Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/7B7F4CC8839411EAAA78E971C4F9AE02.roa
File: 7B7F4CC8839411EAAA78E971C4F9AE02.roa (raw, json)
Hash identifier: wea4aceMf43MG5chHw7e4ZG37Y7felbA6w64OzimUEU=
Subject key identifier: B3:11:E3:AD:48:0C:A9:46:6F:1F:43:CF:16:DE:6A:92:FF:AF:D0:6E
Certificate issuer: /CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Certificate serial: 09FF
Authority key identifier: B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/7B7F4CC8839411EAAA78E971C4F9AE02.roa
Signing time: Thu 14 Nov 2024 19:59:05 +0000
ROA not before: Thu 14 Nov 2024 19:59:05 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 4809
IP address blocks: 183.91.48.0/21 maxlen: 21
183.91.48.0/24 maxlen: 24
183.91.49.0/24 maxlen: 24
183.91.50.0/24 maxlen: 24
183.91.51.0/24 maxlen: 24
183.91.52.0/24 maxlen: 24
183.91.53.0/24 maxlen: 24
183.91.54.0/24 maxlen: 24
183.91.55.0/24 maxlen: 24
183.91.58.0/24 maxlen: 24
183.91.60.0/24 maxlen: 24
183.91.61.0/24 maxlen: 24
183.91.62.0/24 maxlen: 24
183.91.63.0/24 maxlen: 24
202.55.0.0/19 maxlen: 19
202.55.0.0/24 maxlen: 24
202.55.1.0/24 maxlen: 24
202.55.3.0/24 maxlen: 24
202.55.4.0/24 maxlen: 24
202.55.5.0/24 maxlen: 24
202.55.6.0/24 maxlen: 24
202.55.7.0/24 maxlen: 24
202.55.8.0/21 maxlen: 21
202.55.8.0/24 maxlen: 24
202.55.9.0/24 maxlen: 24
202.55.10.0/24 maxlen: 24
202.55.11.0/24 maxlen: 24
202.55.12.0/24 maxlen: 24
202.55.13.0/24 maxlen: 24
202.55.14.0/24 maxlen: 24
202.55.15.0/24 maxlen: 24
202.55.16.0/24 maxlen: 24
202.55.17.0/24 maxlen: 24
202.55.18.0/24 maxlen: 24
202.55.19.0/24 maxlen: 24
202.55.20.0/24 maxlen: 24
202.55.21.0/24 maxlen: 24
202.55.22.0/24 maxlen: 24
202.55.23.0/24 maxlen: 24
202.55.24.0/24 maxlen: 24
202.55.25.0/24 maxlen: 24
202.55.26.0/24 maxlen: 24
202.55.27.0/24 maxlen: 24
202.55.28.0/24 maxlen: 24
202.55.29.0/24 maxlen: 24
202.55.30.0/24 maxlen: 24
202.55.31.0/24 maxlen: 24
2400:9380:9000::/40 maxlen: 48
2400:9380:9100::/40 maxlen: 48
2400:9380:9200::/40 maxlen: 48
2400:9380:9300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 17:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2559 (0x9ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Validity
Not Before: Nov 14 19:59:05 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67365688-fde1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3a:53:74:20:b8:45:9e:4b:b0:e1:56:0d:81:
27:54:e8:0d:1f:54:4c:43:d2:76:75:b0:d1:20:c1:
ae:7e:f4:df:4f:51:33:44:25:e4:17:8e:5d:6a:9d:
fb:d8:06:a5:b8:6f:e7:ff:41:59:0c:fb:15:2b:8f:
69:6c:b9:b9:38:57:ae:37:1d:eb:fe:95:02:e8:50:
6f:4c:5f:ad:8b:0d:be:1c:72:13:06:fc:47:25:98:
d9:65:c6:56:df:83:64:e0:47:d9:7d:69:e5:3b:b2:
0a:7e:23:79:04:d7:0a:84:89:d2:d4:f7:58:23:f7:
ec:40:95:fc:07:4a:e6:a6:2d:3b:b2:df:22:d0:d8:
0f:8a:a6:e5:db:e0:85:53:b4:6e:ba:90:10:cd:e0:
c4:6a:03:36:3f:67:be:61:cd:3e:9b:4c:55:1c:5b:
39:67:c0:58:32:ff:16:f7:0c:ca:5c:92:2f:0d:3f:
1b:a1:9d:ec:eb:21:61:5a:91:93:f6:17:58:c4:3b:
51:c6:5c:e5:3c:79:27:e9:c6:5a:d0:20:d4:67:bf:
b5:62:b8:99:8c:d5:28:0c:4c:4a:96:44:36:9f:33:
ee:46:43:8d:35:9b:8d:b0:95:2f:13:9d:1a:74:25:
19:7c:b4:02:40:ec:d7:99:f2:dd:2e:e7:67:1e:62:
1c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:11:E3:AD:48:0C:A9:46:6F:1F:43:CF:16:DE:6A:92:FF:AF:D0:6E
X509v3 Authority Key Identifier:
keyid:B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/7B7F4CC8839411EAAA78E971C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
183.91.48.0/21
183.91.58.0/24
183.91.60.0/22
202.55.0.0/19
IPv6:
2400:9380:9000::/38
Signature Algorithm: sha256WithRSAEncryption
2f:43:b3:2a:fa:d8:03:8e:cb:51:67:95:48:d9:bd:58:a5:5f:
2d:4c:e2:96:25:f2:f1:f1:3f:37:8c:9f:97:73:76:dd:0b:26:
9e:f2:ff:5e:f6:8e:19:dc:20:8d:93:b5:81:2e:07:85:3e:b7:
b5:2d:9b:70:f3:13:f7:1e:7d:2c:a1:0d:40:83:70:4a:cf:3a:
c3:52:7a:53:e9:8e:cc:9f:ed:28:fc:ea:d9:2d:5f:a0:82:71:
cd:b9:55:98:3d:f1:19:23:86:5f:a8:9c:e8:7e:ba:58:a1:26:
0a:0b:f5:04:6f:bc:a1:6c:5a:2c:a1:c1:c6:47:57:4e:a0:95:
0c:ad:de:7d:1b:ac:fa:9a:75:2d:e2:f5:30:18:0a:1f:3a:f5:
b9:3d:ef:77:c1:f7:36:13:3b:60:15:ad:9a:88:bf:12:ce:de:
c6:43:15:b4:d6:e2:2a:30:e8:bd:6f:94:08:8b:3b:b1:a5:90:
02:9e:3a:0d:6b:b3:b2:3f:f3:9a:9c:9b:27:20:ac:59:e0:37:
c2:99:cf:cf:49:e9:67:88:3b:9d:d3:c7:93:ba:bd:b3:48:ae:
6c:70:7e:21:61:00:bb:5d:d0:af:2f:5b:b9:fc:17:0c:2b:fb:
28:52:87:c4:c4:7a:dc:4d:7e:b9:75:c1:44:df:8d:b9:a4:db:
00:43:15:2c
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICCf8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU3NkQxMTAvBgNVBAUTKEIxRTg0RkFDRkFDQkMwQjc4Mzg1NjFFRjIxRTI4RjJG
QUNGNURGRUMwHhcNMjQxMTE0MTk1OTA1WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzM2NTY4OC1mZGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtzpTdCC4RZ5LsOFWDYEnVOgNH1RMQ9J2dbDRIMGufvTfT1EzRCXkF45dap37
2AaluG/n/0FZDPsVK49pbLm5OFeuNx3r/pUC6FBvTF+tiw2+HHITBvxHJZjZZcZW
34Nk4EfZfWnlO7IKfiN5BNcKhInS1PdYI/fsQJX8B0rmpi07st8i0NgPiqbl2+CF
U7RuupAQzeDEagM2P2e+Yc0+m0xVHFs5Z8BYMv8W9wzKXJIvDT8boZ3s6yFhWpGT
9hdYxDtRxlzlPHkn6cZa0CDUZ7+1YriZjNUoDExKlkQ2nzPuRkONNZuNsJUvE50a
dCUZfLQCQOzXmfLdLudnHmIcowIDAQABo4ICtzCCArMwHQYDVR0OBBYEFLMR461I
DKlGbx9DzxbeapL/r9BuMB8GA1UdIwQYMBaAFLHoT6z6y8C3g4Vh7yHijy+s9d/s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTc2RC8zNjg3MkE1RTgy
Q0QxMUVBODk1QzdCNUNDNEY5QUUwMi9zZWhQclByTHdMZURoV0h2SWVLUEw2ejEz
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NlaFByUHJMd0xlRGhXSHZJZUtQTDZ6MTMtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU3NkQvMzY4NzJBNUU4MkNEMTFFQTg5NUM3QjVDQzRGOUFFMDIvN0I3RjRDQzg4
Mzk0MTFFQUFBNzhFOTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMB4EAgABMBgDBAO3WzADBAC3WzoDBAK3WzwDBAXKNwAwDgQCAAIwCAMGAiQA
k4CQMA0GCSqGSIb3DQEBCwUAA4IBAQAvQ7Mq+tgDjstRZ5VI2b1YpV8tTOKWJfLx
8T83jJ+Xc3bdCyae8v9e9o4Z3CCNk7WBLgeFPre1LZtw8xP3Hn0soQ1Ag3BKzzrD
UnpT6Y7Mn+0o/OrZLV+ggnHNuVWYPfEZI4ZfqJzofrpYoSYKC/UEb7yhbFosocHG
R1dOoJUMrd59G6z6mnUt4vUwGAofOvW5Pe93wfc2EztgFa2aiL8Szt7GQxW01uIq
MOi9b5QIizuxpZACnjoNa7OyP/OanJsnIKxZ4DfCmc/PSelniDud08eTur2zSK5s
cH4hYQC7XdCvL1u5/BcMK/soUofExHrcTX65dcFE3425pNsAQxUs
-----END CERTIFICATE-----
Generated at Sun Nov 24 21:45:04 2024 by rpki-client on console-ams.rpki-client.org