Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8E61229E3AEA11EC84E6634EC4F9AE02.roa
File: 8E61229E3AEA11EC84E6634EC4F9AE02.roa (raw, json)
Hash identifier: DHq4vpf9ugtdy4nIBB3Os9RcxkAru4Vji5vbqHP9/Gw=
Subject key identifier: 13:57:D8:61:3D:67:5D:85:3B:5A:DC:67:5B:49:8F:BF:F2:4B:3B:41
Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Certificate serial: 0CC6
Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8E61229E3AEA11EC84E6634EC4F9AE02.roa
Signing time: Thu 31 Oct 2024 18:36:44 +0000
ROA not before: Thu 31 Oct 2024 18:36:44 +0000
ROA not after: Sat 01 Mar 2025 00:00:00 +0000
asID: 55799
IP address blocks: 27.122.56.0/24 maxlen: 24
27.122.57.0/24 maxlen: 24
27.122.58.0/24 maxlen: 24
27.122.59.0/24 maxlen: 24
43.239.156.0/22 maxlen: 22
43.239.156.0/23 maxlen: 23
43.239.156.0/24 maxlen: 24
43.239.157.0/24 maxlen: 24
43.239.158.0/23 maxlen: 23
43.239.158.0/24 maxlen: 24
43.239.159.0/24 maxlen: 24
43.245.196.0/23 maxlen: 23
43.245.196.0/24 maxlen: 24
43.245.197.0/24 maxlen: 24
43.245.198.0/24 maxlen: 24
43.245.199.0/24 maxlen: 24
43.251.157.0/24 maxlen: 24
43.251.158.0/24 maxlen: 24
43.251.159.0/24 maxlen: 24
103.1.152.0/24 maxlen: 24
103.1.153.0/24 maxlen: 24
103.1.154.0/24 maxlen: 24
103.1.155.0/24 maxlen: 24
103.10.196.0/24 maxlen: 24
103.10.198.0/24 maxlen: 24
103.35.72.0/22 maxlen: 22
103.35.72.0/24 maxlen: 24
103.35.73.0/24 maxlen: 24
103.35.74.0/24 maxlen: 24
103.35.75.0/24 maxlen: 24
103.68.223.0/24 maxlen: 24
103.71.254.0/24 maxlen: 24
103.72.4.0/23 maxlen: 23
182.161.32.0/22 maxlen: 22
182.161.32.0/24 maxlen: 24
182.161.33.0/24 maxlen: 24
182.161.34.0/24 maxlen: 24
182.161.35.0/24 maxlen: 24
202.144.192.0/22 maxlen: 22
202.144.192.0/24 maxlen: 24
202.144.193.0/24 maxlen: 24
202.144.194.0/24 maxlen: 24
202.144.195.0/24 maxlen: 24
2402:c480:3001::/48 maxlen: 48
2402:c480:8001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 18:10:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3270 (0xcc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Validity
Not Before: Oct 31 18:36:44 2024 GMT
Not After : Mar 1 00:00:00 2025 GMT
Subject: CN=6723ce3b-1a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:15:bf:c2:8e:b8:dc:77:6f:f2:60:f9:f1:65:
0c:87:13:4c:e9:1e:a6:7a:e6:2b:fc:b0:3a:e7:35:
9f:81:1c:3a:18:ca:ff:71:ff:94:24:f9:2e:6d:4d:
25:54:af:e9:4c:22:6d:b6:05:33:75:be:59:60:99:
f1:3b:fc:de:26:27:bb:e0:eb:61:d6:17:0b:4c:c6:
2b:14:93:04:61:58:66:f9:03:44:14:68:ab:98:a5:
60:a1:f6:d3:41:0b:36:d6:17:77:59:c0:79:25:e6:
a1:50:6c:45:ed:f7:01:8b:b4:fb:20:39:86:73:10:
08:5f:8a:20:31:4c:bd:62:bf:59:a0:e8:41:13:5c:
a8:c6:96:f1:66:b4:47:bc:c4:7f:50:3f:6e:ac:07:
b5:4e:0f:5a:53:c7:b7:99:18:0c:ad:b0:0c:fb:31:
30:25:ab:fd:a4:ba:a2:8f:56:43:24:4d:f3:bb:6e:
8b:ca:8a:6a:e1:db:b8:47:ec:22:e9:b7:9e:2c:5c:
a7:57:82:e2:f9:3f:08:b5:7f:b0:70:67:e0:68:42:
ad:22:69:31:da:68:ee:8f:d5:ef:a2:49:73:ce:a1:
13:bc:23:28:c4:7d:ff:e4:18:18:2e:96:2d:a9:78:
8c:e2:8d:c4:3f:4d:83:83:c1:d2:41:25:32:70:77:
4f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:57:D8:61:3D:67:5D:85:3B:5A:DC:67:5B:49:8F:BF:F2:4B:3B:41
X509v3 Authority Key Identifier:
keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8E61229E3AEA11EC84E6634EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.122.56.0/22
43.239.156.0/22
43.245.196.0/22
43.251.157.0-43.251.159.255
103.1.152.0/22
103.10.196.0/24
103.10.198.0/24
103.35.72.0/22
103.68.223.0/24
103.71.254.0/24
103.72.4.0/23
182.161.32.0/22
202.144.192.0/22
IPv6:
2402:c480:3001::/48
2402:c480:8001::/48
Signature Algorithm: sha256WithRSAEncryption
7d:99:10:6e:86:5f:cb:ff:be:59:e0:c5:d5:a1:c3:93:3a:6e:
d8:66:68:74:1a:df:56:d8:10:a1:71:a6:68:af:f8:57:69:dd:
33:6c:cc:16:a9:55:c3:d9:be:56:46:e9:ea:62:33:18:0a:18:
fd:bb:38:8e:c0:60:12:bb:3d:6b:0e:24:08:8f:4f:28:1c:65:
ec:78:c2:86:07:e5:fd:88:4b:eb:f3:8f:2f:7a:dc:28:5d:b4:
c1:fc:4c:3b:e5:c0:58:00:eb:fe:0e:62:45:96:34:75:50:29:
f8:e2:d0:ef:88:41:94:5f:88:59:64:ba:a7:11:39:90:b9:68:
65:27:94:53:fc:66:2c:f3:44:90:24:37:54:b9:0c:ac:74:33:
19:b9:ff:1b:f1:6a:fe:6d:8f:78:49:85:b8:44:8a:a6:3d:be:
c6:cb:78:45:4e:e1:f6:ad:7f:24:13:45:d1:15:80:c7:89:4d:
e5:d2:4e:d1:92:52:f8:38:56:fa:e9:e4:d7:79:1f:12:7a:56:
cf:c7:24:20:4c:12:12:ca:df:9b:e6:fc:28:91:3a:44:a3:c1:
32:48:ab:be:4c:f2:52:09:4f:88:9a:be:a7:14:62:9e:82:68:
5f:a6:a2:65:3c:18:96:b6:61:19:21:67:13:44:12:6d:1c:6c:
f6:56:39:81
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgICDMYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG
MDA5Q0M5QUYwHhcNMjQxMDMxMTgzNjQ0WhcNMjUwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzIzY2UzYi0xYTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1hW/wo643Hdv8mD58WUMhxNM6R6meuYr/LA65zWfgRw6GMr/cf+UJPkubU0l
VK/pTCJttgUzdb5ZYJnxO/zeJie74Oth1hcLTMYrFJMEYVhm+QNEFGirmKVgofbT
QQs21hd3WcB5JeahUGxF7fcBi7T7IDmGcxAIX4ogMUy9Yr9ZoOhBE1yoxpbxZrRH
vMR/UD9urAe1Tg9aU8e3mRgMrbAM+zEwJav9pLqij1ZDJE3zu26Lyopq4du4R+wi
6beeLFynV4Li+T8ItX+wcGfgaEKtImkx2mjuj9XvoklzzqETvCMoxH3/5BgYLpYt
qXiM4o3EP02Dg8HSQSUycHdPnwIDAQABo4IDADCCAvwwHQYDVR0OBBYEFBNX2GE9
Z12FO1rcZ1tJj7/ySztBMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy
NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEU2MTIyOUUz
QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYkGCCsGAQUFBwEHAQH/
BHoweDBcBAIAATBWAwQCG3o4AwQCK++cAwQCK/XEMAwDBAAr+50DBAUr+4ADBAJn
AZgDBABnCsQDBABnCsYDBAJnI0gDBABnRN8DBABnR/4DBAFnSAQDBAK2oSADBALK
kMAwGAQCAAIwEgMHACQCxIAwAQMHACQCxICAATANBgkqhkiG9w0BAQsFAAOCAQEA
fZkQboZfy/++WeDF1aHDkzpu2GZodBrfVtgQoXGmaK/4V2ndM2zMFqlVw9m+Vkbp
6mIzGAoY/bs4jsBgErs9aw4kCI9PKBxl7HjChgfl/YhL6/OPL3rcKF20wfxMO+XA
WADr/g5iRZY0dVAp+OLQ74hBlF+IWWS6pxE5kLloZSeUU/xmLPNEkCQ3VLkMrHQz
Gbn/G/Fq/m2PeEmFuESKpj2+xst4RU7h9q1/JBNF0RWAx4lN5dJO0ZJS+DhW+unk
13kfEnpWz8ckIEwSEsrfm+b8KJE6RKPBMkirvkzyUglPiJq+pxRinoJoX6aiZTwY
lrZhGSFnE0QSbRxs9lY5gQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:45:02 2024 by rpki-client on console-fra.rpki-client.org