Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/DB5AEE86AA8411ECA420473FC4F9AE02.roa
File: DB5AEE86AA8411ECA420473FC4F9AE02.roa (raw, json)
Hash identifier: i13339WUYKUFUL80S6IN0rGIhKTucOFE3Q9/QG4arqQ=
Subject key identifier: E0:42:C6:7F:7F:AB:C3:D8:DC:E9:F3:AE:E0:80:62:90:14:E8:D7:DE
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 38D6
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/DB5AEE86AA8411ECA420473FC4F9AE02.roa
Signing time: Tue 16 Jul 2024 14:31:43 +0000
ROA not before: Tue 16 Jul 2024 14:31:43 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 9287
IP address blocks: 61.90.185.0/24 maxlen: 24
61.90.197.0/24 maxlen: 24
61.90.198.0/24 maxlen: 24
61.90.200.0/22 maxlen: 22
61.90.200.0/24 maxlen: 24
61.90.201.0/24 maxlen: 24
61.90.202.0/24 maxlen: 24
61.90.204.0/23 maxlen: 23
61.90.204.0/24 maxlen: 24
61.90.205.0/24 maxlen: 24
61.90.213.0/24 maxlen: 24
61.90.231.0/24 maxlen: 24
61.91.0.0/21 maxlen: 21
61.91.0.0/24 maxlen: 24
61.91.1.0/24 maxlen: 24
61.91.2.0/24 maxlen: 24
61.91.3.0/24 maxlen: 24
61.91.4.0/24 maxlen: 24
61.91.5.0/24 maxlen: 24
61.91.6.0/24 maxlen: 24
61.91.7.0/24 maxlen: 24
61.91.11.0/24 maxlen: 24
61.91.12.0/22 maxlen: 22
61.91.12.0/24 maxlen: 24
61.91.13.0/24 maxlen: 24
61.91.14.0/24 maxlen: 24
61.91.15.0/24 maxlen: 24
61.91.80.0/23 maxlen: 23
61.91.80.0/24 maxlen: 24
61.91.81.0/24 maxlen: 24
61.91.92.0/24 maxlen: 24
61.91.120.0/21 maxlen: 21
61.91.120.0/24 maxlen: 24
61.91.121.0/24 maxlen: 24
61.91.122.0/24 maxlen: 24
61.91.123.0/24 maxlen: 24
61.91.124.0/24 maxlen: 24
61.91.125.0/24 maxlen: 24
61.91.126.0/24 maxlen: 24
61.91.127.0/24 maxlen: 24
61.91.247.0/24 maxlen: 24
119.46.69.0/24 maxlen: 24
119.46.92.0/24 maxlen: 24
119.46.96.0/23 maxlen: 23
119.46.96.0/24 maxlen: 24
119.46.97.0/24 maxlen: 24
119.46.98.0/24 maxlen: 24
119.46.113.0/24 maxlen: 24
119.46.194.0/24 maxlen: 24
119.46.226.0/24 maxlen: 24
203.144.245.0/24 maxlen: 24
210.86.139.0/24 maxlen: 24
210.86.176.0/21 maxlen: 21
210.86.176.0/24 maxlen: 24
210.86.177.0/24 maxlen: 24
210.86.178.0/24 maxlen: 24
210.86.179.0/24 maxlen: 24
210.86.180.0/22 maxlen: 22
210.86.180.0/24 maxlen: 24
210.86.181.0/24 maxlen: 24
210.86.182.0/24 maxlen: 24
210.86.183.0/24 maxlen: 24
2001:fb0:1000::/48 maxlen: 48
2001:fb0:1001::/48 maxlen: 48
2001:fb0:1002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 14:20:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14550 (0x38d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Jul 16 14:31:43 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6696844f-8cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:7b:2c:e5:3a:47:12:b5:8c:64:a8:0a:a0:e4:
32:87:5e:82:6f:2d:a3:4f:26:40:12:ed:f0:ff:17:
10:ae:db:23:ce:bd:e0:9f:b6:91:0c:b0:a6:a2:9e:
1e:ee:20:d3:a3:bc:b9:59:dd:86:7b:4d:f4:b6:25:
06:d1:da:e7:80:39:ee:a2:f0:f8:6d:e2:cb:ad:ef:
90:a3:3f:8a:f8:1e:37:8b:66:34:5b:52:94:6f:05:
4f:ec:37:c6:3a:4a:53:ce:36:5f:97:4e:00:d8:03:
85:40:6f:5e:4c:db:9c:9b:0b:b1:2c:15:a2:24:bb:
09:c2:03:5f:0d:bd:78:74:d2:cb:9e:39:9c:f8:86:
c1:95:f5:78:4d:1f:80:4d:d2:24:35:b6:fb:68:c6:
e8:c5:59:23:a9:8e:ea:e7:83:31:ca:a6:87:99:e4:
cc:dc:e6:43:4b:d1:c0:a7:e6:66:ca:7a:4d:6a:78:
fa:f7:fb:d6:7c:8c:0d:84:94:8d:a2:56:04:ea:ab:
85:39:8e:5b:1a:0a:43:1d:29:e7:77:e8:15:c4:24:
db:d8:b0:61:cc:8c:05:ba:fb:09:19:43:a9:1d:72:
f0:0c:6b:ff:ed:af:5d:7e:ad:bf:9b:39:89:d1:19:
73:8e:ba:9c:9f:29:6b:d1:49:e7:ac:22:3f:90:1c:
98:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:42:C6:7F:7F:AB:C3:D8:DC:E9:F3:AE:E0:80:62:90:14:E8:D7:DE
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/DB5AEE86AA8411ECA420473FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.90.185.0/24
61.90.197.0-61.90.198.255
61.90.200.0-61.90.205.255
61.90.213.0/24
61.90.231.0/24
61.91.0.0/21
61.91.11.0-61.91.15.255
61.91.80.0/23
61.91.92.0/24
61.91.120.0/21
61.91.247.0/24
119.46.69.0/24
119.46.92.0/24
119.46.96.0-119.46.98.255
119.46.113.0/24
119.46.194.0/24
119.46.226.0/24
203.144.245.0/24
210.86.139.0/24
210.86.176.0/21
IPv6:
2001:fb0:1000::-2001:fb0:1002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7b:34:c8:11:34:74:75:83:cf:2c:09:db:c7:f3:80:57:77:fb:
89:a1:ce:84:0a:3e:e5:a1:df:40:6a:34:90:db:86:cd:df:a8:
f6:2f:b8:de:ec:f6:85:73:8b:0c:fe:c6:42:1a:37:93:4c:b8:
6c:9e:82:ea:7a:7a:ea:a3:1d:9f:53:32:02:30:c1:51:96:7d:
c5:8a:5e:9c:a9:b3:a4:72:c4:0f:21:7a:95:97:e5:dd:e4:27:
ca:03:5a:ef:4b:88:e8:04:74:f1:39:37:cf:9f:db:23:8d:d1:
57:d8:b1:26:44:24:e9:8a:4a:6c:d7:25:f6:aa:66:59:1e:50:
12:b0:e1:a8:44:95:60:60:69:79:69:b6:1b:e0:05:e6:27:d9:
78:aa:56:52:90:b4:04:c8:bf:d0:bb:d2:26:d4:11:13:fa:e7:
12:d0:c0:df:bb:ae:12:f7:8e:12:fd:49:d1:e3:95:19:9b:46:
96:0c:20:7a:f7:9e:7c:18:c5:6f:61:e8:c4:fb:8e:d1:19:c7:
42:94:02:97:25:dd:48:5e:d9:53:86:53:53:9e:8c:c6:fd:3c:
33:49:48:09:1d:97:cc:59:5e:f4:fb:66:78:3c:61:b9:be:0e:
12:6e:4b:6b:e1:32:28:d2:51:df:a0:a4:69:9a:9a:51:a0:65:
54:4e:b2:be
-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgICONYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjQwNzE2MTQzMTQzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njk2ODQ0Zi04Y2Y5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5Xss5TpHErWMZKgKoOQyh16Cby2jTyZAEu3w/xcQrtsjzr3gn7aRDLCmop4e
7iDTo7y5Wd2Ge030tiUG0drngDnuovD4beLLre+Qoz+K+B43i2Y0W1KUbwVP7DfG
OkpTzjZfl04A2AOFQG9eTNucmwuxLBWiJLsJwgNfDb14dNLLnjmc+IbBlfV4TR+A
TdIkNbb7aMboxVkjqY7q54MxyqaHmeTM3OZDS9HAp+ZmynpNanj69/vWfIwNhJSN
olYE6quFOY5bGgpDHSnnd+gVxCTb2LBhzIwFuvsJGUOpHXLwDGv/7a9dfq2/mzmJ
0Rlzjrqcnylr0UnnrCI/kByYlQIDAQABo4IDRzCCA0MwHQYDVR0OBBYEFOBCxn9/
q8PY3OnzruCAYpAU6NfeMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvREI1QUVFODZB
QTg0MTFFQ0E0MjA0NzNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdAGCCsGAQUFBwEHAQH/
BIHAMIG9MIGfBAIAATCBmAMEAD1auTAMAwQAPVrFAwQAPVrGMAwDBAM9WsgDBAE9
WswDBAA9WtUDBAA9WucDBAM9WwAwDAMEAD1bCwMEBD1bAAMEAT1bUAMEAD1bXAME
Az1beAMEAD1b9wMEAHcuRQMEAHcuXDAMAwQFdy5gAwQAdy5iAwQAdy5xAwQAdy7C
AwQAdy7iAwQAy5D1AwQA0laLAwQD0lawMBkEAgACMBMwEQMGBCABD7AQAwcAIAEP
sBACMA0GCSqGSIb3DQEBCwUAA4IBAQB7NMgRNHR1g88sCdvH84BXd/uJoc6ECj7l
od9AajSQ24bN36j2L7je7PaFc4sM/sZCGjeTTLhsnoLqenrqox2fUzICMMFRln3F
il6cqbOkcsQPIXqVl+Xd5CfKA1rvS4joBHTxOTfPn9sjjdFX2LEmRCTpikps1yX2
qmZZHlASsOGoRJVgYGl5abYb4AXmJ9l4qlZSkLQEyL/Qu9Im1BET+ucS0MDfu64S
944S/UnR45UZm0aWDCB69558GMVvYejE+47RGcdClAKXJd1IXtlThlNTnozG/Twz
SUgJHZfMWV70+2Z4PGG5vg4Sbktr4TIo0lHfoKRpmppRoGVUTrK+
-----END CERTIFICATE-----
Generated at Wed Nov 20 16:00:07 2024 by rpki-client on console-ams.rpki-client.org