Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CB598446EF1811ED96D1F733C4F9AE02.roa
File: CB598446EF1811ED96D1F733C4F9AE02.roa (raw, json)
Hash identifier: 1N8PQIzATQN2WdunidsQGeBzPg3rlHcepUe0KtY47WI=
Subject key identifier: E4:E2:9E:50:7E:EC:A0:86:71:40:06:42:2F:23:91:C4:29:FE:2A:2B
Certificate issuer: /CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Certificate serial: 118C
Authority key identifier: C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CB598446EF1811ED96D1F733C4F9AE02.roa
Signing time: Tue 12 Sep 2023 17:55:21 +0000
ROA not before: Tue 12 Sep 2023 17:55:21 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 55430
IP address blocks: 27.125.128.0/18 maxlen: 24
39.109.128.0/17 maxlen: 24
58.96.192.0/18 maxlen: 24
101.127.0.0/17 maxlen: 24
101.127.128.0/18 maxlen: 24
101.127.240.0/21 maxlen: 24
103.17.146.0/24 maxlen: 24
182.19.128.0/17 maxlen: 24
182.55.0.0/16 maxlen: 24
183.90.0.0/17 maxlen: 24
2406:3003::/32 maxlen: 35
2406:3003::/32 maxlen: 36
2406:3003::/32 maxlen: 40
2406:3003::/36 maxlen: 39
2406:3003::/40 maxlen: 48
2406:3003:1000::/36 maxlen: 39
2406:3003:1000::/40 maxlen: 48
2406:3003:2000::/36 maxlen: 39
2406:3003:2000::/40 maxlen: 48
2406:3003:3000::/36 maxlen: 39
2406:3003:3000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 18:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4492 (0x118c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Validity
Not Before: Sep 12 17:55:21 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6500a608-3c4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a7:51:fe:b2:0b:89:a2:90:1a:66:e2:30:2a:
fd:ac:07:bf:36:ec:cc:e9:23:d0:d8:77:6f:31:9a:
7a:06:a1:c4:6c:a2:e3:72:35:d0:97:24:ff:2a:0f:
73:83:38:61:fc:23:b2:28:64:55:1f:2d:a5:51:b4:
47:b8:c6:1c:78:7b:08:33:7b:90:c9:21:ff:cc:4c:
44:23:6a:92:52:de:59:de:f7:fc:e3:8d:b5:4f:88:
a0:57:d9:f0:28:8d:79:79:ff:4a:ac:ad:82:8f:5c:
93:f8:1b:6d:42:ba:74:1d:3b:4b:3c:49:5e:53:52:
7f:71:4e:4b:51:99:24:ff:4c:01:72:c6:97:85:ff:
e7:20:76:2a:b9:bf:42:3b:f8:03:01:83:e1:6e:0c:
04:98:d0:be:dd:8b:6d:fb:8a:37:5e:10:ee:fa:c0:
35:4a:15:83:af:95:e9:bf:b5:a0:62:93:51:44:69:
8a:33:00:96:f1:da:9e:0c:97:2b:23:22:a3:13:21:
9d:75:ab:d5:9e:0a:46:b4:98:fb:dc:7b:6b:80:60:
a1:6b:6a:2f:b4:00:f1:ff:f2:aa:6e:82:97:57:3f:
49:9d:ab:a9:2d:c7:fb:75:53:93:20:aa:8b:e0:ae:
d9:12:4e:e1:e4:80:29:19:4a:4f:c4:14:f6:d6:c0:
74:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E2:9E:50:7E:EC:A0:86:71:40:06:42:2F:23:91:C4:29:FE:2A:2B
X509v3 Authority Key Identifier:
keyid:C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CB598446EF1811ED96D1F733C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.125.128.0/18
39.109.128.0/17
58.96.192.0/18
101.127.0.0-101.127.191.255
101.127.240.0/21
103.17.146.0/24
182.19.128.0/17
182.55.0.0/16
183.90.0.0/17
IPv6:
2406:3003::/32
Signature Algorithm: sha256WithRSAEncryption
83:a4:34:c9:4b:19:51:47:60:e3:98:b3:0d:11:01:8c:34:9a:
3c:cf:28:7a:64:23:f2:45:06:af:8b:46:82:05:93:ea:c4:04:
22:b5:41:5f:cf:da:57:24:73:68:3f:ed:a5:52:9f:c8:de:96:
8d:8f:b6:95:80:a8:d2:cf:2d:56:d8:3f:52:50:ce:a2:ea:b6:
c7:6c:34:74:e8:30:6c:46:8b:49:70:ff:4e:4e:64:60:c3:85:
13:6c:23:59:28:04:e6:0c:bd:3b:49:17:c0:d4:00:bd:13:53:
ae:7f:0c:23:07:26:eb:c1:54:cd:49:de:1a:a3:f5:f2:06:8c:
67:45:c4:30:86:9b:4c:e1:82:e3:f0:f8:be:ff:d2:08:3e:5c:
40:72:a0:26:9f:93:c7:11:a5:03:99:c5:7d:f0:89:30:3f:44:
ac:ea:a1:34:f0:a7:87:ea:86:5f:04:a5:70:56:69:53:69:e8:
3a:58:65:9f:2e:7f:71:c3:d8:4b:98:22:22:74:a2:d6:f6:da:
ed:53:be:cd:cc:74:a2:e5:19:97:9e:57:96:a8:38:66:73:a1:
1b:13:89:85:11:30:43:84:ce:57:1e:11:f7:0d:77:75:8f:00:
32:c5:f4:5d:e1:91:40:93:30:f0:4d:36:4e:a8:ad:6b:64:95:
8a:8e:5b:6c
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICEYwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAyREMxMTAvBgNVBAUTKEMyQjlGNUYzQzY4QzU3NjcyNzIzOUI5MkE5M0IzNjI5
N0QxQjE2NTMwHhcNMjMwOTEyMTc1NTIxWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTAwYTYwOC0zYzRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApKdR/rILiaKQGmbiMCr9rAe/NuzM6SPQ2HdvMZp6BqHEbKLjcjXQlyT/Kg9z
gzhh/COyKGRVHy2lUbRHuMYceHsIM3uQySH/zExEI2qSUt5Z3vf84421T4igV9nw
KI15ef9KrK2Cj1yT+BttQrp0HTtLPEleU1J/cU5LUZkk/0wBcsaXhf/nIHYqub9C
O/gDAYPhbgwEmNC+3Ytt+4o3XhDu+sA1ShWDr5Xpv7WgYpNRRGmKMwCW8dqeDJcr
IyKjEyGddavVngpGtJj73HtrgGCha2ovtADx//KqboKXVz9JnaupLcf7dVOTIKqL
4K7ZEk7h5IApGUpPxBT21sB0UwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFOTinlB+
7KCGcUAGQi8jkcQp/iorMB8GA1UdIwQYMBaAFMK59fPGjFdnJyObkqk7Nil9GxZT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDJEQy8yRDUxQUY0MkZE
M0UxMUU4ODhDNTM5NDRDNEY5QUUwMi93cm4xODhhTVYyY25JNXVTcVRzMktYMGJG
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dybjE4OGFNVjJjbkk1dVNxVHMyS1gwYkZsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAyREMvMkQ1MUFGNDJGRDNFMTFFODg4QzUzOTQ0QzRGOUFFMDIvQ0I1OTg0NDZF
RjE4MTFFRDk2RDFGNzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAYbfYADBAcnbYADBAY6YMAwCwMDAGV/AwQGZX+AAwQDZX/w
AwQAZxGSAwQHthOAAwMAtjcDBAe3WgAwDQQCAAIwBwMFACQGMAMwDQYJKoZIhvcN
AQELBQADggEBAIOkNMlLGVFHYOOYsw0RAYw0mjzPKHpkI/JFBq+LRoIFk+rEBCK1
QV/P2lckc2g/7aVSn8jelo2PtpWAqNLPLVbYP1JQzqLqtsdsNHToMGxGi0lw/05O
ZGDDhRNsI1koBOYMvTtJF8DUAL0TU65/DCMHJuvBVM1J3hqj9fIGjGdFxDCGm0zh
guPw+L7/0gg+XEByoCafk8cRpQOZxX3wiTA/RKzqoTTwp4fqhl8EpXBWaVNp6DpY
ZZ8uf3HD2EuYIiJ0otb22u1Tvs3MdKLlGZeeV5aoOGZzoRsTiYURMEOEzlceEfcN
d3WPADLF9F3hkUCTMPBNNk6orWtklYqOW2w=
-----END CERTIFICATE-----
Generated at Thu May 16 19:10:54 2024 by rpki-client on console-fra.rpki-client.org