Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/60177FBCCCDF11EE9828E50CC4F9AE02.roa
File: 60177FBCCCDF11EE9828E50CC4F9AE02.roa (raw, json)
Hash identifier: b0pH7FZw1wzadO7JgLQpKz3jsdQQEvPfmy2NqZoo/50=
Subject key identifier: FE:2D:D4:0C:FA:A6:50:72:7C:FB:6F:AC:19:FB:0F:27:E4:51:30:71
Certificate issuer: /CN=A9148C7B/serialNumber=17577F1E92EB33B2CDE6E489C0B9A99A2E02FDA3
Certificate serial: 340B
Authority key identifier: 17:57:7F:1E:92:EB:33:B2:CD:E6:E4:89:C0:B9:A9:9A:2E:02:FD:A3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/60177FBCCCDF11EE9828E50CC4F9AE02.roa
Signing time: Fri 16 Feb 2024 15:24:36 +0000
ROA not before: Fri 16 Feb 2024 15:24:36 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 138322
IP address blocks: 43.250.136.0/24 maxlen: 24
43.250.138.0/24 maxlen: 24
61.5.193.0/24 maxlen: 24
61.5.196.0/22 maxlen: 22
61.5.196.0/24 maxlen: 24
61.5.198.0/24 maxlen: 24
61.5.199.0/24 maxlen: 24
61.5.200.0/22 maxlen: 22
61.5.200.0/24 maxlen: 24
61.5.201.0/24 maxlen: 24
61.5.204.0/24 maxlen: 24
103.42.0.0/24 maxlen: 24
119.59.80.0/21 maxlen: 21
119.59.80.0/24 maxlen: 24
119.59.81.0/24 maxlen: 24
119.59.82.0/23 maxlen: 23
119.59.82.0/24 maxlen: 24
119.59.84.0/22 maxlen: 22
121.100.53.0/24 maxlen: 24
2400:e500::/48 maxlen: 48
2400:e500:2::/48 maxlen: 48
2400:e500:2f::/48 maxlen: 48
2400:e500:35::/48 maxlen: 48
2400:e500:36::/48 maxlen: 48
2400:e500:37::/48 maxlen: 48
2400:e500:38::/48 maxlen: 48
2400:e500:39::/48 maxlen: 48
2400:e500:3a::/48 maxlen: 48
2400:e500:3b::/48 maxlen: 48
2400:e500:3e::/48 maxlen: 48
2400:e500:90::/48 maxlen: 48
2400:e501::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.crl
rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 May 2024 14:52:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13323 (0x340b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148C7B/serialNumber=17577F1E92EB33B2CDE6E489C0B9A99A2E02FDA3
Validity
Not Before: Feb 16 15:24:36 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65cf7e34-3eea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e8:4c:b8:a0:43:7b:96:ee:74:f3:f1:fc:9f:
f4:41:32:0a:2d:95:ed:8e:62:09:18:3a:67:5b:be:
94:fb:89:e9:8a:14:24:03:ac:28:1b:10:e0:52:43:
70:48:3b:46:98:be:a1:63:a5:8d:26:f3:8f:59:58:
65:c8:de:79:51:71:8d:37:41:f2:35:af:cd:48:69:
59:f0:a0:78:67:66:a6:5a:2c:45:bc:ff:c3:ab:a5:
3f:8f:0b:59:7d:7b:31:b2:7c:43:e5:e5:c5:51:59:
9e:b7:f0:ff:f9:17:c4:82:30:6a:81:a8:ac:1e:1f:
1a:85:8d:3c:bc:be:93:27:de:a0:04:41:29:c1:79:
cd:3b:a6:9b:61:2a:99:b5:01:48:63:55:7a:28:ec:
7d:8f:13:34:4e:24:63:cb:89:9b:99:a0:57:da:60:
69:65:d0:9a:c7:c9:27:61:69:55:81:b7:e6:49:00:
fb:7d:a2:f4:2b:03:ec:d5:1a:9f:e6:74:3b:9b:41:
f3:2a:47:e6:e7:b9:25:fd:af:34:38:56:53:22:da:
55:f8:7e:8a:ed:d3:f9:41:b6:45:e7:c3:75:69:46:
ee:dd:96:68:cd:3f:61:36:a4:43:a8:1b:f8:42:54:
b5:5b:ab:9d:e7:d7:2f:dc:c6:8f:a1:c7:dd:b5:1e:
1f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:2D:D4:0C:FA:A6:50:72:7C:FB:6F:AC:19:FB:0F:27:E4:51:30:71
X509v3 Authority Key Identifier:
keyid:17:57:7F:1E:92:EB:33:B2:CD:E6:E4:89:C0:B9:A9:9A:2E:02:FD:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F1d_HpLrM7LN5uSJwLmpmi4C_aM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148C7B/675208AE1D9311E2BCBDE5F608B02CD2/60177FBCCCDF11EE9828E50CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.136.0/24
43.250.138.0/24
61.5.193.0/24
61.5.196.0-61.5.204.255
103.42.0.0/24
119.59.80.0/21
121.100.53.0/24
IPv6:
2400:e500::/48
2400:e500:2::/48
2400:e500:2f::/48
2400:e500:35::-2400:e500:3b:ffff:ffff:ffff:ffff:ffff
2400:e500:3e::/48
2400:e500:90::/48
2400:e501::/32
Signature Algorithm: sha256WithRSAEncryption
81:6a:cb:19:a2:fc:a7:16:a0:dc:01:c1:1f:4c:12:19:7e:04:
78:a6:55:2b:d9:f5:d9:c2:fa:8f:64:3c:e4:86:c9:cc:5d:f3:
68:e4:e2:9c:94:73:2b:be:95:9c:77:82:7e:f8:03:a0:88:62:
0f:e1:23:c3:b5:19:62:28:96:57:c7:a8:2c:b4:ba:6e:54:b3:
39:dc:06:19:ca:3b:8d:35:72:0e:c7:9e:94:06:a1:ce:85:11:
fe:c5:2e:47:e9:65:5e:d6:90:f7:85:c9:65:a9:d5:30:ba:f4:
67:8a:34:a7:bf:a8:e8:b1:a4:83:ce:30:53:ca:b1:d9:fc:f3:
a3:44:df:5d:ef:3d:63:93:2c:d0:e8:e2:43:45:5c:4d:c3:de:
ef:7c:35:40:95:6c:3f:23:6a:03:3e:b8:cd:71:1d:ab:c8:e6:
6d:a1:1e:82:53:37:74:40:d9:39:ea:61:71:ee:f8:54:ce:68:
18:3c:81:75:6b:02:d8:48:d4:da:a7:b7:ce:b1:e2:c9:8c:23:
c2:86:84:0f:9a:05:c3:a7:d2:e3:70:5a:2d:28:c0:87:e5:30:
29:3b:22:39:af:f0:b8:ea:56:dd:fc:e0:33:85:58:64:fd:a2:
28:10:4c:28:17:f5:2a:b2:93:78:6c:b5:14:ef:81:e6:e9:53:
48:cd:5a:a7
-----BEGIN CERTIFICATE-----
MIIF8DCCBNigAwIBAgICNAswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhDN0IxMTAvBgNVBAUTKDE3NTc3RjFFOTJFQjMzQjJDREU2RTQ4OUMwQjlBOTlB
MkUwMkZEQTMwHhcNMjQwMjE2MTUyNDM2WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWNmN2UzNC0zZWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvuhMuKBDe5budPPx/J/0QTIKLZXtjmIJGDpnW76U+4npihQkA6woGxDgUkNw
SDtGmL6hY6WNJvOPWVhlyN55UXGNN0HyNa/NSGlZ8KB4Z2amWixFvP/Dq6U/jwtZ
fXsxsnxD5eXFUVmet/D/+RfEgjBqgaisHh8ahY08vL6TJ96gBEEpwXnNO6abYSqZ
tQFIY1V6KOx9jxM0TiRjy4mbmaBX2mBpZdCax8knYWlVgbfmSQD7faL0KwPs1Rqf
5nQ7m0HzKkfm57kl/a80OFZTItpV+H6K7dP5QbZF58N1aUbu3ZZozT9hNqRDqBv4
QlS1W6ud59cv3MaPocfdtR4f9wIDAQABo4IDFDCCAxAwHQYDVR0OBBYEFP4t1Az6
plByfPtvrBn7DyfkUTBxMB8GA1UdIwQYMBaAFBdXfx6S6zOyzebkicC5qZouAv2j
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEM3Qi82NzUyMDhBRTFE
OTMxMUUyQkNCREU1RjYwOEIwMkNEMi9GMWRfSHBMck03TE41dVNKd0xtcG1pNENf
YU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0YxZF9IcExyTTdMTjV1U0p3TG1wbWk0Q19hTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDhDN0IvNjc1MjA4QUUxRDkzMTFFMkJDQkRFNUY2MDhCMDJDRDIvNjAxNzdGQkND
Q0RGMTFFRTk4MjhFNTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZ0GCCsGAQUFBwEHAQH/
BIGNMIGKMDgEAgABMDIDBAAr+ogDBAAr+ooDBAA9BcEwDAMEAj0FxAMEAD0FzAME
AGcqAAMEA3c7UAMEAHlkNTBOBAIAAjBIAwcAJADlAAAAAwcAJADlAAACAwcAJADl
AAAvMBIDBwAkAOUAADUDBwIkAOUAADgDBwAkAOUAAD4DBwAkAOUAAJADBQAkAOUB
MA0GCSqGSIb3DQEBCwUAA4IBAQCBassZovynFqDcAcEfTBIZfgR4plUr2fXZwvqP
ZDzkhsnMXfNo5OKclHMrvpWcd4J++AOgiGIP4SPDtRliKJZXx6gstLpuVLM53AYZ
yjuNNXIOx56UBqHOhRH+xS5H6WVe1pD3hcllqdUwuvRnijSnv6josaSDzjBTyrHZ
/POjRN9d7z1jkyzQ6OJDRVxNw97vfDVAlWw/I2oDPrjNcR2ryOZtoR6CUzd0QNk5
6mFx7vhUzmgYPIF1awLYSNTap7fOseLJjCPChoQPmgXDp9LjcFotKMCH5TApOyI5
r/C46lbd/OAzhVhk/aIoEEwoF/UqspN4bLUU74Hm6VNIzVqn
-----END CERTIFICATE-----
Generated at Mon May 20 17:22:05 2024 by rpki-client on console-fra.rpki-client.org