Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/1B31B0E4270E11EC97471F53C4F9AE02.roa
File: 1B31B0E4270E11EC97471F53C4F9AE02.roa (raw, json)
Hash identifier: V3urBN8Ka+jHDpheSBXITQ+RLL5c3yKVSZndmxcllkg=
Subject key identifier: BE:7A:E8:5C:B6:FF:AC:B9:75:7F:7D:5C:AF:18:11:17:11:4D:3B:64
Certificate issuer: /CN=A91514B1/serialNumber=6171432D5594CB3F608D3BE0F52600BBEC46E5FB
Certificate serial: 0442
Authority key identifier: 61:71:43:2D:55:94:CB:3F:60:8D:3B:E0:F5:26:00:BB:EC:46:E5:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/1B31B0E4270E11EC97471F53C4F9AE02.roa
Signing time: Thu 03 Aug 2023 01:02:07 +0000
ROA not before: Thu 03 Aug 2023 01:02:07 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 198949
IP address blocks: 61.88.1.0/24 maxlen: 24
61.88.29.0/24 maxlen: 24
61.88.116.0/24 maxlen: 24
61.88.182.0/24 maxlen: 24
61.88.183.0/24 maxlen: 24
61.88.223.0/24 maxlen: 24
119.225.2.0/24 maxlen: 24
119.225.44.0/24 maxlen: 24
119.225.45.0/24 maxlen: 24
119.225.128.0/24 maxlen: 24
119.225.210.0/24 maxlen: 24
119.225.222.0/24 maxlen: 24
124.19.48.0/24 maxlen: 24
124.19.56.0/24 maxlen: 24
124.19.72.0/24 maxlen: 24
124.19.98.0/24 maxlen: 24
124.19.103.0/24 maxlen: 24
124.19.111.0/24 maxlen: 24
202.139.138.0/24 maxlen: 24
202.139.144.0/24 maxlen: 24
203.13.96.0/24 maxlen: 24
203.13.98.0/24 maxlen: 24
203.13.123.0/24 maxlen: 24
203.13.125.0/24 maxlen: 24
203.13.126.0/24 maxlen: 24
203.13.127.0/24 maxlen: 24
203.13.128.0/24 maxlen: 24
203.13.129.0/24 maxlen: 24
220.101.13.0/24 maxlen: 24
220.101.27.0/24 maxlen: 24
220.101.72.0/24 maxlen: 24
220.101.83.0/24 maxlen: 24
220.101.99.0/24 maxlen: 24
220.101.101.0/24 maxlen: 24
220.101.111.0/24 maxlen: 24
220.101.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.crl
rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 26 Apr 2024 01:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1090 (0x442)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91514B1/serialNumber=6171432D5594CB3F608D3BE0F52600BBEC46E5FB
Validity
Not Before: Aug 3 01:02:07 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64cafc8f-883c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:20:91:3a:3f:ad:b1:14:8c:44:01:f9:cf:ee:
65:da:6d:31:2e:c8:40:86:a2:12:71:71:85:bc:17:
8f:c0:d3:32:aa:50:95:d2:7c:2b:ec:b5:d6:24:b3:
c9:a0:f3:95:ef:ac:38:e9:04:b2:78:35:6a:10:1f:
8f:e3:7c:c2:54:c8:75:f8:93:2c:6d:46:17:df:ad:
1f:19:e1:b2:b1:ca:6c:24:9f:0e:7f:5a:a7:64:32:
88:37:bc:3c:4f:d6:85:0a:e1:76:01:a9:8b:28:54:
ff:fc:b3:2f:5d:5d:00:bf:44:37:d9:8e:4d:0a:4e:
4e:2c:9f:e6:4c:74:96:96:da:c5:90:1f:7e:1a:d3:
ac:2e:1d:ed:18:c0:a0:0b:11:7a:5e:0d:a0:d2:ca:
56:9b:34:46:88:53:aa:39:5f:4c:84:f1:d2:ec:5d:
c6:4f:d0:ad:01:bd:46:ea:15:fd:d8:78:2d:cb:ae:
22:d2:f9:ac:66:59:70:41:6e:78:8c:c6:4f:93:fc:
05:b0:72:21:5a:6b:81:b5:04:73:59:5b:eb:10:48:
0c:9d:41:92:46:33:29:f1:56:2a:a1:ed:fb:3f:a1:
22:f6:45:81:5f:ab:d6:20:0b:83:17:02:e0:03:74:
32:e3:33:ff:73:ff:e4:f1:3e:fc:e0:ca:ca:13:39:
2b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:7A:E8:5C:B6:FF:AC:B9:75:7F:7D:5C:AF:18:11:17:11:4D:3B:64
X509v3 Authority Key Identifier:
keyid:61:71:43:2D:55:94:CB:3F:60:8D:3B:E0:F5:26:00:BB:EC:46:E5:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/1B31B0E4270E11EC97471F53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.88.1.0/24
61.88.29.0/24
61.88.116.0/24
61.88.182.0/23
61.88.223.0/24
119.225.2.0/24
119.225.44.0/23
119.225.128.0/24
119.225.210.0/24
119.225.222.0/24
124.19.48.0/24
124.19.56.0/24
124.19.72.0/24
124.19.98.0/24
124.19.103.0/24
124.19.111.0/24
202.139.138.0/24
202.139.144.0/24
203.13.96.0/24
203.13.98.0/24
203.13.123.0/24
203.13.125.0-203.13.129.255
220.101.13.0/24
220.101.27.0/24
220.101.72.0/24
220.101.83.0/24
220.101.99.0/24
220.101.101.0/24
220.101.111.0/24
220.101.121.0/24
Signature Algorithm: sha256WithRSAEncryption
10:ee:9c:f2:b1:1b:61:4b:9a:78:73:de:cf:8b:07:7c:96:ba:
08:4f:a6:be:85:58:84:ef:9e:05:fd:cf:ce:2c:a0:56:1b:68:
cf:12:6d:e0:49:5c:bc:4a:9d:ee:ff:a7:5e:64:6e:fc:3b:ae:
eb:1a:5c:df:c7:f0:f8:46:f9:ff:3b:08:68:8a:89:c6:c5:f9:
de:01:76:bd:0a:53:7a:2b:06:dd:27:07:25:06:be:9b:30:0d:
85:39:59:17:21:fa:d9:17:b4:ae:6f:31:15:11:3b:3f:12:2d:
50:ff:9f:13:0c:d5:eb:32:18:33:1a:3d:8f:b7:2a:8c:83:5a:
04:a2:6e:10:7f:94:a6:3b:99:b3:7b:ed:41:93:44:05:82:a9:
f5:1e:63:2f:1e:b5:79:70:ba:f4:d2:13:1f:43:56:f8:e5:e7:
07:94:9d:c6:d7:ef:8b:6b:9b:c0:5a:65:ac:7c:b3:8f:a6:92:
be:b0:0f:2d:ac:d0:db:42:db:a6:4b:ee:91:68:f8:aa:a1:f6:
69:9f:a6:5c:54:4f:ec:86:aa:b1:f9:14:c7:f9:ea:6f:be:55:
f4:d6:06:61:bc:a9:b6:aa:9f:cc:1e:3b:3a:ee:f2:98:d7:66:
fc:b8:e3:b6:1b:4b:8b:cf:c6:a7:9a:6f:d8:60:f5:c4:59:19:
3f:07:00:0f
-----BEGIN CERTIFICATE-----
MIIGLDCCBRSgAwIBAgICBEIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTE0QjExMTAvBgNVBAUTKDYxNzE0MzJENTU5NENCM0Y2MDhEM0JFMEY1MjYwMEJC
RUM0NkU1RkIwHhcNMjMwODAzMDEwMjA3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNhZmM4Zi04ODNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAziCROj+tsRSMRAH5z+5l2m0xLshAhqIScXGFvBePwNMyqlCV0nwr7LXWJLPJ
oPOV76w46QSyeDVqEB+P43zCVMh1+JMsbUYX360fGeGyscpsJJ8Of1qnZDKIN7w8
T9aFCuF2AamLKFT//LMvXV0Av0Q32Y5NCk5OLJ/mTHSWltrFkB9+GtOsLh3tGMCg
CxF6Xg2g0spWmzRGiFOqOV9MhPHS7F3GT9CtAb1G6hX92Hgty64i0vmsZllwQW54
jMZPk/wFsHIhWmuBtQRzWVvrEEgMnUGSRjMp8VYqoe37P6Ei9kWBX6vWIAuDFwLg
A3Qy4zP/c//k8T784MrKEzkrdwIDAQABo4IDUDCCA0wwHQYDVR0OBBYEFL566Fy2
/6y5dX99XK8YERcRTTtkMB8GA1UdIwQYMBaAFGFxQy1VlMs/YI074PUmALvsRuX7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTRCMS84NDE4OTIyNkZC
RTQxMUVCODJCNjI2NEZDNEY5QUUwMi9ZWEZETFZXVXl6OWdqVHZnOVNZQXUteEc1
ZnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lYRkRMVldVeXo5Z2pUdmc5U1lBdS14RzVmcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTE0QjEvODQxODkyMjZGQkU0MTFFQjgyQjYyNjRGQzRGOUFFMDIvMUIzMUIwRTQy
NzBFMTFFQzk3NDcxRjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdkGCCsGAQUFBwEHAQH/
BIHJMIHGMIHDBAIAATCBvAMEAD1YAQMEAD1YHQMEAD1YdAMEAT1YtgMEAD1Y3wME
AHfhAgMEAXfhLAMEAHfhgAMEAHfh0gMEAHfh3gMEAHwTMAMEAHwTOAMEAHwTSAME
AHwTYgMEAHwTZwMEAHwTbwMEAMqLigMEAMqLkAMEAMsNYAMEAMsNYgMEAMsNezAM
AwQAyw19AwQByw2AAwQA3GUNAwQA3GUbAwQA3GVIAwQA3GVTAwQA3GVjAwQA3GVl
AwQA3GVvAwQA3GV5MA0GCSqGSIb3DQEBCwUAA4IBAQAQ7pzysRthS5p4c97Piwd8
lroIT6a+hViE754F/c/OLKBWG2jPEm3gSVy8Sp3u/6deZG78O67rGlzfx/D4Rvn/
OwhoionGxfneAXa9ClN6KwbdJwclBr6bMA2FOVkXIfrZF7SubzEVETs/Ei1Q/58T
DNXrMhgzGj2PtyqMg1oEom4Qf5SmO5mze+1Bk0QFgqn1HmMvHrV5cLr00hMfQ1b4
5ecHlJ3G1++La5vAWmWsfLOPppK+sA8trNDbQtumS+6RaPiqofZpn6ZcVE/shqqx
+RTH+epvvlX01gZhvKm2qp/MHjs67vKY12b8uOO2G0uLz8anmm/YYPXEWRk/BwAP
-----END CERTIFICATE-----
Generated at Fri Apr 19 02:47:19 2024 by rpki-client on console-ams.rpki-client.org