Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CC92F19EEF1811ED96D1F733C4F9AE02.roa
File: CC92F19EEF1811ED96D1F733C4F9AE02.roa (raw, json)
Hash identifier: JK1fVlJM1nKFAgajtyzxETLBOSqTGRf4cbgWhvphnfw=
Subject key identifier: DF:4C:C0:C9:52:74:92:A3:96:28:4D:E9:EB:F9:79:D4:65:50:6A:B6
Certificate issuer: /CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Certificate serial: 118D
Authority key identifier: C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CC92F19EEF1811ED96D1F733C4F9AE02.roa
Signing time: Tue 12 Sep 2023 17:55:22 +0000
ROA not before: Tue 12 Sep 2023 17:55:22 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 9874
IP address blocks: 27.54.0.0/18 maxlen: 24
61.8.235.0/24 maxlen: 24
61.8.236.0/24 maxlen: 24
101.127.200.0/22 maxlen: 24
101.127.204.0/23 maxlen: 24
113.10.64.0/18 maxlen: 24
122.11.150.0/23 maxlen: 24
122.11.152.0/21 maxlen: 24
122.11.169.0/24 maxlen: 24
122.11.170.0/23 maxlen: 24
122.11.172.0/24 maxlen: 24
122.11.216.0/24 maxlen: 24
122.11.217.0/24 maxlen: 24
122.11.218.0/24 maxlen: 24
122.11.219.0/24 maxlen: 24
124.155.192.0/19 maxlen: 24
171.0.0.0/15 maxlen: 15
171.0.0.0/16 maxlen: 24
171.1.0.0/16 maxlen: 24
171.207.0.0/16 maxlen: 24
183.90.0.0/19 maxlen: 24
183.90.32.0/21 maxlen: 24
183.90.32.0/24 maxlen: 24
183.90.33.0/24 maxlen: 24
183.90.34.0/24 maxlen: 24
183.90.36.0/24 maxlen: 24
183.90.37.0/24 maxlen: 24
183.90.38.0/24 maxlen: 24
183.90.40.0/24 maxlen: 24
203.116.22.0/24 maxlen: 24
203.116.107.0/24 maxlen: 24
203.116.116.0/24 maxlen: 24
203.116.119.0/24 maxlen: 24
203.116.133.0/24 maxlen: 24
203.116.149.0/24 maxlen: 24
203.116.150.0/24 maxlen: 24
203.116.181.0/24 maxlen: 24
203.116.211.0/24 maxlen: 24
203.116.222.0/24 maxlen: 24
203.117.40.0/23 maxlen: 24
203.117.56.0/21 maxlen: 24
203.117.246.0/24 maxlen: 24
203.117.247.0/24 maxlen: 24
203.117.248.0/22 maxlen: 24
203.117.252.0/23 maxlen: 24
2406:3000:8:4030::/60 maxlen: 60
2406:3002:20::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 18:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4493 (0x118d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91402DC/serialNumber=C2B9F5F3C68C576727239B92A93B36297D1B1653
Validity
Not Before: Sep 12 17:55:22 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6500a609-6791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:da:f1:02:e7:16:ef:9e:0e:fa:26:91:24:77:
11:c1:27:0d:be:01:7f:b2:f6:c1:e4:3f:e5:02:59:
15:60:b3:8d:b4:52:45:89:32:c3:c8:3f:83:de:31:
6d:c2:12:65:7c:04:1d:7c:37:9a:49:43:52:b4:00:
29:ea:be:91:ca:dc:03:00:c7:ec:2a:64:b0:dd:0a:
6f:84:84:17:5a:ad:df:72:45:d6:42:8d:73:af:49:
d2:27:2b:5b:46:0d:32:7b:76:5a:68:d5:b8:2a:ec:
11:b3:67:9a:d1:e1:6b:d7:49:f2:d6:ce:c2:8c:d5:
94:55:7f:72:e1:2f:7e:1a:97:ee:ee:2b:3e:d0:2e:
70:32:08:17:0c:78:68:3b:4f:bc:17:0d:39:fa:25:
38:1b:d9:66:56:30:1f:44:77:3c:61:7e:3d:cf:a1:
05:b3:8b:b2:e7:8b:2b:53:c9:8c:cc:17:10:3b:4e:
39:5e:9e:6d:2e:66:ba:8d:bf:03:f3:6b:ba:eb:66:
46:55:c1:00:a1:6d:13:b1:27:ca:66:b5:5e:00:70:
6a:1f:85:36:64:a8:8a:9c:29:a0:eb:b3:68:25:38:
c7:76:48:05:be:5c:2f:c7:ac:74:11:a3:6b:ae:b6:
be:b2:fa:b5:85:5b:a9:af:f1:ae:9f:05:a9:42:8c:
da:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:4C:C0:C9:52:74:92:A3:96:28:4D:E9:EB:F9:79:D4:65:50:6A:B6
X509v3 Authority Key Identifier:
keyid:C2:B9:F5:F3:C6:8C:57:67:27:23:9B:92:A9:3B:36:29:7D:1B:16:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/wrn188aMV2cnI5uSqTs2KX0bFlM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wrn188aMV2cnI5uSqTs2KX0bFlM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91402DC/2D51AF42FD3E11E888C53944C4F9AE02/CC92F19EEF1811ED96D1F733C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.0.0/18
61.8.235.0-61.8.236.255
101.127.200.0-101.127.205.255
113.10.64.0/18
122.11.150.0-122.11.159.255
122.11.169.0-122.11.172.255
122.11.216.0/22
124.155.192.0/19
171.0.0.0/15
171.207.0.0/16
183.90.0.0-183.90.40.255
203.116.22.0/24
203.116.107.0/24
203.116.116.0/24
203.116.119.0/24
203.116.133.0/24
203.116.149.0-203.116.150.255
203.116.181.0/24
203.116.211.0/24
203.116.222.0/24
203.117.40.0/23
203.117.56.0/21
203.117.246.0-203.117.253.255
IPv6:
2406:3000:8:4030::/60
2406:3002:20::/48
Signature Algorithm: sha256WithRSAEncryption
80:6e:f6:37:ab:83:ba:9e:61:64:0b:19:14:51:34:82:9b:c4:
85:14:37:87:75:a4:d5:3e:5d:95:84:82:a8:ac:65:65:25:23:
d8:88:4d:12:8b:97:3f:b3:ce:9b:1f:61:15:31:8a:0f:3a:34:
82:22:24:f6:d5:fa:5c:78:8b:38:82:94:36:d2:9b:17:46:88:
0d:f6:b1:1b:53:e9:03:00:3e:5c:fa:10:9a:c3:be:5e:92:31:
af:02:9d:1b:94:83:44:2b:52:36:8b:bd:ec:e5:19:6a:1a:28:
17:b0:9f:56:52:63:8d:f8:c5:d4:16:49:21:28:d8:38:9d:2d:
58:54:c2:fe:8b:91:57:a6:ff:66:28:01:6a:c4:37:24:06:86:
88:bc:67:4f:fe:2c:f1:d8:02:8d:35:dd:63:d7:63:ee:2b:57:
cf:61:18:55:dc:5d:b1:ac:a6:cb:81:4e:96:82:b4:f4:40:da:
40:3f:20:6c:c1:fd:f2:f1:c8:24:ed:a6:aa:cf:e3:76:df:38:
27:2c:7f:dd:08:a6:79:b5:c6:8e:9a:af:93:c2:19:16:91:01:
09:e0:67:49:2b:67:a3:e2:af:d6:6f:0d:25:86:f9:33:e8:1f:
0b:c8:61:0e:0a:23:d4:b9:18:73:3f:ce:30:8a:91:53:a7:17:
e7:6c:32:ad
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgICEY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAyREMxMTAvBgNVBAUTKEMyQjlGNUYzQzY4QzU3NjcyNzIzOUI5MkE5M0IzNjI5
N0QxQjE2NTMwHhcNMjMwOTEyMTc1NTIyWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTAwYTYwOS02NzkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvNrxAucW754O+iaRJHcRwScNvgF/svbB5D/lAlkVYLONtFJFiTLDyD+D3jFt
whJlfAQdfDeaSUNStAAp6r6RytwDAMfsKmSw3QpvhIQXWq3fckXWQo1zr0nSJytb
Rg0ye3ZaaNW4KuwRs2ea0eFr10ny1s7CjNWUVX9y4S9+Gpfu7is+0C5wMggXDHho
O0+8Fw05+iU4G9lmVjAfRHc8YX49z6EFs4uy54srU8mMzBcQO045Xp5tLma6jb8D
82u662ZGVcEAoW0TsSfKZrVeAHBqH4U2ZKiKnCmg67NoJTjHdkgFvlwvx6x0EaNr
rra+svq1hVupr/GunwWpQozahwIDAQABo4IDbzCCA2swHQYDVR0OBBYEFN9MwMlS
dJKjlihN6ev5edRlUGq2MB8GA1UdIwQYMBaAFMK59fPGjFdnJyObkqk7Nil9GxZT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDJEQy8yRDUxQUY0MkZE
M0UxMUU4ODhDNTM5NDRDNEY5QUUwMi93cm4xODhhTVYyY25JNXVTcVRzMktYMGJG
bE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dybjE4OGFNVjJjbkk1dVNxVHMyS1gwYkZsTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAyREMvMkQ1MUFGNDJGRDNFMTFFODg4QzUzOTQ0QzRGOUFFMDIvQ0M5MkYxOUVF
RjE4MTFFRDk2RDFGNzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfgGCCsGAQUFBwEHAQH/
BIHoMIHlMIHGBAIAATCBvwMEBhs2ADAMAwQAPQjrAwQAPQjsMAwDBANlf8gDBAFl
f8wDBAZxCkAwDAMEAXoLlgMEBXoLgDAMAwQAegupAwQAegusAwQCegvYAwQFfJvA
AwMBqwADAwCrzzALAwMBt1oDBAC3WigDBADLdBYDBADLdGsDBADLdHQDBADLdHcD
BADLdIUwDAMEAMt0lQMEAMt0lgMEAMt0tQMEAMt00wMEAMt03gMEAct1KAMEA8t1
ODAMAwQBy3X2AwQBy3X8MBoEAgACMBQDCQQkBjAAAAhAMAMHACQGMAIAIDANBgkq
hkiG9w0BAQsFAAOCAQEAgG72N6uDup5hZAsZFFE0gpvEhRQ3h3Wk1T5dlYSCqKxl
ZSUj2IhNEouXP7POmx9hFTGKDzo0giIk9tX6XHiLOIKUNtKbF0aIDfaxG1PpAwA+
XPoQmsO+XpIxrwKdG5SDRCtSNou97OUZahooF7CfVlJjjfjF1BZJISjYOJ0tWFTC
/ouRV6b/ZigBasQ3JAaGiLxnT/4s8dgCjTXdY9dj7itXz2EYVdxdsaymy4FOloK0
9EDaQD8gbMH98vHIJO2mqs/jdt84Jyx/3QimebXGjpqvk8IZFpEBCeBnSStno+Kv
1m8NJYb5M+gfC8hhDgoj1LkYcz/OMIqRU6cX52wyrQ==
-----END CERTIFICATE-----
Generated at Thu May 16 19:10:54 2024 by rpki-client on console-fra.rpki-client.org