Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3CB5/632650F8050511EAAA934C43C4F9AE02/257E3B94E37B11EA84A20810C4F9AE02.roa
File: 257E3B94E37B11EA84A20810C4F9AE02.roa (raw, json)
Hash identifier: rkuN6xiRrkmQkaEhne3S9IUcalSOBWapH+j8pPbkGos=
Subject key identifier: 8F:E8:2C:EE:E9:4B:23:16:EC:22:42:1A:ED:5E:C9:54:CC:AD:A5:01
Certificate issuer: /CN=A91B3CB5/serialNumber=1355D5187D2E63D7E6D49078D8E71FA051C456E3
Certificate serial: 0BEB
Authority key identifier: 13:55:D5:18:7D:2E:63:D7:E6:D4:90:78:D8:E7:1F:A0:51:C4:56:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E1XVGH0uY9fm1JB42OcfoFHEVuM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B3CB5/632650F8050511EAAA934C43C4F9AE02/257E3B94E37B11EA84A20810C4F9AE02.roa
Signing time: Thu 10 Oct 2024 18:57:13 +0000
ROA not before: Thu 10 Oct 2024 18:57:13 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 38280
IP address blocks: 59.191.192.0/20 maxlen: 20
59.191.192.0/24 maxlen: 24
59.191.193.0/24 maxlen: 24
59.191.194.0/24 maxlen: 24
59.191.195.0/24 maxlen: 24
59.191.196.0/24 maxlen: 24
59.191.197.0/24 maxlen: 24
59.191.198.0/24 maxlen: 24
59.191.199.0/24 maxlen: 24
59.191.200.0/24 maxlen: 24
59.191.201.0/24 maxlen: 24
59.191.202.0/24 maxlen: 24
59.191.203.0/24 maxlen: 24
59.191.204.0/24 maxlen: 24
59.191.205.0/24 maxlen: 24
59.191.206.0/24 maxlen: 24
59.191.207.0/24 maxlen: 24
118.139.128.0/19 maxlen: 19
118.139.128.0/24 maxlen: 24
118.139.129.0/24 maxlen: 24
118.139.130.0/24 maxlen: 24
118.139.131.0/24 maxlen: 24
118.139.132.0/24 maxlen: 24
118.139.133.0/24 maxlen: 24
118.139.134.0/24 maxlen: 24
118.139.135.0/24 maxlen: 24
118.139.136.0/24 maxlen: 24
118.139.137.0/24 maxlen: 24
118.139.138.0/24 maxlen: 24
118.139.139.0/24 maxlen: 24
118.139.140.0/24 maxlen: 24
118.139.141.0/24 maxlen: 24
118.139.142.0/24 maxlen: 24
118.139.143.0/24 maxlen: 24
118.139.144.0/24 maxlen: 24
118.139.145.0/24 maxlen: 24
118.139.146.0/24 maxlen: 24
118.139.147.0/24 maxlen: 24
118.139.148.0/24 maxlen: 24
118.139.149.0/24 maxlen: 24
118.139.150.0/24 maxlen: 24
118.139.151.0/24 maxlen: 24
118.139.152.0/24 maxlen: 24
118.139.153.0/24 maxlen: 24
118.139.154.0/24 maxlen: 24
118.139.155.0/24 maxlen: 24
118.139.156.0/24 maxlen: 24
118.139.157.0/24 maxlen: 24
118.139.158.0/24 maxlen: 24
118.139.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B3CB5/632650F8050511EAAA934C43C4F9AE02/E1XVGH0uY9fm1JB42OcfoFHEVuM.crl
rsync://rpki.apnic.net/member_repository/A91B3CB5/632650F8050511EAAA934C43C4F9AE02/E1XVGH0uY9fm1JB42OcfoFHEVuM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E1XVGH0uY9fm1JB42OcfoFHEVuM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 18:25:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3051 (0xbeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B3CB5/serialNumber=1355D5187D2E63D7E6D49078D8E71FA051C456E3
Validity
Not Before: Oct 10 18:57:13 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67082389-3192
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dd:cc:f1:18:76:38:58:fb:da:6a:1d:a5:7c:
c4:32:e2:54:dd:08:88:0a:04:ec:24:8c:a6:51:cc:
de:3b:80:f5:af:66:66:0b:4e:74:7c:f2:f9:3b:87:
74:f5:56:fc:66:cb:23:5d:6b:b1:7b:6b:47:eb:06:
51:28:9b:b9:1e:22:a6:99:e3:f2:65:59:af:9c:7a:
38:f4:e8:1a:30:a9:cb:30:35:b5:4f:b4:47:37:90:
c8:8a:7f:e1:27:49:33:18:7a:59:c4:cb:dc:6e:2d:
ef:29:25:c7:fe:48:9f:c4:61:56:05:5d:07:d5:6d:
53:16:57:e8:33:85:be:f2:95:16:cf:42:4e:2d:23:
d0:5d:0d:76:23:05:83:ce:21:fb:fd:d6:31:84:ce:
bf:18:5c:e4:39:d9:f6:23:aa:a0:ec:74:4e:1c:c5:
b7:5d:6a:60:2b:bc:a9:0c:13:ae:9d:85:87:20:67:
5f:42:df:cd:89:20:da:5a:5a:a5:8e:58:cf:16:db:
31:3a:62:ed:a6:9c:ed:a3:65:6d:d7:8d:b9:2a:b0:
dd:5c:30:b2:30:7b:0b:56:34:da:02:c9:1e:7e:7c:
ac:3d:82:8d:02:77:37:37:91:6e:af:bb:e5:b2:2f:
0c:eb:c0:68:79:53:8e:a6:e3:b9:55:ce:d8:af:91:
02:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:E8:2C:EE:E9:4B:23:16:EC:22:42:1A:ED:5E:C9:54:CC:AD:A5:01
X509v3 Authority Key Identifier:
keyid:13:55:D5:18:7D:2E:63:D7:E6:D4:90:78:D8:E7:1F:A0:51:C4:56:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B3CB5/632650F8050511EAAA934C43C4F9AE02/E1XVGH0uY9fm1JB42OcfoFHEVuM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E1XVGH0uY9fm1JB42OcfoFHEVuM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3CB5/632650F8050511EAAA934C43C4F9AE02/257E3B94E37B11EA84A20810C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.191.192.0/20
118.139.128.0/19
Signature Algorithm: sha256WithRSAEncryption
af:8d:f9:84:55:7f:2d:b6:4b:14:40:f4:be:ab:b4:4e:5b:b6:
b9:65:0d:6a:a4:e7:67:51:02:61:f6:4f:ba:3c:85:87:af:7c:
67:02:14:17:d0:e9:0b:54:ca:c1:2c:6e:3b:33:00:8a:f7:7f:
66:ed:97:1d:27:cc:ca:d7:c0:a6:d8:88:2d:ec:aa:c1:f6:d0:
00:60:6d:88:b2:ed:c5:ec:28:68:45:24:2f:79:a8:42:87:5e:
34:e3:89:14:9e:d8:e5:9b:1c:91:df:da:e7:30:1c:a4:96:f9:
9a:94:d1:f2:cf:30:99:3f:5b:38:34:94:8c:e9:dd:bf:78:d6:
80:9b:80:76:0d:2a:f8:1e:dd:f7:55:e2:a4:e9:c1:5f:90:d1:
45:42:19:c3:69:e2:59:0c:5e:1d:37:ed:14:c3:7b:52:e3:03:
ba:e5:3b:65:24:dc:7e:92:12:d9:7b:ee:45:ff:e8:52:09:ba:
67:bb:5f:22:2e:5c:32:fb:f6:82:c0:5f:7a:96:cc:be:b5:30:
6a:00:70:81:29:47:8e:4a:3b:62:4f:00:50:bf:60:b6:3b:10:
25:a3:96:cc:71:75:7c:93:56:bf:ae:ee:7e:d4:f3:78:14:bd:
d6:e4:eb:9f:ec:0b:cd:b6:ac:6f:c4:0d:95:b6:87:ad:e3:74:
ab:e7:7f:bf
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC+swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjNDQjUxMTAvBgNVBAUTKDEzNTVENTE4N0QyRTYzRDdFNkQ0OTA3OEQ4RTcxRkEw
NTFDNDU2RTMwHhcNMjQxMDEwMTg1NzEzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA4MjM4OS0zMTkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp93M8Rh2OFj72modpXzEMuJU3QiICgTsJIymUczeO4D1r2ZmC050fPL5O4d0
9Vb8ZssjXWuxe2tH6wZRKJu5HiKmmePyZVmvnHo49OgaMKnLMDW1T7RHN5DIin/h
J0kzGHpZxMvcbi3vKSXH/kifxGFWBV0H1W1TFlfoM4W+8pUWz0JOLSPQXQ12IwWD
ziH7/dYxhM6/GFzkOdn2I6qg7HROHMW3XWpgK7ypDBOunYWHIGdfQt/NiSDaWlql
jljPFtsxOmLtppzto2Vt1425KrDdXDCyMHsLVjTaAskefnysPYKNAnc3N5Fur7vl
si8M68BoeVOOpuO5Vc7Yr5ECjwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFI/oLO7p
SyMW7CJCGu1eyVTMraUBMB8GA1UdIwQYMBaAFBNV1Rh9LmPX5tSQeNjnH6BRxFbj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0NCNS82MzI2NTBGODA1
MDUxMUVBQUE5MzRDNDNDNEY5QUUwMi9FMVhWR0gwdVk5Zm0xSkI0Mk9jZm9GSEVW
dU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0UxWFZHSDB1WTlmbTFKQjQyT2Nmb0ZIRVZ1TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjNDQjUvNjMyNjUwRjgwNTA1MTFFQUFBOTM0QzQzQzRGOUFFMDIvMjU3RTNCOTRF
MzdCMTFFQTg0QTIwODEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAQ7v8ADBAV2i4AwDQYJKoZIhvcNAQELBQADggEBAK+N+YRV
fy22SxRA9L6rtE5btrllDWqk52dRAmH2T7o8hYevfGcCFBfQ6QtUysEsbjszAIr3
f2btlx0nzMrXwKbYiC3sqsH20ABgbYiy7cXsKGhFJC95qEKHXjTjiRSe2OWbHJHf
2ucwHKSW+ZqU0fLPMJk/Wzg0lIzp3b941oCbgHYNKvge3fdV4qTpwV+Q0UVCGcNp
4lkMXh037RTDe1LjA7rlO2Uk3H6SEtl77kX/6FIJume7XyIuXDL79oLAX3qWzL61
MGoAcIEpR45KO2JPAFC/YLY7ECWjlsxxdXyTVr+u7n7U83gUvdbk65/sC822rG/E
DZW2h63jdKvnf78=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:15 2024 by rpki-client on console-ams.rpki-client.org