Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/B7BC1B76506A11EDBB3A804AC4F9AE02.roa
File: B7BC1B76506A11EDBB3A804AC4F9AE02.roa (raw, json)
Hash identifier: YiFkayb2mucnPxSxU+1NlAOVg32mdQybW3UG3hiJAlY=
Subject key identifier: B8:F0:BD:65:4B:50:41:C0:F7:E6:C5:0E:7A:64:59:37:AE:10:1E:65
Certificate issuer: /CN=A91DC31B/serialNumber=8B8AD5CA1C3E8B8CF468B5F496A91ABB0E48CFA8
Certificate serial: 0676
Authority key identifier: 8B:8A:D5:CA:1C:3E:8B:8C:F4:68:B5:F4:96:A9:1A:BB:0E:48:CF:A8
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i4rVyhw-i4z0aLX0lqkauw5Iz6g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/B7BC1B76506A11EDBB3A804AC4F9AE02.roa
Signing time: Fri 06 Sep 2024 04:07:37 +0000
ROA not before: Fri 06 Sep 2024 04:07:37 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 38166
IP address blocks: 166.81.5.0/24 maxlen: 24
166.81.9.0/24 maxlen: 24
166.81.10.0/24 maxlen: 24
166.81.11.0/24 maxlen: 24
166.81.12.0/24 maxlen: 24
166.81.13.0/24 maxlen: 24
166.81.14.0/24 maxlen: 24
166.81.15.0/24 maxlen: 24
166.81.16.0/24 maxlen: 24
166.81.17.0/24 maxlen: 24
166.81.18.0/24 maxlen: 24
166.81.19.0/24 maxlen: 24
166.81.20.0/24 maxlen: 24
166.81.21.0/24 maxlen: 24
166.81.22.0/24 maxlen: 24
166.81.23.0/24 maxlen: 24
166.81.24.0/24 maxlen: 24
166.81.25.0/24 maxlen: 24
166.81.26.0/24 maxlen: 24
166.81.27.0/24 maxlen: 24
166.81.28.0/24 maxlen: 24
166.81.29.0/24 maxlen: 24
166.81.30.0/24 maxlen: 24
166.81.33.0/24 maxlen: 24
166.81.34.0/24 maxlen: 24
166.81.35.0/24 maxlen: 24
166.81.38.0/24 maxlen: 24
166.81.39.0/24 maxlen: 24
166.81.40.0/24 maxlen: 24
166.81.51.0/24 maxlen: 24
166.81.52.0/24 maxlen: 24
166.81.53.0/24 maxlen: 24
166.81.54.0/24 maxlen: 24
166.81.55.0/24 maxlen: 24
166.81.56.0/24 maxlen: 24
166.81.57.0/24 maxlen: 24
166.81.58.0/24 maxlen: 24
166.81.59.0/24 maxlen: 24
166.81.60.0/24 maxlen: 24
166.81.61.0/24 maxlen: 24
166.81.65.0/24 maxlen: 24
166.81.66.0/24 maxlen: 24
166.81.67.0/24 maxlen: 24
166.81.68.0/24 maxlen: 24
166.81.69.0/24 maxlen: 24
166.81.70.0/24 maxlen: 24
166.81.77.0/24 maxlen: 24
166.81.78.0/24 maxlen: 24
166.81.79.0/24 maxlen: 24
166.81.80.0/24 maxlen: 24
166.81.81.0/24 maxlen: 24
166.81.83.0/24 maxlen: 24
166.81.85.0/24 maxlen: 24
166.81.87.0/24 maxlen: 24
166.81.88.0/24 maxlen: 24
166.81.89.0/24 maxlen: 24
166.81.90.0/24 maxlen: 24
166.81.101.0/24 maxlen: 24
166.81.102.0/24 maxlen: 24
166.81.103.0/24 maxlen: 24
166.81.104.0/24 maxlen: 24
166.81.105.0/24 maxlen: 24
166.81.106.0/24 maxlen: 24
166.81.246.0/24 maxlen: 24
166.81.247.0/24 maxlen: 24
166.81.248.0/24 maxlen: 24
166.81.249.0/24 maxlen: 24
166.81.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/i4rVyhw-i4z0aLX0lqkauw5Iz6g.crl
rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/i4rVyhw-i4z0aLX0lqkauw5Iz6g.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i4rVyhw-i4z0aLX0lqkauw5Iz6g.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 19:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1654 (0x676)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC31B/serialNumber=8B8AD5CA1C3E8B8CF468B5F496A91ABB0E48CFA8
Validity
Not Before: Sep 6 04:07:37 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=66da8008-f18a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8d:1a:6e:06:28:0c:47:d1:c6:28:c1:07:af:
84:5e:40:2f:5f:7e:09:93:b2:ca:60:97:94:62:25:
1b:25:d9:28:a8:bd:91:e4:e5:d2:0e:0d:7e:12:e7:
cf:44:9c:db:4f:b2:ef:5a:2c:b1:66:5d:6d:30:a4:
bd:25:d6:22:46:c6:b6:f0:50:cf:b7:45:ad:4b:33:
ac:fc:40:63:f9:d8:20:82:44:b0:86:c8:7b:9b:10:
9d:be:78:3c:06:a3:c8:50:34:e8:5b:a2:bc:51:26:
8e:3d:3c:ce:23:1c:8b:50:af:89:61:de:7e:58:b4:
f0:b9:66:2b:6b:89:ec:f1:cd:79:97:fa:01:9c:99:
70:e9:59:62:1e:93:ef:73:7f:2f:c4:6e:c8:16:c1:
70:e4:eb:56:c4:8d:d9:9e:2d:49:ac:64:20:2e:28:
1b:74:c3:14:8b:e5:96:4e:40:40:c8:28:d7:40:1a:
55:ec:b3:b8:4e:db:5f:04:5b:73:d3:f9:91:17:ca:
21:50:9f:45:49:ff:ef:44:e3:17:0b:77:2b:83:5e:
2a:8a:8e:49:a5:12:df:80:9b:1c:ab:d0:28:40:0c:
21:27:a4:db:49:2f:96:98:dc:f9:97:5b:2d:ea:83:
f6:6e:9a:8e:5a:5b:ca:75:ef:9c:b4:ea:f2:11:85:
05:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:F0:BD:65:4B:50:41:C0:F7:E6:C5:0E:7A:64:59:37:AE:10:1E:65
X509v3 Authority Key Identifier:
keyid:8B:8A:D5:CA:1C:3E:8B:8C:F4:68:B5:F4:96:A9:1A:BB:0E:48:CF:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/i4rVyhw-i4z0aLX0lqkauw5Iz6g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i4rVyhw-i4z0aLX0lqkauw5Iz6g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC31B/D0ECCD48893D11EB916DF022C4F9AE02/B7BC1B76506A11EDBB3A804AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
166.81.5.0/24
166.81.9.0-166.81.30.255
166.81.33.0-166.81.35.255
166.81.38.0-166.81.40.255
166.81.51.0-166.81.61.255
166.81.65.0-166.81.70.255
166.81.77.0-166.81.81.255
166.81.83.0/24
166.81.85.0/24
166.81.87.0-166.81.90.255
166.81.101.0-166.81.106.255
166.81.246.0-166.81.250.255
Signature Algorithm: sha256WithRSAEncryption
6b:dd:f3:83:c3:81:fe:8f:4b:ba:fa:2a:7d:65:ec:6f:b0:80:
db:ca:cd:b2:a6:36:60:1b:72:47:fd:7b:9a:c1:32:f3:a0:7f:
43:3a:b9:67:d9:08:96:2d:7a:dc:c6:c6:41:f5:e0:8e:10:6e:
c9:da:cc:5b:bf:1a:72:cd:f3:ae:86:d8:07:08:a1:6b:12:ac:
dc:21:4a:fc:7c:cf:cf:a3:0e:5f:08:2f:e8:06:53:78:4e:71:
a5:7f:4a:1a:1e:b7:5d:32:ea:32:b5:64:15:d9:d6:ea:6f:f9:
ba:17:21:78:c6:be:bb:7e:87:94:f7:a3:33:a4:5f:52:ea:97:
3b:7f:b6:5c:8b:cc:8f:99:b8:9e:81:47:ea:92:b3:44:70:03:
a0:05:a6:3c:c1:4e:26:da:8d:ff:21:c0:56:5a:ae:7e:88:09:
1d:79:0d:6e:9a:fa:45:88:26:a8:75:86:c6:73:e1:57:d3:3c:
78:c9:e9:bc:ff:55:37:f1:b4:ad:59:37:e6:b7:5a:26:76:40:
b6:a8:d7:a5:ae:9e:56:cb:53:ec:95:3b:0e:a1:7f:d3:d6:af:
4d:1d:11:08:cc:cf:e5:b6:58:5a:90:77:60:e4:d8:74:01:56:
66:2e:2c:a2:9c:eb:22:e4:e2:86:da:1d:b4:d8:d7:84:2b:94:
77:38:83:3e
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgICBnYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REMzMUIxMTAvBgNVBAUTKDhCOEFENUNBMUMzRThCOENGNDY4QjVGNDk2QTkxQUJC
MEU0OENGQTgwHhcNMjQwOTA2MDQwNzM3WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmRhODAwOC1mMThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtY0abgYoDEfRxijBB6+EXkAvX34Jk7LKYJeUYiUbJdkoqL2R5OXSDg1+EufP
RJzbT7LvWiyxZl1tMKS9JdYiRsa28FDPt0WtSzOs/EBj+dgggkSwhsh7mxCdvng8
BqPIUDToW6K8USaOPTzOIxyLUK+JYd5+WLTwuWYra4ns8c15l/oBnJlw6VliHpPv
c38vxG7IFsFw5OtWxI3Zni1JrGQgLigbdMMUi+WWTkBAyCjXQBpV7LO4TttfBFtz
0/mRF8ohUJ9FSf/vROMXC3crg14qio5JpRLfgJscq9AoQAwhJ6TbSS+WmNz5l1st
6oP2bpqOWlvKde+ctOryEYUFYQIDAQABo4IDJDCCAyAwHQYDVR0OBBYEFLjwvWVL
UEHA9+bFDnpkWTeuEB5lMB8GA1UdIwQYMBaAFIuK1cocPouM9Gi19JapGrsOSM+o
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzMxQi9EMEVDQ0Q0ODg5
M0QxMUVCOTE2REYwMjJDNEY5QUUwMi9pNHJWeWh3LWk0ejBhTFgwbHFrYXV3NUl6
NmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2k0clZ5aHctaTR6MGFMWDBscWthdXc1SXo2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REMzMUIvRDBFQ0NENDg4OTNEMTFFQjkxNkRGMDIyQzRGOUFFMDIvQjdCQzFCNzY1
MDZBMTFFREJCM0E4MDRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga0GCCsGAQUFBwEHAQH/
BIGdMIGaMIGXBAIAATCBkAMEAKZRBTAMAwQAplEJAwQAplEeMAwDBACmUSEDBAKm
USAwDAMEAaZRJgMEAKZRKDAMAwQAplEzAwQBplE8MAwDBACmUUEDBACmUUYwDAME
AKZRTQMEAaZRUAMEAKZRUwMEAKZRVTAMAwQAplFXAwQAplFaMAwDBACmUWUDBACm
UWowDAMEAaZR9gMEAKZR+jANBgkqhkiG9w0BAQsFAAOCAQEAa93zg8OB/o9Luvoq
fWXsb7CA28rNsqY2YBtyR/17msEy86B/Qzq5Z9kIli163MbGQfXgjhBuydrMW78a
cs3zrobYBwihaxKs3CFK/HzPz6MOXwgv6AZTeE5xpX9KGh63XTLqMrVkFdnW6m/5
uhcheMa+u36HlPejM6RfUuqXO3+2XIvMj5m4noFH6pKzRHADoAWmPMFOJtqN/yHA
VlqufogJHXkNbpr6RYgmqHWGxnPhV9M8eMnpvP9VN/G0rVk35rdaJnZAtqjXpa6e
VstT7JU7DqF/09avTR0RCMzP5bZYWpB3YOTYdAFWZi4sopzrIuTihtodtNjXhCuU
dziDPg==
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:11:49 2024 by rpki-client on console-fra.rpki-client.org