Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/427BAA66E23211E8BD132210C4F9AE02.roa
File: 427BAA66E23211E8BD132210C4F9AE02.roa (raw, json)
Hash identifier: KJ3NI1fNIhBaaFLNZhlCWQ8tWEe65xfTnUKAOZ3K1sw=
Subject key identifier: DD:14:9C:FE:96:B1:3F:75:7F:A7:C2:71:12:97:1B:55:3A:09:67:C2
Certificate issuer: /CN=A91CF4FE/serialNumber=16B564B758DFCD52C5CE891192E31B715B1CBFE8
Certificate serial: 33BE
Authority key identifier: 16:B5:64:B7:58:DF:CD:52:C5:CE:89:11:92:E3:1B:71:5B:1C:BF:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/427BAA66E23211E8BD132210C4F9AE02.roa
Signing time: Thu 31 Aug 2023 14:40:26 +0000
ROA not before: Thu 31 Aug 2023 14:40:26 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 134166
IP address blocks: 1.179.246.0/24 maxlen: 24
1.179.247.0/24 maxlen: 24
113.53.228.0/24 maxlen: 24
118.174.8.0/24 maxlen: 24
118.174.10.0/24 maxlen: 24
118.174.11.0/24 maxlen: 24
118.175.1.0/24 maxlen: 24
118.175.28.0/24 maxlen: 24
180.180.242.0/24 maxlen: 24
180.180.243.0/24 maxlen: 24
180.180.244.0/24 maxlen: 24
180.180.245.0/24 maxlen: 24
180.180.247.0/24 maxlen: 24
203.113.4.0/24 maxlen: 24
203.113.6.0/24 maxlen: 24
203.113.8.0/22 maxlen: 22
203.113.8.0/24 maxlen: 24
203.113.10.0/24 maxlen: 24
203.113.14.0/24 maxlen: 24
203.113.25.0/24 maxlen: 24
203.113.70.0/24 maxlen: 24
203.113.71.0/24 maxlen: 24
203.113.95.0/24 maxlen: 24
203.113.126.0/24 maxlen: 24
203.114.97.0/24 maxlen: 24
203.114.98.0/24 maxlen: 24
203.114.102.0/24 maxlen: 24
2001:ec0:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.crl
rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:28:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13246 (0x33be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CF4FE/serialNumber=16B564B758DFCD52C5CE891192E31B715B1CBFE8
Validity
Not Before: Aug 31 14:40:26 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64f0a659-790b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7f:80:82:0b:9f:85:0b:e5:50:22:f3:e4:be:
2e:53:d2:b4:12:7f:0a:a7:bf:a3:bd:ee:09:ae:4b:
c5:51:58:7f:e1:c0:aa:36:43:5c:00:57:c5:89:d4:
1b:d1:88:b6:46:72:4d:1e:3d:6a:b5:2b:d6:54:f0:
eb:84:be:2a:72:11:07:47:03:dc:30:82:c9:31:7b:
59:49:55:d0:44:c9:12:41:89:28:1d:ab:a4:85:c4:
bc:8d:46:89:33:ac:5a:18:2b:3b:c8:8b:8a:bb:fd:
72:4d:af:74:77:37:ca:53:9e:25:22:84:a3:cd:1e:
60:7f:bc:53:df:e6:7c:ca:92:4a:91:d3:2e:b9:ca:
34:d2:46:98:5f:c5:fe:10:06:bd:50:36:c9:bd:3f:
dd:bb:39:6a:4c:8d:ab:e2:de:db:cc:9c:94:a1:aa:
5f:b3:04:eb:10:bd:18:92:31:a8:d0:da:3b:ed:57:
50:01:36:c0:74:68:96:06:d5:b3:36:c4:27:76:0e:
a1:6c:45:e6:46:ff:ed:42:1f:b1:0d:e4:b6:60:70:
56:7f:c2:11:b9:d6:fc:35:8a:03:5c:7f:76:4e:3d:
b7:dd:02:99:c8:12:ea:27:2c:35:46:c5:26:88:c9:
55:d5:8b:8a:53:00:2f:e1:5b:32:8c:44:b6:e4:18:
e4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:14:9C:FE:96:B1:3F:75:7F:A7:C2:71:12:97:1B:55:3A:09:67:C2
X509v3 Authority Key Identifier:
keyid:16:B5:64:B7:58:DF:CD:52:C5:CE:89:11:92:E3:1B:71:5B:1C:BF:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/427BAA66E23211E8BD132210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.179.246.0/23
113.53.228.0/24
118.174.8.0/24
118.174.10.0/23
118.175.1.0/24
118.175.28.0/24
180.180.242.0-180.180.245.255
180.180.247.0/24
203.113.4.0/24
203.113.6.0/24
203.113.8.0/22
203.113.14.0/24
203.113.25.0/24
203.113.70.0/23
203.113.95.0/24
203.113.126.0/24
203.114.97.0-203.114.98.255
203.114.102.0/24
IPv6:
2001:ec0:100::/40
Signature Algorithm: sha256WithRSAEncryption
8a:69:3e:2b:b0:1e:21:64:93:f7:87:c9:e7:b4:17:d6:9f:20:
1d:13:7e:48:b8:aa:d2:6c:a2:5a:d5:a6:51:b5:16:27:cc:a7:
24:c1:30:55:56:7a:ff:34:0f:e4:99:ca:2d:50:c3:05:18:fd:
7e:1b:f5:e4:68:7a:05:92:1a:ba:98:0d:e1:f0:ba:24:b9:88:
f9:bf:3b:e1:26:fb:82:a1:fd:1f:92:bd:a9:07:64:68:50:4b:
e5:36:a9:50:dd:d6:4c:b0:ba:ec:19:ee:69:f3:7f:e8:8f:e9:
2b:42:0c:00:50:c1:31:86:e4:3b:f1:f6:b7:7f:a6:ea:8e:5b:
aa:a0:90:5e:e0:b3:2a:57:88:55:99:9a:b4:1d:0a:ca:02:33:
fd:29:ee:4b:a7:83:b4:28:68:0b:50:0f:03:80:86:e6:1a:21:
c5:6a:6b:d4:d6:a1:48:35:e7:4d:f7:8c:f4:0b:7e:c3:9a:6e:
f7:5e:cd:80:c1:55:ae:e0:13:d5:e8:cf:4a:cc:19:c0:66:5f:
05:4a:3b:a6:aa:1d:b2:d0:6f:b7:28:a1:a9:6c:27:60:f2:2e:
45:6a:2c:83:94:e4:93:5c:99:94:82:da:13:65:f4:a1:fa:f4:
1b:55:29:c9:e0:19:25:10:91:2c:e9:43:f8:7d:b0:dd:09:d7:
ff:1a:e1:41
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgICM74wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0Y0RkUxMTAvBgNVBAUTKDE2QjU2NEI3NThERkNENTJDNUNFODkxMTkyRTMxQjcx
NUIxQ0JGRTgwHhcNMjMwODMxMTQ0MDI2WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGYwYTY1OS03OTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx3+AggufhQvlUCLz5L4uU9K0En8Kp7+jve4JrkvFUVh/4cCqNkNcAFfFidQb
0Yi2RnJNHj1qtSvWVPDrhL4qchEHRwPcMILJMXtZSVXQRMkSQYkoHaukhcS8jUaJ
M6xaGCs7yIuKu/1yTa90dzfKU54lIoSjzR5gf7xT3+Z8ypJKkdMuuco00kaYX8X+
EAa9UDbJvT/duzlqTI2r4t7bzJyUoapfswTrEL0YkjGo0No77VdQATbAdGiWBtWz
NsQndg6hbEXmRv/tQh+xDeS2YHBWf8IRudb8NYoDXH92Tj233QKZyBLqJyw1RsUm
iMlV1YuKUwAv4VsyjES25BjklwIDAQABo4IDHzCCAxswHQYDVR0OBBYEFN0UnP6W
sT91f6fCcRKXG1U6CWfCMB8GA1UdIwQYMBaAFBa1ZLdY381Sxc6JEZLjG3FbHL/o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjRGRS9CQTEzMTI0RTFE
ODUxMUUyQTc3OTk5REMwOEIwMkNEMi9GclZrdDFqZnpWTEZ6b2tSa3VNYmNWc2N2
LWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZyVmt0MWpmelZMRnpva1JrdU1iY1ZzY3YtZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0Y0RkUvQkExMzEyNEUxRDg1MTFFMkE3Nzk5OURDMDhCMDJDRDIvNDI3QkFBNjZF
MjMyMTFFOEJEMTMyMjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgagGCCsGAQUFBwEHAQH/
BIGYMIGVMIGCBAIAATB8AwQBAbP2AwQAcTXkAwQAdq4IAwQBdq4KAwQAdq8BAwQA
dq8cMAwDBAG0tPIDBAG0tPQDBAC0tPcDBADLcQQDBADLcQYDBALLcQgDBADLcQ4D
BADLcRkDBAHLcUYDBADLcV8DBADLcX4wDAMEAMtyYQMEAMtyYgMEAMtyZjAOBAIA
AjAIAwYAIAEOwAEwDQYJKoZIhvcNAQELBQADggEBAIppPiuwHiFkk/eHyee0F9af
IB0Tfki4qtJsolrVplG1FifMpyTBMFVWev80D+SZyi1QwwUY/X4b9eRoegWSGrqY
DeHwuiS5iPm/O+Em+4Kh/R+SvakHZGhQS+U2qVDd1kywuuwZ7mnzf+iP6StCDABQ
wTGG5Dvx9rd/puqOW6qgkF7gsypXiFWZmrQdCsoCM/0p7kung7QoaAtQDwOAhuYa
IcVqa9TWoUg15033jPQLfsOabvdezYDBVa7gE9Xoz0rMGcBmXwVKO6aqHbLQb7co
oalsJ2DyLkVqLIOU5JNcmZSC2hNl9KH69BtVKcngGSUQkSzpQ/h9sN0J1/8a4UE=
-----END CERTIFICATE-----
Generated at Sat May 18 15:26:07 2024 by rpki-client on console-fra.rpki-client.org