Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/B7BC1B76506A11EDBB3A804AC4F9AE02.roa
File: B7BC1B76506A11EDBB3A804AC4F9AE02.roa (raw, json)
Hash identifier: d49RSnIOfctyMbKO+cJYRLNtwFDSa0oSxu4naTU0dt8=
Subject key identifier: 5B:64:7D:79:D9:11:E8:88:50:7A:B6:40:65:78:AA:7E:C8:35:2F:98
Certificate issuer: /CN=A91DC31B/serialNumber=8B8AD5CA1C3E8B8CF468B5F496A91ABB0E48CFA8
Certificate serial: 0627
Authority key identifier: 8B:8A:D5:CA:1C:3E:8B:8C:F4:68:B5:F4:96:A9:1A:BB:0E:48:CF:A8
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i4rVyhw-i4z0aLX0lqkauw5Iz6g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/B7BC1B76506A11EDBB3A804AC4F9AE02.roa
Signing time: Tue 07 May 2024 10:21:53 +0000
ROA not before: Tue 07 May 2024 10:21:53 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 38166
IP address blocks: 166.81.5.0/24 maxlen: 24
166.81.9.0/24 maxlen: 24
166.81.10.0/24 maxlen: 24
166.81.11.0/24 maxlen: 24
166.81.12.0/24 maxlen: 24
166.81.13.0/24 maxlen: 24
166.81.14.0/24 maxlen: 24
166.81.15.0/24 maxlen: 24
166.81.16.0/24 maxlen: 24
166.81.17.0/24 maxlen: 24
166.81.18.0/24 maxlen: 24
166.81.19.0/24 maxlen: 24
166.81.20.0/24 maxlen: 24
166.81.21.0/24 maxlen: 24
166.81.22.0/24 maxlen: 24
166.81.23.0/24 maxlen: 24
166.81.24.0/24 maxlen: 24
166.81.25.0/24 maxlen: 24
166.81.26.0/24 maxlen: 24
166.81.27.0/24 maxlen: 24
166.81.28.0/24 maxlen: 24
166.81.29.0/24 maxlen: 24
166.81.30.0/24 maxlen: 24
166.81.33.0/24 maxlen: 24
166.81.34.0/24 maxlen: 24
166.81.35.0/24 maxlen: 24
166.81.38.0/24 maxlen: 24
166.81.39.0/24 maxlen: 24
166.81.40.0/24 maxlen: 24
166.81.51.0/24 maxlen: 24
166.81.52.0/24 maxlen: 24
166.81.53.0/24 maxlen: 24
166.81.54.0/24 maxlen: 24
166.81.55.0/24 maxlen: 24
166.81.56.0/24 maxlen: 24
166.81.57.0/24 maxlen: 24
166.81.58.0/24 maxlen: 24
166.81.59.0/24 maxlen: 24
166.81.60.0/24 maxlen: 24
166.81.61.0/24 maxlen: 24
166.81.65.0/24 maxlen: 24
166.81.66.0/24 maxlen: 24
166.81.67.0/24 maxlen: 24
166.81.68.0/24 maxlen: 24
166.81.69.0/24 maxlen: 24
166.81.70.0/24 maxlen: 24
166.81.77.0/24 maxlen: 24
166.81.78.0/24 maxlen: 24
166.81.79.0/24 maxlen: 24
166.81.80.0/24 maxlen: 24
166.81.87.0/24 maxlen: 24
166.81.88.0/24 maxlen: 24
166.81.89.0/24 maxlen: 24
166.81.90.0/24 maxlen: 24
166.81.101.0/24 maxlen: 24
166.81.102.0/24 maxlen: 24
166.81.103.0/24 maxlen: 24
166.81.104.0/24 maxlen: 24
166.81.105.0/24 maxlen: 24
166.81.106.0/24 maxlen: 24
166.81.246.0/24 maxlen: 24
166.81.247.0/24 maxlen: 24
166.81.248.0/24 maxlen: 24
166.81.249.0/24 maxlen: 24
166.81.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/i4rVyhw-i4z0aLX0lqkauw5Iz6g.crl
rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/i4rVyhw-i4z0aLX0lqkauw5Iz6g.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i4rVyhw-i4z0aLX0lqkauw5Iz6g.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 19:51:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1575 (0x627)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC31B/serialNumber=8B8AD5CA1C3E8B8CF468B5F496A91ABB0E48CFA8
Validity
Not Before: May 7 10:21:53 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=663a00c1-0112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ed:30:ea:99:76:5c:f1:58:bb:0b:e3:5c:d5:
14:d7:35:ef:2d:6a:f6:1f:28:4f:3a:74:6a:51:f5:
12:69:24:92:63:8f:5d:4e:e3:55:00:ca:da:4c:ee:
c9:6f:50:ed:d6:b1:f7:13:aa:60:ba:2a:b8:f2:27:
30:b7:61:06:72:80:d5:69:72:d5:ad:43:6e:79:18:
a8:96:31:46:8f:b8:30:3c:3a:c3:0c:38:3a:6f:41:
f7:02:ba:ff:9f:6a:98:f5:7e:9d:87:88:e4:be:66:
38:0d:5b:93:74:b6:c0:a8:ee:62:eb:25:77:ab:d6:
e3:c6:fa:a2:f0:4a:b4:23:82:e5:71:b2:80:60:93:
76:df:7e:31:4e:73:65:56:3f:b0:fa:80:c5:3c:ff:
9d:15:0b:aa:8e:44:f4:2f:bd:8e:01:a0:54:58:c2:
34:20:b5:fa:3f:bc:dd:a5:d9:43:b7:6e:39:37:0b:
0f:46:86:8e:ad:12:6a:db:29:8a:2d:4d:3a:f7:57:
0b:cc:44:f7:23:a7:1f:80:87:cd:06:6c:b2:35:b7:
6c:fb:9c:4e:05:bf:e9:81:85:4e:d6:4b:3c:49:44:
8a:ad:76:8e:8a:cb:58:0f:2e:6c:cb:7c:41:5a:92:
9c:86:b7:3d:69:cb:89:a7:48:d9:04:3d:3f:47:c9:
ec:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:64:7D:79:D9:11:E8:88:50:7A:B6:40:65:78:AA:7E:C8:35:2F:98
X509v3 Authority Key Identifier:
keyid:8B:8A:D5:CA:1C:3E:8B:8C:F4:68:B5:F4:96:A9:1A:BB:0E:48:CF:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/i4rVyhw-i4z0aLX0lqkauw5Iz6g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i4rVyhw-i4z0aLX0lqkauw5Iz6g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/B7BC1B76506A11EDBB3A804AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
166.81.5.0/24
166.81.9.0-166.81.30.255
166.81.33.0-166.81.35.255
166.81.38.0-166.81.40.255
166.81.51.0-166.81.61.255
166.81.65.0-166.81.70.255
166.81.77.0-166.81.80.255
166.81.87.0-166.81.90.255
166.81.101.0-166.81.106.255
166.81.246.0-166.81.250.255
Signature Algorithm: sha256WithRSAEncryption
1b:07:77:71:84:98:bf:0b:34:36:08:fa:25:24:75:31:37:db:
e3:c1:cd:b2:74:ae:2e:a0:00:b6:f9:f3:56:50:6c:bd:d7:dd:
97:f8:e8:fc:5d:86:91:a9:30:42:a2:4c:39:e8:3c:eb:d8:6f:
f8:a1:59:a2:3b:b5:c7:84:c4:8f:20:e6:7b:34:49:d2:55:5e:
3d:94:a4:b6:48:84:01:6f:e1:b6:8d:bd:be:0b:e9:1a:f5:e5:
00:3e:19:06:d6:a9:2b:c1:b5:f3:c6:c6:ab:7d:94:6a:7d:eb:
30:bf:7d:b0:4f:bb:f5:b2:e5:48:ed:48:ce:1a:ff:71:cd:c5:
61:74:fd:7c:98:54:48:50:a1:e5:89:8e:cf:e6:ae:9a:05:a8:
7a:e2:a5:0f:a8:7e:8b:45:fc:eb:73:0c:07:4c:9b:1a:dd:61:
63:b9:69:a8:4c:66:3b:1d:47:6d:7d:f3:6b:cc:88:f0:ce:b6:
ef:b4:14:8f:93:8c:24:33:2e:6d:13:6c:7e:9c:7e:06:34:91:
24:46:db:c5:fc:d8:5a:59:16:d3:e4:a5:b3:23:b0:54:39:7b:
62:b6:c3:60:db:62:59:7a:6b:45:85:f7:59:56:25:43:09:3e:
d1:50:e6:4e:38:a2:b9:23:61:3d:b9:1f:12:4a:b1:45:24:84:
fc:62:db:7b
-----BEGIN CERTIFICATE-----
MIIF9DCCBNygAwIBAgICBicwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REMzMUIxMTAvBgNVBAUTKDhCOEFENUNBMUMzRThCOENGNDY4QjVGNDk2QTkxQUJC
MEU0OENGQTgwHhcNMjQwNTA3MTAyMTUzWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNhMDBjMS0wMTEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzO0w6pl2XPFYuwvjXNUU1zXvLWr2HyhPOnRqUfUSaSSSY49dTuNVAMraTO7J
b1Dt1rH3E6pguiq48icwt2EGcoDVaXLVrUNueRioljFGj7gwPDrDDDg6b0H3Arr/
n2qY9X6dh4jkvmY4DVuTdLbAqO5i6yV3q9bjxvqi8Eq0I4LlcbKAYJN2334xTnNl
Vj+w+oDFPP+dFQuqjkT0L72OAaBUWMI0ILX6P7zdpdlDt245NwsPRoaOrRJq2ymK
LU0691cLzET3I6cfgIfNBmyyNbds+5xOBb/pgYVO1ks8SUSKrXaOistYDy5sy3xB
WpKchrc9acuJp0jZBD0/R8ns9wIDAQABo4IDGDCCAxQwHQYDVR0OBBYEFFtkfXnZ
EeiIUHq2QGV4qn7INS+YMB8GA1UdIwQYMBaAFIuK1cocPouM9Gi19JapGrsOSM+o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzMxQi9EMEVDQ0Q0ODg5
M0QxMUVCOTE2REYwMjJDNEY5QUUwMi9pNHJWeWh3LWk0ejBhTFgwbHFrYXV3NUl6
NmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2k0clZ5aHctaTR6MGFMWDBscWthdXc1SXo2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REMzMUIvRDBFQ0NENDg4OTNEMTFFQjkxNkRGMDIyQzRGOUFFMDIvQjdCQzFCNzY1
MDZBMTFFREJCM0E4MDRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaEGCCsGAQUFBwEHAQH/
BIGRMIGOMIGLBAIAATCBhAMEAKZRBTAMAwQAplEJAwQAplEeMAwDBACmUSEDBAKm
USAwDAMEAaZRJgMEAKZRKDAMAwQAplEzAwQBplE8MAwDBACmUUEDBACmUUYwDAME
AKZRTQMEAKZRUDAMAwQAplFXAwQAplFaMAwDBACmUWUDBACmUWowDAMEAaZR9gME
AKZR+jANBgkqhkiG9w0BAQsFAAOCAQEAGwd3cYSYvws0Ngj6JSR1MTfb48HNsnSu
LqAAtvnzVlBsvdfdl/jo/F2GkakwQqJMOeg869hv+KFZoju1x4TEjyDmezRJ0lVe
PZSktkiEAW/hto29vgvpGvXlAD4ZBtapK8G188bGq32Uan3rML99sE+79bLlSO1I
zhr/cc3FYXT9fJhUSFCh5YmOz+aumgWoeuKlD6h+i0X863MMB0ybGt1hY7lpqExm
Ox1HbX3za8yI8M6277QUj5OMJDMubRNsfpx+BjSRJEbbxfzYWlkW0+SlsyOwVDl7
YrbDYNtiWXprRYX3WVYlQwk+0VDmTjiiuSNhPbkfEkqxRSSE/GLbew==
-----END CERTIFICATE-----
Generated at Sun May 19 00:59:43 2024 by rpki-client on console-fra.rpki-client.org