Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/427BAA66E23211E8BD132210C4F9AE02.roa
File: 427BAA66E23211E8BD132210C4F9AE02.roa (raw, json)
Hash identifier: M3hgU5ipnFVKj6gek7MHkg0fz4T5KcW7+G9KqLsqkNs=
Subject key identifier: C7:46:5A:F5:C8:EC:1C:57:7A:19:A9:6D:DE:69:FB:45:0C:B3:E6:82
Certificate issuer: /CN=A91CF4FE/serialNumber=16B564B758DFCD52C5CE891192E31B715B1CBFE8
Certificate serial: 3489
Authority key identifier: 16:B5:64:B7:58:DF:CD:52:C5:CE:89:11:92:E3:1B:71:5B:1C:BF:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/427BAA66E23211E8BD132210C4F9AE02.roa
Signing time: Wed 04 Sep 2024 14:50:29 +0000
ROA not before: Wed 04 Sep 2024 14:50:29 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 134166
IP address blocks: 1.179.246.0/24 maxlen: 24
1.179.247.0/24 maxlen: 24
113.53.228.0/24 maxlen: 24
118.174.8.0/24 maxlen: 24
118.174.9.0/24 maxlen: 24
118.174.10.0/24 maxlen: 24
118.174.11.0/24 maxlen: 24
118.175.1.0/24 maxlen: 24
118.175.24.0/22 maxlen: 24
118.175.28.0/24 maxlen: 24
180.180.242.0/24 maxlen: 24
180.180.243.0/24 maxlen: 24
180.180.244.0/24 maxlen: 24
180.180.245.0/24 maxlen: 24
180.180.247.0/24 maxlen: 24
203.113.4.0/24 maxlen: 24
203.113.6.0/24 maxlen: 24
203.113.8.0/22 maxlen: 22
203.113.8.0/24 maxlen: 24
203.113.10.0/24 maxlen: 24
203.113.14.0/24 maxlen: 24
203.113.25.0/24 maxlen: 24
203.113.70.0/24 maxlen: 24
203.113.71.0/24 maxlen: 24
203.113.95.0/24 maxlen: 24
203.113.126.0/24 maxlen: 24
203.114.97.0/24 maxlen: 24
203.114.98.0/24 maxlen: 24
203.114.102.0/24 maxlen: 24
2001:ec0:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.crl
rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 14:25:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13449 (0x3489)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CF4FE/serialNumber=16B564B758DFCD52C5CE891192E31B715B1CBFE8
Validity
Not Before: Sep 4 14:50:29 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d873b5-1f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:36:14:40:45:61:57:f3:1e:0d:c0:db:1c:ca:
ec:ba:ee:1c:b8:08:99:a1:14:09:af:7a:bd:5e:dc:
47:3b:f7:e2:4e:03:5e:71:61:e1:8e:f4:1a:5e:4f:
49:dc:14:cf:3b:d8:96:ed:d2:70:bd:33:e3:39:f6:
91:5e:99:4f:a5:3e:43:ff:f5:da:ec:c1:6a:eb:cb:
77:d6:ae:2e:db:fa:4f:d4:a8:13:2a:2e:b6:cb:a4:
81:a7:91:87:d4:45:4d:b6:7a:ba:0d:0c:80:01:2f:
9b:fc:ac:14:a1:88:7f:bc:17:73:d2:ee:0e:43:e0:
7c:1f:3c:f7:c1:fb:ff:f5:da:4f:43:53:da:b0:85:
8e:4c:c7:24:53:65:5a:56:55:7d:a2:58:77:10:84:
93:d9:15:ff:7e:dd:50:db:b4:d5:3d:64:70:d2:b4:
80:bd:98:4c:52:d7:01:c1:c4:94:8a:fe:81:40:c4:
8c:b3:70:e7:17:f4:3d:d8:a1:5a:06:57:00:4f:84:
ba:f8:f9:58:49:3c:a4:f7:a7:aa:2a:99:bb:54:86:
aa:07:01:9a:70:94:ea:5b:95:17:25:9e:c8:df:d7:
1c:73:eb:b8:70:e6:81:7b:c8:3a:2f:40:5b:20:24:
91:da:78:01:fa:26:17:18:66:44:15:52:56:73:81:
11:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:46:5A:F5:C8:EC:1C:57:7A:19:A9:6D:DE:69:FB:45:0C:B3:E6:82
X509v3 Authority Key Identifier:
keyid:16:B5:64:B7:58:DF:CD:52:C5:CE:89:11:92:E3:1B:71:5B:1C:BF:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/FrVkt1jfzVLFzokRkuMbcVscv-g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FrVkt1jfzVLFzokRkuMbcVscv-g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF4FE/BA13124E1D8511E2A77999DC08B02CD2/427BAA66E23211E8BD132210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.179.246.0/23
113.53.228.0/24
118.174.8.0/22
118.175.1.0/24
118.175.24.0-118.175.28.255
180.180.242.0-180.180.245.255
180.180.247.0/24
203.113.4.0/24
203.113.6.0/24
203.113.8.0/22
203.113.14.0/24
203.113.25.0/24
203.113.70.0/23
203.113.95.0/24
203.113.126.0/24
203.114.97.0-203.114.98.255
203.114.102.0/24
IPv6:
2001:ec0:100::/40
Signature Algorithm: sha256WithRSAEncryption
af:21:f8:68:9a:e1:2a:4f:65:0b:9b:42:5b:73:fb:4e:62:f6:
cb:4f:f7:ea:cc:b6:ae:a8:b8:2e:d3:17:47:c0:1f:5e:5e:40:
b6:a4:7a:dd:0f:57:68:e4:b5:d3:55:a3:b5:1f:30:10:8e:3a:
15:9e:89:24:72:06:8a:eb:03:2b:72:b7:45:94:a3:80:36:7f:
e8:91:5e:a3:5f:7d:0e:b0:9e:4e:3b:64:d4:11:68:b9:d8:93:
bf:d3:53:f3:d1:00:e1:ce:b5:75:0a:27:90:d7:fc:02:10:07:
af:49:26:cc:5e:4e:a2:ea:c4:c0:19:8f:21:c8:32:c8:1a:a1:
7d:b7:c3:df:75:9d:3d:44:40:2c:39:8c:13:fd:5f:6a:a7:ca:
98:55:1f:9f:08:a9:49:4b:e2:28:90:d0:f7:19:dd:07:9d:3f:
6f:79:56:40:b0:aa:8a:68:27:c1:39:e4:f7:6d:a9:09:eb:2b:
c9:e4:8c:50:ef:f3:b9:2a:b3:d8:35:cd:df:78:48:b0:80:8e:
86:63:b0:8d:ce:e4:c7:86:20:24:cc:67:0c:44:ba:7e:55:57:
7e:ac:5c:c2:0e:be:e7:2e:24:c6:e4:61:e4:59:5f:82:ef:7c:
18:0e:5b:82:7d:9c:e9:76:a3:11:73:c5:81:f8:50:e2:2a:c2:
45:f6:8e:3c
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICNIkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0Y0RkUxMTAvBgNVBAUTKDE2QjU2NEI3NThERkNENTJDNUNFODkxMTkyRTMxQjcx
NUIxQ0JGRTgwHhcNMjQwOTA0MTQ1MDI5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ4NzNiNS0xZjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuTYUQEVhV/MeDcDbHMrsuu4cuAiZoRQJr3q9XtxHO/fiTgNecWHhjvQaXk9J
3BTPO9iW7dJwvTPjOfaRXplPpT5D//Xa7MFq68t31q4u2/pP1KgTKi62y6SBp5GH
1EVNtnq6DQyAAS+b/KwUoYh/vBdz0u4OQ+B8Hzz3wfv/9dpPQ1PasIWOTMckU2Va
VlV9olh3EIST2RX/ft1Q27TVPWRw0rSAvZhMUtcBwcSUiv6BQMSMs3DnF/Q92KFa
BlcAT4S6+PlYSTyk96eqKpm7VIaqBwGacJTqW5UXJZ7I39ccc+u4cOaBe8g6L0Bb
ICSR2ngB+iYXGGZEFVJWc4ER3wIDAQABo4IDITCCAx0wHQYDVR0OBBYEFMdGWvXI
7BxXehmpbd5p+0UMs+aCMB8GA1UdIwQYMBaAFBa1ZLdY381Sxc6JEZLjG3FbHL/o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjRGRS9CQTEzMTI0RTFE
ODUxMUUyQTc3OTk5REMwOEIwMkNEMi9GclZrdDFqZnpWTEZ6b2tSa3VNYmNWc2N2
LWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZyVmt0MWpmelZMRnpva1JrdU1iY1ZzY3YtZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0Y0RkUvQkExMzEyNEUxRDg1MTFFMkE3Nzk5OURDMDhCMDJDRDIvNDI3QkFBNjZF
MjMyMTFFOEJEMTMyMjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaoGCCsGAQUFBwEHAQH/
BIGaMIGXMIGEBAIAATB+AwQBAbP2AwQAcTXkAwQCdq4IAwQAdq8BMAwDBAN2rxgD
BAB2rxwwDAMEAbS08gMEAbS09AMEALS09wMEAMtxBAMEAMtxBgMEAstxCAMEAMtx
DgMEAMtxGQMEActxRgMEAMtxXwMEAMtxfjAMAwQAy3JhAwQAy3JiAwQAy3JmMA4E
AgACMAgDBgAgAQ7AATANBgkqhkiG9w0BAQsFAAOCAQEAryH4aJrhKk9lC5tCW3P7
TmL2y0/36sy2rqi4LtMXR8AfXl5AtqR63Q9XaOS101WjtR8wEI46FZ6JJHIGiusD
K3K3RZSjgDZ/6JFeo199DrCeTjtk1BFoudiTv9NT89EA4c61dQonkNf8AhAHr0km
zF5OourEwBmPIcgyyBqhfbfD33WdPURALDmME/1faqfKmFUfnwipSUviKJDQ9xnd
B50/b3lWQLCqimgnwTnk922pCesryeSMUO/zuSqz2DXN33hIsICOhmOwjc7kx4Yg
JMxnDES6flVXfqxcwg6+5y4kxuRh5Flfgu98GA5bgn2c6XajEXPFgfhQ4irCRfaO
PA==
-----END CERTIFICATE-----
Generated at Wed Nov 20 16:12:03 2024 by rpki-client on console-fra.rpki-client.org