Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/1855E96CABBD11EA9A38D358C4F9AE02.roa
File: 1855E96CABBD11EA9A38D358C4F9AE02.roa (raw, json)
Hash identifier: vsu89Sz7GDEAOYEzfUZ9fl/ME8V/tp6hWpJXm9lLxKY=
Subject key identifier: 96:52:09:20:F6:F1:D3:F4:79:25:31:1A:25:51:DA:00:C3:58:7D:28
Certificate issuer: /CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Certificate serial: 0906
Authority key identifier: B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/1855E96CABBD11EA9A38D358C4F9AE02.roa
Signing time: Fri 10 Nov 2023 21:08:47 +0000
ROA not before: Fri 10 Nov 2023 21:08:47 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 136167
IP address blocks: 2400:9380:80c0::/44 maxlen: 44
2400:9380:81c0::/44 maxlen: 44
2400:9380:82c0::/44 maxlen: 44
2400:9380:83c0::/44 maxlen: 44
2400:9380:90c0::/44 maxlen: 44
2400:9380:91c0::/44 maxlen: 44
2400:9380:92c0::/44 maxlen: 44
2400:9380:93c0::/44 maxlen: 44
2400:9380:94c0::/44 maxlen: 44
2400:9380:95c0::/44 maxlen: 44
2400:9380:96c0::/44 maxlen: 44
2400:9380:97c0::/44 maxlen: 44
2400:9380:98c0::/44 maxlen: 44
2400:9380:99c0::/44 maxlen: 44
2400:9380:9ac0::/44 maxlen: 44
2400:9380:9bc0::/44 maxlen: 44
2400:9380:9cc0::/44 maxlen: 44
2400:9380:9dc0::/44 maxlen: 44
2400:9380:9ec0::/44 maxlen: 44
2400:9380:9fc0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 13 May 2024 20:40:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2310 (0x906)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Validity
Not Before: Nov 10 21:08:47 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=654e9bdf-55b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cd:17:11:92:87:3b:16:a5:bc:42:5f:42:74:
59:6f:97:48:70:5f:c4:2f:25:ff:72:72:54:4d:34:
e2:9b:c9:db:a8:2f:0f:45:37:bf:03:8e:cb:45:75:
dc:92:6a:9d:72:31:b7:c4:c5:7a:9f:9b:69:d3:26:
f6:3c:5d:3a:77:14:d4:45:c8:75:27:7e:15:14:96:
b9:b7:ac:46:13:3e:fc:50:e7:b2:d7:a1:71:fb:98:
b9:13:14:5b:13:82:1d:63:b0:30:13:5f:44:5c:c8:
bf:c6:36:17:58:11:54:aa:a3:61:64:b5:3a:36:a4:
22:0c:a0:d1:67:72:6e:04:fa:be:9c:e0:c3:22:81:
0c:fc:46:51:3f:8c:52:a5:d4:85:9f:a3:c5:12:bf:
e9:b8:8f:34:7d:46:7a:a4:fc:9b:fa:d0:f7:35:01:
e3:45:25:d5:a8:fd:e2:5c:bf:35:df:b8:15:c2:a6:
01:e7:c8:38:d2:fa:e1:63:d9:c8:2e:d2:47:2c:c8:
a8:37:6a:69:3c:74:b6:42:88:2c:77:cb:bc:b0:ba:
da:27:45:85:26:85:77:35:48:99:31:c6:c0:3d:1d:
f2:e7:f9:f4:ee:32:d7:33:cc:0f:89:55:d3:97:3b:
99:bb:f0:5d:c0:7e:3d:07:36:83:df:aa:70:79:f3:
23:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:52:09:20:F6:F1:D3:F4:79:25:31:1A:25:51:DA:00:C3:58:7D:28
X509v3 Authority Key Identifier:
keyid:B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/1855E96CABBD11EA9A38D358C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:9380:80c0::/44
2400:9380:81c0::/44
2400:9380:82c0::/44
2400:9380:83c0::/44
2400:9380:90c0::/44
2400:9380:91c0::/44
2400:9380:92c0::/44
2400:9380:93c0::/44
2400:9380:94c0::/44
2400:9380:95c0::/44
2400:9380:96c0::/44
2400:9380:97c0::/44
2400:9380:98c0::/44
2400:9380:99c0::/44
2400:9380:9ac0::/44
2400:9380:9bc0::/44
2400:9380:9cc0::/44
2400:9380:9dc0::/44
2400:9380:9ec0::/44
2400:9380:9fc0::/44
Signature Algorithm: sha256WithRSAEncryption
3c:56:2f:06:eb:9b:56:76:e6:78:63:ae:2a:99:cf:9f:5c:39:
ad:7e:53:99:d1:59:5c:97:3f:65:56:2e:9e:25:49:78:c3:ba:
c1:38:a7:67:6b:b8:61:e2:b8:e0:31:20:ad:e0:da:06:78:63:
96:d1:99:86:7c:ab:22:1f:df:05:7e:52:63:be:00:c0:74:1d:
a1:8e:0c:12:96:19:2d:70:c1:3b:7c:b8:d0:71:a4:4a:1a:31:
d2:6a:b5:04:dc:5d:e4:7f:33:6f:d4:2d:20:88:42:c0:88:51:
2a:44:20:a3:49:cb:c1:54:13:2e:0d:68:61:47:08:65:82:78:
93:f2:c1:74:1f:56:8a:65:a5:d0:54:1c:f0:b3:bf:f6:41:23:
17:5e:b8:40:6e:f7:4a:12:3e:5e:43:46:2f:ba:5a:94:f4:9b:
d3:c0:b4:e8:9e:f3:9d:97:20:17:9c:71:30:00:2d:23:1c:dd:
2d:4b:a9:3e:ce:82:65:6c:6e:2d:f2:01:18:09:55:af:f1:be:
bb:c5:78:1e:d5:88:b2:9d:1d:d2:bf:5c:c1:b8:91:49:4c:96:
06:26:25:8f:c4:6b:56:84:c8:ca:f5:4f:0c:2a:06:d7:59:6c:
c9:7c:65:11:13:57:44:32:57:27:d2:c3:95:ce:d0:37:de:82:
dd:2b:8d:07
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgICCQYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU3NkQxMTAvBgNVBAUTKEIxRTg0RkFDRkFDQkMwQjc4Mzg1NjFFRjIxRTI4RjJG
QUNGNURGRUMwHhcNMjMxMTEwMjEwODQ3WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRlOWJkZi01NWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArM0XEZKHOxalvEJfQnRZb5dIcF/ELyX/cnJUTTTim8nbqC8PRTe/A47LRXXc
kmqdcjG3xMV6n5tp0yb2PF06dxTURch1J34VFJa5t6xGEz78UOey16Fx+5i5ExRb
E4IdY7AwE19EXMi/xjYXWBFUqqNhZLU6NqQiDKDRZ3JuBPq+nODDIoEM/EZRP4xS
pdSFn6PFEr/puI80fUZ6pPyb+tD3NQHjRSXVqP3iXL8137gVwqYB58g40vrhY9nI
LtJHLMioN2ppPHS2Qogsd8u8sLraJ0WFJoV3NUiZMcbAPR3y5/n07jLXM8wPiVXT
lzuZu/BdwH49BzaD36pwefMjfwIDAQABo4IDSDCCA0QwHQYDVR0OBBYEFJZSCSD2
8dP0eSUxGiVR2gDDWH0oMB8GA1UdIwQYMBaAFLHoT6z6y8C3g4Vh7yHijy+s9d/s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTc2RC8zNjg3MkE1RTgy
Q0QxMUVBODk1QzdCNUNDNEY5QUUwMi9zZWhQclByTHdMZURoV0h2SWVLUEw2ejEz
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NlaFByUHJMd0xlRGhXSHZJZUtQTDZ6MTMtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU3NkQvMzY4NzJBNUU4MkNEMTFFQTg5NUM3QjVDQzRGOUFFMDIvMTg1NUU5NkNB
QkJEMTFFQTlBMzhEMzU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgdEGCCsGAQUFBwEHAQH/
BIHBMIG+MIG7BAIAAjCBtAMHBCQAk4CAwAMHBCQAk4CBwAMHBCQAk4CCwAMHBCQA
k4CDwAMHBCQAk4CQwAMHBCQAk4CRwAMHBCQAk4CSwAMHBCQAk4CTwAMHBCQAk4CU
wAMHBCQAk4CVwAMHBCQAk4CWwAMHBCQAk4CXwAMHBCQAk4CYwAMHBCQAk4CZwAMH
BCQAk4CawAMHBCQAk4CbwAMHBCQAk4CcwAMHBCQAk4CdwAMHBCQAk4CewAMHBCQA
k4CfwDANBgkqhkiG9w0BAQsFAAOCAQEAPFYvBuubVnbmeGOuKpnPn1w5rX5TmdFZ
XJc/ZVYuniVJeMO6wTinZ2u4YeK44DEgreDaBnhjltGZhnyrIh/fBX5SY74AwHQd
oY4MEpYZLXDBO3y40HGkShox0mq1BNxd5H8zb9QtIIhCwIhRKkQgo0nLwVQTLg1o
YUcIZYJ4k/LBdB9WimWl0FQc8LO/9kEjF164QG73ShI+XkNGL7palPSb08C06J7z
nZcgF5xxMAAtIxzdLUupPs6CZWxuLfIBGAlVr/G+u8V4HtWIsp0d0r9cwbiRSUyW
BiYlj8RrVoTIyvVPDCoG11lsyXxlERNXRDJXJ9LDlc7QN96C3SuNBw==
-----END CERTIFICATE-----
Generated at Mon May 6 22:40:56 2024 by rpki-client on console-ams.rpki-client.org