Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/4A479BB45A7911E998A6BE80C4F9AE02.roa
File: 4A479BB45A7911E998A6BE80C4F9AE02.roa (raw, json)
Hash identifier: YkeekcBpQwTYjFjVb68ulLEw7AyNGZ6teI99pWERpdQ=
Subject key identifier: F3:F9:8B:95:27:E7:3B:39:E2:EA:45:F2:13:A7:55:02:EB:0B:6C:79
Certificate issuer: /CN=A91D1136/serialNumber=B7B73E89B621081609CD689AB0AEF7FAF148926C
Certificate serial: 24DB
Authority key identifier: B7:B7:3E:89:B6:21:08:16:09:CD:68:9A:B0:AE:F7:FA:F1:48:92:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t7c-ibYhCBYJzWiasK73-vFIkmw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/4A479BB45A7911E998A6BE80C4F9AE02.roa
Signing time: Sat 30 Sep 2023 16:12:43 +0000
ROA not before: Sat 30 Sep 2023 16:12:42 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 133543
IP address blocks: 115.67.8.0/21 maxlen: 21
115.67.8.0/24 maxlen: 24
115.67.9.0/24 maxlen: 24
115.67.10.0/24 maxlen: 24
115.67.11.0/24 maxlen: 24
115.67.12.0/24 maxlen: 24
115.67.13.0/24 maxlen: 24
115.67.14.0/24 maxlen: 24
115.67.15.0/24 maxlen: 24
2404:8d06::/31 maxlen: 32
2404:8d06::/36 maxlen: 36
2404:8d06:1000::/36 maxlen: 36
2404:8d06:2000::/36 maxlen: 36
2404:8d06:2000::/40 maxlen: 40
2404:8d06:3000::/36 maxlen: 36
2404:8d06:4000::/36 maxlen: 36
2404:8d06:4000::/40 maxlen: 40
2404:8d06:5000::/36 maxlen: 36
2404:8d06:6000::/36 maxlen: 36
2404:8d06:6000::/40 maxlen: 48
2404:8d06:7000::/36 maxlen: 36
2404:8d06:7000::/40 maxlen: 40
2404:8d06:8000::/36 maxlen: 36
2404:8d06:8000::/40 maxlen: 40
2404:8d06:9000::/36 maxlen: 36
2404:8d06:9000::/40 maxlen: 40
2404:8d06:a000::/36 maxlen: 36
2404:8d06:a000::/40 maxlen: 40
2404:8d06:b000::/36 maxlen: 36
2404:8d06:b000::/40 maxlen: 40
2404:8d06:c000::/36 maxlen: 36
2404:8d06:d000::/36 maxlen: 36
2404:8d06:e000::/36 maxlen: 36
2404:8d06:f000::/36 maxlen: 36
2404:8d07::/36 maxlen: 36
2404:8d07:1000::/36 maxlen: 36
2404:8d07:2000::/36 maxlen: 36
2404:8d07:3000::/36 maxlen: 36
2404:8d07:4000::/36 maxlen: 36
2404:8d07:5000::/36 maxlen: 36
2404:8d07:6000::/36 maxlen: 36
2404:8d07:7000::/36 maxlen: 36
2404:8d07:8000::/36 maxlen: 36
2404:8d07:9000::/36 maxlen: 36
2404:8d07:a000::/36 maxlen: 36
2404:8d07:b000::/36 maxlen: 36
2404:8d07:c000::/36 maxlen: 36
2404:8d07:d000::/36 maxlen: 36
2404:8d07:e000::/36 maxlen: 36
2404:8d07:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/t7c-ibYhCBYJzWiasK73-vFIkmw.crl
rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/t7c-ibYhCBYJzWiasK73-vFIkmw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t7c-ibYhCBYJzWiasK73-vFIkmw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 15 May 2024 02:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9435 (0x24db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1136/serialNumber=B7B73E89B621081609CD689AB0AEF7FAF148926C
Validity
Not Before: Sep 30 16:12:42 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=651848fa-941f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:52:b6:14:d2:e7:e1:cc:20:fb:d6:99:02:a6:
df:61:08:be:31:2f:29:14:4d:2b:80:ff:00:24:74:
05:55:4e:e2:87:00:f6:27:36:69:17:b1:69:c1:64:
d8:20:ab:04:61:99:b0:dc:b4:df:e9:ac:be:f2:4d:
43:36:8e:1c:b2:35:27:56:38:30:12:fb:c4:34:c5:
a5:9b:c6:14:58:2a:8b:27:26:d2:fa:97:eb:a3:c9:
5e:38:73:c6:89:74:0c:4a:44:76:98:c9:04:66:05:
e6:d1:4b:ef:28:15:8d:02:46:d9:ad:44:9a:a0:d1:
c2:4d:54:9a:71:54:06:46:45:bc:87:c9:b7:20:19:
a8:89:ba:9d:02:76:5c:48:bf:de:cb:03:83:09:4b:
71:8e:07:f4:7f:81:6f:47:f7:8f:45:0e:5b:7d:70:
84:23:41:bd:e8:a8:4c:be:29:ec:6e:4a:08:ad:64:
7b:40:23:01:55:68:c3:c4:04:0a:16:88:18:79:e9:
ac:a6:f3:75:f4:40:98:19:9e:f0:1e:df:63:7a:51:
c2:bf:37:ad:ed:23:43:90:5a:31:12:a0:c8:74:68:
33:6a:f7:1b:2c:4d:01:c6:2f:17:f6:52:c8:0d:ab:
d2:79:d0:d0:45:f0:c4:f1:64:5b:f6:4d:73:93:ae:
61:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F9:8B:95:27:E7:3B:39:E2:EA:45:F2:13:A7:55:02:EB:0B:6C:79
X509v3 Authority Key Identifier:
keyid:B7:B7:3E:89:B6:21:08:16:09:CD:68:9A:B0:AE:F7:FA:F1:48:92:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/t7c-ibYhCBYJzWiasK73-vFIkmw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t7c-ibYhCBYJzWiasK73-vFIkmw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1136/CF3281C8215B11E5A7BF890EC4F9AE02/4A479BB45A7911E998A6BE80C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
115.67.8.0/21
IPv6:
2404:8d06::/31
Signature Algorithm: sha256WithRSAEncryption
93:09:d9:90:24:b7:81:ff:59:bb:31:bc:0e:31:44:39:ea:d1:
b3:fa:e0:6e:c6:0b:03:f4:2f:7a:c3:0e:74:45:3c:34:15:f4:
85:62:56:1e:3c:83:ee:fe:7f:fb:85:bf:5e:8c:30:73:00:77:
ba:84:23:31:58:cd:c8:50:74:11:b6:ce:e5:ce:25:ee:bc:e1:
73:f8:84:c6:c1:99:47:da:4c:bb:89:80:48:57:1e:3b:21:91:
2c:af:34:a5:ce:03:e3:ca:68:33:fb:4c:e1:7c:42:36:36:33:
c2:a8:0a:25:b3:cd:b0:5d:d5:ce:42:df:fc:cb:c1:ff:9c:6a:
8d:44:6e:a9:d8:34:8f:80:6a:62:8f:c7:98:88:0a:00:26:3d:
a4:e3:2f:5d:02:fd:9f:59:5d:e2:65:b8:ad:4b:90:d6:49:99:
ea:51:50:a4:73:96:bb:a3:e7:9b:94:b7:48:84:d1:f0:bb:fa:
7e:ab:08:6f:c5:8a:5a:40:bb:6d:24:20:29:95:af:f5:05:fc:
24:52:fd:17:cb:cc:9e:88:a5:5a:a6:87:ce:d4:25:7b:ef:3e:
44:ad:7e:10:2c:59:a0:55:e9:2e:0a:55:bb:8a:f7:37:46:54:
64:3c:a6:4f:c8:65:3e:4f:5a:5d:5c:ff:21:28:8e:94:d4:5d:
20:81:50:cd
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICJNswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDExMzYxMTAvBgNVBAUTKEI3QjczRTg5QjYyMTA4MTYwOUNENjg5QUIwQUVGN0ZB
RjE0ODkyNkMwHhcNMjMwOTMwMTYxMjQyWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE4NDhmYS05NDFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyVK2FNLn4cwg+9aZAqbfYQi+MS8pFE0rgP8AJHQFVU7ihwD2JzZpF7FpwWTY
IKsEYZmw3LTf6ay+8k1DNo4csjUnVjgwEvvENMWlm8YUWCqLJybS+pfro8leOHPG
iXQMSkR2mMkEZgXm0UvvKBWNAkbZrUSaoNHCTVSacVQGRkW8h8m3IBmoibqdAnZc
SL/eywODCUtxjgf0f4FvR/ePRQ5bfXCEI0G96KhMvinsbkoIrWR7QCMBVWjDxAQK
FogYeemspvN19ECYGZ7wHt9jelHCvzet7SNDkFoxEqDIdGgzavcbLE0Bxi8X9lLI
DavSedDQRfDE8WRb9k1zk65hIQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPP5i5Un
5zs54upF8hOnVQLrC2x5MB8GA1UdIwQYMBaAFLe3Pom2IQgWCc1omrCu9/rxSJJs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTEzNi9DRjMyODFDODIx
NUIxMUU1QTdCRjg5MEVDNEY5QUUwMi90N2MtaWJZaENCWUp6V2lhc0s3My12Rklr
bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3Q3Yy1pYlloQ0JZSnpXaWFzSzczLXZGSWttdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDExMzYvQ0YzMjgxQzgyMTVCMTFFNUE3QkY4OTBFQzRGOUFFMDIvNEE0NzlCQjQ1
QTc5MTFFOTk4QTZCRTgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBANzQwgwDQQCAAIwBwMFASQEjQYwDQYJKoZIhvcNAQELBQAD
ggEBAJMJ2ZAkt4H/WbsxvA4xRDnq0bP64G7GCwP0L3rDDnRFPDQV9IViVh48g+7+
f/uFv16MMHMAd7qEIzFYzchQdBG2zuXOJe684XP4hMbBmUfaTLuJgEhXHjshkSyv
NKXOA+PKaDP7TOF8QjY2M8KoCiWzzbBd1c5C3/zLwf+cao1EbqnYNI+AamKPx5iI
CgAmPaTjL10C/Z9ZXeJluK1LkNZJmepRUKRzlruj55uUt0iE0fC7+n6rCG/FilpA
u20kICmVr/UF/CRS/RfLzJ6IpVqmh87UJXvvPkStfhAsWaBV6S4KVbuK9zdGVGQ8
pk/IZT5PWl1c/yEojpTUXSCBUM0=
-----END CERTIFICATE-----
Generated at Wed May 8 17:47:41 2024 by rpki-client on console-ams.rpki-client.org