Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3794/20FE5616E98F11E5A3DDDC66C4F9AE02/89A9F0B436B511EEB14AD345C4F9AE02.roa
File: 89A9F0B436B511EEB14AD345C4F9AE02.roa (raw, json)
Hash identifier: EAxI4bIjo+n7PFiXYMqFRV1/PYnj3hlObSSzRKPltIQ=
Subject key identifier: 8D:C4:16:B4:7D:26:A2:CD:0F:C6:E7:31:40:4C:16:95:67:1C:E4:FE
Certificate issuer: /CN=A91D3794/serialNumber=30E589288EB65002510C877B466ABE19753BDBCE
Certificate serial: 208B
Authority key identifier: 30:E5:89:28:8E:B6:50:02:51:0C:87:7B:46:6A:BE:19:75:3B:DB:CE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOWJKI62UAJRDId7Rmq-GXU7284.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D3794/20FE5616E98F11E5A3DDDC66C4F9AE02/89A9F0B436B511EEB14AD345C4F9AE02.roa
Signing time: Tue 30 Jan 2024 16:43:25 +0000
ROA not before: Tue 30 Jan 2024 16:43:25 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 55803
IP address blocks: 27.54.80.0/21 maxlen: 24
27.54.88.0/21 maxlen: 24
27.111.81.0/24 maxlen: 24
27.111.82.0/23 maxlen: 24
27.111.84.0/24 maxlen: 24
27.111.86.0/24 maxlen: 24
27.111.88.0/23 maxlen: 24
27.111.92.0/22 maxlen: 24
27.123.24.0/21 maxlen: 24
27.124.112.0/20 maxlen: 24
43.245.52.0/22 maxlen: 24
43.250.248.0/22 maxlen: 24
103.250.212.0/22 maxlen: 24
103.253.193.0/24 maxlen: 24
103.254.136.0/22 maxlen: 24
112.109.74.0/24 maxlen: 24
112.109.81.0/24 maxlen: 24
112.109.82.0/23 maxlen: 24
112.109.84.0/24 maxlen: 24
116.0.16.0/21 maxlen: 24
119.47.112.0/22 maxlen: 24
119.47.117.0/24 maxlen: 24
119.47.118.0/23 maxlen: 24
119.47.122.0/23 maxlen: 24
119.47.124.0/24 maxlen: 24
163.47.72.0/22 maxlen: 24
202.174.80.0/24 maxlen: 24
203.17.36.0/24 maxlen: 24
203.26.41.0/24 maxlen: 24
203.28.48.0/23 maxlen: 24
203.28.50.0/24 maxlen: 24
203.170.80.0/21 maxlen: 24
2400:6d80::/32 maxlen: 48
2402:cb40::/32 maxlen: 48
2407:4c00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D3794/20FE5616E98F11E5A3DDDC66C4F9AE02/MOWJKI62UAJRDId7Rmq-GXU7284.crl
rsync://rpki.apnic.net/member_repository/A91D3794/20FE5616E98F11E5A3DDDC66C4F9AE02/MOWJKI62UAJRDId7Rmq-GXU7284.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOWJKI62UAJRDId7Rmq-GXU7284.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 16:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8331 (0x208b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D3794/serialNumber=30E589288EB65002510C877B466ABE19753BDBCE
Validity
Not Before: Jan 30 16:43:25 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65b9272d-f48f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:0f:9e:19:7e:fc:0a:fd:33:f8:b1:86:05:c9:
5f:90:2c:d6:82:a7:ae:6e:5f:a0:a6:04:72:c5:2b:
bc:bc:1c:0a:68:11:9d:13:49:5f:ff:12:bc:0b:fe:
13:70:72:eb:8f:96:17:97:3d:95:8a:09:c5:40:57:
d9:2a:19:64:82:1d:c0:79:9b:1d:71:32:1b:de:c1:
dd:27:bd:48:24:a3:b0:b9:e7:d8:ba:47:8a:e1:3b:
bc:75:e0:fc:ed:02:be:ce:8c:a9:23:0b:19:5e:c8:
66:7c:97:46:3b:30:b2:76:7a:a2:5e:46:c2:0b:fc:
f9:e6:5d:de:22:69:6a:f2:85:b0:73:04:90:42:f0:
55:7d:0d:50:e0:5e:e8:09:96:71:6a:62:93:1a:54:
1a:80:03:36:e9:ab:cb:43:d2:af:2a:29:a4:3c:08:
5d:45:cb:18:5d:fe:34:72:0c:0b:6d:e4:7f:b9:5b:
a8:fc:f4:08:30:68:a3:59:a8:d9:f5:62:12:91:3e:
44:e1:2b:54:21:1c:21:70:68:df:84:97:27:16:a0:
25:7c:76:6d:c3:cb:bf:96:8b:67:3b:57:39:d0:32:
fe:00:e3:c3:f1:d4:21:65:62:45:fe:97:3a:cc:99:
fd:b1:68:65:31:67:1c:ba:24:ab:ac:0d:35:ce:f9:
17:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:C4:16:B4:7D:26:A2:CD:0F:C6:E7:31:40:4C:16:95:67:1C:E4:FE
X509v3 Authority Key Identifier:
keyid:30:E5:89:28:8E:B6:50:02:51:0C:87:7B:46:6A:BE:19:75:3B:DB:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D3794/20FE5616E98F11E5A3DDDC66C4F9AE02/MOWJKI62UAJRDId7Rmq-GXU7284.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MOWJKI62UAJRDId7Rmq-GXU7284.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3794/20FE5616E98F11E5A3DDDC66C4F9AE02/89A9F0B436B511EEB14AD345C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.54.80.0/20
27.111.81.0-27.111.84.255
27.111.86.0/24
27.111.88.0/23
27.111.92.0/22
27.123.24.0/21
27.124.112.0/20
43.245.52.0/22
43.250.248.0/22
103.250.212.0/22
103.253.193.0/24
103.254.136.0/22
112.109.74.0/24
112.109.81.0-112.109.84.255
116.0.16.0/21
119.47.112.0/22
119.47.117.0-119.47.119.255
119.47.122.0-119.47.124.255
163.47.72.0/22
202.174.80.0/24
203.17.36.0/24
203.26.41.0/24
203.28.48.0-203.28.50.255
203.170.80.0/21
IPv6:
2400:6d80::/32
2402:cb40::/32
2407:4c00::/32
Signature Algorithm: sha256WithRSAEncryption
92:32:e1:e2:09:dc:77:17:1c:c2:a6:08:27:a1:0f:6e:d9:d7:
ad:91:31:11:08:fe:13:c8:ce:25:50:a8:cc:4d:68:d4:1c:3e:
5e:a7:7f:16:de:8d:1d:e2:f5:78:1e:73:0c:a8:30:58:52:ea:
f0:4f:c7:79:3d:89:ab:36:de:f0:2c:28:cc:c8:7d:c1:c0:9a:
c9:b2:0a:14:5d:e7:4b:e1:64:94:32:42:f2:14:86:11:1e:06:
e4:dd:de:58:d7:5b:3d:1f:72:92:a4:d7:ae:d5:d8:e1:cf:c2:
a3:e3:6c:e0:78:59:49:ce:3e:5f:da:76:db:6e:ef:40:84:79:
99:3b:bf:17:2b:a3:a1:6e:c6:7d:4c:1a:9c:38:fb:f3:40:56:
0f:eb:c9:ac:05:ba:4c:64:ee:ee:8e:c9:f9:21:0f:f0:a9:66:
2d:02:39:ec:4c:b9:5d:97:67:b3:2f:44:15:66:43:f6:fb:3e:
27:2b:b9:73:7c:85:d2:68:36:49:97:3e:cd:cb:73:61:4e:12:
01:ef:12:23:34:71:1f:81:7d:c8:9c:56:83:3f:e9:f2:2d:f5:
f6:bd:e5:64:6c:53:da:98:30:ea:f9:df:12:4d:59:cc:71:8b:
1a:6b:0a:09:e0:ce:40:c7:27:76:50:42:4c:40:57:37:1b:f8:
46:cb:52:7d
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgICIIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDM3OTQxMTAvBgNVBAUTKDMwRTU4OTI4OEVCNjUwMDI1MTBDODc3QjQ2NkFCRTE5
NzUzQkRCQ0UwHhcNMjQwMTMwMTY0MzI1WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5MjcyZC1mNDhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4A+eGX78Cv0z+LGGBclfkCzWgqeubl+gpgRyxSu8vBwKaBGdE0lf/xK8C/4T
cHLrj5YXlz2VignFQFfZKhlkgh3AeZsdcTIb3sHdJ71IJKOwuefYukeK4Tu8deD8
7QK+zoypIwsZXshmfJdGOzCydnqiXkbCC/z55l3eImlq8oWwcwSQQvBVfQ1Q4F7o
CZZxamKTGlQagAM26avLQ9KvKimkPAhdRcsYXf40cgwLbeR/uVuo/PQIMGijWajZ
9WISkT5E4StUIRwhcGjfhJcnFqAlfHZtw8u/lotnO1c50DL+AOPD8dQhZWJF/pc6
zJn9sWhlMWccuiSrrA01zvkX4wIDAQABo4IDaTCCA2UwHQYDVR0OBBYEFI3EFrR9
JqLND8bnMUBMFpVnHOT+MB8GA1UdIwQYMBaAFDDliSiOtlACUQyHe0Zqvhl1O9vO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzc5NC8yMEZFNTYxNkU5
OEYxMUU1QTNERERDNjZDNEY5QUUwMi9NT1dKS0k2MlVBSlJESWQ3Um1xLUdYVTcy
ODQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01PV0pLSTYyVUFKUkRJZDdSbXEtR1hVNzI4NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDM3OTQvMjBGRTU2MTZFOThGMTFFNUEzREREQzY2QzRGOUFFMDIvODlBOUYwQjQz
NkI1MTFFRUIxNEFEMzQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfIGCCsGAQUFBwEHAQH/
BIHiMIHfMIG/BAIAATCBuAMEBBs2UDAMAwQAG29RAwQAG29UAwQAG29WAwQBG29Y
AwQCG29cAwQDG3sYAwQEG3xwAwQCK/U0AwQCK/r4AwQCZ/rUAwQAZ/3BAwQCZ/6I
AwQAcG1KMAwDBABwbVEDBABwbVQDBAN0ABADBAJ3L3AwDAMEAHcvdQMEA3cvcDAM
AwQBdy96AwQAdy98AwQCoy9IAwQAyq5QAwQAyxEkAwQAyxopMAwDBATLHDADBADL
HDIDBAPLqlAwGwQCAAIwFQMFACQAbYADBQAkAstAAwUAJAdMADANBgkqhkiG9w0B
AQsFAAOCAQEAkjLh4gncdxccwqYIJ6EPbtnXrZExEQj+E8jOJVCozE1o1Bw+Xqd/
Ft6NHeL1eB5zDKgwWFLq8E/HeT2Jqzbe8CwozMh9wcCaybIKFF3nS+FklDJC8hSG
ER4G5N3eWNdbPR9ykqTXrtXY4c/Co+Ns4HhZSc4+X9p2227vQIR5mTu/FyujoW7G
fUwanDj780BWD+vJrAW6TGTu7o7J+SEP8KlmLQI57Ey5XZdnsy9EFWZD9vs+Jyu5
c3yF0mg2SZc+zctzYU4SAe8SIzRxH4F9yJxWgz/p8i319r3lZGxT2pgw6vnfEk1Z
zHGLGmsKCeDOQMcndlBCTEBXNxv4RstSfQ==
-----END CERTIFICATE-----
Generated at Thu May 16 17:51:52 2024 by rpki-client on console-ams.rpki-client.org