Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/674B4ED227C811EFAECE0786C4F9AE02.roa
File: 674B4ED227C811EFAECE0786C4F9AE02.roa (raw, json)
Hash identifier: KCmq1jkLZK47StLOs0ZbkcPHB4qKUOOTyj6dGZm9Plc=
Subject key identifier: EB:EB:43:ED:03:09:68:51:A1:50:0F:0F:3A:50:6B:54:21:59:0E:9D
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 389C
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/674B4ED227C811EFAECE0786C4F9AE02.roa
Signing time: Tue 16 Jul 2024 14:30:52 +0000
ROA not before: Tue 16 Jul 2024 14:30:52 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 17552
IP address blocks: 27.145.0.0/16 maxlen: 24
58.8.0.0/16 maxlen: 24
58.9.0.0/16 maxlen: 24
58.10.0.0/16 maxlen: 24
58.11.0.0/16 maxlen: 24
61.90.0.0/17 maxlen: 24
61.91.128.0/21 maxlen: 24
61.91.144.0/21 maxlen: 24
61.91.190.0/24 maxlen: 24
61.91.191.0/24 maxlen: 24
61.91.192.0/24 maxlen: 24
61.91.193.0/24 maxlen: 24
61.91.201.0/24 maxlen: 24
61.91.214.0/24 maxlen: 24
110.168.0.0/17 maxlen: 24
110.168.128.0/17 maxlen: 24
110.169.0.0/16 maxlen: 24
110.171.0.0/17 maxlen: 24
110.171.128.0/17 maxlen: 24
114.109.0.0/16 maxlen: 24
115.87.0.0/17 maxlen: 24
115.87.128.0/17 maxlen: 24
119.46.255.0/24 maxlen: 24
119.76.0.0/16 maxlen: 24
124.120.0.0/16 maxlen: 24
124.121.0.0/16 maxlen: 24
124.122.0.0/16 maxlen: 24
171.96.0.0/16 maxlen: 24
171.97.0.0/16 maxlen: 24
171.98.0.0/16 maxlen: 24
171.99.0.0/16 maxlen: 24
171.100.0.0/16 maxlen: 24
171.101.0.0/16 maxlen: 24
171.102.0.0/16 maxlen: 24
171.103.0.0/16 maxlen: 24
182.17.0.0/16 maxlen: 24
202.133.128.0/20 maxlen: 24
202.133.144.0/20 maxlen: 24
202.133.160.0/19 maxlen: 24
202.176.64.0/18 maxlen: 18
202.176.64.0/19 maxlen: 24
202.176.96.0/19 maxlen: 24
202.176.128.0/18 maxlen: 24
210.213.0.0/18 maxlen: 24
2001:fb0:1004::/48 maxlen: 48
2001:fb0:1005::/48 maxlen: 48
2001:fb1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 02:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14492 (0x389c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Jul 16 14:30:52 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6696841c-c46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:28:39:d1:91:1d:00:93:f9:da:72:17:db:4f:
2f:5a:a5:35:d3:e1:f5:73:6b:87:d3:ca:a6:80:fe:
20:c7:5f:7f:4d:53:b6:25:81:1b:fb:cd:6d:b5:5d:
28:ca:3d:5f:2c:07:04:71:a0:69:33:f0:b0:82:67:
c6:eb:9e:53:fd:67:54:05:70:08:9b:0d:5f:29:ff:
b3:21:30:46:37:f0:cc:04:6e:16:81:ea:1a:70:ad:
3e:53:ee:6f:34:c8:71:63:c1:b0:bb:df:36:bc:20:
74:41:4e:ea:b2:f7:7f:54:c7:e4:e1:73:87:b5:38:
62:db:27:ff:86:f1:74:3b:5c:84:2b:ec:c6:8a:59:
64:29:ab:8a:5a:8b:fc:a9:80:24:8a:69:30:c0:18:
08:7e:5f:8b:2c:4a:47:58:58:6c:f4:0a:d6:fe:54:
b1:e9:ec:00:09:7f:37:39:12:2a:8a:4f:c6:ee:9f:
7e:fe:8e:50:d6:4c:4a:18:2e:c7:50:25:7b:01:d2:
a1:da:b9:34:89:5e:0a:0b:80:26:45:32:5b:03:aa:
8b:1d:8d:36:45:7d:af:5e:e5:5f:80:dd:fd:0b:3a:
84:91:05:93:86:12:3e:9e:22:e0:7f:dc:40:31:2e:
df:0a:e9:0d:3a:f9:c8:a1:4b:27:c0:b4:42:3b:d9:
1b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:EB:43:ED:03:09:68:51:A1:50:0F:0F:3A:50:6B:54:21:59:0E:9D
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/674B4ED227C811EFAECE0786C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.145.0.0/16
58.8.0.0/14
61.90.0.0/17
61.91.128.0/21
61.91.144.0/21
61.91.190.0-61.91.193.255
61.91.201.0/24
61.91.214.0/24
110.168.0.0/15
110.171.0.0/16
114.109.0.0/16
115.87.0.0/16
119.46.255.0/24
119.76.0.0/16
124.120.0.0-124.122.255.255
171.96.0.0/13
182.17.0.0/16
202.133.128.0/18
202.176.64.0-202.176.191.255
210.213.0.0/18
IPv6:
2001:fb0:1004::/47
2001:fb1::/32
Signature Algorithm: sha256WithRSAEncryption
0e:f2:40:83:11:1a:3b:62:c0:76:6f:99:e3:1d:88:dd:ed:46:
2a:ec:ef:23:65:93:3c:7b:f8:d1:dd:d1:3a:72:a3:0b:a6:7e:
bb:4c:33:a3:0c:c4:b0:11:20:94:a9:27:15:03:4d:e2:4c:df:
4c:53:28:18:f8:46:89:82:31:46:f8:93:bc:16:aa:57:72:a5:
fa:1d:2e:10:23:29:b3:01:4f:e6:33:6d:20:8c:c2:cf:d7:fa:
95:47:b8:b7:e0:5f:86:b6:23:f9:79:c6:63:6b:f9:d7:68:f3:
aa:bf:69:33:ec:70:15:de:d3:f8:32:eb:69:43:08:b7:c3:db:
48:fc:11:50:a7:96:0e:ac:61:31:5e:2d:74:f9:6e:f4:76:31:
a1:ae:ea:0e:4f:4d:4a:e6:09:4f:ca:4e:ef:87:18:09:06:c0:
f5:a4:35:54:60:86:9f:75:29:01:64:7c:b7:59:86:6e:87:8c:
c0:81:68:de:88:57:d7:86:83:c5:b0:1e:b9:47:4e:a0:aa:9b:
1c:09:af:29:55:52:23:0a:a7:fd:26:9d:38:e9:b2:dc:f4:6f:
dc:95:d4:70:de:d0:50:03:e1:ec:5b:0b:94:29:1b:40:75:3c:
1c:c0:2a:0a:7b:d8:8e:4c:1f:1e:2e:46:47:89:ec:e5:1e:92:
3e:29:10:59
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgICOJwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjQwNzE2MTQzMDUyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njk2ODQxYy1jNDZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArSg50ZEdAJP52nIX208vWqU10+H1c2uH08qmgP4gx19/TVO2JYEb+81ttV0o
yj1fLAcEcaBpM/CwgmfG655T/WdUBXAImw1fKf+zITBGN/DMBG4WgeoacK0+U+5v
NMhxY8Gwu982vCB0QU7qsvd/VMfk4XOHtThi2yf/hvF0O1yEK+zGillkKauKWov8
qYAkimkwwBgIfl+LLEpHWFhs9ArW/lSx6ewACX83ORIqik/G7p9+/o5Q1kxKGC7H
UCV7AdKh2rk0iV4KC4AmRTJbA6qLHY02RX2vXuVfgN39CzqEkQWThhI+niLgf9xA
MS7fCukNOvnIoUsnwLRCO9kbhQIDAQABo4IDMTCCAy0wHQYDVR0OBBYEFOvrQ+0D
CWhRoVAPDzpQa1QhWQ6dMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvNjc0QjRFRDIy
N0M4MTFFRkFFQ0UwNzg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgboGCCsGAQUFBwEHAQH/
BIGqMIGnMIGMBAIAATCBhQMDABuRAwMCOggDBAc9WgADBAM9W4ADBAM9W5AwDAME
AT1bvgMEAT1bwAMEAD1byQMEAD1b1gMDAW6oAwMAbqsDAwBybQMDAHNXAwQAdy7/
AwMAd0wwCgMDA3x4AwMAfHoDAwOrYAMDALYRAwQGyoWAMAwDBAbKsEADBAbKsIAD
BAbS1QAwFgQCAAIwEAMHASABD7AQBAMFACABD7EwDQYJKoZIhvcNAQELBQADggEB
AA7yQIMRGjtiwHZvmeMdiN3tRirs7yNlkzx7+NHd0TpyowumfrtMM6MMxLARIJSp
JxUDTeJM30xTKBj4RomCMUb4k7wWqldypfodLhAjKbMBT+YzbSCMws/X+pVHuLfg
X4a2I/l5xmNr+ddo86q/aTPscBXe0/gy62lDCLfD20j8EVCnlg6sYTFeLXT5bvR2
MaGu6g5PTUrmCU/KTu+HGAkGwPWkNVRghp91KQFkfLdZhm6HjMCBaN6IV9eGg8Ww
HrlHTqCqmxwJrylVUiMKp/0mnTjpstz0b9yV1HDe0FAD4exbC5QpG0B1PBzAKgp7
2I5MHx4uRkeJ7OUekj4pEFk=
-----END CERTIFICATE-----
Generated at Sun Nov 24 15:31:14 2024 by rpki-client on console-ams.rpki-client.org