Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/C81AC00EB14111EB959D4D3CC4F9AE02.roa
File: C81AC00EB14111EB959D4D3CC4F9AE02.roa (raw, json)
Hash identifier: ASgDZ6RBvaayw4ZZjs56syo0bK53qF3EjAkzSzUWdkE=
Subject key identifier: BA:0F:36:9C:2C:4B:B8:88:89:81:92:3A:40:77:B8:B6:EC:62:C1:51
Certificate issuer: /CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Certificate serial: 1D72
Authority key identifier: 9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/C81AC00EB14111EB959D4D3CC4F9AE02.roa
Signing time: Thu 28 Sep 2023 16:33:39 +0000
ROA not before: Thu 28 Sep 2023 16:33:39 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 37963
IP address blocks: 43.0.0.0/9 maxlen: 15
43.0.0.0/16 maxlen: 24
43.1.0.0/16 maxlen: 24
43.2.0.0/16 maxlen: 24
43.3.0.0/16 maxlen: 24
43.4.0.0/16 maxlen: 24
43.5.0.0/16 maxlen: 24
43.6.0.0/16 maxlen: 24
43.7.0.0/16 maxlen: 16
43.7.0.0/16 maxlen: 24
43.8.0.0/16 maxlen: 24
43.9.0.0/16 maxlen: 24
43.10.0.0/16 maxlen: 24
43.11.0.0/16 maxlen: 24
43.12.0.0/16 maxlen: 24
43.13.0.0/16 maxlen: 24
43.14.0.0/16 maxlen: 24
43.15.0.0/16 maxlen: 24
43.16.0.0/16 maxlen: 24
43.17.0.0/16 maxlen: 24
43.18.0.0/16 maxlen: 24
43.19.0.0/16 maxlen: 24
43.20.0.0/16 maxlen: 24
43.21.0.0/16 maxlen: 24
43.22.0.0/16 maxlen: 24
43.23.0.0/16 maxlen: 24
43.24.0.0/16 maxlen: 24
43.25.0.0/16 maxlen: 24
43.26.0.0/16 maxlen: 24
43.27.0.0/16 maxlen: 24
43.28.0.0/16 maxlen: 24
43.29.0.0/16 maxlen: 24
43.30.0.0/16 maxlen: 24
43.31.0.0/16 maxlen: 24
43.32.0.0/16 maxlen: 16
43.32.0.0/16 maxlen: 24
43.33.0.0/16 maxlen: 24
43.35.0.0/16 maxlen: 24
43.36.0.0/16 maxlen: 24
43.37.0.0/16 maxlen: 24
43.38.0.0/16 maxlen: 24
43.39.0.0/16 maxlen: 24
43.40.0.0/16 maxlen: 24
43.41.0.0/16 maxlen: 24
43.42.0.0/16 maxlen: 24
43.43.0.0/16 maxlen: 24
43.44.0.0/16 maxlen: 24
43.45.0.0/16 maxlen: 24
43.46.0.0/16 maxlen: 24
43.47.0.0/16 maxlen: 24
43.48.0.0/16 maxlen: 24
43.49.0.0/16 maxlen: 24
43.50.0.0/16 maxlen: 24
43.51.0.0/16 maxlen: 24
43.52.0.0/16 maxlen: 24
43.53.0.0/16 maxlen: 24
43.54.0.0/16 maxlen: 24
43.55.0.0/16 maxlen: 24
43.56.0.0/16 maxlen: 24
43.57.0.0/16 maxlen: 24
43.58.0.0/16 maxlen: 24
43.59.0.0/16 maxlen: 24
43.60.0.0/16 maxlen: 24
43.61.0.0/16 maxlen: 24
43.62.0.0/16 maxlen: 24
43.63.0.0/16 maxlen: 24
43.64.0.0/16 maxlen: 24
43.65.0.0/16 maxlen: 24
43.66.0.0/16 maxlen: 24
43.67.0.0/16 maxlen: 24
43.68.0.0/16 maxlen: 24
43.69.0.0/16 maxlen: 24
43.70.0.0/16 maxlen: 24
43.71.0.0/16 maxlen: 24
43.72.0.0/16 maxlen: 24
43.73.0.0/16 maxlen: 24
43.74.0.0/16 maxlen: 24
43.75.0.0/16 maxlen: 24
43.76.0.0/16 maxlen: 16
43.76.0.0/16 maxlen: 24
43.78.0.0/16 maxlen: 24
43.79.0.0/16 maxlen: 24
43.80.0.0/16 maxlen: 24
43.81.0.0/16 maxlen: 24
43.82.0.0/16 maxlen: 24
43.83.0.0/16 maxlen: 24
43.84.0.0/16 maxlen: 24
43.85.0.0/16 maxlen: 24
43.86.0.0/16 maxlen: 24
43.87.0.0/16 maxlen: 24
43.88.0.0/16 maxlen: 24
43.89.0.0/16 maxlen: 24
43.90.0.0/16 maxlen: 24
43.91.0.0/16 maxlen: 24
43.95.0.0/16 maxlen: 24
43.96.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 31 May 2024 16:35:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7538 (0x1d72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198/serialNumber=9E1C3531D0045EA389B68CFF9286A08FBCBBD8BD
Validity
Not Before: Sep 28 16:33:39 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6515aae2-8ba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b2:ad:40:68:46:de:9f:a9:4d:aa:18:3e:ee:
aa:5e:1e:95:3a:59:fc:05:1f:d9:4e:6e:d3:fb:ab:
eb:d9:e2:90:85:b0:3b:7b:df:11:68:fb:4f:c8:cd:
b3:09:42:f7:fa:21:cc:a1:0d:cf:17:f1:f3:e0:79:
0a:c6:26:77:20:d0:1f:e1:16:74:1a:37:6c:13:51:
8a:ab:0a:ee:05:1f:5f:91:1b:b0:7f:ba:32:3e:98:
04:c7:be:9e:5e:28:54:dd:ee:27:4a:98:d2:a3:7c:
bd:c2:5c:a7:22:90:30:a0:7c:54:bc:34:1d:93:57:
ba:94:08:be:7e:ac:37:15:06:26:d0:2d:cc:b6:58:
c8:52:a9:9f:e9:6b:f0:02:f5:96:c9:15:1a:c4:c1:
ac:af:80:10:ff:14:cc:89:e3:81:b7:cd:d0:50:9f:
b0:28:43:c4:37:3d:cd:2f:6f:7e:05:a3:d6:17:59:
ed:3d:a6:cf:6d:21:2f:2e:35:44:e8:97:2a:5a:64:
aa:09:fa:29:5e:97:63:cb:ac:84:5b:da:95:15:7e:
a9:05:69:7b:7b:5c:de:b1:c4:f4:16:b2:5e:8d:c2:
75:17:aa:75:24:74:3a:84:fc:f5:4e:c3:93:c4:65:
37:69:ee:c1:5a:e0:fd:e4:9f:da:f5:c5:58:cb:ca:
2c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:0F:36:9C:2C:4B:B8:88:89:81:92:3A:40:77:B8:B6:EC:62:C1:51
X509v3 Authority Key Identifier:
keyid:9E:1C:35:31:D0:04:5E:A3:89:B6:8C:FF:92:86:A0:8F:BC:BB:D8:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/nhw1MdAEXqOJtoz_koagj7y72L0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nhw1MdAEXqOJtoz_koagj7y72L0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/993F2090ABC411E6BD6BED14C4F9AE02/C81AC00EB14111EB959D4D3CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.0.0.0/9
Signature Algorithm: sha256WithRSAEncryption
a5:2f:9b:b8:76:7b:f2:d8:bc:13:7c:79:c5:6f:0a:51:6b:db:
24:58:d4:7c:ca:42:fa:46:39:42:5f:6d:c9:b3:03:cb:6d:ef:
4e:74:6c:59:3d:85:14:f5:ec:33:e1:b7:3f:be:0d:8d:20:9b:
72:b5:21:b7:a4:9f:1d:9a:6b:cd:70:9f:92:ae:53:b5:7f:ed:
ec:b4:54:83:92:02:d1:73:f6:52:e3:11:2b:ef:dd:dd:65:4d:
f2:1e:72:45:2f:8c:af:98:80:45:8b:70:ea:c5:c2:0d:c9:2f:
7d:f1:17:ab:bf:5d:55:3a:e1:e4:11:b0:9a:10:e1:5e:f6:e9:
c3:41:b2:f1:9c:b9:4d:20:b1:11:e1:28:fe:2d:81:da:03:df:
f3:71:44:08:df:ed:e1:33:7d:f6:14:11:97:3d:c2:54:53:70:
c7:6e:13:7b:83:a2:7c:8a:73:58:e4:aa:49:cd:1f:c6:51:5d:
35:73:ab:e7:69:3e:aa:7d:1b:4e:41:6c:af:e4:68:80:9a:22:
6e:59:c2:6c:74:cf:f8:db:06:f9:ab:87:53:b5:0d:a2:6f:32:
90:75:f0:b2:f5:20:8a:b8:6f:11:f7:7c:9f:49:60:20:05:b2:
c3:81:88:09:ed:a4:b7:12:7d:62:23:42:bb:da:ed:20:9f:33:
ff:b9:10:a4
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICHXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDlFMUMzNTMxRDAwNDVFQTM4OUI2OENGRjkyODZBMDhG
QkNCQkQ4QkQwHhcNMjMwOTI4MTYzMzM5WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE1YWFlMi04YmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAurKtQGhG3p+pTaoYPu6qXh6VOln8BR/ZTm7T+6vr2eKQhbA7e98RaPtPyM2z
CUL3+iHMoQ3PF/Hz4HkKxiZ3INAf4RZ0GjdsE1GKqwruBR9fkRuwf7oyPpgEx76e
XihU3e4nSpjSo3y9wlynIpAwoHxUvDQdk1e6lAi+fqw3FQYm0C3MtljIUqmf6Wvw
AvWWyRUaxMGsr4AQ/xTMieOBt83QUJ+wKEPENz3NL29+BaPWF1ntPabPbSEvLjVE
6JcqWmSqCfopXpdjy6yEW9qVFX6pBWl7e1zescT0FrJejcJ1F6p1JHQ6hPz1TsOT
xGU3ae7BWuD95J/a9cVYy8oshQIDAQABo4IClDCCApAwHQYDVR0OBBYEFLoPNpws
S7iIiYGSOkB3uLbsYsFRMB8GA1UdIwQYMBaAFJ4cNTHQBF6jibaM/5KGoI+8u9i9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC85OTNGMjA5MEFC
QzQxMUU2QkQ2QkVEMTRDNEY5QUUwMi9uaHcxTWRBRVhxT0p0b3pfa29hZ2o3eTcy
TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25odzFNZEFFWHFPSnRvel9rb2Fnajd5NzJMMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvOTkzRjIwOTBBQkM0MTFFNkJENkJFRDE0QzRGOUFFMDIvQzgxQUMwMEVC
MTQxMTFFQjk1OUQ0RDNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwcrADANBgkqhkiG9w0BAQsFAAOCAQEApS+buHZ78ti8E3x5
xW8KUWvbJFjUfMpC+kY5Ql9tybMDy23vTnRsWT2FFPXsM+G3P74NjSCbcrUht6Sf
HZprzXCfkq5TtX/t7LRUg5IC0XP2UuMRK+/d3WVN8h5yRS+Mr5iARYtw6sXCDckv
ffEXq79dVTrh5BGwmhDhXvbpw0Gy8Zy5TSCxEeEo/i2B2gPf83FECN/t4TN99hQR
lz3CVFNwx24Te4OifIpzWOSqSc0fxlFdNXOr52k+qn0bTkFsr+RogJoiblnCbHTP
+NsG+auHU7UNom8ykHXwsvUgirhvEfd8n0lgIAWyw4GICe2ktxJ9YiNCu9rtIJ8z
/7kQpA==
-----END CERTIFICATE-----
Generated at Fri May 24 17:57:01 2024 by rpki-client on console-fra.rpki-client.org