Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/69CEA0B8382811EE8415371AC4F9AE02.roa
File: 69CEA0B8382811EE8415371AC4F9AE02.roa (raw, json)
Hash identifier: Q+UlPPpiHmTTatEDgZEQqRelwfh0spd81GEWgSr4MLo=
Subject key identifier: 0D:BF:07:9A:71:7F:84:1C:FA:87:6A:72:0D:C0:85:85:1A:50:69:F1
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 377D
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/69CEA0B8382811EE8415371AC4F9AE02.roa
Signing time: Fri 11 Aug 2023 09:21:12 +0000
ROA not before: Fri 11 Aug 2023 09:21:12 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 38082
IP address blocks: 27.123.16.0/22 maxlen: 22
27.123.16.0/24 maxlen: 24
27.123.17.0/24 maxlen: 24
27.123.18.0/24 maxlen: 24
27.123.19.0/24 maxlen: 24
58.97.24.0/24 maxlen: 24
61.91.221.0/24 maxlen: 24
113.21.240.0/22 maxlen: 22
113.21.240.0/24 maxlen: 24
113.21.241.0/24 maxlen: 24
113.21.242.0/24 maxlen: 24
113.21.243.0/24 maxlen: 24
113.21.244.0/22 maxlen: 22
113.21.244.0/24 maxlen: 24
113.21.245.0/24 maxlen: 24
113.21.247.0/24 maxlen: 24
122.144.24.0/22 maxlen: 24
122.144.28.0/23 maxlen: 23
171.102.10.0/24 maxlen: 24
171.102.221.0/24 maxlen: 24
171.102.236.0/24 maxlen: 24
171.102.237.0/24 maxlen: 24
171.102.238.0/24 maxlen: 24
171.102.239.0/24 maxlen: 24
2405:4000::/32 maxlen: 32
2405:4000:800::/48 maxlen: 48
2405:4000:800:6::/64 maxlen: 64
2405:4000:800:7::/64 maxlen: 64
2405:4000:800:8::/64 maxlen: 64
2405:4000:800:8::200/120 maxlen: 120
2405:4000:800:9::/64 maxlen: 64
2405:4000:800:a::/64 maxlen: 64
2405:4000:800:b::/64 maxlen: 64
2405:4000:800:d::/64 maxlen: 64
2405:4000:800:e::/64 maxlen: 64
2405:4000:800:f::/64 maxlen: 64
2405:4000:801::/48 maxlen: 48
2405:4000:801::/64 maxlen: 64
2405:4000:801:1::/64 maxlen: 64
2405:4000:801:2::/64 maxlen: 64
2405:4000:801:3::/64 maxlen: 64
2405:4000:801:4::/64 maxlen: 64
2405:4000:801:5::/64 maxlen: 64
2405:4000:900::/40 maxlen: 40
2405:4000:a00::/40 maxlen: 40
2405:4000:aaa::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 31 May 2024 14:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14205 (0x377d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Aug 11 09:21:12 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64d5fd88-fd08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:1a:2f:c4:34:ef:32:4b:5e:b0:17:2b:dc:ce:
eb:61:e6:3a:2f:dc:0a:26:72:74:f0:aa:7d:92:4c:
77:49:ec:0f:92:83:3d:3b:45:59:cc:22:24:0a:7d:
c6:d1:8f:1c:15:06:49:08:fb:97:2a:0c:26:51:a5:
46:2d:3d:58:da:b8:33:42:0d:96:f5:cb:0e:f8:b7:
d4:36:38:31:0d:e7:aa:db:4a:4a:3e:d7:cb:a0:26:
67:76:dc:08:d2:38:5a:8a:80:9c:63:b7:01:00:41:
5d:61:5c:fb:47:5b:6a:21:30:94:27:88:48:bf:50:
2b:b7:ad:dc:54:f8:7a:bb:c9:da:a5:51:d6:b4:03:
ce:0a:e8:aa:fb:20:a9:3a:cd:47:9b:78:6d:a4:98:
12:4a:8b:61:51:15:20:58:a5:3f:d4:3a:98:47:27:
12:42:1e:07:ad:72:a6:89:75:8f:15:fc:b0:70:7a:
50:85:82:de:5c:cf:38:4d:e3:de:21:38:7c:b5:5c:
8b:11:31:0c:4b:31:cf:ee:58:97:d1:f3:6e:f8:80:
24:9c:dc:dc:bf:15:fe:53:55:b2:62:ec:40:e2:73:
67:49:40:ca:7c:ca:78:bc:2f:a2:71:d6:45:54:e0:
5f:bd:d4:10:53:64:06:c9:59:9d:5b:69:08:84:e6:
03:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:BF:07:9A:71:7F:84:1C:FA:87:6A:72:0D:C0:85:85:1A:50:69:F1
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/69CEA0B8382811EE8415371AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.16.0/22
58.97.24.0/24
61.91.221.0/24
113.21.240.0/21
122.144.24.0-122.144.29.255
171.102.10.0/24
171.102.221.0/24
171.102.236.0/22
IPv6:
2405:4000::/32
Signature Algorithm: sha256WithRSAEncryption
3f:b1:58:00:33:bb:e0:81:70:55:c0:a3:ac:5f:ad:d5:73:7a:
a7:a9:ae:c0:1c:33:77:73:fd:80:ed:2e:09:37:f3:10:8a:e3:
a6:32:f5:45:aa:6f:08:ba:55:ee:83:14:56:2f:1e:9d:2f:ad:
e8:64:f1:a3:c4:63:39:47:11:47:09:17:75:96:ef:08:d3:67:
ab:50:f0:8a:d2:07:4c:71:aa:de:d0:08:36:39:ca:e1:49:70:
41:eb:89:5b:13:ab:7c:af:e7:d4:b7:e5:a9:44:84:2c:41:2c:
9b:90:a8:8a:c0:ad:2d:48:61:e2:a1:5e:72:6f:0c:f8:f2:bd:
81:f1:e4:cf:42:19:0d:2a:d9:21:a2:19:1b:46:4a:b8:dd:75:
85:14:7e:b5:4f:4f:94:a9:27:36:d1:09:40:72:98:60:47:29:
99:c6:37:11:ce:d9:0d:e4:5a:9b:ee:d9:5e:64:69:3a:3a:f7:
b7:8d:ea:d0:7e:16:16:be:f1:09:2e:1f:98:3f:7c:61:46:93:
b7:63:92:97:40:7c:b2:2a:9d:70:a8:93:c5:c3:dd:4a:7b:99:
db:25:d2:09:ee:53:fe:39:33:04:52:4c:24:c9:82:1f:af:36:
0d:b9:72:34:52:82:fd:24:fc:ed:6d:12:83:27:2c:6a:40:bb:
da:61:c4:bc
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgICN30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjMwODExMDkyMTEyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGQ1ZmQ4OC1mZDA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7xovxDTvMktesBcr3M7rYeY6L9wKJnJ08Kp9kkx3SewPkoM9O0VZzCIkCn3G
0Y8cFQZJCPuXKgwmUaVGLT1Y2rgzQg2W9csO+LfUNjgxDeeq20pKPtfLoCZndtwI
0jhaioCcY7cBAEFdYVz7R1tqITCUJ4hIv1Art63cVPh6u8napVHWtAPOCuiq+yCp
Os1Hm3htpJgSSothURUgWKU/1DqYRycSQh4HrXKmiXWPFfywcHpQhYLeXM84TePe
ITh8tVyLETEMSzHP7liX0fNu+IAknNzcvxX+U1WyYuxA4nNnSUDKfMp4vC+icdZF
VOBfvdQQU2QGyVmdW2kIhOYDTQIDAQABo4IC1jCCAtIwHQYDVR0OBBYEFA2/B5px
f4Qc+odqcg3AhYUaUGnxMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvNjlDRUEwQjgz
ODI4MTFFRTg0MTUzNzFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYAYIKwYBBQUHAQcBAf8E
UTBPMD4EAgABMDgDBAIbexADBAA6YRgDBAA9W90DBANxFfAwDAMEA3qQGAMEAXqQ
HAMEAKtmCgMEAKtm3QMEAqtm7DANBAIAAjAHAwUAJAVAADANBgkqhkiG9w0BAQsF
AAOCAQEAP7FYADO74IFwVcCjrF+t1XN6p6muwBwzd3P9gO0uCTfzEIrjpjL1Rapv
CLpV7oMUVi8enS+t6GTxo8RjOUcRRwkXdZbvCNNnq1DwitIHTHGq3tAINjnK4Ulw
QeuJWxOrfK/n1LflqUSELEEsm5CoisCtLUhh4qFecm8M+PK9gfHkz0IZDSrZIaIZ
G0ZKuN11hRR+tU9PlKknNtEJQHKYYEcpmcY3Ec7ZDeRam+7ZXmRpOjr3t43q0H4W
Fr7xCS4fmD98YUaTt2OSl0B8siqdcKiTxcPdSnuZ2yXSCe5T/jkzBFJMJMmCH682
DblyNFKC/ST87W0SgycsakC72mHEvA==
-----END CERTIFICATE-----
Generated at Fri May 24 15:43:20 2024 by rpki-client on console-fra.rpki-client.org