Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/B3E738FAB0F811EA895AE231C4F9AE02.roa
File: B3E738FAB0F811EA895AE231C4F9AE02.roa (raw, json)
Hash identifier: dR3OL7oMhrbuHCOtgjWRDLTt0cknZ+28XTKmzmn3SY4=
Subject key identifier: 2B:9B:02:E7:1E:76:4E:EF:1E:26:13:F2:77:19:03:32:22:7B:1F:6F
Certificate issuer: /CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Certificate serial: 0907
Authority key identifier: B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/B3E738FAB0F811EA895AE231C4F9AE02.roa
Signing time: Fri 10 Nov 2023 21:08:48 +0000
ROA not before: Fri 10 Nov 2023 21:08:48 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 23764
IP address blocks: 61.29.244.0/22 maxlen: 24
61.29.254.0/23 maxlen: 24
146.196.78.0/23 maxlen: 24
183.91.48.0/21 maxlen: 21
183.91.48.0/24 maxlen: 24
183.91.49.0/24 maxlen: 24
183.91.50.0/24 maxlen: 24
183.91.51.0/24 maxlen: 24
183.91.52.0/24 maxlen: 24
183.91.53.0/24 maxlen: 24
183.91.54.0/24 maxlen: 24
183.91.55.0/24 maxlen: 24
183.91.58.0/24 maxlen: 24
183.91.60.0/24 maxlen: 24
183.91.61.0/24 maxlen: 24
183.91.62.0/24 maxlen: 24
183.91.63.0/24 maxlen: 24
202.55.0.0/19 maxlen: 19
202.55.0.0/24 maxlen: 24
202.55.1.0/24 maxlen: 24
202.55.2.0/24 maxlen: 24
202.55.3.0/24 maxlen: 24
202.55.4.0/24 maxlen: 24
202.55.5.0/24 maxlen: 24
202.55.6.0/24 maxlen: 24
202.55.7.0/24 maxlen: 24
202.55.8.0/21 maxlen: 21
202.55.8.0/24 maxlen: 24
202.55.9.0/24 maxlen: 24
202.55.10.0/24 maxlen: 24
202.55.11.0/24 maxlen: 24
202.55.12.0/24 maxlen: 24
202.55.13.0/24 maxlen: 24
202.55.14.0/24 maxlen: 24
202.55.15.0/24 maxlen: 24
202.55.16.0/24 maxlen: 24
202.55.17.0/24 maxlen: 24
202.55.18.0/24 maxlen: 24
202.55.19.0/24 maxlen: 24
202.55.20.0/24 maxlen: 24
202.55.21.0/24 maxlen: 24
202.55.22.0/24 maxlen: 24
202.55.23.0/24 maxlen: 24
202.55.24.0/24 maxlen: 24
202.55.25.0/24 maxlen: 24
202.55.26.0/24 maxlen: 24
202.55.27.0/24 maxlen: 24
202.55.28.0/24 maxlen: 24
202.55.29.0/24 maxlen: 24
202.55.30.0/24 maxlen: 24
202.55.31.0/24 maxlen: 24
2400:9380:9000::/40 maxlen: 48
2400:9380:9100::/40 maxlen: 48
2400:9380:9200::/40 maxlen: 48
2400:9380:9300::/40 maxlen: 48
2400:9380:a000::/40 maxlen: 48
2400:9380:a100::/40 maxlen: 48
2400:9380:a200::/40 maxlen: 48
2400:9380:a300::/40 maxlen: 48
2400:9380:f000::/40 maxlen: 48
2400:9380:f100::/40 maxlen: 48
2400:9380:f200::/40 maxlen: 48
2400:9380:f300::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 13 May 2024 20:40:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2311 (0x907)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917576D/serialNumber=B1E84FACFACBC0B7838561EF21E28F2FACF5DFEC
Validity
Not Before: Nov 10 21:08:48 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=654e9be0-9c48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:97:10:87:97:28:e5:ea:f0:bd:1d:5f:0f:32:
bc:be:49:37:92:f6:e0:8a:28:23:c1:44:e0:46:dc:
3e:06:58:fd:72:b7:71:6b:39:04:76:cc:a9:cc:7e:
e3:46:76:5f:99:bc:84:9c:0b:c4:8f:0a:a8:7a:99:
d4:db:52:19:f4:ca:a9:a4:c9:76:75:76:10:7b:3e:
fd:b4:99:9f:8b:79:86:7f:c3:54:22:6c:69:0e:07:
60:d6:17:5d:d1:16:d9:43:d6:c9:42:eb:3a:a7:5b:
25:70:b1:70:8b:e3:ef:fc:fb:24:a1:bf:fa:1d:59:
f2:ac:30:23:7b:54:72:2d:b8:7a:fe:27:60:59:c0:
bb:1d:89:ea:02:d4:c5:a8:ff:27:b1:03:e7:48:ce:
43:37:79:e7:3d:75:d8:ce:29:4a:4c:47:c4:00:44:
d7:4d:b9:a4:a4:0f:33:04:34:74:4f:ca:a1:df:bd:
f3:05:0f:e8:d3:b6:ec:5e:cd:be:53:d3:0d:82:14:
b1:31:61:d2:ed:29:cc:bf:7e:f7:33:58:e0:5b:f8:
90:0c:43:2f:a5:7a:8a:d1:17:a5:fa:e9:fe:5a:39:
22:1a:cc:71:b3:f7:cf:88:68:d3:ee:01:db:02:f3:
72:b1:22:11:30:e4:a7:cc:5e:fc:8b:8e:69:b5:30:
9d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:9B:02:E7:1E:76:4E:EF:1E:26:13:F2:77:19:03:32:22:7B:1F:6F
X509v3 Authority Key Identifier:
keyid:B1:E8:4F:AC:FA:CB:C0:B7:83:85:61:EF:21:E2:8F:2F:AC:F5:DF:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/sehPrPrLwLeDhWHvIeKPL6z13-w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sehPrPrLwLeDhWHvIeKPL6z13-w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917576D/36872A5E82CD11EA895C7B5CC4F9AE02/B3E738FAB0F811EA895AE231C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.29.244.0/22
61.29.254.0/23
146.196.78.0/23
183.91.48.0/21
183.91.58.0/24
183.91.60.0/22
202.55.0.0/19
IPv6:
2400:9380:9000::/38
2400:9380:a000::/38
2400:9380:f000::/38
Signature Algorithm: sha256WithRSAEncryption
89:7a:09:26:38:c3:9e:8b:c9:30:f7:30:36:5c:66:a7:83:a3:
f4:2b:ab:a0:1c:e8:f4:b0:8c:72:a9:90:21:fe:99:10:f2:d7:
cb:6b:6e:07:0a:dc:db:31:3e:d3:d2:c6:96:70:43:f6:1b:45:
ef:14:5d:e3:e5:06:4a:e4:e3:41:c8:6c:fa:3c:54:79:23:8a:
6a:de:b6:da:30:7d:77:e8:b6:33:2d:3d:f8:c4:fa:6c:51:3b:
a4:97:f6:ca:c7:21:3a:d1:07:34:10:97:81:63:4a:97:06:d2:
bc:19:ae:e0:26:e6:ba:e9:f8:ce:6a:90:3b:70:99:f5:7a:76:
ed:7e:ed:17:6b:7d:a8:c6:87:68:2b:43:50:e3:92:e3:99:3c:
f5:07:b1:dc:51:66:df:5c:09:25:56:e5:ef:88:1d:fc:aa:a7:
57:e0:b4:ae:7b:a6:ed:15:bb:f5:49:92:80:ac:7a:21:94:c1:
3c:84:aa:47:75:d7:08:e6:ac:55:92:9f:e3:af:ee:26:5e:03:
01:13:05:f9:d5:53:f7:dd:52:c5:85:1f:94:34:26:d1:48:12:
81:64:04:6a:03:fd:1f:bb:d3:d2:3f:a5:a5:02:d1:e2:df:0a:
6e:75:c5:1d:e2:37:2a:06:c6:f4:71:3c:e9:d0:6d:d9:c2:68:
37:86:e9:a5
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgICCQcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzU3NkQxMTAvBgNVBAUTKEIxRTg0RkFDRkFDQkMwQjc4Mzg1NjFFRjIxRTI4RjJG
QUNGNURGRUMwHhcNMjMxMTEwMjEwODQ4WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRlOWJlMC05YzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAk5cQh5co5erwvR1fDzK8vkk3kvbgiigjwUTgRtw+Blj9crdxazkEdsypzH7j
RnZfmbyEnAvEjwqoepnU21IZ9MqppMl2dXYQez79tJmfi3mGf8NUImxpDgdg1hdd
0RbZQ9bJQus6p1slcLFwi+Pv/Pskob/6HVnyrDAje1RyLbh6/idgWcC7HYnqAtTF
qP8nsQPnSM5DN3nnPXXYzilKTEfEAETXTbmkpA8zBDR0T8qh373zBQ/o07bsXs2+
U9MNghSxMWHS7SnMv373M1jgW/iQDEMvpXqK0Rel+un+WjkiGsxxs/fPiGjT7gHb
AvNysSIRMOSnzF78i45ptTCdOwIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFCubAuce
dk7vHiYT8ncZAzIiex9vMB8GA1UdIwQYMBaAFLHoT6z6y8C3g4Vh7yHijy+s9d/s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTc2RC8zNjg3MkE1RTgy
Q0QxMUVBODk1QzdCNUNDNEY5QUUwMi9zZWhQclByTHdMZURoV0h2SWVLUEw2ejEz
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NlaFByUHJMd0xlRGhXSHZJZUtQTDZ6MTMtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU3NkQvMzY4NzJBNUU4MkNEMTFFQTg5NUM3QjVDQzRGOUFFMDIvQjNFNzM4RkFC
MEY4MTFFQTg5NUFFMjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E
VDBSMDAEAgABMCoDBAI9HfQDBAE9Hf4DBAGSxE4DBAO3WzADBAC3WzoDBAK3WzwD
BAXKNwAwHgQCAAIwGAMGAiQAk4CQAwYCJACTgKADBgIkAJOA8DANBgkqhkiG9w0B
AQsFAAOCAQEAiXoJJjjDnovJMPcwNlxmp4Oj9CuroBzo9LCMcqmQIf6ZEPLXy2tu
Bwrc2zE+09LGlnBD9htF7xRd4+UGSuTjQchs+jxUeSOKat622jB9d+i2My09+MT6
bFE7pJf2yschOtEHNBCXgWNKlwbSvBmu4Cbmuun4zmqQO3CZ9Xp27X7tF2t9qMaH
aCtDUOOS45k89Qex3FFm31wJJVbl74gd/KqnV+C0rnum7RW79UmSgKx6IZTBPISq
R3XXCOasVZKf46/uJl4DARMF+dVT991SxYUflDQm0UgSgWQEagP9H7vT0j+lpQLR
4t8KbnXFHeI3KgbG9HE86dBt2cJoN4bppQ==
-----END CERTIFICATE-----
Generated at Mon May 6 22:40:56 2024 by rpki-client on console-ams.rpki-client.org