Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/41EFD0D4A64111EFAE84A443C4F9AE02.roa
File: 41EFD0D4A64111EFAE84A443C4F9AE02.roa (raw, json)
Hash identifier: 7kJTKD/Mv88223YGW8yCYHMUF8uo/3Tz865/TOl5tsw=
Subject key identifier: 86:60:E8:14:21:9B:54:74:E0:4C:D8:62:A4:18:26:6A:EB:12:D8:FE
Certificate issuer: /CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Certificate serial: 17F9
Authority key identifier: 4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/41EFD0D4A64111EFAE84A443C4F9AE02.roa
Signing time: Tue 19 Nov 2024 06:41:08 +0000
ROA not before: Tue 19 Nov 2024 06:41:08 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 17911
IP address blocks: 122.129.64.0/24 maxlen: 24
122.129.66.0/24 maxlen: 24
122.129.69.0/24 maxlen: 24
122.129.72.0/24 maxlen: 24
122.129.73.0/24 maxlen: 24
122.129.74.0/24 maxlen: 24
122.129.75.0/24 maxlen: 24
122.129.76.0/24 maxlen: 24
122.129.77.0/24 maxlen: 24
122.129.78.0/24 maxlen: 24
122.129.79.0/24 maxlen: 24
122.129.80.0/24 maxlen: 24
122.129.81.0/24 maxlen: 24
122.129.82.0/24 maxlen: 24
122.129.84.0/24 maxlen: 24
122.129.85.0/24 maxlen: 24
122.129.86.0/24 maxlen: 24
122.129.88.0/24 maxlen: 24
122.129.89.0/24 maxlen: 24
122.129.90.0/24 maxlen: 24
122.129.91.0/24 maxlen: 24
122.129.92.0/24 maxlen: 24
122.129.93.0/24 maxlen: 24
122.129.94.0/24 maxlen: 24
203.128.0.0/24 maxlen: 24
203.128.1.0/24 maxlen: 24
203.128.2.0/24 maxlen: 24
203.128.3.0/24 maxlen: 24
203.128.4.0/24 maxlen: 24
203.128.5.0/24 maxlen: 24
203.128.6.0/24 maxlen: 24
203.128.7.0/24 maxlen: 24
203.128.8.0/24 maxlen: 24
203.128.9.0/24 maxlen: 24
203.128.11.0/24 maxlen: 24
203.128.12.0/24 maxlen: 24
203.128.13.0/24 maxlen: 24
203.128.14.0/24 maxlen: 24
203.128.15.0/24 maxlen: 24
203.128.16.0/24 maxlen: 24
203.128.17.0/24 maxlen: 24
203.128.18.0/24 maxlen: 24
203.128.19.0/24 maxlen: 24
203.128.20.0/24 maxlen: 24
203.128.21.0/24 maxlen: 24
203.128.22.0/24 maxlen: 24
203.128.24.0/24 maxlen: 24
203.128.25.0/24 maxlen: 24
203.128.26.0/24 maxlen: 24
203.128.27.0/24 maxlen: 24
203.128.28.0/24 maxlen: 24
203.128.29.0/24 maxlen: 24
203.128.30.0/24 maxlen: 24
203.128.31.0/24 maxlen: 24
2400:4f00::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 16:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6137 (0x17f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Validity
Not Before: Nov 19 06:41:08 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=673c3304-b720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:78:43:c4:d0:dd:bb:fb:20:08:d7:2d:4b:54:
d2:ab:b5:88:d2:c5:d8:d7:af:42:80:9c:d6:f6:28:
81:20:36:22:3f:1c:84:b6:cb:12:11:ab:9f:97:00:
14:73:5c:12:f4:1a:7e:e8:d3:4d:cd:4b:51:36:84:
32:6a:6c:7a:ea:f4:2b:9a:69:fb:36:3f:93:85:9c:
67:a5:b1:66:f5:ae:b8:1c:89:0e:7e:3c:f8:88:1d:
7c:90:90:59:58:fa:2c:e2:46:99:89:26:a7:54:b7:
61:64:f6:e3:f6:56:97:76:2d:ba:4d:5b:6c:10:73:
07:e9:1d:55:cd:a5:e8:04:4d:65:77:10:09:ba:d6:
71:7d:68:aa:f6:7f:e0:d5:18:33:6f:48:f8:99:6a:
ea:75:16:f0:cd:a9:8d:4b:38:47:9f:1e:90:0e:95:
88:54:7d:a7:45:bb:68:0c:fd:b8:8d:0f:80:2c:cc:
bd:f7:77:ef:24:38:08:18:a4:8e:dd:66:b6:40:71:
24:24:f6:9d:88:49:fd:57:e7:48:f5:45:35:c7:60:
fe:9b:f6:30:4a:d8:28:63:50:10:b6:49:e8:2e:ce:
18:2a:19:47:47:78:86:de:1d:3f:df:8d:77:6f:b7:
f7:d5:25:ef:aa:52:3d:7d:14:15:99:50:4f:68:91:
d2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:60:E8:14:21:9B:54:74:E0:4C:D8:62:A4:18:26:6A:EB:12:D8:FE
X509v3 Authority Key Identifier:
keyid:4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/41EFD0D4A64111EFAE84A443C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.129.64.0/24
122.129.66.0/24
122.129.69.0/24
122.129.72.0-122.129.82.255
122.129.84.0-122.129.86.255
122.129.88.0-122.129.94.255
203.128.0.0-203.128.9.255
203.128.11.0-203.128.22.255
203.128.24.0/21
IPv6:
2400:4f00::/36
Signature Algorithm: sha256WithRSAEncryption
a7:21:10:55:db:c0:86:27:41:34:84:24:b9:84:66:6d:90:32:
43:d1:62:65:ac:f0:61:42:50:8c:7c:ec:73:b1:bc:0a:07:1c:
bc:c0:23:13:65:e8:79:a6:16:93:5f:d9:54:79:69:ce:88:ff:
a2:6b:01:53:18:bc:1a:e2:55:42:60:72:34:16:d0:ec:67:ea:
f9:6a:b6:9d:e4:fb:90:5b:e9:e8:9e:8d:5a:b1:d8:07:10:f3:
c8:cc:11:4e:23:ac:29:df:ed:4b:1e:5b:1f:41:c7:3a:a1:a6:
f8:73:67:88:f0:02:f3:7d:fb:4d:c7:0f:98:5a:09:bb:69:43:
85:ab:78:aa:09:8f:d7:37:b8:c7:7f:15:c9:2b:ba:ec:76:4e:
da:ce:1d:a7:38:ce:c2:6a:58:10:16:8c:f1:50:bb:06:41:4b:
79:db:fe:93:2d:6a:86:e3:f5:f0:95:16:14:a2:cc:bb:6f:d7:
0d:88:35:07:4f:95:52:ed:81:d9:ec:c8:6e:c5:f2:fd:00:e9:
10:e1:8f:79:ac:91:d1:c4:02:b8:b0:84:3e:a3:c9:05:79:ea:
32:28:55:85:7b:18:ac:69:6e:18:1f:3d:2a:3d:ae:8b:5b:00:
d6:3d:c8:93:b5:61:a3:73:5c:9b:51:04:fa:5e:ee:02:1b:1f:
8e:2c:29:e9
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgICF/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzlCNDkxMTAvBgNVBAUTKDRFRTU0MEE0OEFEOTczRkJEODMxQUJEMDI2MDNCNUZC
MEZCOTQ1QkUwHhcNMjQxMTE5MDY0MTA4WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNjMzMwNC1iNzIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA23hDxNDdu/sgCNctS1TSq7WI0sXY169CgJzW9iiBIDYiPxyEtssSEauflwAU
c1wS9Bp+6NNNzUtRNoQyamx66vQrmmn7Nj+ThZxnpbFm9a64HIkOfjz4iB18kJBZ
WPos4kaZiSanVLdhZPbj9laXdi26TVtsEHMH6R1VzaXoBE1ldxAJutZxfWiq9n/g
1Rgzb0j4mWrqdRbwzamNSzhHnx6QDpWIVH2nRbtoDP24jQ+ALMy993fvJDgIGKSO
3Wa2QHEkJPadiEn9V+dI9UU1x2D+m/YwStgoY1AQtknoLs4YKhlHR3iG3h0/3413
b7f31SXvqlI9fRQVmVBPaJHS7wIDAQABo4IC/TCCAvkwHQYDVR0OBBYEFIZg6BQh
m1R04EzYYqQYJmrrEtj+MB8GA1UdIwQYMBaAFE7lQKSK2XP72DGr0CYDtfsPuUW+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOUI0OS8wNzgwQjk5MEM5
RjgxMUU3OUVGMTIwMDlDNEY5QUUwMi9UdVZBcElyWmNfdllNYXZRSmdPMS13LTVS
YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R1VkFwSXJaY192WU1hdlFKZ08xLXctNVJiNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzlCNDkvMDc4MEI5OTBDOUY4MTFFNzlFRjEyMDA5QzRGOUFFMDIvNDFFRkQwRDRB
NjQxMTFFRkFFODRBNDQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYYGCCsGAQUFBwEHAQH/
BHcwdTBjBAIAATBdAwQAeoFAAwQAeoFCAwQAeoFFMAwDBAN6gUgDBAB6gVIwDAME
AnqBVAMEAHqBVjAMAwQDeoFYAwQAeoFeMAsDAwfLgAMEAcuACDAMAwQAy4ALAwQA
y4AWAwQDy4AYMA4EAgACMAgDBgQkAE8AADANBgkqhkiG9w0BAQsFAAOCAQEApyEQ
VdvAhidBNIQkuYRmbZAyQ9FiZazwYUJQjHzsc7G8CgccvMAjE2XoeaYWk1/ZVHlp
zoj/omsBUxi8GuJVQmByNBbQ7Gfq+Wq2neT7kFvp6J6NWrHYBxDzyMwRTiOsKd/t
Sx5bH0HHOqGm+HNniPAC8337TccPmFoJu2lDhat4qgmP1ze4x38VySu67HZO2s4d
pzjOwmpYEBaM8VC7BkFLedv+ky1qhuP18JUWFKLMu2/XDYg1B0+VUu2B2ezIbsXy
/QDpEOGPeayR0cQCuLCEPqPJBXnqMihVhXsYrGluGB89Kj2ui1sA1j3Ik7Vho3Nc
m1EE+l7uAhsfjiwp6Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:55:41 2024 by rpki-client on console-fra.rpki-client.org