Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/376B684C4FFE11EFA3C2A52BC4F9AE02.roa
File: 376B684C4FFE11EFA3C2A52BC4F9AE02.roa (raw, json)
Hash identifier: xj+h/87eUgDBiUAf6BXGKYdnirIR95/CVx+qdKeKOOU=
Subject key identifier: 81:6C:8D:59:C0:19:69:FE:77:0F:05:69:45:C4:D1:2A:1F:98:ED:4A
Certificate issuer: /CN=A91262CA/serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Certificate serial: 03AE
Authority key identifier: D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/376B684C4FFE11EFA3C2A52BC4F9AE02.roa
Signing time: Thu 01 Aug 2024 12:04:34 +0000
ROA not before: Thu 01 Aug 2024 12:04:34 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 4750
IP address blocks: 147.50.0.0/22 maxlen: 22
147.50.4.0/22 maxlen: 22
147.50.8.0/22 maxlen: 22
147.50.12.0/22 maxlen: 22
147.50.16.0/22 maxlen: 22
147.50.20.0/22 maxlen: 22
147.50.24.0/22 maxlen: 22
147.50.28.0/22 maxlen: 22
147.50.32.0/24 maxlen: 24
147.50.34.0/24 maxlen: 24
147.50.35.0/24 maxlen: 24
147.50.36.0/22 maxlen: 22
147.50.41.0/24 maxlen: 24
147.50.42.0/24 maxlen: 24
147.50.43.0/24 maxlen: 24
147.50.44.0/24 maxlen: 24
147.50.45.0/24 maxlen: 24
147.50.46.0/24 maxlen: 24
147.50.47.0/24 maxlen: 24
147.50.48.0/24 maxlen: 24
147.50.49.0/24 maxlen: 24
147.50.50.0/24 maxlen: 24
147.50.51.0/24 maxlen: 24
147.50.52.0/24 maxlen: 24
147.50.53.0/24 maxlen: 24
147.50.54.0/24 maxlen: 24
147.50.55.0/24 maxlen: 24
147.50.56.0/24 maxlen: 24
147.50.57.0/24 maxlen: 24
147.50.58.0/24 maxlen: 24
147.50.59.0/24 maxlen: 24
147.50.60.0/24 maxlen: 24
147.50.61.0/24 maxlen: 24
147.50.64.0/22 maxlen: 22
147.50.68.0/22 maxlen: 22
147.50.73.0/24 maxlen: 24
147.50.75.0/24 maxlen: 24
147.50.76.0/24 maxlen: 24
147.50.77.0/24 maxlen: 24
147.50.78.0/24 maxlen: 24
147.50.128.0/19 maxlen: 19
147.50.128.0/22 maxlen: 22
147.50.128.0/24 maxlen: 24
147.50.132.0/22 maxlen: 22
147.50.144.0/22 maxlen: 22
147.50.148.0/22 maxlen: 22
147.50.156.0/22 maxlen: 22
147.50.160.0/20 maxlen: 20
147.50.162.0/23 maxlen: 23
147.50.164.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.crl
rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 19:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 942 (0x3ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91262CA/serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Validity
Not Before: Aug 1 12:04:34 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66ab79d2-29c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fd:16:f9:c5:14:f6:e4:70:c0:3d:ec:ab:9b:
2e:b5:6d:4c:6e:1b:15:9b:11:ab:f0:be:69:99:d4:
94:98:1b:a1:f3:4a:a7:44:41:4b:90:6b:07:98:fd:
0f:af:9e:38:79:90:62:0d:f4:fa:14:20:03:a7:7c:
02:6b:a4:6d:a0:7f:cd:68:9e:2a:58:7e:97:7c:f1:
5b:9e:f1:6a:79:e8:31:58:4e:c0:67:7e:78:55:12:
de:f1:ae:4f:03:f7:1d:00:d9:74:85:b5:be:34:e0:
6e:f3:ad:84:e0:73:3a:b5:f6:87:fc:08:a3:a8:fb:
50:66:56:ee:07:b9:e9:40:e6:d3:41:36:d2:d1:5e:
aa:b9:bb:d2:56:51:d2:57:83:20:3c:a1:0b:e1:8b:
0e:10:c9:ed:a3:11:73:44:95:6a:b8:5d:94:c7:f6:
64:03:eb:d2:9a:e2:a4:27:8b:87:2a:4a:cf:a5:3a:
fa:c8:b6:e5:c7:a1:a2:4b:fd:8e:50:8a:70:8f:8a:
fc:e1:90:0c:6e:90:b2:29:4f:5d:d3:c6:63:66:c6:
c5:88:4e:ad:05:41:ce:01:27:8f:21:c0:f9:d7:a8:
db:96:94:cc:70:7d:d9:06:c7:26:6d:82:cb:4e:57:
42:bc:36:4a:ef:5e:e2:b2:63:4c:dc:e3:31:d7:cd:
1c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:6C:8D:59:C0:19:69:FE:77:0F:05:69:45:C4:D1:2A:1F:98:ED:4A
X509v3 Authority Key Identifier:
keyid:D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/376B684C4FFE11EFA3C2A52BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
147.50.0.0-147.50.32.255
147.50.34.0-147.50.39.255
147.50.41.0-147.50.61.255
147.50.64.0/21
147.50.73.0/24
147.50.75.0-147.50.78.255
147.50.128.0-147.50.175.255
Signature Algorithm: sha256WithRSAEncryption
a6:e9:74:d3:cf:23:f8:91:99:07:d2:c2:ff:6e:5a:95:6e:e1:
8c:89:54:45:d6:32:3e:b8:8c:1b:bb:86:f5:57:7c:52:e1:00:
db:15:fb:c0:31:77:9c:ae:09:40:8e:0a:5c:23:87:ed:1c:2e:
16:c2:d6:6a:50:7a:2e:02:d8:e2:0a:05:c3:87:63:60:55:11:
78:73:12:e6:57:77:86:e1:7c:9a:97:ca:5f:32:9e:93:ce:16:
0f:ce:91:46:18:9e:36:24:00:63:04:ea:a6:0c:c0:b0:18:bd:
c7:97:64:2d:01:92:bb:da:1c:30:95:bc:46:0e:1a:23:78:97:
e5:92:8e:e0:ba:d0:a7:93:9d:25:ea:b3:f5:2a:39:41:f5:9f:
c3:0f:dd:ab:77:44:ec:f5:08:1d:17:67:d1:c6:e1:22:0a:eb:
cc:bf:b0:99:d0:ad:1a:ae:57:d1:79:df:47:bc:64:2d:8b:47:
64:e1:0b:b8:0a:de:74:de:05:d2:0a:5c:14:63:24:9b:e5:b5:
73:1c:2b:1c:a4:f9:a1:59:1d:f0:fd:7c:f1:22:1e:65:47:eb:
3b:a6:e1:e7:5d:f0:af:f6:5a:de:4a:f8:13:b6:89:6e:b7:39:
7c:58:6e:ad:13:6c:7e:65:30:98:4a:a3:5e:df:68:1f:e1:6d:
da:fa:cc:e8
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgICA64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyQ0ExMTAvBgNVBAUTKEQ2M0RFODJBNzU5Rjk2NTdGOEYwNzNCMjUxMjUxQUFF
NjdCQTRCQTYwHhcNMjQwODAxMTIwNDM0WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFiNzlkMi0yOWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApf0W+cUU9uRwwD3sq5sutW1MbhsVmxGr8L5pmdSUmBuh80qnREFLkGsHmP0P
r544eZBiDfT6FCADp3wCa6RtoH/NaJ4qWH6XfPFbnvFqeegxWE7AZ354VRLe8a5P
A/cdANl0hbW+NOBu862E4HM6tfaH/AijqPtQZlbuB7npQObTQTbS0V6qubvSVlHS
V4MgPKEL4YsOEMntoxFzRJVquF2Ux/ZkA+vSmuKkJ4uHKkrPpTr6yLblx6GiS/2O
UIpwj4r84ZAMbpCyKU9d08ZjZsbFiE6tBUHOASePIcD516jblpTMcH3ZBscmbYLL
TldCvDZK717ismNM3OMx180c0QIDAQABo4IC4DCCAtwwHQYDVR0OBBYEFIFsjVnA
GWn+dw8FaUXE0SofmO1KMB8GA1UdIwQYMBaAFNY96Cp1n5ZX+PBzslElGq5nukum
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJDQS9FQzFFRTY1MjhB
NTcxMUVDOTZFQkMwMTRDNEY5QUUwMi8xajNvS25XZmxsZjQ4SE95VVNVYXJtZTZT
NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzFqM29LbldmbGxmNDhIT3lVU1Vhcm1lNlM2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyQ0EvRUMxRUU2NTI4QTU3MTFFQzk2RUJDMDE0QzRGOUFFMDIvMzc2QjY4NEM0
RkZFMTFFRkEzQzJBNTJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwagYIKwYBBQUHAQcBAf8E
WzBZMFcEAgABMFEwCwMDAZMyAwQAkzIgMAwDBAGTMiIDBAOTMiAwDAMEAJMyKQME
AZMyPAMEA5MyQAMEAJMySTAMAwQAkzJLAwQAkzJOMAwDBAeTMoADBASTMqAwDQYJ
KoZIhvcNAQELBQADggEBAKbpdNPPI/iRmQfSwv9uWpVu4YyJVEXWMj64jBu7hvVX
fFLhANsV+8Axd5yuCUCOClwjh+0cLhbC1mpQei4C2OIKBcOHY2BVEXhzEuZXd4bh
fJqXyl8ynpPOFg/OkUYYnjYkAGME6qYMwLAYvceXZC0BkrvaHDCVvEYOGiN4l+WS
juC60KeTnSXqs/UqOUH1n8MP3at3ROz1CB0XZ9HG4SIK68y/sJnQrRquV9F530e8
ZC2LR2ThC7gK3nTeBdIKXBRjJJvltXMcKxyk+aFZHfD9fPEiHmVH6zum4edd8K/2
Wt5K+BO2iW63OXxYbq0TbH5lMJhKo17faB/hbdr6zOg=
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:25:55 2024 by rpki-client on console-ams.rpki-client.org