Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/984BAD148A5D11EE9E6AA223C4F9AE02.roa
File: 984BAD148A5D11EE9E6AA223C4F9AE02.roa (raw, json)
Hash identifier: gSKCLTIWtQ+/pw1XuJxHRNgrb+o9wMOwRjYUM7bWK18=
Subject key identifier: 52:D9:B7:99:C2:C1:5E:29:0A:21:DF:E7:A1:E7:94:2E:06:E8:3C:2F
Certificate issuer: /CN=A913D1EA/serialNumber=E692C5B60B3EF1C2044439FC390AD56DC3CBCD63
Certificate serial: 0685
Authority key identifier: E6:92:C5:B6:0B:3E:F1:C2:04:44:39:FC:39:0A:D5:6D:C3:CB:CD:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5pLFtgs-8cIERDn8OQrVbcPLzWM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/984BAD148A5D11EE9E6AA223C4F9AE02.roa
Signing time: Thu 04 Jan 2024 05:31:28 +0000
ROA not before: Thu 04 Jan 2024 05:31:28 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 135607
IP address blocks: 61.245.4.0/24 maxlen: 24
61.245.5.0/24 maxlen: 24
61.245.6.0/24 maxlen: 24
61.245.7.0/24 maxlen: 24
61.245.8.0/24 maxlen: 24
61.245.9.0/24 maxlen: 24
61.245.12.0/24 maxlen: 24
61.245.13.0/24 maxlen: 24
61.245.14.0/24 maxlen: 24
61.245.15.0/24 maxlen: 24
61.245.16.0/24 maxlen: 24
61.245.17.0/24 maxlen: 24
61.245.18.0/24 maxlen: 24
61.245.19.0/24 maxlen: 24
61.245.20.0/24 maxlen: 24
61.245.21.0/24 maxlen: 24
61.245.22.0/24 maxlen: 24
61.245.23.0/24 maxlen: 24
61.245.24.0/24 maxlen: 24
61.245.25.0/24 maxlen: 24
61.245.26.0/24 maxlen: 24
61.245.27.0/24 maxlen: 24
61.245.28.0/24 maxlen: 24
61.245.29.0/24 maxlen: 24
61.245.30.0/24 maxlen: 24
103.76.160.0/23 maxlen: 23
103.76.160.0/24 maxlen: 24
103.76.161.0/24 maxlen: 24
103.100.100.0/23 maxlen: 23
103.100.100.0/24 maxlen: 24
103.100.101.0/24 maxlen: 24
126.209.0.0/24 maxlen: 24
126.209.1.0/24 maxlen: 24
126.209.2.0/24 maxlen: 24
126.209.3.0/24 maxlen: 24
126.209.4.0/24 maxlen: 24
126.209.5.0/24 maxlen: 24
126.209.6.0/24 maxlen: 24
126.209.7.0/24 maxlen: 24
126.209.8.0/24 maxlen: 24
126.209.9.0/24 maxlen: 24
126.209.10.0/24 maxlen: 24
126.209.11.0/24 maxlen: 24
126.209.12.0/24 maxlen: 24
126.209.13.0/24 maxlen: 24
126.209.14.0/24 maxlen: 24
126.209.15.0/24 maxlen: 24
126.209.16.0/24 maxlen: 24
126.209.17.0/24 maxlen: 24
126.209.18.0/24 maxlen: 24
126.209.19.0/24 maxlen: 24
126.209.20.0/24 maxlen: 24
126.209.21.0/24 maxlen: 24
126.209.22.0/24 maxlen: 24
126.209.23.0/24 maxlen: 24
126.209.24.0/24 maxlen: 24
126.209.25.0/24 maxlen: 24
126.209.26.0/24 maxlen: 24
126.209.27.0/24 maxlen: 24
126.209.28.0/24 maxlen: 24
126.209.29.0/24 maxlen: 24
126.209.30.0/24 maxlen: 24
126.209.31.0/24 maxlen: 24
2401:e740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/5pLFtgs-8cIERDn8OQrVbcPLzWM.crl
rsync://rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/5pLFtgs-8cIERDn8OQrVbcPLzWM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5pLFtgs-8cIERDn8OQrVbcPLzWM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 23:13:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1669 (0x685)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913D1EA/serialNumber=E692C5B60B3EF1C2044439FC390AD56DC3CBCD63
Validity
Not Before: Jan 4 05:31:28 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=659642b0-2881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:26:8f:45:32:41:dd:52:b3:be:ba:bb:5c:c0:
21:09:e5:79:4e:39:08:26:1d:f4:23:28:6e:3d:5a:
a6:12:80:aa:85:2d:45:3a:8d:c3:43:a9:0b:e1:e1:
9a:bd:c1:20:52:e6:93:e6:68:c0:f5:16:0e:c6:fd:
54:07:f9:42:af:47:07:b4:9c:3c:a3:ee:e4:09:fe:
65:0c:e8:20:19:8e:a2:70:58:b6:66:13:a7:ea:c4:
a4:8b:1f:f5:2c:13:a0:a7:cc:9d:f9:9b:6f:86:c7:
cc:f5:53:f1:6f:1b:6f:8b:96:41:68:7e:c7:e0:47:
c8:4f:27:db:76:25:cc:fb:8e:8e:cb:1e:18:51:48:
d7:e1:b3:22:26:1e:b0:70:df:75:db:5b:eb:c2:69:
59:9d:d6:bc:39:6f:78:f4:6b:76:5d:6b:d3:fe:3c:
31:fb:70:e5:1f:3c:d0:5f:b2:e4:48:94:86:92:07:
57:c3:17:68:72:8c:44:ba:4d:66:98:6d:24:32:43:
13:28:1a:ad:45:f3:a8:50:3e:70:3b:00:0a:5c:7c:
47:ec:c5:94:bf:57:b7:4f:17:c8:ed:b8:6b:41:6d:
19:16:a8:8f:79:dc:ac:e9:9e:8f:4e:8a:76:e8:94:
df:ab:3e:3c:65:5c:b3:eb:e0:18:98:8e:73:ba:39:
e1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D9:B7:99:C2:C1:5E:29:0A:21:DF:E7:A1:E7:94:2E:06:E8:3C:2F
X509v3 Authority Key Identifier:
keyid:E6:92:C5:B6:0B:3E:F1:C2:04:44:39:FC:39:0A:D5:6D:C3:CB:CD:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/5pLFtgs-8cIERDn8OQrVbcPLzWM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5pLFtgs-8cIERDn8OQrVbcPLzWM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913D1EA/9C932B48173A11EBA3B97E7FC4F9AE02/984BAD148A5D11EE9E6AA223C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.245.4.0-61.245.9.255
61.245.12.0-61.245.30.255
103.76.160.0/23
103.100.100.0/23
126.209.0.0/19
IPv6:
2401:e740::/32
Signature Algorithm: sha256WithRSAEncryption
6e:c2:10:00:76:a3:78:5e:7a:74:5c:08:6e:24:67:ac:27:1c:
c0:fd:8b:48:d5:9f:65:a7:35:8d:6d:40:b9:10:30:2c:fe:61:
7f:06:b5:ce:40:8d:3e:1d:0c:26:2f:3d:d7:f6:9b:2f:5a:50:
ee:ec:11:31:5c:a1:0a:a3:91:84:ea:a3:ed:56:ce:0e:59:7a:
8f:53:f5:10:b6:35:cb:e9:77:53:da:6f:c6:19:db:f5:c9:d4:
41:d8:a5:11:75:7f:3c:a6:35:57:e7:5c:f4:de:e7:e5:ae:92:
02:55:c1:39:ca:bd:0a:0e:14:2a:a2:ac:10:bf:1b:b2:cc:7c:
a2:6a:e5:db:84:7d:45:e9:9f:25:aa:03:4e:50:4f:ea:ce:1a:
29:d2:11:6c:38:1c:53:1d:87:d4:f2:c7:f1:7c:7a:bc:7e:97:
6e:46:d4:a2:a0:c2:b8:e7:4a:6c:93:0a:6f:04:59:aa:46:b9:
11:ee:f0:b2:3c:81:81:54:85:16:6f:48:e5:42:37:67:c2:20:
f5:80:e4:b5:9c:4a:f3:82:b8:3b:35:c0:11:d7:1d:a6:5d:f8:
5d:47:85:98:58:1c:5d:02:f8:93:ca:cd:73:c9:41:a5:08:a5:
3c:4a:37:e9:d4:a0:be:b5:06:62:f3:27:48:fa:be:fa:96:67:
bd:67:f5:84
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgICBoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0QxRUExMTAvBgNVBAUTKEU2OTJDNUI2MEIzRUYxQzIwNDQ0MzlGQzM5MEFENTZE
QzNDQkNENjMwHhcNMjQwMTA0MDUzMTI4WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk2NDJiMC0yODgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyyaPRTJB3VKzvrq7XMAhCeV5TjkIJh30IyhuPVqmEoCqhS1FOo3DQ6kL4eGa
vcEgUuaT5mjA9RYOxv1UB/lCr0cHtJw8o+7kCf5lDOggGY6icFi2ZhOn6sSkix/1
LBOgp8yd+ZtvhsfM9VPxbxtvi5ZBaH7H4EfITyfbdiXM+46Oyx4YUUjX4bMiJh6w
cN9121vrwmlZnda8OW949Gt2XWvT/jwx+3DlHzzQX7LkSJSGkgdXwxdocoxEuk1m
mG0kMkMTKBqtRfOoUD5wOwAKXHxH7MWUv1e3TxfI7bhrQW0ZFqiPedys6Z6PTop2
6JTfqz48ZVyz6+AYmI5zujnhowIDAQABo4ICzDCCAsgwHQYDVR0OBBYEFFLZt5nC
wV4pCiHf56HnlC4G6DwvMB8GA1UdIwQYMBaAFOaSxbYLPvHCBEQ5/DkK1W3Dy81j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRDFFQS85QzkzMkI0ODE3
M0ExMUVCQTNCOTdFN0ZDNEY5QUUwMi81cExGdGdzLThjSUVSRG44T1FyVmJjUEx6
V00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVwTEZ0Z3MtOGNJRVJEbjhPUXJWYmNQTHpXTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0QxRUEvOUM5MzJCNDgxNzNBMTFFQkEzQjk3RTdGQzRGOUFFMDIvOTg0QkFEMTQ4
QTVEMTFFRTlFNkFBMjIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVgYIKwYBBQUHAQcBAf8E
RzBFMDQEAgABMC4wDAMEAj31BAMEAT31CDAMAwQCPfUMAwQAPfUeAwQBZ0ygAwQB
Z2RkAwQFftEAMA0EAgACMAcDBQAkAedAMA0GCSqGSIb3DQEBCwUAA4IBAQBuwhAA
dqN4Xnp0XAhuJGesJxzA/YtI1Z9lpzWNbUC5EDAs/mF/BrXOQI0+HQwmLz3X9psv
WlDu7BExXKEKo5GE6qPtVs4OWXqPU/UQtjXL6XdT2m/GGdv1ydRB2KURdX88pjVX
51z03uflrpICVcE5yr0KDhQqoqwQvxuyzHyiauXbhH1F6Z8lqgNOUE/qzhop0hFs
OBxTHYfU8sfxfHq8fpduRtSioMK450pskwpvBFmqRrkR7vCyPIGBVIUWb0jlQjdn
wiD1gOS1nErzgrg7NcAR1x2mXfhdR4WYWBxdAviTys1zyUGlCKU8Sjfp1KC+tQZi
8ydI+r76lme9Z/WE
-----END CERTIFICATE-----
Generated at Fri May 17 00:19:43 2024 by rpki-client on console-ams.rpki-client.org