Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/005CDC821F1411EC85E08546C4F9AE02.roa
File: 005CDC821F1411EC85E08546C4F9AE02.roa (raw, json)
Hash identifier: 2LEw81p+Fk53aVNuSL1CxAKcvp9Ob9XvQt2+L6XI7mo=
Subject key identifier: 56:B1:91:09:15:F4:A8:C1:20:F8:E4:4D:8F:80:CA:0B:B8:23:CA:69
Certificate issuer: /CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101
Certificate serial: 061F
Authority key identifier: 21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/005CDC821F1411EC85E08546C4F9AE02.roa
Signing time: Mon 14 Oct 2024 22:52:29 +0000
ROA not before: Mon 14 Oct 2024 22:52:29 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 23655
IP address blocks: 151.210.128.0/17 maxlen: 17
151.210.128.0/23 maxlen: 23
151.210.130.0/23 maxlen: 23
151.210.132.0/23 maxlen: 23
151.210.134.0/23 maxlen: 23
151.210.136.0/23 maxlen: 23
151.210.138.0/23 maxlen: 23
151.210.140.0/23 maxlen: 23
151.210.142.0/23 maxlen: 23
151.210.144.0/23 maxlen: 23
151.210.146.0/23 maxlen: 23
151.210.148.0/23 maxlen: 23
151.210.150.0/23 maxlen: 23
151.210.152.0/23 maxlen: 23
151.210.154.0/23 maxlen: 23
151.210.156.0/23 maxlen: 23
151.210.158.0/23 maxlen: 23
151.210.160.0/23 maxlen: 23
151.210.162.0/23 maxlen: 23
151.210.164.0/23 maxlen: 23
151.210.166.0/23 maxlen: 23
151.210.168.0/23 maxlen: 23
151.210.170.0/23 maxlen: 23
151.210.172.0/23 maxlen: 23
151.210.174.0/23 maxlen: 23
151.210.224.0/23 maxlen: 23
151.210.226.0/23 maxlen: 23
151.210.228.0/23 maxlen: 23
151.210.230.0/23 maxlen: 23
151.210.232.0/23 maxlen: 23
151.210.234.0/23 maxlen: 23
151.210.236.0/23 maxlen: 23
151.210.238.0/23 maxlen: 23
151.210.240.0/23 maxlen: 23
151.210.242.0/23 maxlen: 23
151.210.244.0/23 maxlen: 23
151.210.246.0/23 maxlen: 23
151.210.248.0/23 maxlen: 23
151.210.250.0/23 maxlen: 23
151.210.252.0/23 maxlen: 23
151.210.254.0/23 maxlen: 23
165.84.0.0/19 maxlen: 19
165.84.48.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl
rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1567 (0x61f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA/serialNumber=218A8AA050267B0805E3FDC8A939BF8FBCB00101
Validity
Not Before: Oct 14 22:52:29 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=670da0ac-a844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:31:4a:5f:59:04:ef:51:6d:8a:a8:c7:da:8c:
5c:84:c9:db:8f:1a:76:ac:bd:13:00:4d:33:61:69:
48:b3:52:78:39:c9:f4:1a:a2:38:07:75:5a:5f:f0:
51:26:4f:30:52:f5:43:20:92:da:f8:fa:d3:ca:fa:
19:14:df:d2:9c:f4:6c:ae:36:b8:df:16:c6:bf:b1:
f9:94:ac:88:c2:7b:de:7b:ab:11:e6:09:eb:84:12:
37:37:69:10:ba:b4:d5:ae:c0:11:ec:c7:08:9a:41:
c2:6d:3b:c3:b2:99:46:13:22:93:62:0d:9e:58:ba:
cb:95:5d:a3:8e:8f:d8:a7:27:6e:45:0f:96:06:8e:
2a:63:7e:34:77:e5:5e:e5:64:4c:47:a2:5c:74:d6:
f4:50:81:71:2a:a9:0f:24:2d:fd:a8:75:41:5c:2f:
c9:bc:2f:9b:a8:8a:e2:0c:d5:de:ba:34:d1:8f:f7:
c2:6b:5c:91:87:42:cf:ab:36:8d:16:1c:dd:d6:4f:
bb:56:ca:27:6a:00:c5:02:30:b8:72:3e:ee:87:9c:
fc:12:46:8f:cc:e9:9f:4a:1b:c2:fe:4e:88:ae:05:
5f:33:cc:0f:64:fa:c3:7a:8b:36:bb:cf:a2:93:59:
4f:23:78:d0:d9:90:fb:7b:75:9a:8f:ea:fb:11:49:
35:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B1:91:09:15:F4:A8:C1:20:F8:E4:4D:8F:80:CA:0B:B8:23:CA:69
X509v3 Authority Key Identifier:
keyid:21:8A:8A:A0:50:26:7B:08:05:E3:FD:C8:A9:39:BF:8F:BC:B0:01:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/IYqKoFAmewgF4_3IqTm_j7ywAQE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IYqKoFAmewgF4_3IqTm_j7ywAQE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8658E46686C111EBBAB3184BC4F9AE02/005CDC821F1411EC85E08546C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
151.210.128.0/17
165.84.0.0/19
165.84.48.0/20
Signature Algorithm: sha256WithRSAEncryption
6d:ce:09:72:7a:b5:38:5b:3a:f1:de:b2:41:20:5a:b5:86:fb:
a9:41:bb:b8:3c:4e:22:20:c9:0d:fa:f4:76:6b:ff:db:4b:75:
91:c5:e7:0c:96:ef:13:a3:13:7a:a6:38:7d:bc:15:35:5e:f7:
f5:06:82:47:97:7c:10:b5:e7:ac:41:6d:42:f7:d6:a5:c0:d8:
95:79:ac:92:9a:6b:bc:79:45:38:7a:bc:3d:9b:f7:0b:60:25:
c7:23:69:84:65:f2:fc:3d:15:17:8e:00:48:ce:06:71:2f:71:
19:2f:62:a8:6a:e6:70:54:29:19:62:11:c6:6e:c4:22:e9:d4:
e2:6e:2d:b8:2e:eb:2f:87:4d:82:8e:b7:10:2d:e3:36:95:12:
98:c0:cb:fc:e3:57:87:db:33:aa:40:07:55:f2:fc:d9:c8:50:
2a:dd:22:0f:a7:f1:d7:af:77:71:e6:8d:d9:48:fe:7b:20:ef:
78:35:e0:f7:96:5c:fc:c8:20:d9:60:4a:32:60:20:88:53:c7:
3d:44:48:43:ae:7e:d2:df:c8:75:52:fd:fa:b5:05:19:42:b6:
af:e5:f1:15:c2:cc:73:86:17:f4:6d:12:81:9c:09:78:d3:6f:
f4:53:3d:b4:de:2b:a7:df:b0:ad:96:4d:d7:96:6c:ed:ce:14:
83:cc:a8:85
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBh8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDIxOEE4QUEwNTAyNjdCMDgwNUUzRkRDOEE5MzlCRjhG
QkNCMDAxMDEwHhcNMjQxMDE0MjI1MjI5WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzBkYTBhYy1hODQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1TFKX1kE71FtiqjH2oxchMnbjxp2rL0TAE0zYWlIs1J4Ocn0GqI4B3VaX/BR
Jk8wUvVDIJLa+PrTyvoZFN/SnPRsrja43xbGv7H5lKyIwnvee6sR5gnrhBI3N2kQ
urTVrsAR7McImkHCbTvDsplGEyKTYg2eWLrLlV2jjo/YpyduRQ+WBo4qY340d+Ve
5WRMR6JcdNb0UIFxKqkPJC39qHVBXC/JvC+bqIriDNXeujTRj/fCa1yRh0LPqzaN
Fhzd1k+7VsonagDFAjC4cj7uh5z8EkaPzOmfShvC/k6IrgVfM8wPZPrDeos2u8+i
k1lPI3jQ2ZD7e3Waj+r7EUk10QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFFaxkQkV
9KjBIPjkTY+Aygu4I8ppMB8GA1UdIwQYMBaAFCGKiqBQJnsIBeP9yKk5v4+8sAEB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84NjU4RTQ2Njg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9JWXFLb0ZBbWV3Z0Y0XzNJcVRtX2o3eXdB
UUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0lZcUtvRkFtZXdnRjRfM0lxVG1fajd5d0FRRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvODY1OEU0NjY4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvMDA1Q0RDODIx
RjE0MTFFQzg1RTA4NTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAeX0oADBAWlVAADBASlVDAwDQYJKoZIhvcNAQELBQADggEB
AG3OCXJ6tThbOvHeskEgWrWG+6lBu7g8TiIgyQ369HZr/9tLdZHF5wyW7xOjE3qm
OH28FTVe9/UGgkeXfBC156xBbUL31qXA2JV5rJKaa7x5RTh6vD2b9wtgJccjaYRl
8vw9FReOAEjOBnEvcRkvYqhq5nBUKRliEcZuxCLp1OJuLbgu6y+HTYKOtxAt4zaV
EpjAy/zjV4fbM6pAB1Xy/NnIUCrdIg+n8devd3HmjdlI/nsg73g14PeWXPzIINlg
SjJgIIhTxz1ESEOuftLfyHVS/fq1BRlCtq/l8RXCzHOGF/RtEoGcCXjTb/RTPbTe
K6ffsK2WTdeWbO3OFIPMqIU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:39:24 2024 by rpki-client on console-fra.rpki-client.org