Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8E61229E3AEA11EC84E6634EC4F9AE02.roa
File: 8E61229E3AEA11EC84E6634EC4F9AE02.roa (raw, json)
Hash identifier: lPjSc60rQtsbO9RyH0lPrXJlccLeB9Qt5mjRqz6SUuk=
Subject key identifier: 43:36:A2:AE:43:F7:67:36:A5:76:7F:97:66:74:07:4D:00:CF:FA:54
Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Certificate serial: 0C0C
Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8E61229E3AEA11EC84E6634EC4F9AE02.roa
Signing time: Wed 22 Nov 2023 19:07:07 +0000
ROA not before: Wed 22 Nov 2023 19:07:07 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 55799
IP address blocks: 27.122.56.0/24 maxlen: 24
27.122.57.0/24 maxlen: 24
27.122.58.0/24 maxlen: 24
27.122.59.0/24 maxlen: 24
43.239.156.0/22 maxlen: 22
43.239.156.0/23 maxlen: 23
43.239.156.0/24 maxlen: 24
43.239.157.0/24 maxlen: 24
43.239.158.0/23 maxlen: 23
43.239.158.0/24 maxlen: 24
43.239.159.0/24 maxlen: 24
43.245.196.0/23 maxlen: 23
43.245.196.0/24 maxlen: 24
43.245.197.0/24 maxlen: 24
43.245.198.0/24 maxlen: 24
43.245.199.0/24 maxlen: 24
43.251.157.0/24 maxlen: 24
43.251.158.0/24 maxlen: 24
43.251.159.0/24 maxlen: 24
103.1.152.0/24 maxlen: 24
103.1.153.0/24 maxlen: 24
103.1.154.0/24 maxlen: 24
103.1.155.0/24 maxlen: 24
103.10.196.0/24 maxlen: 24
103.10.198.0/24 maxlen: 24
103.35.72.0/22 maxlen: 22
103.35.72.0/24 maxlen: 24
103.35.73.0/24 maxlen: 24
103.35.74.0/24 maxlen: 24
103.35.75.0/24 maxlen: 24
103.68.223.0/24 maxlen: 24
103.71.254.0/24 maxlen: 24
103.72.4.0/23 maxlen: 23
182.161.32.0/22 maxlen: 22
182.161.32.0/24 maxlen: 24
182.161.33.0/24 maxlen: 24
182.161.34.0/24 maxlen: 24
182.161.35.0/24 maxlen: 24
202.144.192.0/22 maxlen: 22
202.144.192.0/24 maxlen: 24
202.144.193.0/24 maxlen: 24
202.144.194.0/24 maxlen: 24
202.144.195.0/24 maxlen: 24
2402:c480:3001::/48 maxlen: 48
2402:c480:8001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3084 (0xc0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Validity
Not Before: Nov 22 19:07:07 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=655e515b-368e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:db:4d:31:1a:4c:ae:a5:c4:d1:7c:01:2e:cf:
56:9f:02:0d:97:4e:12:6a:34:05:15:35:e1:9f:20:
37:e6:bd:e8:7c:3e:a9:43:1b:5c:61:3f:8a:37:c7:
00:32:3c:16:1a:85:90:68:43:74:b6:6e:94:70:d2:
b1:88:79:fc:78:7f:3b:55:c3:4d:d6:b2:18:63:91:
3d:18:e9:db:93:18:e9:d2:a9:6f:dd:88:51:23:56:
ee:20:1f:4d:c6:d1:e3:0d:5b:f8:22:b4:ad:48:1a:
17:02:58:07:ca:0b:36:55:9f:34:54:76:8d:48:b5:
7a:de:d2:55:57:d3:a8:ad:36:09:16:0c:8f:98:84:
0f:bb:9e:b8:3d:1b:12:73:36:7a:71:44:67:b9:25:
0f:ce:14:10:ec:b4:d7:5e:6e:b3:20:a7:61:4f:54:
65:fb:fb:79:6d:19:29:c1:84:ae:0b:31:7a:f2:fe:
4d:8d:aa:68:c5:5a:45:21:64:d2:57:90:3b:54:8b:
58:a9:99:65:49:bb:e2:f1:6c:d7:06:13:0e:f7:cf:
cd:02:c9:5b:32:d2:6f:dc:52:d5:7a:65:fb:e8:f6:
66:cc:e6:e1:1b:b0:80:6e:39:77:56:f3:1f:9c:5a:
db:b6:37:aa:28:00:0b:03:54:ab:9d:03:84:8a:9b:
94:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:36:A2:AE:43:F7:67:36:A5:76:7F:97:66:74:07:4D:00:CF:FA:54
X509v3 Authority Key Identifier:
keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8E61229E3AEA11EC84E6634EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.122.56.0/22
43.239.156.0/22
43.245.196.0/22
43.251.157.0-43.251.159.255
103.1.152.0/22
103.10.196.0/24
103.10.198.0/24
103.35.72.0/22
103.68.223.0/24
103.71.254.0/24
103.72.4.0/23
182.161.32.0/22
202.144.192.0/22
IPv6:
2402:c480:3001::/48
2402:c480:8001::/48
Signature Algorithm: sha256WithRSAEncryption
40:d9:d5:f8:43:b4:5b:fd:4e:27:0e:62:e8:1a:c8:4e:39:51:
c8:07:77:3d:04:64:17:95:b2:97:cf:f4:fa:4b:16:7d:18:98:
ec:bd:bd:a2:a1:06:9d:14:e2:7d:b3:83:09:b2:c2:9c:22:d9:
fe:87:6e:54:16:20:b7:dc:99:16:2b:6c:67:10:d3:6b:42:f8:
19:f9:b6:55:a9:f0:4c:0e:26:b8:c9:b6:ef:65:03:8e:6f:a8:
cc:b5:cf:02:97:21:43:69:65:e3:59:3b:63:c7:cf:49:cc:5c:
f4:fc:69:55:e0:90:ea:85:dd:8b:06:54:5b:b0:13:60:2b:9c:
cf:10:0d:68:e5:6c:8c:ee:8b:0f:af:17:cd:ec:1e:50:61:ed:
b1:4f:0a:3a:e8:2b:a6:19:b0:2c:df:35:84:49:f4:eb:56:26:
27:69:9f:35:0e:33:4a:a7:00:e5:d2:ca:9b:a7:75:ab:7d:f4:
d9:8c:01:8d:3e:c6:23:b7:8c:9a:54:47:d8:9f:d1:f7:7f:20:
b2:c1:5f:11:46:e8:c4:f0:cc:14:81:78:5f:ee:fb:1c:33:4d:
10:a8:2b:fb:56:d8:0a:94:a4:0e:3d:80:66:95:74:2c:a0:32:
0e:a2:20:c9:4c:35:db:7b:5e:51:05:dd:2e:14:fd:75:e1:ef:
31:a7:51:4a
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgICDAwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG
MDA5Q0M5QUYwHhcNMjMxMTIyMTkwNzA3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVlNTE1Yi0zNjhlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy9tNMRpMrqXE0XwBLs9WnwINl04SajQFFTXhnyA35r3ofD6pQxtcYT+KN8cA
MjwWGoWQaEN0tm6UcNKxiHn8eH87VcNN1rIYY5E9GOnbkxjp0qlv3YhRI1buIB9N
xtHjDVv4IrStSBoXAlgHygs2VZ80VHaNSLV63tJVV9OorTYJFgyPmIQPu564PRsS
czZ6cURnuSUPzhQQ7LTXXm6zIKdhT1Rl+/t5bRkpwYSuCzF68v5NjapoxVpFIWTS
V5A7VItYqZllSbvi8WzXBhMO98/NAslbMtJv3FLVemX76PZmzObhG7CAbjl3VvMf
nFrbtjeqKAALA1SrnQOEipuUNwIDAQABo4IDADCCAvwwHQYDVR0OBBYEFEM2oq5D
92c2pXZ/l2Z0B00Az/pUMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy
NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEU2MTIyOUUz
QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYkGCCsGAQUFBwEHAQH/
BHoweDBcBAIAATBWAwQCG3o4AwQCK++cAwQCK/XEMAwDBAAr+50DBAUr+4ADBAJn
AZgDBABnCsQDBABnCsYDBAJnI0gDBABnRN8DBABnR/4DBAFnSAQDBAK2oSADBALK
kMAwGAQCAAIwEgMHACQCxIAwAQMHACQCxICAATANBgkqhkiG9w0BAQsFAAOCAQEA
QNnV+EO0W/1OJw5i6BrITjlRyAd3PQRkF5Wyl8/0+ksWfRiY7L29oqEGnRTifbOD
CbLCnCLZ/oduVBYgt9yZFitsZxDTa0L4Gfm2VanwTA4muMm272UDjm+ozLXPApch
Q2ll41k7Y8fPScxc9PxpVeCQ6oXdiwZUW7ATYCuczxANaOVsjO6LD68XzeweUGHt
sU8KOugrphmwLN81hEn061YmJ2mfNQ4zSqcA5dLKm6d1q3302YwBjT7GI7eMmlRH
2J/R938gssFfEUboxPDMFIF4X+77HDNNEKgr+1bYCpSkDj2AZpV0LKAyDqIgyUw1
23teUQXdLhT9deHvMadRSg==
-----END CERTIFICATE-----
Generated at Sat May 18 19:56:07 2024 by rpki-client on console-fra.rpki-client.org