Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/DB5AEE86AA8411ECA420473FC4F9AE02.roa
File: DB5AEE86AA8411ECA420473FC4F9AE02.roa (raw, json)
Hash identifier: bQEQ5TSztcu6/VdplKblqM3er8K5urPGajEF9oK2U3E=
Subject key identifier: CE:60:D0:D4:67:5E:DD:34:42:2C:20:DF:7C:CD:F1:FF:FE:20:19:D2
Certificate issuer: /CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Certificate serial: 36DC
Authority key identifier: 61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/DB5AEE86AA8411ECA420473FC4F9AE02.roa
Signing time: Sat 08 Jul 2023 14:31:40 +0000
ROA not before: Sat 08 Jul 2023 14:31:40 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 9287
IP address blocks: 61.90.185.0/24 maxlen: 24
61.90.197.0/24 maxlen: 24
61.90.198.0/24 maxlen: 24
61.90.200.0/22 maxlen: 22
61.90.200.0/24 maxlen: 24
61.90.201.0/24 maxlen: 24
61.90.202.0/24 maxlen: 24
61.90.204.0/23 maxlen: 23
61.90.204.0/24 maxlen: 24
61.90.205.0/24 maxlen: 24
61.90.213.0/24 maxlen: 24
61.90.231.0/24 maxlen: 24
61.91.0.0/21 maxlen: 21
61.91.0.0/24 maxlen: 24
61.91.1.0/24 maxlen: 24
61.91.2.0/24 maxlen: 24
61.91.3.0/24 maxlen: 24
61.91.4.0/24 maxlen: 24
61.91.5.0/24 maxlen: 24
61.91.6.0/24 maxlen: 24
61.91.7.0/24 maxlen: 24
61.91.11.0/24 maxlen: 24
61.91.12.0/22 maxlen: 22
61.91.12.0/24 maxlen: 24
61.91.13.0/24 maxlen: 24
61.91.14.0/24 maxlen: 24
61.91.15.0/24 maxlen: 24
61.91.80.0/23 maxlen: 23
61.91.80.0/24 maxlen: 24
61.91.81.0/24 maxlen: 24
61.91.92.0/24 maxlen: 24
61.91.120.0/21 maxlen: 21
61.91.120.0/24 maxlen: 24
61.91.121.0/24 maxlen: 24
61.91.122.0/24 maxlen: 24
61.91.123.0/24 maxlen: 24
61.91.124.0/24 maxlen: 24
61.91.125.0/24 maxlen: 24
61.91.126.0/24 maxlen: 24
61.91.127.0/24 maxlen: 24
61.91.247.0/24 maxlen: 24
119.46.69.0/24 maxlen: 24
119.46.92.0/24 maxlen: 24
119.46.96.0/23 maxlen: 23
119.46.96.0/24 maxlen: 24
119.46.97.0/24 maxlen: 24
119.46.98.0/24 maxlen: 24
119.46.113.0/24 maxlen: 24
119.46.194.0/24 maxlen: 24
119.46.226.0/24 maxlen: 24
203.144.245.0/24 maxlen: 24
210.86.139.0/24 maxlen: 24
210.86.176.0/21 maxlen: 21
210.86.176.0/24 maxlen: 24
210.86.177.0/24 maxlen: 24
210.86.178.0/24 maxlen: 24
210.86.179.0/24 maxlen: 24
210.86.180.0/22 maxlen: 22
210.86.180.0/24 maxlen: 24
210.86.181.0/24 maxlen: 24
210.86.182.0/24 maxlen: 24
210.86.183.0/24 maxlen: 24
2001:fb0:1000::/48 maxlen: 48
2001:fb0:1001::/48 maxlen: 48
2001:fb0:1002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:21:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14044 (0x36dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9137ABC/serialNumber=61BF3ED4C3BFBC0916EF9480AAFF222A437AF02C
Validity
Not Before: Jul 8 14:31:40 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64a9734b-acba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f6:3b:d3:9b:03:ed:14:d7:8f:7b:b1:9b:12:
cc:78:7a:3f:cc:7f:1c:3b:25:da:71:63:7f:da:a6:
2d:b7:57:d7:f3:8c:b6:06:ab:6b:dd:8f:72:ce:1e:
8d:1b:4c:d8:13:1a:f1:2e:2c:12:bd:20:53:a5:2e:
8e:33:50:c6:2e:d5:f3:bf:d6:b9:0b:ca:b1:e3:80:
9b:5b:11:bb:7d:4d:b3:cc:e8:91:73:09:d4:90:4b:
fd:42:c9:e7:eb:cd:05:38:d7:06:83:7f:06:6c:d1:
f3:ea:78:8f:9b:c7:08:1f:28:d4:59:ef:9d:3e:a3:
4e:a1:25:b2:e1:1e:c8:46:65:1a:f8:4a:f1:25:f2:
3e:d0:76:4f:98:6f:59:d8:1d:03:93:ca:fd:81:3c:
9d:de:de:74:75:73:6c:2b:0c:1e:c6:97:54:74:ba:
09:aa:69:dd:fa:5b:2b:91:40:0c:22:7d:ca:c7:5f:
f6:65:1e:24:9c:bf:cb:3c:76:7d:66:7d:6e:58:6f:
78:64:ab:1e:99:27:ea:b1:f5:20:45:c3:ef:83:6b:
9a:ce:8b:1a:ff:ab:0d:4c:5e:8e:7e:4a:5d:a2:b5:
fa:3d:65:27:ca:65:51:a2:a3:5c:72:19:c1:d2:df:
ec:e5:34:51:ef:48:cc:42:ea:34:36:cf:55:09:93:
96:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:60:D0:D4:67:5E:DD:34:42:2C:20:DF:7C:CD:F1:FF:FE:20:19:D2
X509v3 Authority Key Identifier:
keyid:61:BF:3E:D4:C3:BF:BC:09:16:EF:94:80:AA:FF:22:2A:43:7A:F0:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Yb8-1MO_vAkW75SAqv8iKkN68Cw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137ABC/713D9FB01D7811E282868DC408B02CD2/DB5AEE86AA8411ECA420473FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.90.185.0/24
61.90.197.0-61.90.198.255
61.90.200.0-61.90.205.255
61.90.213.0/24
61.90.231.0/24
61.91.0.0/21
61.91.11.0-61.91.15.255
61.91.80.0/23
61.91.92.0/24
61.91.120.0/21
61.91.247.0/24
119.46.69.0/24
119.46.92.0/24
119.46.96.0-119.46.98.255
119.46.113.0/24
119.46.194.0/24
119.46.226.0/24
203.144.245.0/24
210.86.139.0/24
210.86.176.0/21
IPv6:
2001:fb0:1000::-2001:fb0:1002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9e:53:bf:d7:2e:26:50:78:07:d6:e5:8d:bf:88:29:1c:f3:07:
d9:10:ba:0a:97:34:e1:17:a3:25:62:46:3b:ef:bc:1e:f2:1b:
55:ab:21:3d:61:8d:ec:0c:be:82:0e:b3:8d:10:c7:bf:ef:e2:
ee:71:e4:13:df:1e:d9:5d:26:4a:c1:82:6d:cb:d2:e7:a5:2d:
b6:14:9c:da:44:69:1b:a6:d6:34:a4:f9:44:85:43:04:a5:9e:
2c:7a:eb:7b:a4:d8:06:4d:eb:72:8e:33:16:75:74:d9:45:dc:
3f:23:16:1d:a7:74:93:a3:ef:d0:df:21:00:38:21:5c:aa:6f:
6a:28:d9:2e:b0:f7:08:12:0a:32:c1:ff:95:46:50:ba:b5:0e:
93:a5:38:3b:84:56:36:1c:b0:59:a5:0c:1d:2c:56:a0:76:21:
2f:ee:e1:1f:d7:6b:ab:ee:33:13:8b:1d:bd:d1:c6:3d:96:82:
e1:b5:a8:fd:09:59:9a:58:96:8d:31:ef:2a:25:e2:a6:ca:6f:
39:2b:eb:26:f1:28:fe:00:b5:81:34:cd:d9:3f:07:06:73:ba:
d3:2b:75:5f:7c:65:55:18:6c:2f:ba:83:74:56:0f:18:3a:bc:
28:62:5e:6d:3a:91:77:91:60:43:bf:03:12:46:f0:4e:5b:01:
11:9f:37:21
-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgICNtwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzdBQkMxMTAvBgNVBAUTKDYxQkYzRUQ0QzNCRkJDMDkxNkVGOTQ4MEFBRkYyMjJB
NDM3QUYwMkMwHhcNMjMwNzA4MTQzMTQwWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE5NzM0Yi1hY2JhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuPY705sD7RTXj3uxmxLMeHo/zH8cOyXacWN/2qYtt1fX84y2Bqtr3Y9yzh6N
G0zYExrxLiwSvSBTpS6OM1DGLtXzv9a5C8qx44CbWxG7fU2zzOiRcwnUkEv9Qsnn
680FONcGg38GbNHz6niPm8cIHyjUWe+dPqNOoSWy4R7IRmUa+ErxJfI+0HZPmG9Z
2B0Dk8r9gTyd3t50dXNsKwwexpdUdLoJqmnd+lsrkUAMIn3Kx1/2ZR4knL/LPHZ9
Zn1uWG94ZKsemSfqsfUgRcPvg2uazosa/6sNTF6OfkpdorX6PWUnymVRoqNcchnB
0t/s5TRR70jMQuo0Ns9VCZOWowIDAQABo4IDRzCCA0MwHQYDVR0OBBYEFM5g0NRn
Xt00Qiwg33zN8f/+IBnSMB8GA1UdIwQYMBaAFGG/PtTDv7wJFu+UgKr/IipDevAs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0FCQy83MTNEOUZCMDFE
NzgxMUUyODI4NjhEQzQwOEIwMkNEMi9ZYjgtMU1PX3ZBa1c3NVNBcXY4aUtrTjY4
Q3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1liOC0xTU9fdkFrVzc1U0FxdjhpS2tONjhDdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzdBQkMvNzEzRDlGQjAxRDc4MTFFMjgyODY4REM0MDhCMDJDRDIvREI1QUVFODZB
QTg0MTFFQ0E0MjA0NzNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdAGCCsGAQUFBwEHAQH/
BIHAMIG9MIGfBAIAATCBmAMEAD1auTAMAwQAPVrFAwQAPVrGMAwDBAM9WsgDBAE9
WswDBAA9WtUDBAA9WucDBAM9WwAwDAMEAD1bCwMEBD1bAAMEAT1bUAMEAD1bXAME
Az1beAMEAD1b9wMEAHcuRQMEAHcuXDAMAwQFdy5gAwQAdy5iAwQAdy5xAwQAdy7C
AwQAdy7iAwQAy5D1AwQA0laLAwQD0lawMBkEAgACMBMwEQMGBCABD7AQAwcAIAEP
sBACMA0GCSqGSIb3DQEBCwUAA4IBAQCeU7/XLiZQeAfW5Y2/iCkc8wfZELoKlzTh
F6MlYkY777we8htVqyE9YY3sDL6CDrONEMe/7+LuceQT3x7ZXSZKwYJty9LnpS22
FJzaRGkbptY0pPlEhUMEpZ4seut7pNgGTetyjjMWdXTZRdw/IxYdp3STo+/Q3yEA
OCFcqm9qKNkusPcIEgoywf+VRlC6tQ6TpTg7hFY2HLBZpQwdLFagdiEv7uEf12ur
7jMTix290cY9loLhtaj9CVmaWJaNMe8qJeKmym85K+sm8Sj+ALWBNM3ZPwcGc7rT
K3VffGVVGGwvuoN0Vg8YOrwoYl5tOpF3kWBDvwMSRvBOWwERnzch
-----END CERTIFICATE-----
Generated at Sat May 18 15:58:21 2024 by rpki-client on console-ams.rpki-client.org