Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/60177FBCCCDF11EE9828E50CC4F9AE02.roa
File: 60177FBCCCDF11EE9828E50CC4F9AE02.roa (raw, json)
Hash identifier: 3Gnt7gJ3M/ierxjZGGWr+o9B8F1ZH099RnL8VEC2P60=
Subject key identifier: 59:41:7E:0A:09:F1:5D:5E:46:D1:88:67:F4:71:25:99:1D:88:DF:73
Certificate issuer: /CN=A9148C7B/serialNumber=17577F1E92EB33B2CDE6E489C0B9A99A2E02FDA3
Certificate serial: 3494
Authority key identifier: 17:57:7F:1E:92:EB:33:B2:CD:E6:E4:89:C0:B9:A9:9A:2E:02:FD:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/60177FBCCCDF11EE9828E50CC4F9AE02.roa
Signing time: Tue 22 Oct 2024 14:50:58 +0000
ROA not before: Tue 22 Oct 2024 14:50:58 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 138322
IP address blocks: 43.250.136.0/24 maxlen: 24
43.250.138.0/24 maxlen: 24
61.5.193.0/24 maxlen: 24
61.5.196.0/22 maxlen: 22
61.5.196.0/24 maxlen: 24
61.5.198.0/24 maxlen: 24
61.5.199.0/24 maxlen: 24
61.5.200.0/22 maxlen: 22
61.5.200.0/24 maxlen: 24
61.5.201.0/24 maxlen: 24
61.5.204.0/24 maxlen: 24
103.42.0.0/24 maxlen: 24
103.42.1.0/24 maxlen: 24
119.59.80.0/21 maxlen: 21
119.59.80.0/24 maxlen: 24
119.59.81.0/24 maxlen: 24
119.59.82.0/23 maxlen: 23
119.59.82.0/24 maxlen: 24
119.59.84.0/22 maxlen: 22
121.100.53.0/24 maxlen: 24
2400:e500::/48 maxlen: 48
2400:e500:2::/48 maxlen: 48
2400:e500:2f::/48 maxlen: 48
2400:e500:35::/48 maxlen: 48
2400:e500:36::/48 maxlen: 48
2400:e500:37::/48 maxlen: 48
2400:e500:38::/48 maxlen: 48
2400:e500:39::/48 maxlen: 48
2400:e500:3a::/48 maxlen: 48
2400:e500:3b::/48 maxlen: 48
2400:e500:3e::/48 maxlen: 48
2400:e500:90::/48 maxlen: 48
2400:e501::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.crl
rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:47:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13460 (0x3494)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148C7B/serialNumber=17577F1E92EB33B2CDE6E489C0B9A99A2E02FDA3
Validity
Not Before: Oct 22 14:50:58 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6717bbd2-7111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:05:2f:28:9d:47:f2:8c:64:ef:ce:54:6e:9c:
65:a0:16:ce:7d:b9:ea:44:3f:bb:8e:f8:cc:fd:22:
f8:35:b7:bd:5f:e6:bb:6c:c4:bf:64:c9:25:40:a9:
8b:2b:ea:43:e7:f6:e3:4d:e6:b1:37:5b:d1:ae:33:
e4:af:fd:1e:d5:60:ab:60:1d:1c:69:e9:78:1d:a4:
50:31:a0:6e:07:83:77:c3:d4:57:c2:1d:fc:36:d7:
99:1e:cf:19:e7:5e:68:31:41:d2:a6:b6:70:c1:ba:
0b:e7:5b:e9:46:bd:60:c8:d6:95:39:41:10:da:8e:
cd:1f:97:14:89:f4:95:ad:55:4b:63:81:43:92:77:
23:5c:5c:3f:f7:2d:2e:d8:a2:8d:90:15:8d:52:5e:
38:3c:09:db:a9:47:2f:39:70:94:8e:27:cc:86:fc:
c5:cc:c0:47:ae:57:bb:91:d2:52:6c:53:22:db:8d:
5c:e8:12:c9:d8:3d:a0:c0:10:7a:65:ab:6a:9b:63:
ea:e2:f6:55:c6:df:b6:44:25:42:4c:d9:c0:8c:bc:
34:c6:14:ce:ce:3a:39:79:3c:d4:1a:6c:d0:00:c7:
e8:9d:5b:39:87:f6:45:a4:60:52:6f:38:55:3e:6b:
68:6c:fb:3f:88:43:bc:0f:dc:7b:69:6d:f4:74:36:
81:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:41:7E:0A:09:F1:5D:5E:46:D1:88:67:F4:71:25:99:1D:88:DF:73
X509v3 Authority Key Identifier:
keyid:17:57:7F:1E:92:EB:33:B2:CD:E6:E4:89:C0:B9:A9:9A:2E:02:FD:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/60177FBCCCDF11EE9828E50CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.136.0/24
43.250.138.0/24
61.5.193.0/24
61.5.196.0-61.5.204.255
103.42.0.0/23
119.59.80.0/21
121.100.53.0/24
IPv6:
2400:e500::/48
2400:e500:2::/48
2400:e500:2f::/48
2400:e500:35::-2400:e500:3b:ffff:ffff:ffff:ffff:ffff
2400:e500:3e::/48
2400:e500:90::/48
2400:e501::/32
Signature Algorithm: sha256WithRSAEncryption
0d:39:4c:bb:9b:5e:d4:d7:7b:9c:f4:ff:3f:af:af:d2:e9:d4:
3d:9f:5e:5e:d2:67:a0:7f:cd:39:10:7e:8d:99:1c:55:dc:2d:
f5:9b:0b:f5:64:26:d7:63:13:05:07:e7:ab:5e:d2:0a:95:fe:
8f:5c:06:c9:9a:d8:60:fe:ea:6e:16:86:e4:e6:c8:c6:f8:00:
99:8c:16:bd:d5:fe:43:6c:72:de:0f:bd:5d:3d:21:44:7b:8b:
93:cb:50:7c:72:de:80:91:fb:fb:22:c8:ee:31:93:09:1a:ef:
5c:de:92:0e:f0:33:59:fe:6f:a3:43:5d:61:31:87:e3:41:07:
e5:73:2f:e6:0f:b4:c5:74:fc:c2:eb:9f:58:78:67:3d:29:36:
03:db:33:eb:2e:ec:ec:8e:a4:b3:e3:b8:12:09:77:c1:ee:34:
86:d6:2c:77:73:eb:dd:db:27:e4:28:4a:8f:f5:92:ec:f9:12:
09:a3:f4:6e:db:02:56:b1:6f:03:21:39:b5:0c:b7:7f:6b:a9:
35:e5:f2:7f:4e:5b:33:b5:10:b1:6b:36:9f:ea:ce:0b:a3:41:
f7:8e:e4:c2:5a:a4:94:22:8a:8b:35:cb:3e:af:ec:7b:b3:4b:
b6:6d:3d:e6:44:de:5f:af:91:59:ec:3e:05:59:b4:70:ec:ef:
19:ff:53:eb
-----BEGIN CERTIFICATE-----
MIIF8DCCBNigAwIBAgICNJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhDN0IxMTAvBgNVBAUTKDE3NTc3RjFFOTJFQjMzQjJDREU2RTQ4OUMwQjlBOTlB
MkUwMkZEQTMwHhcNMjQxMDIyMTQ1MDU4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE3YmJkMi03MTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxgUvKJ1H8oxk785UbpxloBbOfbnqRD+7jvjM/SL4Nbe9X+a7bMS/ZMklQKmL
K+pD5/bjTeaxN1vRrjPkr/0e1WCrYB0cael4HaRQMaBuB4N3w9RXwh38NteZHs8Z
515oMUHSprZwwboL51vpRr1gyNaVOUEQ2o7NH5cUifSVrVVLY4FDkncjXFw/9y0u
2KKNkBWNUl44PAnbqUcvOXCUjifMhvzFzMBHrle7kdJSbFMi241c6BLJ2D2gwBB6
Zatqm2Pq4vZVxt+2RCVCTNnAjLw0xhTOzjo5eTzUGmzQAMfonVs5h/ZFpGBSbzhV
PmtobPs/iEO8D9x7aW30dDaBnQIDAQABo4IDFDCCAxAwHQYDVR0OBBYEFFlBfgoJ
8V1eRtGIZ/RxJZkdiN9zMB8GA1UdIwQYMBaAFBdXfx6S6zOyzebkicC5qZouAv2j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEM3Qi82NzUyMDhBRTFE
OTMxMUUyQkNCREU1RjYwOEIwMkNEMi9GMWRfSHBMck03TE41dVNKd0xtcG1pNENf
YU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0YxZF9IcExyTTdMTjV1U0p3TG1wbWk0Q19hTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhDN0IvNjc1MjA4QUUxRDkzMTFFMkJDQkRFNUY2MDhCMDJDRDIvNjAxNzdGQkND
Q0RGMTFFRTk4MjhFNTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZ0GCCsGAQUFBwEHAQH/
BIGNMIGKMDgEAgABMDIDBAAr+ogDBAAr+ooDBAA9BcEwDAMEAj0FxAMEAD0FzAME
AWcqAAMEA3c7UAMEAHlkNTBOBAIAAjBIAwcAJADlAAAAAwcAJADlAAACAwcAJADl
AAAvMBIDBwAkAOUAADUDBwIkAOUAADgDBwAkAOUAAD4DBwAkAOUAAJADBQAkAOUB
MA0GCSqGSIb3DQEBCwUAA4IBAQANOUy7m17U13uc9P8/r6/S6dQ9n15e0megf805
EH6NmRxV3C31mwv1ZCbXYxMFB+erXtIKlf6PXAbJmthg/upuFobk5sjG+ACZjBa9
1f5DbHLeD71dPSFEe4uTy1B8ct6Akfv7IsjuMZMJGu9c3pIO8DNZ/m+jQ11hMYfj
QQflcy/mD7TFdPzC659YeGc9KTYD2zPrLuzsjqSz47gSCXfB7jSG1ix3c+vd2yfk
KEqP9ZLs+RIJo/Ru2wJWsW8DITm1DLd/a6k15fJ/TlsztRCxazaf6s4Lo0H3juTC
WqSUIoqLNcs+r+x7s0u2bT3mRN5fr5FZ7D4FWbRw7O8Z/1Pr
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:55:44 2024 by rpki-client on console-fra.rpki-client.org