Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/7418230A6D4B11EBB1805C0DC4F9AE02.roa
File: 7418230A6D4B11EBB1805C0DC4F9AE02.roa (raw, json)
Hash identifier: 8qJxtIluB8sM+LZnkacpelPmvOz8hP9HI8PWhXk1wS0=
Subject key identifier: 33:75:A5:75:CD:1D:65:41:85:1E:A4:EA:C1:EB:B1:F9:DB:B8:F1:89
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 35EB
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/7418230A6D4B11EBB1805C0DC4F9AE02.roa
Signing time: Thu 04 Apr 2024 15:21:13 +0000
ROA not before: Thu 04 Apr 2024 15:21:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17557
IP address blocks: 39.32.0.0/11 maxlen: 15
39.32.0.0/16 maxlen: 24
39.33.0.0/16 maxlen: 24
39.34.0.0/16 maxlen: 24
39.35.0.0/16 maxlen: 24
39.36.0.0/16 maxlen: 24
39.37.0.0/16 maxlen: 24
39.38.0.0/16 maxlen: 24
39.39.0.0/16 maxlen: 24
39.40.0.0/16 maxlen: 24
39.41.0.0/16 maxlen: 24
39.42.0.0/16 maxlen: 24
39.43.0.0/16 maxlen: 24
39.44.0.0/16 maxlen: 24
39.45.0.0/16 maxlen: 24
39.46.0.0/16 maxlen: 24
39.47.0.0/16 maxlen: 24
39.48.0.0/16 maxlen: 24
39.49.0.0/16 maxlen: 24
39.50.0.0/16 maxlen: 24
39.51.0.0/16 maxlen: 24
39.52.0.0/16 maxlen: 24
39.53.0.0/16 maxlen: 24
39.54.0.0/16 maxlen: 24
39.55.0.0/16 maxlen: 24
39.56.0.0/16 maxlen: 24
39.57.0.0/16 maxlen: 24
39.58.0.0/16 maxlen: 24
39.59.0.0/16 maxlen: 24
39.60.0.0/16 maxlen: 24
39.61.0.0/16 maxlen: 24
39.62.0.0/16 maxlen: 24
39.63.0.0/16 maxlen: 24
58.181.96.0/20 maxlen: 24
58.181.112.0/20 maxlen: 24
59.103.0.0/16 maxlen: 24
103.28.152.0/22 maxlen: 24
116.71.0.0/16 maxlen: 24
119.152.0.0/13 maxlen: 15
119.152.0.0/16 maxlen: 24
119.153.0.0/16 maxlen: 24
119.154.0.0/16 maxlen: 24
119.155.0.0/16 maxlen: 24
119.156.0.0/16 maxlen: 24
119.157.0.0/16 maxlen: 24
119.158.0.0/16 maxlen: 24
119.159.0.0/16 maxlen: 24
182.176.0.0/12 maxlen: 15
182.176.0.0/16 maxlen: 24
182.177.0.0/16 maxlen: 24
182.178.0.0/16 maxlen: 24
182.179.0.0/16 maxlen: 24
182.180.0.0/16 maxlen: 24
182.181.0.0/16 maxlen: 24
182.182.0.0/16 maxlen: 24
182.183.0.0/16 maxlen: 24
182.184.0.0/16 maxlen: 24
182.185.0.0/16 maxlen: 24
182.186.0.0/16 maxlen: 24
182.187.0.0/16 maxlen: 24
182.188.0.0/16 maxlen: 24
182.189.0.0/16 maxlen: 24
182.190.0.0/16 maxlen: 24
182.191.0.0/16 maxlen: 24
202.70.144.0/20 maxlen: 24
202.125.128.0/19 maxlen: 24
203.99.160.0/19 maxlen: 24
203.135.0.0/18 maxlen: 24
221.120.192.0/18 maxlen: 24
2001:df0:279::/48 maxlen: 48
2404:7000::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 May 2024 14:50:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13803 (0x35eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Validity
Not Before: Apr 4 15:21:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660ec569-9507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:bb:1d:e3:7f:95:f8:04:aa:32:57:c2:f0:da:
ec:88:90:4e:e2:be:81:00:0e:aa:be:81:8b:40:75:
2c:02:6b:f6:78:0b:d4:73:d3:04:b1:1d:1b:44:0e:
ef:4f:f0:42:9b:13:ef:fc:b8:04:50:b6:54:32:11:
77:92:79:aa:33:29:bb:c8:60:78:02:52:87:f9:7a:
89:90:79:e0:de:1e:da:62:a8:dc:a1:00:e1:da:ac:
1a:62:89:11:68:77:3e:10:f2:87:f1:75:12:2a:f6:
2b:4f:a0:06:a6:15:38:bc:e0:28:2d:2b:f2:c8:75:
6e:02:1b:6b:13:00:c5:63:23:54:88:0d:eb:a1:66:
08:45:48:a3:fb:31:60:9c:e7:e3:3d:29:b6:74:ba:
26:17:ec:72:9c:83:d0:c9:63:77:cc:3b:b1:51:d4:
a1:0b:bf:e2:ec:f0:92:29:b6:43:f0:69:b1:4a:21:
65:00:51:ab:b6:d2:9d:1f:4a:b5:cd:fb:4a:80:41:
ef:a3:aa:ce:5c:aa:c5:58:4e:08:29:26:99:50:3a:
3f:9d:b9:83:a5:b3:6c:a9:3a:32:d1:6f:7b:5a:8b:
4b:c4:19:d9:71:38:e9:17:28:23:36:05:ff:c6:42:
ba:38:7e:7a:31:d9:0f:31:90:2c:aa:4a:5d:7a:81:
a8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:75:A5:75:CD:1D:65:41:85:1E:A4:EA:C1:EB:B1:F9:DB:B8:F1:89
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/7418230A6D4B11EBB1805C0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
39.32.0.0/11
58.181.96.0/19
59.103.0.0/16
103.28.152.0/22
116.71.0.0/16
119.152.0.0/13
182.176.0.0/12
202.70.144.0/20
202.125.128.0/19
203.99.160.0/19
203.135.0.0/18
221.120.192.0/18
IPv6:
2001:df0:279::/48
2404:7000::/32
Signature Algorithm: sha256WithRSAEncryption
35:33:b5:8e:6c:82:76:38:3e:bf:b9:05:9f:2d:14:dc:e1:cf:
79:b0:aa:4d:2c:84:a3:e0:e2:f0:eb:03:e4:85:86:4b:18:c6:
99:44:42:54:11:d6:32:3a:2f:d9:ae:db:e2:e3:36:1c:d7:f8:
91:2e:4a:c8:29:70:ed:49:bf:ea:2b:a7:1e:7d:f0:0e:d8:42:
4b:bd:80:56:fe:60:f9:f1:9b:e1:93:96:3d:e1:7e:c1:c2:fe:
35:9e:67:78:aa:7f:2b:2e:cb:5c:3c:09:94:17:28:59:f8:61:
b0:9f:32:6f:f0:94:4a:57:0d:f3:e3:ac:3c:79:67:5c:7c:a1:
f8:d4:34:04:e6:a1:79:2c:e2:bd:f1:94:97:72:b9:2b:fd:1c:
24:1a:46:c5:fa:63:23:10:5e:a7:fe:29:66:d8:93:da:2d:77:
51:ea:3f:63:9d:13:76:47:7a:a1:e2:d3:1e:d5:2d:c0:3f:08:
77:90:f6:3d:92:36:f3:33:9e:b8:95:17:9f:f7:b4:42:19:9b:
5f:58:ad:66:36:9b:fa:94:2e:e5:97:3b:bc:a7:87:5f:00:ea:
16:98:cf:ce:76:dc:49:fe:38:6c:45:53:9e:a6:3b:51:83:77:
e1:8a:ea:a0:66:86:1c:e2:59:aa:33:76:26:e9:0d:1d:6e:8d:
b1:b7:48:54
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgICNeswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjQwNDA0MTUyMTEzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBlYzU2OS05NTA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Lsd43+V+ASqMlfC8NrsiJBO4r6BAA6qvoGLQHUsAmv2eAvUc9MEsR0bRA7v
T/BCmxPv/LgEULZUMhF3knmqMym7yGB4AlKH+XqJkHng3h7aYqjcoQDh2qwaYokR
aHc+EPKH8XUSKvYrT6AGphU4vOAoLSvyyHVuAhtrEwDFYyNUiA3roWYIRUij+zFg
nOfjPSm2dLomF+xynIPQyWN3zDuxUdShC7/i7PCSKbZD8GmxSiFlAFGrttKdH0q1
zftKgEHvo6rOXKrFWE4IKSaZUDo/nbmDpbNsqToy0W97WotLxBnZcTjpFygjNgX/
xkK6OH56MdkPMZAsqkpdeoGoUQIDAQABo4IC6jCCAuYwHQYDVR0OBBYEFDN1pXXN
HWVBhR6k6sHrsfnbuPGJMB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvNzQxODIzMEE2
RDRCMTFFQkIxODA1QzBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdAYIKwYBBQUHAQcBAf8E
ZTBjMEkEAgABMEMDAwUnIAMEBTq1YAMDADtnAwQCZxyYAwMAdEcDAwN3mAMDBLaw
AwQEykaQAwQFyn2AAwQFy2OgAwQGy4cAAwQG3XjAMBYEAgACMBADBwAgAQ3wAnkD
BQAkBHAAMA0GCSqGSIb3DQEBCwUAA4IBAQA1M7WObIJ2OD6/uQWfLRTc4c95sKpN
LISj4OLw6wPkhYZLGMaZREJUEdYyOi/Zrtvi4zYc1/iRLkrIKXDtSb/qK6ceffAO
2EJLvYBW/mD58Zvhk5Y94X7Bwv41nmd4qn8rLstcPAmUFyhZ+GGwnzJv8JRKVw3z
46w8eWdcfKH41DQE5qF5LOK98ZSXcrkr/RwkGkbF+mMjEF6n/ilm2JPaLXdR6j9j
nRN2R3qh4tMe1S3APwh3kPY9kjbzM564lRef97RCGZtfWK1mNpv6lC7llzu8p4df
AOoWmM/OdtxJ/jhsRVOepjtRg3fhiuqgZoYc4lmqM3Ym6Q0dbo2xt0hU
-----END CERTIFICATE-----
Generated at Sat May 4 15:55:02 2024 by rpki-client on console-ams.rpki-client.org