Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/7B7F4CC8839411EAAA78E971C4F9AE02.roa
File: 7B7F4CC8839411EAAA78E971C4F9AE02.roa (raw, json)
Hash identifier: l8YY8+oFyyl539nf28JZzhTUkJq/jCKTmnifHGuQul8=
Subject key identifier: 2C:4C:13:C6:E2:2F:A1:90:3D:52:02:6D:94:49:59:20:87:45:B1:CC
Certificate issuer: /CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Certificate serial: 0909
Authority key identifier: B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/7B7F4CC8839411EAAA78E971C4F9AE02.roa
Signing time: Fri 10 Nov 2023 21:08:49 +0000
ROA not before: Fri 10 Nov 2023 21:08:49 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 4809
IP address blocks: 183.91.48.0/21 maxlen: 21
183.91.48.0/24 maxlen: 24
183.91.49.0/24 maxlen: 24
183.91.50.0/24 maxlen: 24
183.91.51.0/24 maxlen: 24
183.91.52.0/24 maxlen: 24
183.91.53.0/24 maxlen: 24
183.91.54.0/24 maxlen: 24
183.91.55.0/24 maxlen: 24
183.91.58.0/24 maxlen: 24
183.91.60.0/24 maxlen: 24
183.91.61.0/24 maxlen: 24
183.91.62.0/24 maxlen: 24
183.91.63.0/24 maxlen: 24
202.55.0.0/19 maxlen: 19
202.55.0.0/24 maxlen: 24
202.55.1.0/24 maxlen: 24
202.55.3.0/24 maxlen: 24
202.55.4.0/24 maxlen: 24
202.55.5.0/24 maxlen: 24
202.55.6.0/24 maxlen: 24
202.55.7.0/24 maxlen: 24
202.55.8.0/21 maxlen: 21
202.55.8.0/24 maxlen: 24
202.55.9.0/24 maxlen: 24
202.55.10.0/24 maxlen: 24
202.55.11.0/24 maxlen: 24
202.55.12.0/24 maxlen: 24
202.55.13.0/24 maxlen: 24
202.55.14.0/24 maxlen: 24
202.55.15.0/24 maxlen: 24
202.55.16.0/24 maxlen: 24
202.55.17.0/24 maxlen: 24
202.55.18.0/24 maxlen: 24
202.55.19.0/24 maxlen: 24
202.55.20.0/24 maxlen: 24
202.55.21.0/24 maxlen: 24
202.55.22.0/24 maxlen: 24
202.55.23.0/24 maxlen: 24
202.55.24.0/24 maxlen: 24
202.55.25.0/24 maxlen: 24
202.55.26.0/24 maxlen: 24
202.55.27.0/24 maxlen: 24
202.55.28.0/24 maxlen: 24
202.55.29.0/24 maxlen: 24
202.55.30.0/24 maxlen: 24
202.55.31.0/24 maxlen: 24
2400:9380:9000::/40 maxlen: 48
2400:9380:9100::/40 maxlen: 48
2400:9380:9200::/40 maxlen: 48
2400:9380:9300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 May 2024 21:20:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2313 (0x909)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Validity
Not Before: Nov 10 21:08:49 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=654e9be1-8f96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:81:d6:e6:e0:12:42:b4:ae:25:17:6a:e4:cf:
06:e3:0f:4f:93:a9:2a:5d:72:b0:58:51:01:47:5c:
f2:8a:37:8c:55:ef:af:92:16:96:f5:fa:cd:fe:5f:
41:4d:34:30:9b:51:ef:61:37:fb:03:e0:f8:01:10:
39:b2:6d:98:f3:ca:d8:6f:8b:0c:80:30:dd:92:db:
57:a1:9b:a0:b9:84:e2:58:ee:57:85:5d:6f:0b:9f:
a6:f0:91:d1:95:2b:09:bb:6b:df:4e:25:d2:64:6c:
bd:5c:77:13:3a:ba:0d:84:0f:ea:39:d5:65:5f:3b:
66:f5:3e:bf:6e:20:cc:cd:67:64:ba:d2:cf:41:19:
0e:25:08:43:d1:29:ea:70:ab:7f:45:72:c0:22:29:
79:02:f3:87:a9:4d:39:a1:3b:90:f4:85:0f:50:78:
fd:21:0c:a0:ad:72:d1:29:17:01:2d:2d:59:4d:89:
03:eb:93:05:4d:31:db:eb:4a:de:ff:4d:e7:58:e3:
e4:11:ef:0b:92:a2:2a:b4:55:8d:3c:9b:d2:28:ca:
39:d9:65:10:20:4c:a2:c6:c8:a4:ad:98:7a:d1:95:
d0:09:a6:33:9b:cc:51:69:7f:01:ae:3a:ee:b3:4c:
d0:49:27:39:62:3d:a0:e4:e5:16:87:e0:ac:32:43:
9b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:4C:13:C6:E2:2F:A1:90:3D:52:02:6D:94:49:59:20:87:45:B1:CC
X509v3 Authority Key Identifier:
keyid:B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/7B7F4CC8839411EAAA78E971C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
183.91.48.0/21
183.91.58.0/24
183.91.60.0/22
202.55.0.0/19
IPv6:
2400:9380:9000::/38
Signature Algorithm: sha256WithRSAEncryption
9b:32:7f:eb:74:f6:ed:39:02:3d:9a:71:db:30:58:a8:ea:2a:
21:51:1c:3b:1a:9d:d5:af:53:a7:93:f6:a7:d1:08:1c:14:6e:
11:23:80:05:76:cd:d3:c1:fc:09:4b:54:af:4a:ae:65:ef:b7:
90:eb:fd:9c:d7:fa:02:0e:fe:eb:38:c8:eb:a4:41:31:c5:22:
14:10:de:b0:70:03:33:20:d6:90:b3:76:dc:ca:67:8f:46:1d:
cd:62:c1:e3:9a:51:b8:41:20:de:95:cb:02:01:58:8d:44:7a:
27:00:52:84:b8:6e:ca:e1:e7:c3:61:3b:c8:c1:8b:ef:25:7d:
61:58:ba:75:de:40:62:94:62:b0:3c:9f:67:94:36:8f:f6:5e:
ed:a7:c0:59:e1:1c:25:01:f5:db:43:0e:95:6b:1d:cf:66:ab:
46:75:80:b4:7d:9d:7c:0d:5c:06:4b:c1:fe:37:ee:0a:5e:e9:
b2:38:72:2e:08:84:43:75:bc:2c:90:56:07:5b:0f:d6:d5:89:
53:0b:2e:ae:5e:fe:f1:e9:b4:39:1e:0b:56:a8:c7:c9:24:c0:
45:48:69:ec:e5:da:a4:4f:e7:43:7f:a3:f3:1c:61:f5:1f:92:
17:82:af:65:8b:16:51:6c:8c:57:20:14:f6:86:97:98:17:2d:
e4:65:7f:2f
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICCQkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU3NkQxMTAvBgNVBAUTKEIxRTg0RkFDRkFDQkMwQjc4Mzg1NjFFRjIxRTI4RjJG
QUNGNURGRUMwHhcNMjMxMTEwMjEwODQ5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRlOWJlMS04Zjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4YHW5uASQrSuJRdq5M8G4w9Pk6kqXXKwWFEBR1zyijeMVe+vkhaW9frN/l9B
TTQwm1HvYTf7A+D4ARA5sm2Y88rYb4sMgDDdkttXoZuguYTiWO5XhV1vC5+m8JHR
lSsJu2vfTiXSZGy9XHcTOroNhA/qOdVlXztm9T6/biDMzWdkutLPQRkOJQhD0Snq
cKt/RXLAIil5AvOHqU05oTuQ9IUPUHj9IQygrXLRKRcBLS1ZTYkD65MFTTHb60re
/03nWOPkEe8LkqIqtFWNPJvSKMo52WUQIEyixsikrZh60ZXQCaYzm8xRaX8Brjru
s0zQSSc5Yj2g5OUWh+CsMkObpwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFCxME8bi
L6GQPVICbZRJWSCHRbHMMB8GA1UdIwQYMBaAFLHoT6z6y8C3g4Vh7yHijy+s9d/s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTc2RC8zNjg3MkE1RTgy
Q0QxMUVBODk1QzdCNUNDNEY5QUUwMi9zZWhQclByTHdMZURoV0h2SWVLUEw2ejEz
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NlaFByUHJMd0xlRGhXSHZJZUtQTDZ6MTMtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU3NkQvMzY4NzJBNUU4MkNEMTFFQTg5NUM3QjVDQzRGOUFFMDIvN0I3RjRDQzg4
Mzk0MTFFQUFBNzhFOTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMB4EAgABMBgDBAO3WzADBAC3WzoDBAK3WzwDBAXKNwAwDgQCAAIwCAMGAiQA
k4CQMA0GCSqGSIb3DQEBCwUAA4IBAQCbMn/rdPbtOQI9mnHbMFio6iohURw7Gp3V
r1Onk/an0QgcFG4RI4AFds3TwfwJS1SvSq5l77eQ6/2c1/oCDv7rOMjrpEExxSIU
EN6wcAMzINaQs3bcymePRh3NYsHjmlG4QSDelcsCAViNRHonAFKEuG7K4efDYTvI
wYvvJX1hWLp13kBilGKwPJ9nlDaP9l7tp8BZ4RwlAfXbQw6Vax3PZqtGdYC0fZ18
DVwGS8H+N+4KXumyOHIuCIRDdbwskFYHWw/W1YlTCy6uXv7x6bQ5HgtWqMfJJMBF
SGns5dqkT+dDf6PzHGH1H5IXgq9lixZRbIxXIBT2hpeYFy3kZX8v
-----END CERTIFICATE-----
Generated at Sat May 4 22:06:52 2024 by rpki-client on console-ams.rpki-client.org