Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CC92F19EEF1811ED96D1F733C4F9AE02.roa
File: CC92F19EEF1811ED96D1F733C4F9AE02.roa (raw, json)
Hash identifier: GFNrQVb1wvfBgedxihD2Z8QNCQ3jWb2g3ubAHNMRqyI=
Subject key identifier: EB:B8:4D:81:22:59:AE:1E:96:BC:35:D8:F6:2D:68:85:09:9B:A8:28
Certificate issuer: /CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Certificate serial: 1265
Authority key identifier: C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CC92F19EEF1811ED96D1F733C4F9AE02.roa
Signing time: Sat 10 Aug 2024 17:44:55 +0000
ROA not before: Sat 10 Aug 2024 17:44:55 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 9874
IP address blocks: 27.54.0.0/18 maxlen: 24
61.8.235.0/24 maxlen: 24
61.8.236.0/24 maxlen: 24
101.127.200.0/22 maxlen: 24
101.127.204.0/23 maxlen: 24
113.10.64.0/18 maxlen: 24
122.11.150.0/23 maxlen: 24
122.11.152.0/21 maxlen: 24
122.11.169.0/24 maxlen: 24
122.11.170.0/23 maxlen: 24
122.11.172.0/24 maxlen: 24
122.11.216.0/24 maxlen: 24
122.11.217.0/24 maxlen: 24
122.11.218.0/24 maxlen: 24
122.11.219.0/24 maxlen: 24
124.155.192.0/19 maxlen: 24
171.0.0.0/15 maxlen: 15
171.0.0.0/16 maxlen: 24
171.1.0.0/16 maxlen: 24
171.207.0.0/16 maxlen: 24
183.90.0.0/19 maxlen: 24
183.90.32.0/21 maxlen: 24
183.90.32.0/24 maxlen: 24
183.90.33.0/24 maxlen: 24
183.90.34.0/24 maxlen: 24
183.90.36.0/24 maxlen: 24
183.90.37.0/24 maxlen: 24
183.90.38.0/24 maxlen: 24
183.90.40.0/24 maxlen: 24
203.116.22.0/24 maxlen: 24
203.116.107.0/24 maxlen: 24
203.116.116.0/24 maxlen: 24
203.116.119.0/24 maxlen: 24
203.116.133.0/24 maxlen: 24
203.116.149.0/24 maxlen: 24
203.116.150.0/24 maxlen: 24
203.116.181.0/24 maxlen: 24
203.116.211.0/24 maxlen: 24
203.116.222.0/24 maxlen: 24
203.117.40.0/23 maxlen: 24
203.117.56.0/21 maxlen: 24
203.117.246.0/24 maxlen: 24
203.117.247.0/24 maxlen: 24
203.117.248.0/22 maxlen: 24
203.117.252.0/23 maxlen: 24
2406:3000:8:4030::/60 maxlen: 60
2406:3002:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 17:13:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4709 (0x1265)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Validity
Not Before: Aug 10 17:44:55 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66b7a717-7bca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8c:90:48:7b:d5:e3:ad:eb:a6:97:31:a2:72:
aa:9f:9e:b6:b7:f2:16:31:6e:e6:32:61:b6:f6:bf:
2e:6d:51:d8:c7:40:17:fc:8d:76:f1:54:f5:0e:0f:
d8:a3:46:8f:8a:11:cc:3f:75:1d:78:22:28:bd:1f:
bc:d4:2e:77:87:29:22:94:3e:a6:0a:48:ba:3d:aa:
d7:ee:b4:0c:ff:39:f4:e0:5c:88:45:16:41:a2:50:
3c:ca:9f:45:4f:b9:ae:06:ab:74:cf:2f:ab:17:57:
d9:e9:99:fc:7f:76:7a:4d:75:50:6f:d3:9b:3b:51:
8b:f0:2e:d5:ef:d2:6b:75:3a:bb:53:21:b5:f4:5e:
0c:7f:59:ca:5f:42:ff:d4:cf:71:d4:ed:c6:61:1a:
af:d5:c3:98:86:d3:9f:3f:01:f6:f4:92:dd:51:a5:
1e:1d:db:95:47:31:db:61:d4:98:e7:3d:02:b3:8b:
70:c8:09:1a:af:df:c2:83:3e:1b:fb:1e:bd:be:de:
12:e9:95:12:dd:48:89:8e:a1:73:18:e9:e8:eb:94:
c5:98:66:93:06:80:8d:d4:7e:3d:04:63:a1:56:37:
ab:2f:a8:cd:4e:0d:4b:6c:1d:cc:60:ca:f2:7b:6d:
47:65:1b:6c:fa:94:d7:96:6c:b8:dd:0c:ea:30:29:
5b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B8:4D:81:22:59:AE:1E:96:BC:35:D8:F6:2D:68:85:09:9B:A8:28
X509v3 Authority Key Identifier:
keyid:C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CC92F19EEF1811ED96D1F733C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.0.0/18
61.8.235.0-61.8.236.255
101.127.200.0-101.127.205.255
113.10.64.0/18
122.11.150.0-122.11.159.255
122.11.169.0-122.11.172.255
122.11.216.0/22
124.155.192.0/19
171.0.0.0/15
171.207.0.0/16
183.90.0.0-183.90.40.255
203.116.22.0/24
203.116.107.0/24
203.116.116.0/24
203.116.119.0/24
203.116.133.0/24
203.116.149.0-203.116.150.255
203.116.181.0/24
203.116.211.0/24
203.116.222.0/24
203.117.40.0/23
203.117.56.0/21
203.117.246.0-203.117.253.255
IPv6:
2406:3000:8:4030::/60
2406:3002:20::/48
Signature Algorithm: sha256WithRSAEncryption
b6:bf:1a:78:72:25:4d:83:1e:6e:04:97:91:ff:46:51:07:c0:
9e:d9:5c:9a:a8:48:52:b9:66:6f:de:45:cf:59:13:a4:71:3a:
53:a7:3f:c1:4d:af:39:eb:40:a3:d5:5c:16:68:c9:23:5b:c6:
ab:72:93:23:7e:5a:9b:3b:c5:6c:93:95:90:e9:9d:4d:f4:28:
6e:86:b8:68:3d:19:d2:cc:84:8e:04:59:87:56:bd:52:d1:60:
3e:4c:9e:a7:88:f7:0b:6e:4f:37:7e:ac:c5:3a:bd:71:af:10:
2b:be:27:6c:1a:33:1b:18:c0:be:cd:8f:7d:6b:85:2a:bc:2f:
7f:5d:2c:47:91:09:02:74:10:95:3b:84:8c:f4:ce:19:b7:18:
1d:ac:b0:cb:cf:be:28:40:4e:6c:bd:76:05:cc:30:6b:25:d9:
48:75:16:8a:57:b4:5c:7f:f4:9a:df:db:b1:0b:50:cf:d9:6f:
bc:e6:48:53:68:a3:4e:04:8b:44:57:cd:58:e8:89:f4:d2:b7:
54:23:a1:cc:47:7d:d0:53:7e:77:b1:b5:8f:5e:ba:4c:94:04:
aa:1e:73:69:9a:7a:06:14:e8:1d:17:ee:81:2c:41:8b:f3:71:
a0:e2:b7:bd:4b:2d:bc:11:ac:80:ce:3e:ea:10:d6:27:ba:d7:
73:3b:81:02
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgICEmUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAyREMxMTAvBgNVBAUTKEMyQjlGNUYzQzY4QzU3NjcyNzIzOUI5MkE5M0IzNjI5
N0QxQjE2NTMwHhcNMjQwODEwMTc0NDU1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI3YTcxNy03YmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxIyQSHvV463rppcxonKqn562t/IWMW7mMmG29r8ubVHYx0AX/I128VT1Dg/Y
o0aPihHMP3UdeCIovR+81C53hykilD6mCki6ParX7rQM/zn04FyIRRZBolA8yp9F
T7muBqt0zy+rF1fZ6Zn8f3Z6TXVQb9ObO1GL8C7V79JrdTq7UyG19F4Mf1nKX0L/
1M9x1O3GYRqv1cOYhtOfPwH29JLdUaUeHduVRzHbYdSY5z0Cs4twyAkar9/Cgz4b
+x69vt4S6ZUS3UiJjqFzGOno65TFmGaTBoCN1H49BGOhVjerL6jNTg1LbB3MYMry
e21HZRts+pTXlmy43QzqMClb8QIDAQABo4IDbzCCA2swHQYDVR0OBBYEFOu4TYEi
Wa4elrw12PYtaIUJm6goMB8GA1UdIwQYMBaAFMK59fPGjFdnJyObkqk7Nil9GxZT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDJEQy8yRDUxQUY0MkZE
M0UxMUU4ODhDNTM5NDRDNEY5QUUwMi93cm4xODhhTVYyY25JNXVTcVRzMktYMGJG
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dybjE4OGFNVjJjbkk1dVNxVHMyS1gwYkZsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAyREMvMkQ1MUFGNDJGRDNFMTFFODg4QzUzOTQ0QzRGOUFFMDIvQ0M5MkYxOUVF
RjE4MTFFRDk2RDFGNzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfgGCCsGAQUFBwEHAQH/
BIHoMIHlMIHGBAIAATCBvwMEBhs2ADAMAwQAPQjrAwQAPQjsMAwDBANlf8gDBAFl
f8wDBAZxCkAwDAMEAXoLlgMEBXoLgDAMAwQAegupAwQAegusAwQCegvYAwQFfJvA
AwMBqwADAwCrzzALAwMBt1oDBAC3WigDBADLdBYDBADLdGsDBADLdHQDBADLdHcD
BADLdIUwDAMEAMt0lQMEAMt0lgMEAMt0tQMEAMt00wMEAMt03gMEAct1KAMEA8t1
ODAMAwQBy3X2AwQBy3X8MBoEAgACMBQDCQQkBjAAAAhAMAMHACQGMAIAIDANBgkq
hkiG9w0BAQsFAAOCAQEAtr8aeHIlTYMebgSXkf9GUQfAntlcmqhIUrlmb95Fz1kT
pHE6U6c/wU2vOetAo9VcFmjJI1vGq3KTI35amzvFbJOVkOmdTfQoboa4aD0Z0syE
jgRZh1a9UtFgPkyep4j3C25PN36sxTq9ca8QK74nbBozGxjAvs2PfWuFKrwvf10s
R5EJAnQQlTuEjPTOGbcYHaywy8++KEBObL12BcwwayXZSHUWile0XH/0mt/bsQtQ
z9lvvOZIU2ijTgSLRFfNWOiJ9NK3VCOhzEd90FN+d7G1j166TJQEqh5zaZp6BhTo
HRfugSxBi/NxoOK3vUstvBGsgM4+6hDWJ7rXczuBAg==
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:05:16 2024 by rpki-client on console-ams.rpki-client.org