ba:5f:e3:ad:6e:f6:41:5c:52:c2:48:
6a:b5:9e:8a:ee:1b:bc:49:21:2c:99:c5:c5:ac:4e:0c:0b:c2:
5d:5e:52:1c:bb:44:01:e2:87:d9:87:22:59:b5:f3:31:fa:b8:
17:06:d3:3d:a9:06:03:7c:0b:09:0b:ad:12:84:2c:66:18:76:
d7:31:30:af:bc:74:09:50:58:ad:d5:9b:6e:e5:1c:7e:94:8d:
48:6d:1b:f5:4d:71:41:df:1b:b5:e3:7e:b0:00:46:ab:96:fa:
94:61:ba:22:31:b1:a0:f2:88:b5:e4:86:66:88:30:7c:8c:58:
8d:f2:e6:e1
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgICDGUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjkxRUIxMTAvBgNVBAUTKDlCQzE2OTAwODAyNzcyQkU2MjkyNjBDNEFBRUQ1RjNG
RUY3RUIzRTcwHhcNMjQxMjAyMTgzNjQ2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkZmUzZS1jOGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA29hDlpknyJZQ6ieeC/FNEd91zi3SGPmKHpgI5ZZ24pc7Py7LidWF4OQzx1Jc
necFzlmsWHbGAN6fYhOIPaoVMhXcdxzAIej5OG42vfsDlBJacL7F7jq7bEj+VW/O
dlzJh192dfNTOviaXsUYSXQ6ePV7/9xlxHdjJV/CfgrHhxhYCBd8HectDmbd4610
Bj8IzRAfc5DXNgxaLgEE9VyfNfO31rvxYOTlShVQotfeYYc1AfMfVeqS6TPyWEJm
u+OPTWfyFa/GP1+VKVqIpct5IZECPFcAIquGPEBiYE88Y2JIOTok/TA56d4ppEqs
6RwAB2FSWsxm3d1jRR3d+ATf6QIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFLVYmZcF
++v8ITDA3/1uXJrVJkLUMB8GA1UdIwQYMBaAFJvBaQCAJ3K+YpJgxKrtXz/vfrPn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTFFQi81MEVGRTA3NEY3
MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi9tOEZwQUlBbmNyNWlrbURFcXUxZlAtOS1z
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL204RnBBSUFuY3I1aWttREVxdTFmUC05LXMtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjkxRUIvNTBFRkUwNzRGNzA1MTFFOUFEQkE0NTFGQzRGOUFFMDIvODFDQTQzRUVB
RDc4MTFFQjkwNUUyQzQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbwYIKwYBBQUHAQcBAf8E
YDBeME0EAgABMEcwDAMEBht+wAMEABt+0DAMAwQBG37SAwQAG37cAwQCG37gMAsD
BAEbfuYDAwAbfgMEAi10KAMEAmcDGAMEBXEVwAMEBbTpoDANBAIAAjAHAwUAJASu
ADANBgkqhkiG9w0BAQsFAAOCAQEAFW2C82hoiGGo3QpLXHlcxPuDGuNmyplOsEm1
sBQ7GK76h9+BFAbmuIHWqMkDpa1kqiO9cNBppUNwnU4fEuCbP7KKW1BhVzn0+zLw
8pg55ZBhdQfrhe9vQCoSTl5YwQbcxR9g+zS+Yr6Eq2lyQXNAdnj+WRv8J/fWI+kY
Vd7fzm8NNfZqU7pf461u9kFcUsJIarWeiu4bvEkhLJnFxaxODAvCXV5SHLtEAeKH
2YciWbXzMfq4FwbTPakGA3wLCQutEoQsZhh21zEwr7x0CVBYrdWbbuUcfpSNSG0b
9U1xQd8bteN+sABGq5b6lGG6IjGxoPKIteSGZogwfIxYjfLm4Q==
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:29:09 2025 by rpki-client