Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/1B31B0E4270E11EC97471F53C4F9AE02.roa
File: 1B31B0E4270E11EC97471F53C4F9AE02.roa (raw, json)
Hash identifier: fV3NIiz/nP1VFmLUqpUHxb/qO3YbAJnR1/hn6cqYalA=
Subject key identifier: DB:01:86:F6:D1:6A:BB:AE:1E:2D:34:E3:7B:CF:9A:73:38:74:DF:D5
Certificate issuer: /CN=A91514B1/serialNumber=6171432D5594CB3F608D3BE0F52600BBEC46E5FB
Certificate serial: 0535
Authority key identifier: 61:71:43:2D:55:94:CB:3F:60:8D:3B:E0:F5:26:00:BB:EC:46:E5:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/1B31B0E4270E11EC97471F53C4F9AE02.roa
Signing time: Tue 03 Sep 2024 01:14:54 +0000
ROA not before: Tue 03 Sep 2024 01:14:54 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 198949
IP address blocks: 61.88.1.0/24 maxlen: 24
61.88.29.0/24 maxlen: 24
61.88.116.0/24 maxlen: 24
61.88.182.0/24 maxlen: 24
61.88.183.0/24 maxlen: 24
61.88.223.0/24 maxlen: 24
119.225.2.0/24 maxlen: 24
119.225.44.0/24 maxlen: 24
119.225.45.0/24 maxlen: 24
119.225.128.0/24 maxlen: 24
119.225.210.0/24 maxlen: 24
119.225.222.0/24 maxlen: 24
124.19.48.0/24 maxlen: 24
124.19.56.0/24 maxlen: 24
124.19.72.0/24 maxlen: 24
124.19.98.0/24 maxlen: 24
124.19.103.0/24 maxlen: 24
124.19.111.0/24 maxlen: 24
202.139.138.0/24 maxlen: 24
202.139.144.0/24 maxlen: 24
203.13.96.0/24 maxlen: 24
203.13.98.0/24 maxlen: 24
203.13.123.0/24 maxlen: 24
203.13.125.0/24 maxlen: 24
203.13.126.0/24 maxlen: 24
203.13.127.0/24 maxlen: 24
203.13.128.0/24 maxlen: 24
203.13.129.0/24 maxlen: 24
220.101.13.0/24 maxlen: 24
220.101.27.0/24 maxlen: 24
220.101.72.0/24 maxlen: 24
220.101.83.0/24 maxlen: 24
220.101.99.0/24 maxlen: 24
220.101.101.0/24 maxlen: 24
220.101.111.0/24 maxlen: 24
220.101.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.crl
rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1333 (0x535)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91514B1
Validity
Not Before: Sep 3 01:14:54 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d6630e-b4bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ed:34:11:9d:8d:be:f4:38:9e:f7:11:47:56:
d7:75:d8:0d:e6:51:01:23:f1:cf:32:07:2d:af:bc:
a1:a5:73:8a:77:95:1e:99:85:f2:60:25:4f:0c:28:
0e:b0:ac:3e:f8:b0:b1:b7:2e:13:ad:75:3b:03:30:
3b:4e:03:1a:f1:a3:98:56:a2:94:dc:65:3e:7a:52:
6a:aa:63:7d:36:0d:ee:74:37:a9:39:8e:50:61:d6:
f0:ca:ad:90:8a:e8:d4:87:9c:ea:83:b7:79:70:bc:
f8:1b:4e:b0:f5:a2:61:1a:d1:30:34:c6:5f:a5:53:
8d:de:10:77:4b:af:2a:43:f1:ea:23:45:15:5b:2d:
9c:db:0f:8c:73:10:8d:ad:eb:cf:03:ae:fb:f2:cc:
99:5a:d5:99:49:09:78:86:a6:42:f2:5d:62:f5:4e:
53:89:d6:95:8c:3f:c9:6e:d3:11:55:47:87:97:59:
fd:39:4f:c3:4e:41:30:a2:73:ea:f4:64:ee:ce:12:
0e:8e:e7:89:6c:2d:0c:e3:06:24:6b:7c:02:66:91:
ad:fd:f7:bb:ef:f8:34:f4:a8:2a:de:40:f3:3a:46:
09:a1:f2:df:99:4c:36:8b:7b:fe:e8:f8:d9:a5:b9:
55:a3:c5:39:6d:2c:2b:41:bf:b4:20:16:39:54:8d:
3d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:01:86:F6:D1:6A:BB:AE:1E:2D:34:E3:7B:CF:9A:73:38:74:DF:D5
X509v3 Authority Key Identifier:
keyid:61:71:43:2D:55:94:CB:3F:60:8D:3B:E0:F5:26:00:BB:EC:46:E5:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/1B31B0E4270E11EC97471F53C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.88.1.0/24
61.88.29.0/24
61.88.116.0/24
61.88.182.0/23
61.88.223.0/24
119.225.2.0/24
119.225.44.0/23
119.225.128.0/24
119.225.210.0/24
119.225.222.0/24
124.19.48.0/24
124.19.56.0/24
124.19.72.0/24
124.19.98.0/24
124.19.103.0/24
124.19.111.0/24
202.139.138.0/24
202.139.144.0/24
203.13.96.0/24
203.13.98.0/24
203.13.123.0/24
203.13.125.0-203.13.129.255
220.101.13.0/24
220.101.27.0/24
220.101.72.0/24
220.101.83.0/24
220.101.99.0/24
220.101.101.0/24
220.101.111.0/24
220.101.121.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:57:5f:56:11:c1:60:23:54:26:3a:05:7c:95:f2:d2:55:f4:
61:77:d7:32:90:41:5d:7f:89:66:9b:92:4e:2a:51:b8:9e:49:
8f:7d:41:ed:c9:cc:0f:f4:b7:62:db:0d:af:9a:81:38:97:8b:
80:1a:36:52:0c:b3:7f:21:19:e6:bc:ef:ee:dc:92:c2:27:53:
e7:06:c4:b6:81:31:bf:e8:e6:b4:93:7d:cd:25:cd:78:51:d3:
34:20:5f:1d:6c:ab:45:05:f5:88:20:39:99:2e:7e:9f:44:d4:
79:cf:57:0b:6e:1b:e7:1b:05:99:92:29:c3:a9:f9:68:a3:d4:
b6:89:af:44:e5:10:87:8d:60:9b:e9:83:59:02:ce:dc:c9:18:
d8:48:d3:54:af:ba:9f:05:94:68:ff:11:a8:d6:e4:5b:65:01:
cd:e5:57:8a:c9:0a:45:8f:e1:91:5f:46:8d:14:f0:ef:62:0d:
dd:09:cd:ea:a2:db:f1:5c:31:7c:2c:f7:21:62:5e:86:55:ce:
5d:24:85:52:53:80:c2:71:b9:e9:bb:a9:0f:ff:f1:28:2a:10:
ed:fb:37:0c:bd:0e:66:a6:07:d3:6a:d8:b0:60:d9:c7:2f:f6:
21:8c:f6:19:b0:32:94:a6:28:20:7e:55:4b:8b:13:b3:d9:78:
80:87:b5:60
-----BEGIN CERTIFICATE-----
MIIGLDCCBRSgAwIBAgICBTUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTE0QjExMTAvBgNVBAUTKDYxNzE0MzJENTU5NENCM0Y2MDhEM0JFMEY1MjYwMEJC
RUM0NkU1RkIwHhcNMjQwOTAzMDExNDU0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ2NjMwZS1iNGJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6u00EZ2NvvQ4nvcRR1bXddgN5lEBI/HPMgctr7yhpXOKd5UemYXyYCVPDCgO
sKw++LCxty4TrXU7AzA7TgMa8aOYVqKU3GU+elJqqmN9Ng3udDepOY5QYdbwyq2Q
iujUh5zqg7d5cLz4G06w9aJhGtEwNMZfpVON3hB3S68qQ/HqI0UVWy2c2w+McxCN
revPA6778syZWtWZSQl4hqZC8l1i9U5TidaVjD/JbtMRVUeHl1n9OU/DTkEwonPq
9GTuzhIOjueJbC0M4wYka3wCZpGt/fe77/g09Kgq3kDzOkYJofLfmUw2i3v+6PjZ
pblVo8U5bSwrQb+0IBY5VI09uwIDAQABo4IDUDCCA0wwHQYDVR0OBBYEFNsBhvbR
aruuHi0043vPmnM4dN/VMB8GA1UdIwQYMBaAFGFxQy1VlMs/YI074PUmALvsRuX7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTRCMS84NDE4OTIyNkZC
RTQxMUVCODJCNjI2NEZDNEY5QUUwMi9ZWEZETFZXVXl6OWdqVHZnOVNZQXUteEc1
ZnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lYRkRMVldVeXo5Z2pUdmc5U1lBdS14RzVmcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTE0QjEvODQxODkyMjZGQkU0MTFFQjgyQjYyNjRGQzRGOUFFMDIvMUIzMUIwRTQy
NzBFMTFFQzk3NDcxRjUzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdkGCCsGAQUFBwEHAQH/
BIHJMIHGMIHDBAIAATCBvAMEAD1YAQMEAD1YHQMEAD1YdAMEAT1YtgMEAD1Y3wME
AHfhAgMEAXfhLAMEAHfhgAMEAHfh0gMEAHfh3gMEAHwTMAMEAHwTOAMEAHwTSAME
AHwTYgMEAHwTZwMEAHwTbwMEAMqLigMEAMqLkAMEAMsNYAMEAMsNYgMEAMsNezAM
AwQAyw19AwQByw2AAwQA3GUNAwQA3GUbAwQA3GVIAwQA3GVTAwQA3GVjAwQA3GVl
AwQA3GVvAwQA3GV5MA0GCSqGSIb3DQEBCwUAA4IBAQArV19WEcFgI1QmOgV8lfLS
VfRhd9cykEFdf4lmm5JOKlG4nkmPfUHtycwP9Ldi2w2vmoE4l4uAGjZSDLN/IRnm
vO/u3JLCJ1PnBsS2gTG/6Oa0k33NJc14UdM0IF8dbKtFBfWIIDmZLn6fRNR5z1cL
bhvnGwWZkinDqfloo9S2ia9E5RCHjWCb6YNZAs7cyRjYSNNUr7qfBZRo/xGo1uRb
ZQHN5VeKyQpFj+GRX0aNFPDvYg3dCc3qotvxXDF8LPchYl6GVc5dJIVSU4DCcbnp
u6kP//EoKhDt+zcMvQ5mpgfTatiwYNnHL/YhjPYZsDKUpiggflVLixOz2XiAh7Vg
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:39:27 2025 by rpki-client