Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/79A169387CA811EFA20CC941C4F9AE02.roa
File: 79A169387CA811EFA20CC941C4F9AE02.roa (raw, json)
Hash identifier: DJCfFvSXVLxvnsGtGccUzzc05yQwxncVjwhkPT6whV8=
Subject key identifier: 4E:20:78:78:F1:AF:3B:49:A8:44:F6:56:F5:6C:5C:02:D6:E1:B0:53
Certificate issuer: /CN=A91AE954/serialNumber=83AC168E49FB25EB76945A0BD146EA8B57BF09CC
Certificate serial: 0132
Authority key identifier: 83:AC:16:8E:49:FB:25:EB:76:94:5A:0B:D1:46:EA:8B:57:BF:09:CC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/79A169387CA811EFA20CC941C4F9AE02.roa
Signing time: Fri 27 Sep 2024 08:14:11 +0000
ROA not before: Fri 27 Sep 2024 08:14:11 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 4817
IP address blocks: 210.10.0.0/20 maxlen: 20
210.10.0.0/22 maxlen: 22
210.10.0.0/24 maxlen: 24
210.10.1.0/24 maxlen: 24
210.10.2.0/24 maxlen: 24
210.10.3.0/24 maxlen: 24
210.10.4.0/22 maxlen: 22
210.10.4.0/24 maxlen: 24
210.10.5.0/24 maxlen: 24
210.10.6.0/24 maxlen: 24
210.10.7.0/24 maxlen: 24
210.10.10.0/24 maxlen: 24
210.10.11.0/24 maxlen: 24
210.10.12.0/23 maxlen: 24
210.10.64.0/23 maxlen: 24
210.10.66.0/23 maxlen: 23
210.10.76.0/23 maxlen: 23
210.10.76.0/24 maxlen: 24
210.10.77.0/24 maxlen: 24
210.10.78.0/24 maxlen: 24
210.10.79.0/24 maxlen: 24
2400:79e0::/32 maxlen: 32
2400:79e0:8000::/40 maxlen: 40
2400:79e0:8030::/44 maxlen: 44
2400:79e0:8040::/44 maxlen: 44
2400:79e0:8050::/44 maxlen: 44
2400:79e0:8070::/44 maxlen: 44
2400:79e0:9000::/40 maxlen: 40
2400:79e0:9030::/44 maxlen: 44
2400:79e0:9040::/44 maxlen: 44
2400:79e0:9050::/44 maxlen: 44
2400:79e0:9070::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.crl
rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 02:38:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 306 (0x132)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE954/serialNumber=83AC168E49FB25EB76945A0BD146EA8B57BF09CC
Validity
Not Before: Sep 27 08:14:11 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66f66953-80af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bd:d4:d7:54:37:35:ac:3f:77:9d:fd:55:b8:
25:6a:51:bd:b1:c0:9a:da:88:dc:48:0e:23:d6:e9:
f0:81:1f:07:6b:26:3a:8d:78:c2:be:78:45:ff:c8:
f2:9d:0d:eb:0e:a0:d8:30:aa:95:5d:61:7a:ee:12:
09:00:a1:27:d5:26:df:e0:75:f6:e5:3e:63:00:0c:
0f:46:22:06:4f:fb:27:89:87:f2:16:3d:4c:1e:22:
be:8c:14:ee:26:c4:77:f4:a2:2d:fc:97:37:5b:af:
c4:27:df:2d:c6:28:f1:0f:33:f7:4e:b4:64:7e:8b:
c2:5a:38:dd:0f:c6:3e:a1:35:3f:c3:83:b3:2f:19:
fa:b6:a5:2f:cd:07:e8:a6:86:e4:de:1e:20:81:f4:
e1:9b:62:81:f8:7d:9f:7e:03:b6:3d:61:be:3f:19:
70:17:26:4e:aa:84:b3:56:3c:6e:d5:a0:a9:fe:cb:
73:3f:54:11:54:28:b6:7f:cb:53:a5:c8:17:57:ce:
61:d9:93:ea:4d:97:d3:b0:c5:d4:2a:73:74:3d:fb:
5b:5c:ba:7e:50:65:fb:cb:31:2b:4a:8b:66:dd:51:
8f:64:86:51:ec:35:81:98:dd:5f:62:f2:53:b2:01:
40:e2:e4:2b:a1:46:68:6e:18:1c:0e:9d:7e:bf:0c:
09:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:20:78:78:F1:AF:3B:49:A8:44:F6:56:F5:6C:5C:02:D6:E1:B0:53
X509v3 Authority Key Identifier:
keyid:83:AC:16:8E:49:FB:25:EB:76:94:5A:0B:D1:46:EA:8B:57:BF:09:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g6wWjkn7Jet2lFoL0Ubqi1e_Ccw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE954/B1F6BCC2C14A11ED882BE329C4F9AE02/79A169387CA811EFA20CC941C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.10.0.0/20
210.10.64.0/22
210.10.76.0/22
IPv6:
2400:79e0::/32
Signature Algorithm: sha256WithRSAEncryption
56:78:5d:c2:72:25:bc:82:78:17:f3:9c:27:fd:17:aa:f9:db:
5a:d4:50:0f:b1:89:a8:16:99:d3:fa:a7:04:b4:40:d9:59:c6:
a3:0d:73:00:2b:db:83:3c:a6:d3:c8:a4:21:56:63:fd:14:a6:
f2:ea:79:c5:aa:21:95:02:f5:59:75:8d:f9:a3:67:4c:ba:17:
8b:74:50:37:55:6e:58:e6:c7:a6:32:5e:40:c5:29:72:25:b7:
2a:0e:e6:80:e6:dc:e5:38:15:e4:37:40:3e:46:1e:f3:92:85:
0c:c4:f4:2d:cc:8d:66:b7:66:a1:25:cd:a2:71:71:23:51:f3:
da:e8:86:24:3f:c7:7c:37:29:68:38:34:88:27:9e:cb:ae:e4:
eb:3c:2c:04:c4:25:1d:b5:6a:d9:51:84:db:8e:83:2b:77:5a:
aa:c4:37:a0:06:14:0f:7d:35:05:da:22:75:b5:b7:90:e6:69:
03:ec:17:72:0e:ec:c8:e8:6d:bc:4e:26:60:43:34:b7:40:0e:
bc:4c:97:fd:89:49:b1:1a:bc:41:5a:5c:bd:8d:f3:0a:dc:17:
08:3f:6d:cc:b2:d3:c6:a2:e0:76:4c:7e:a7:74:14:5f:82:3d:
99:77:7a:25:31:17:cb:ad:6e:35:81:77:55:87:02:0b:d8:15:
51:08:d4:91
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICATIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUU5NTQxMTAvBgNVBAUTKDgzQUMxNjhFNDlGQjI1RUI3Njk0NUEwQkQxNDZFQThC
NTdCRjA5Q0MwHhcNMjQwOTI3MDgxNDExWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY2Njk1My04MGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvr3U11Q3Naw/d539VbglalG9scCa2ojcSA4j1unwgR8HayY6jXjCvnhF/8jy
nQ3rDqDYMKqVXWF67hIJAKEn1Sbf4HX25T5jAAwPRiIGT/sniYfyFj1MHiK+jBTu
JsR39KIt/Jc3W6/EJ98txijxDzP3TrRkfovCWjjdD8Y+oTU/w4OzLxn6tqUvzQfo
pobk3h4ggfThm2KB+H2ffgO2PWG+PxlwFyZOqoSzVjxu1aCp/stzP1QRVCi2f8tT
pcgXV85h2ZPqTZfTsMXUKnN0PftbXLp+UGX7yzErSotm3VGPZIZR7DWBmN1fYvJT
sgFA4uQroUZobhgcDp1+vwwJ0wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFE4geHjx
rztJqET2VvVsXALW4bBTMB8GA1UdIwQYMBaAFIOsFo5J+yXrdpRaC9FG6otXvwnM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTk1NC9CMUY2QkNDMkMx
NEExMUVEODgyQkUzMjlDNEY5QUUwMi9nNndXamtuN0pldDJsRm9MMFVicWkxZV9D
Y3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2c2d1dqa243SmV0MmxGb0wwVWJxaTFlX0Njdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUU5NTQvQjFGNkJDQzJDMTRBMTFFRDg4MkJFMzI5QzRGOUFFMDIvNzlBMTY5Mzg3
Q0E4MTFFRkEyMENDOTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBATSCgADBALSCkADBALSCkwwDQQCAAIwBwMFACQAeeAwDQYJ
KoZIhvcNAQELBQADggEBAFZ4XcJyJbyCeBfznCf9F6r521rUUA+xiagWmdP6pwS0
QNlZxqMNcwAr24M8ptPIpCFWY/0UpvLqecWqIZUC9Vl1jfmjZ0y6F4t0UDdVbljm
x6YyXkDFKXIltyoO5oDm3OU4FeQ3QD5GHvOShQzE9C3MjWa3ZqElzaJxcSNR89ro
hiQ/x3w3KWg4NIgnnsuu5Os8LATEJR21atlRhNuOgyt3WqrEN6AGFA99NQXaInW1
t5DmaQPsF3IO7MjobbxOJmBDNLdADrxMl/2JSbEavEFaXL2N8wrcFwg/bcyy08ai
4HZMfqd0FF+CPZl3eiUxF8utbjWBd1WHAgvYFVEI1JE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:58:47 2024 by rpki-client on console-ams.rpki-client.org