Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/0134DE8CC77211EC9B377B2DC4F9AE02.roa
File: 0134DE8CC77211EC9B377B2DC4F9AE02.roa (raw, json)
Hash identifier: oHIaP2NJ8qCLYstJJ6+GfE8mMKYeymY1s7uux8FYeyI=
Subject key identifier: 1A:A8:F5:02:68:23:F5:33:D7:F8:8A:7D:6E:AE:F7:48:BA:D9:1E:BD
Certificate issuer: /CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Certificate serial: 0DB4
Authority key identifier: AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/0134DE8CC77211EC9B377B2DC4F9AE02.roa
Signing time: Thu 28 Dec 2023 18:56:37 +0000
ROA not before: Thu 28 Dec 2023 18:56:37 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 13335
IP address blocks: 61.47.0.0/24 maxlen: 24
61.47.3.0/24 maxlen: 24
61.47.4.0/23 maxlen: 24
61.47.15.0/24 maxlen: 24
61.47.17.0/24 maxlen: 24
61.47.21.0/24 maxlen: 24
61.47.22.0/24 maxlen: 24
61.47.24.0/24 maxlen: 24
61.47.27.0/24 maxlen: 24
61.47.29.0/24 maxlen: 24
61.47.44.0/23 maxlen: 24
61.47.46.0/24 maxlen: 24
61.47.49.0/24 maxlen: 24
61.47.50.0/23 maxlen: 24
61.47.53.0/24 maxlen: 24
61.47.54.0/23 maxlen: 24
61.47.56.0/24 maxlen: 24
61.47.64.0/23 maxlen: 24
61.47.66.0/24 maxlen: 24
61.47.72.0/21 maxlen: 24
61.47.102.0/23 maxlen: 24
61.47.108.0/22 maxlen: 24
221.128.0.0/18 maxlen: 24
221.128.71.0/24 maxlen: 24
221.128.73.0/24 maxlen: 24
221.128.77.0/24 maxlen: 24
221.128.79.0/24 maxlen: 24
221.128.81.0/24 maxlen: 24
221.128.87.0/24 maxlen: 24
221.128.88.0/22 maxlen: 24
221.128.97.0/24 maxlen: 24
221.128.98.0/23 maxlen: 24
221.128.104.0/22 maxlen: 24
221.128.108.0/23 maxlen: 24
221.128.110.0/24 maxlen: 24
221.128.115.0/24 maxlen: 24
221.128.116.0/24 maxlen: 24
221.128.118.0/23 maxlen: 24
221.128.121.0/24 maxlen: 24
221.128.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 17:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3508 (0xdb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CFFA0/serialNumber=ADD9418F0F9B55F3B7376A093DB11DBAD3AEFEC8
Validity
Not Before: Dec 28 18:56:37 2023 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=658dc4e5-415d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b4:40:cc:d0:e7:e4:07:66:ae:48:53:27:74:
d0:c6:c0:d9:9f:48:2a:3e:4e:90:75:87:00:94:20:
54:4e:57:e8:8e:52:d9:8b:7a:99:0b:3a:c5:a4:6a:
65:63:83:64:91:25:88:34:3f:df:d1:3f:d3:32:72:
c7:21:8b:74:cc:b1:14:3f:52:cc:7e:86:7c:0f:0c:
67:57:5c:d0:20:19:42:88:3c:72:d9:75:d6:ef:5b:
bb:a5:52:55:16:6c:b7:aa:5a:58:f3:32:78:c9:44:
5c:bb:7c:54:de:82:87:45:aa:91:49:c4:1c:1c:74:
5a:76:e0:76:05:b0:8a:78:e7:f2:c6:02:41:ce:ad:
93:cb:3e:e6:a0:18:23:75:ef:5c:67:41:2d:5a:e0:
8e:fd:b2:f9:aa:8d:b2:cb:f6:d6:f8:c6:b8:d2:8c:
b6:91:93:00:79:e1:87:65:65:04:02:79:39:0c:56:
9c:48:fb:f6:67:a7:0b:7c:7a:6f:6e:99:e9:3f:7f:
04:80:ca:c5:ff:94:e1:da:1c:85:ed:55:b7:7d:eb:
75:0a:ec:24:17:a6:24:da:53:2f:a8:06:63:ae:df:
2b:21:62:ac:24:eb:fb:87:97:85:8b:4c:8a:5f:39:
21:cc:9a:2d:49:5d:07:a7:2d:f1:21:16:c8:00:32:
c5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A8:F5:02:68:23:F5:33:D7:F8:8A:7D:6E:AE:F7:48:BA:D9:1E:BD
X509v3 Authority Key Identifier:
keyid:AD:D9:41:8F:0F:9B:55:F3:B7:37:6A:09:3D:B1:1D:BA:D3:AE:FE:C8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/rdlBjw-bVfO3N2oJPbEdutOu_sg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rdlBjw-bVfO3N2oJPbEdutOu_sg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/1D66D486D8CB11E9BAE24D21C4F9AE02/0134DE8CC77211EC9B377B2DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.47.0.0/24
61.47.3.0-61.47.5.255
61.47.15.0/24
61.47.17.0/24
61.47.21.0-61.47.22.255
61.47.24.0/24
61.47.27.0/24
61.47.29.0/24
61.47.44.0-61.47.46.255
61.47.49.0-61.47.51.255
61.47.53.0-61.47.56.255
61.47.64.0-61.47.66.255
61.47.72.0/21
61.47.102.0/23
61.47.108.0/22
221.128.0.0/18
221.128.71.0/24
221.128.73.0/24
221.128.77.0/24
221.128.79.0/24
221.128.81.0/24
221.128.87.0-221.128.91.255
221.128.97.0-221.128.99.255
221.128.104.0-221.128.110.255
221.128.115.0-221.128.116.255
221.128.118.0/23
221.128.121.0/24
221.128.123.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:a4:9b:43:1f:d6:48:32:bc:7a:18:ff:eb:06:5e:e9:48:d9:
57:84:d4:06:40:2f:6d:0e:1d:71:be:15:b2:a7:09:7e:22:b8:
dc:58:c8:6a:96:22:9c:4a:88:da:45:84:63:83:b3:23:13:87:
05:fe:5d:df:64:4e:e5:b1:bb:fd:23:f0:2f:9f:ca:25:03:11:
8e:b0:03:3d:5e:3a:b6:88:62:18:71:e0:ae:a6:26:2a:89:27:
dc:ab:f5:5e:81:bd:64:78:0e:6f:6e:e3:cd:73:59:90:7d:25:
93:95:fa:ff:b6:10:0a:e0:86:19:08:92:38:5f:f8:32:ee:9e:
a3:6f:cd:e5:c6:52:7c:f6:37:b6:fa:1c:7a:21:9e:0c:13:00:
7c:16:cf:45:31:5a:a9:ac:30:41:a2:14:9c:b1:d9:3b:12:96:
d4:7f:a2:e9:c2:42:e7:8a:9b:f8:b3:05:02:30:4d:47:a1:dd:
ca:cd:71:b7:7b:57:b2:db:81:c4:b4:ed:31:88:5e:e5:0b:5c:
c3:d8:01:27:5f:56:43:2a:85:e8:65:5b:77:08:b4:75:66:47:
94:ba:1b:17:54:19:b3:89:01:ba:00:bc:21:9c:b4:d5:fb:96:
c8:ab:a6:7d:a7:da:d0:09:f1:dc:01:84:cd:18:b7:4e:1f:09:
57:3a:6b:1c
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgICDbQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ZGQTAxMTAvBgNVBAUTKEFERDk0MThGMEY5QjU1RjNCNzM3NkEwOTNEQjExREJB
RDNBRUZFQzgwHhcNMjMxMjI4MTg1NjM3WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThkYzRlNS00MTVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApbRAzNDn5AdmrkhTJ3TQxsDZn0gqPk6QdYcAlCBUTlfojlLZi3qZCzrFpGpl
Y4NkkSWIND/f0T/TMnLHIYt0zLEUP1LMfoZ8DwxnV1zQIBlCiDxy2XXW71u7pVJV
Fmy3qlpY8zJ4yURcu3xU3oKHRaqRScQcHHRaduB2BbCKeOfyxgJBzq2Tyz7moBgj
de9cZ0EtWuCO/bL5qo2yy/bW+Ma40oy2kZMAeeGHZWUEAnk5DFacSPv2Z6cLfHpv
bpnpP38EgMrF/5Th2hyF7VW3fet1CuwkF6Yk2lMvqAZjrt8rIWKsJOv7h5eFi0yK
XzkhzJotSV0Hpy3xIRbIADLFKwIDAQABo4IDjzCCA4swHQYDVR0OBBYEFBqo9QJo
I/Uz1/iKfW6u90i62R69MB8GA1UdIwQYMBaAFK3ZQY8Pm1XztzdqCT2xHbrTrv7I
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xRDY2RDQ4NkQ4
Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9yZGxCanctYlZmTzNOMm9KUGJFZHV0T3Vf
c2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JkbEJqdy1iVmZPM04yb0pQYkVkdXRPdV9zZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ZGQTAvMUQ2NkQ0ODZEOENCMTFFOUJBRTI0RDIxQzRGOUFFMDIvMDEzNERFOEND
NzcyMTFFQzlCMzc3QjJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEXBggrBgEFBQcBBwEB
/wSCAQYwggECMIH/BAIAATCB+AMEAD0vADAMAwQAPS8DAwQBPS8EAwQAPS8PAwQA
PS8RMAwDBAA9LxUDBAA9LxYDBAA9LxgDBAA9LxsDBAA9Lx0wDAMEAj0vLAMEAD0v
LjAMAwQAPS8xAwQCPS8wMAwDBAA9LzUDBAA9LzgwDAMEBj0vQAMEAD0vQgMEAz0v
SAMEAT0vZgMEAj0vbAMEBt2AAAMEAN2ARwMEAN2ASQMEAN2ATQMEAN2ATwMEAN2A
UTAMAwQA3YBXAwQC3YBYMAwDBADdgGEDBALdgGAwDAMEA92AaAMEAN2AbjAMAwQA
3YBzAwQA3YB0AwQB3YB2AwQA3YB5AwQA3YB7MA0GCSqGSIb3DQEBCwUAA4IBAQCi
pJtDH9ZIMrx6GP/rBl7pSNlXhNQGQC9tDh1xvhWypwl+IrjcWMhqliKcSojaRYRj
g7MjE4cF/l3fZE7lsbv9I/Avn8olAxGOsAM9Xjq2iGIYceCupiYqiSfcq/Vegb1k
eA5vbuPNc1mQfSWTlfr/thAK4IYZCJI4X/gy7p6jb83lxlJ89je2+hx6IZ4MEwB8
Fs9FMVqprDBBohScsdk7EpbUf6LpwkLnipv4swUCME1Hod3KzXG3e1ey24HEtO0x
iF7lC1zD2AEnX1ZDKoXoZVt3CLR1ZkeUuhsXVBmziQG6ALwhnLTV+5bIq6Z9p9rQ
CfHcAYTNGLdOHwlXOmsc
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:36:25 2024 by rpki-client on console-fra.rpki-client.org