Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
File: 8F6D3D583AEA11EC84E6634EC4F9AE02.roa (raw, json)
Hash identifier: D1fGMN2cSahpF/ku+zEEUcLgv2SGq3ZJu7KAeIrSvfs=
Subject key identifier: C4:DE:E1:B8:8B:B0:A6:65:C0:90:52:A9:EF:AD:FA:7A:0D:3D:EE:CB
Certificate issuer: /CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Certificate serial: 0C3B
Authority key identifier: 53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
Signing time: Sat 17 Feb 2024 03:12:23 +0000
ROA not before: Sat 17 Feb 2024 03:12:23 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 63916
IP address blocks: 27.122.56.0/24 maxlen: 24
27.122.57.0/24 maxlen: 24
27.122.58.0/24 maxlen: 24
27.122.59.0/24 maxlen: 24
43.239.156.0/22 maxlen: 22
43.239.156.0/23 maxlen: 23
43.239.156.0/24 maxlen: 24
43.239.157.0/24 maxlen: 24
43.239.158.0/23 maxlen: 23
43.239.158.0/24 maxlen: 24
43.239.159.0/24 maxlen: 24
43.245.196.0/23 maxlen: 23
43.245.196.0/24 maxlen: 24
43.245.197.0/24 maxlen: 24
43.245.198.0/24 maxlen: 24
43.245.199.0/24 maxlen: 24
43.251.157.0/24 maxlen: 24
43.251.158.0/24 maxlen: 24
43.251.159.0/24 maxlen: 24
103.1.154.0/24 maxlen: 24
103.35.72.0/22 maxlen: 22
103.35.72.0/24 maxlen: 24
103.35.73.0/24 maxlen: 24
103.35.74.0/24 maxlen: 24
103.35.75.0/24 maxlen: 24
103.68.223.0/24 maxlen: 24
103.71.254.0/24 maxlen: 24
103.72.4.0/23 maxlen: 24
182.161.32.0/22 maxlen: 22
182.161.32.0/24 maxlen: 24
182.161.33.0/24 maxlen: 24
182.161.34.0/24 maxlen: 24
182.161.35.0/24 maxlen: 24
202.144.192.0/22 maxlen: 22
202.144.192.0/24 maxlen: 24
202.144.193.0/24 maxlen: 24
202.144.194.0/24 maxlen: 24
202.144.195.0/24 maxlen: 24
2402:c480::/32 maxlen: 32
2402:c480:3000::/48 maxlen: 48
2402:c480:3001::/48 maxlen: 48
2402:c480:3002::/48 maxlen: 48
2402:c480:3003::/48 maxlen: 48
2402:c480:3004::/48 maxlen: 48
2402:c480:5000::/48 maxlen: 48
2402:c480:6000::/48 maxlen: 48
2402:c480:6001::/48 maxlen: 48
2402:c480:6002::/48 maxlen: 48
2402:c480:7000::/48 maxlen: 48
2402:c480:7001::/48 maxlen: 48
2402:c480:8000::/48 maxlen: 48
2402:c480:8001::/48 maxlen: 48
2402:c480:8003::/48 maxlen: 48
2402:c480:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3131 (0xc3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B885C/serialNumber=5374C6E75F186052455A2D8DA5292FEF009CC9AF
Validity
Not Before: Feb 17 03:12:23 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65d02417-2aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:63:b4:10:2d:26:83:d6:45:66:01:d1:20:fd:
66:13:d3:90:f6:10:67:49:12:73:30:f0:20:59:70:
8d:4e:b5:f2:e6:f8:f0:a3:0a:92:e6:87:6e:0e:9e:
44:de:40:19:77:fd:dc:ec:70:35:9f:cb:b3:18:32:
a8:6a:63:23:9d:1b:65:f5:11:6d:37:99:e7:85:94:
6c:78:f3:30:a7:53:91:f5:84:13:d0:fe:3a:03:b5:
01:44:f3:f2:e5:9f:aa:79:f0:a7:28:2d:89:3d:29:
aa:ad:22:34:7d:93:43:0c:97:36:ff:c7:52:7f:91:
30:2a:ed:ed:e3:cd:b5:31:05:17:a1:be:e2:44:4b:
a5:12:78:49:af:28:62:07:47:f7:3b:0e:06:14:98:
b9:8a:93:fa:3f:8c:f1:8e:c1:42:2c:73:52:4d:d6:
27:83:46:d7:af:ae:26:7e:c4:94:cd:31:52:4f:9a:
e3:67:cf:c2:70:3e:c7:b4:97:4d:93:bc:f1:12:c1:
92:38:1f:9d:58:c3:4f:18:fb:2e:83:2e:02:67:23:
68:56:54:82:0d:9d:8f:14:06:91:b1:96:d7:82:77:
c4:81:8e:8c:a3:69:d9:b9:a5:6c:1c:ff:28:8a:24:
8a:26:21:5b:41:c2:b1:b4:73:2d:7e:39:4c:82:9f:
ab:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:DE:E1:B8:8B:B0:A6:65:C0:90:52:A9:EF:AD:FA:7A:0D:3D:EE:CB
X509v3 Authority Key Identifier:
keyid:53:74:C6:E7:5F:18:60:52:45:5A:2D:8D:A5:29:2F:EF:00:9C:C9:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/U3TG518YYFJFWi2NpSkv7wCcya8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U3TG518YYFJFWi2NpSkv7wCcya8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B885C/5C19F842F26711E987C7131FC4F9AE02/8F6D3D583AEA11EC84E6634EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.122.56.0/22
43.239.156.0/22
43.245.196.0/22
43.251.157.0-43.251.159.255
103.1.154.0/24
103.35.72.0/22
103.68.223.0/24
103.71.254.0/24
103.72.4.0/23
182.161.32.0/22
202.144.192.0/22
IPv6:
2402:c480::/32
Signature Algorithm: sha256WithRSAEncryption
00:09:90:61:b3:d0:c2:72:c4:10:2e:95:a4:fd:60:ed:41:55:
8b:f6:3e:90:21:3a:c5:e2:60:26:e7:e4:db:be:c4:1e:fa:69:
15:4a:03:3b:dd:ee:51:4e:90:cb:93:78:72:c4:03:ff:24:95:
5b:65:0c:a2:e3:33:b1:a6:32:2d:a0:af:0a:cc:a3:50:73:81:
2e:0a:4b:7f:ae:5c:cc:eb:7c:17:93:59:63:b0:66:c0:43:86:
76:d4:41:85:cf:b9:aa:9a:43:0c:7b:58:18:de:32:26:83:3e:
e8:8d:d9:15:56:8f:35:1a:a4:59:58:a3:50:a8:f5:71:97:6f:
e7:22:be:ac:fd:77:e6:a7:2c:5e:1c:61:2b:73:dd:e6:28:16:
b7:af:5f:20:92:13:ba:d0:e7:2f:86:bd:87:d5:bb:e8:ed:4f:
ec:03:0f:ad:ff:96:ac:f0:0a:40:cc:9f:b5:40:f1:95:59:45:
3d:4e:83:c0:9d:50:30:34:cb:44:2a:95:84:36:c1:16:c1:61:
81:8e:e3:9f:24:3f:b8:16:70:e5:20:a0:37:a6:18:74:9b:45:
83:05:d0:26:12:f5:02:b2:a7:f1:1b:d2:e7:7a:b3:03:bb:36:
63:bb:be:98:0e:f9:17:63:13:38:28:8f:63:d3:80:1e:14:c2:
1e:85:5e:3c
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgICDDswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjg4NUMxMTAvBgNVBAUTKDUzNzRDNkU3NUYxODYwNTI0NTVBMkQ4REE1MjkyRkVG
MDA5Q0M5QUYwHhcNMjQwMjE3MDMxMjIzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQwMjQxNy0yYWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzmO0EC0mg9ZFZgHRIP1mE9OQ9hBnSRJzMPAgWXCNTrXy5vjwowqS5oduDp5E
3kAZd/3c7HA1n8uzGDKoamMjnRtl9RFtN5nnhZRsePMwp1OR9YQT0P46A7UBRPPy
5Z+qefCnKC2JPSmqrSI0fZNDDJc2/8dSf5EwKu3t4821MQUXob7iREulEnhJryhi
B0f3Ow4GFJi5ipP6P4zxjsFCLHNSTdYng0bXr64mfsSUzTFST5rjZ8/CcD7HtJdN
k7zxEsGSOB+dWMNPGPsugy4CZyNoVlSCDZ2PFAaRsZbXgnfEgY6Mo2nZuaVsHP8o
iiSKJiFbQcKxtHMtfjlMgp+r3wIDAQABo4IC6DCCAuQwHQYDVR0OBBYEFMTe4biL
sKZlwJBSqe+t+noNPe7LMB8GA1UdIwQYMBaAFFN0xudfGGBSRVotjaUpL+8AnMmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODg1Qy81QzE5Rjg0MkYy
NjcxMUU5ODdDNzEzMUZDNEY5QUUwMi9VM1RHNTE4WVlGSkZXaTJOcFNrdjd3Q2N5
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1UzVEc1MThZWUZKRldpMk5wU2t2N3dDY3lhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjg4NUMvNUMxOUY4NDJGMjY3MTFFOTg3QzcxMzFGQzRGOUFFMDIvOEY2RDNENTgz
QUVBMTFFQzg0RTY2MzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcgYIKwYBBQUHAQcBAf8E
YzBhMFAEAgABMEoDBAIbejgDBAIr75wDBAIr9cQwDAMEACv7nQMEBSv7gAMEAGcB
mgMEAmcjSAMEAGdE3wMEAGdH/gMEAWdIBAMEArahIAMEAsqQwDANBAIAAjAHAwUA
JALEgDANBgkqhkiG9w0BAQsFAAOCAQEAAAmQYbPQwnLEEC6VpP1g7UFVi/Y+kCE6
xeJgJufk277EHvppFUoDO93uUU6Qy5N4csQD/ySVW2UMouMzsaYyLaCvCsyjUHOB
LgpLf65czOt8F5NZY7BmwEOGdtRBhc+5qppDDHtYGN4yJoM+6I3ZFVaPNRqkWVij
UKj1cZdv5yK+rP135qcsXhxhK3Pd5igWt69fIJITutDnL4a9h9W76O1P7AMPrf+W
rPAKQMyftUDxlVlFPU6DwJ1QMDTLRCqVhDbBFsFhgY7jnyQ/uBZw5SCgN6YYdJtF
gwXQJhL1ArKn8RvS53qzA7s2Y7u+mA75F2MTOCiPY9OAHhTCHoVePA==
-----END CERTIFICATE-----
Generated at Sat May 18 19:56:07 2024 by rpki-client on console-fra.rpki-client.org