Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/B3DE67AEDC8511EEA99D7154C4F9AE02.roa
File: B3DE67AEDC8511EEA99D7154C4F9AE02.roa (raw, json)
Hash identifier: 6RGYOpYDwgofb1EN25omhpwwbOMW14sUqCUP8Ve4uOI=
Subject key identifier: 27:A8:6F:85:1E:0C:06:8D:D1:40:9D:5A:F9:85:09:73:08:EE:3C:9A
Certificate issuer: /CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Certificate serial: 173D
Authority key identifier: 4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/B3DE67AEDC8511EEA99D7154C4F9AE02.roa
Signing time: Thu 07 Mar 2024 13:22:10 +0000
ROA not before: Thu 07 Mar 2024 13:22:10 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 17911
IP address blocks: 122.129.64.0/24 maxlen: 24
122.129.65.0/24 maxlen: 24
122.129.66.0/24 maxlen: 24
122.129.67.0/24 maxlen: 24
122.129.68.0/24 maxlen: 24
122.129.69.0/24 maxlen: 24
122.129.70.0/24 maxlen: 24
122.129.71.0/24 maxlen: 24
122.129.72.0/24 maxlen: 24
122.129.73.0/24 maxlen: 24
122.129.74.0/24 maxlen: 24
122.129.75.0/24 maxlen: 24
122.129.76.0/24 maxlen: 24
122.129.77.0/24 maxlen: 24
122.129.78.0/24 maxlen: 24
122.129.79.0/24 maxlen: 24
122.129.80.0/24 maxlen: 24
122.129.81.0/24 maxlen: 24
122.129.82.0/24 maxlen: 24
122.129.83.0/24 maxlen: 24
122.129.84.0/24 maxlen: 24
122.129.85.0/24 maxlen: 24
122.129.88.0/24 maxlen: 24
122.129.89.0/24 maxlen: 24
122.129.90.0/24 maxlen: 24
122.129.91.0/24 maxlen: 24
122.129.92.0/24 maxlen: 24
122.129.93.0/24 maxlen: 24
122.129.94.0/24 maxlen: 24
122.129.95.0/24 maxlen: 24
203.128.0.0/24 maxlen: 24
203.128.1.0/24 maxlen: 24
203.128.2.0/24 maxlen: 24
203.128.3.0/24 maxlen: 24
203.128.4.0/24 maxlen: 24
203.128.5.0/24 maxlen: 24
203.128.6.0/24 maxlen: 24
203.128.7.0/24 maxlen: 24
203.128.8.0/24 maxlen: 24
203.128.9.0/24 maxlen: 24
203.128.10.0/24 maxlen: 24
203.128.11.0/24 maxlen: 24
203.128.12.0/24 maxlen: 24
203.128.13.0/24 maxlen: 24
203.128.14.0/24 maxlen: 24
203.128.15.0/24 maxlen: 24
203.128.16.0/24 maxlen: 24
203.128.17.0/24 maxlen: 24
203.128.18.0/24 maxlen: 24
203.128.19.0/24 maxlen: 24
203.128.20.0/24 maxlen: 24
203.128.21.0/24 maxlen: 24
203.128.22.0/24 maxlen: 24
203.128.24.0/24 maxlen: 24
203.128.25.0/24 maxlen: 24
203.128.26.0/24 maxlen: 24
203.128.27.0/24 maxlen: 24
203.128.28.0/24 maxlen: 24
203.128.29.0/24 maxlen: 24
203.128.30.0/24 maxlen: 24
203.128.31.0/24 maxlen: 24
2400:4f00::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 29 May 2024 17:08:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5949 (0x173d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139B49/serialNumber=4EE540A48AD973FBD831ABD02603B5FB0FB945BE
Validity
Not Before: Mar 7 13:22:10 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65e9bf82-101c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:58:e7:af:d3:81:ac:6b:e6:41:7c:fa:0f:66:
67:28:28:b7:06:fa:68:c3:e1:63:f7:c8:42:a8:5a:
e8:0c:0b:97:e4:59:28:e9:7e:83:ce:ac:ed:14:e1:
2b:4e:bb:64:83:fd:18:69:a3:a3:12:e7:ed:e5:90:
57:f8:6d:a4:ec:e1:5a:a1:52:fa:d1:08:70:2e:af:
e2:56:56:0e:97:86:fc:0e:00:10:6e:6e:c7:70:9f:
b2:a8:ce:73:8f:56:35:69:09:0e:ff:71:bc:1e:df:
b7:37:7f:b5:11:35:cb:4c:61:6a:ca:4a:7a:5c:8b:
ac:4e:76:56:08:f7:27:e5:1c:da:71:5e:e1:60:23:
97:0b:e0:91:ec:cb:46:9c:eb:60:34:6e:e4:e7:55:
b4:b1:fe:50:8d:9e:4f:82:e5:7d:47:6e:a1:72:8f:
3a:88:f1:65:85:72:01:03:b7:14:75:47:73:19:04:
f5:26:e6:6c:7a:62:a5:6f:1f:5a:7d:b6:25:b3:3a:
54:d0:8a:80:2d:62:9e:0d:51:20:ee:0c:b7:7b:11:
64:c4:e2:cd:c7:3b:d3:d7:98:35:97:8b:4b:c2:3d:
1e:5f:0f:1d:41:40:75:7a:77:be:9f:e8:c6:1a:4c:
d4:3b:9c:17:a0:c3:e3:74:06:3f:15:eb:e2:e4:f5:
74:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A8:6F:85:1E:0C:06:8D:D1:40:9D:5A:F9:85:09:73:08:EE:3C:9A
X509v3 Authority Key Identifier:
keyid:4E:E5:40:A4:8A:D9:73:FB:D8:31:AB:D0:26:03:B5:FB:0F:B9:45:BE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/TuVApIrZc_vYMavQJgO1-w-5Rb4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TuVApIrZc_vYMavQJgO1-w-5Rb4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139B49/0780B990C9F811E79EF12009C4F9AE02/B3DE67AEDC8511EEA99D7154C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
122.129.64.0-122.129.85.255
122.129.88.0/21
203.128.0.0-203.128.22.255
203.128.24.0/21
IPv6:
2400:4f00::/36
Signature Algorithm: sha256WithRSAEncryption
0e:af:51:c6:51:d5:08:61:7a:f0:60:ec:a6:6f:04:90:d5:95:
65:8d:fc:9f:28:06:6b:b8:f7:2f:56:43:a6:0f:46:bf:e4:43:
2e:4d:fc:38:54:90:75:a4:9b:ac:09:be:2e:13:df:63:90:ea:
36:33:17:58:76:60:d7:41:76:ee:50:d6:a2:b0:fd:ba:2e:bb:
e9:4f:3b:46:57:01:f2:e7:42:13:99:2e:71:ce:af:15:28:cd:
20:0c:81:90:8c:b6:16:0d:12:5e:b7:53:44:2d:97:47:de:83:
a9:65:86:6e:fd:05:f2:dd:0b:de:1d:b0:51:0d:f8:21:7c:0f:
97:b8:27:40:7f:9f:ad:3e:ed:1c:15:a0:d7:e4:47:65:a0:df:
06:df:32:a9:28:89:e5:e9:86:47:7a:8d:98:27:46:4a:6f:a2:
9e:cc:a0:6a:46:a2:7f:c0:0f:30:75:51:78:50:27:99:de:a8:
f3:fe:05:52:9d:67:a6:f9:fc:45:b1:c4:e1:d5:35:fa:90:91:
2a:9f:29:d2:56:6f:50:bc:06:f1:59:1d:97:f5:b9:47:56:a0:
ec:ab:a4:bc:42:9a:5d:38:8a:06:51:03:ec:12:2d:94:0a:f8:
8a:e0:3f:45:85:9b:d1:f4:07:c1:9b:27:84:54:4d:7a:c5:ab:
28:15:c0:f1
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgICFz0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzlCNDkxMTAvBgNVBAUTKDRFRTU0MEE0OEFEOTczRkJEODMxQUJEMDI2MDNCNUZC
MEZCOTQ1QkUwHhcNMjQwMzA3MTMyMjEwWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWU5YmY4Mi0xMDFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAk1jnr9OBrGvmQXz6D2ZnKCi3Bvpow+Fj98hCqFroDAuX5Fko6X6DzqztFOEr
Trtkg/0YaaOjEuft5ZBX+G2k7OFaoVL60QhwLq/iVlYOl4b8DgAQbm7HcJ+yqM5z
j1Y1aQkO/3G8Ht+3N3+1ETXLTGFqykp6XIusTnZWCPcn5RzacV7hYCOXC+CR7MtG
nOtgNG7k51W0sf5QjZ5PguV9R26hco86iPFlhXIBA7cUdUdzGQT1JuZsemKlbx9a
fbYlszpU0IqALWKeDVEg7gy3exFkxOLNxzvT15g1l4tLwj0eXw8dQUB1ene+n+jG
GkzUO5wXoMPjdAY/Fevi5PV0uQIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFCeob4Ue
DAaN0UCdWvmFCXMI7jyaMB8GA1UdIwQYMBaAFE7lQKSK2XP72DGr0CYDtfsPuUW+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOUI0OS8wNzgwQjk5MEM5
RjgxMUU3OUVGMTIwMDlDNEY5QUUwMi9UdVZBcElyWmNfdllNYXZRSmdPMS13LTVS
YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R1VkFwSXJaY192WU1hdlFKZ08xLXctNVJiNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzlCNDkvMDc4MEI5OTBDOUY4MTFFNzlFRjEyMDA5QzRGOUFFMDIvQjNERTY3QUVE
Qzg1MTFFRUE5OUQ3MTU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQcBAf8E
QTA/MC0EAgABMCcwDAMEBnqBQAMEAXqBVAMEA3qBWDALAwMHy4ADBADLgBYDBAPL
gBgwDgQCAAIwCAMGBCQATwAAMA0GCSqGSIb3DQEBCwUAA4IBAQAOr1HGUdUIYXrw
YOymbwSQ1ZVljfyfKAZruPcvVkOmD0a/5EMuTfw4VJB1pJusCb4uE99jkOo2MxdY
dmDXQXbuUNaisP26LrvpTztGVwHy50ITmS5xzq8VKM0gDIGQjLYWDRJet1NELZdH
3oOpZYZu/QXy3QveHbBRDfghfA+XuCdAf5+tPu0cFaDX5EdloN8G3zKpKInl6YZH
eo2YJ0ZKb6KezKBqRqJ/wA8wdVF4UCeZ3qjz/gVSnWem+fxFscTh1TX6kJEqnynS
Vm9QvAbxWR2X9blHVqDsq6S8QppdOIoGUQPsEi2UCviK4D9FhZvR9AfBmyeEVE16
xasoFcDx
-----END CERTIFICATE-----
Generated at Wed May 22 18:46:44 2024 by rpki-client on console-fra.rpki-client.org