Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1A0D44FA3B5411EABAC6EE18C4F9AE02.roa
File: 1A0D44FA3B5411EABAC6EE18C4F9AE02.roa (raw, json)
Hash identifier: vE1akHBF+FqKvgFH1UFzMveeA3YQT8LvEndWX1RJBkY=
Subject key identifier: 67:DB:66:62:31:50:E7:2A:0B:D3:E2:CC:2B:26:20:A8:00:21:86:4F
Certificate issuer: /CN=A91EA198/serialNumber=5FEEDE9D382543F051527FA533D47A917077E632
Certificate serial: 1CCC
Authority key identifier: 5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1A0D44FA3B5411EABAC6EE18C4F9AE02.roa
Signing time: Thu 28 Sep 2023 16:33:42 +0000
ROA not before: Thu 28 Sep 2023 16:33:42 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 37963
IP address blocks: 8.128.0.0/10 maxlen: 15
8.128.0.0/16 maxlen: 24
8.129.0.0/16 maxlen: 24
8.130.0.0/16 maxlen: 24
8.131.0.0/16 maxlen: 24
8.132.0.0/16 maxlen: 24
8.133.0.0/16 maxlen: 24
8.134.0.0/16 maxlen: 24
8.135.0.0/16 maxlen: 24
8.136.0.0/16 maxlen: 24
8.137.0.0/16 maxlen: 24
8.138.0.0/16 maxlen: 24
8.139.0.0/16 maxlen: 24
8.140.0.0/16 maxlen: 24
8.141.0.0/16 maxlen: 24
8.142.0.0/16 maxlen: 24
8.143.0.0/16 maxlen: 24
8.144.0.0/16 maxlen: 24
8.145.0.0/16 maxlen: 24
8.146.0.0/16 maxlen: 24
8.147.0.0/16 maxlen: 24
8.148.0.0/16 maxlen: 24
8.149.0.0/16 maxlen: 24
8.150.0.0/16 maxlen: 24
8.151.0.0/16 maxlen: 24
8.152.0.0/16 maxlen: 24
8.153.0.0/16 maxlen: 24
8.154.0.0/16 maxlen: 24
8.155.0.0/16 maxlen: 24
8.156.0.0/16 maxlen: 24
8.157.0.0/16 maxlen: 24
8.158.0.0/16 maxlen: 24
8.159.0.0/16 maxlen: 24
8.160.0.0/16 maxlen: 24
8.161.0.0/16 maxlen: 24
8.162.0.0/16 maxlen: 24
8.163.0.0/16 maxlen: 24
8.164.0.0/16 maxlen: 24
8.165.0.0/16 maxlen: 24
8.166.0.0/16 maxlen: 24
8.167.0.0/16 maxlen: 24
8.168.0.0/16 maxlen: 24
8.169.0.0/16 maxlen: 24
8.170.0.0/16 maxlen: 24
8.171.0.0/16 maxlen: 24
8.172.0.0/16 maxlen: 24
8.173.0.0/16 maxlen: 24
8.174.0.0/16 maxlen: 24
8.175.0.0/16 maxlen: 24
8.176.0.0/16 maxlen: 24
8.178.0.0/16 maxlen: 24
8.179.0.0/16 maxlen: 24
8.180.0.0/16 maxlen: 24
8.181.0.0/16 maxlen: 24
8.182.0.0/16 maxlen: 24
8.183.0.0/16 maxlen: 24
8.184.0.0/16 maxlen: 24
8.185.0.0/16 maxlen: 24
8.186.0.0/16 maxlen: 24
8.187.0.0/16 maxlen: 24
8.188.0.0/16 maxlen: 24
8.189.0.0/16 maxlen: 24
8.190.0.0/16 maxlen: 24
8.191.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl
rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 27 May 2024 15:54:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7372 (0x1ccc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA198/serialNumber=5FEEDE9D382543F051527FA533D47A917077E632
Validity
Not Before: Sep 28 16:33:42 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=6515aae5-2f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:00:ab:5b:4f:08:a2:30:e0:0b:f8:da:98:c6:
d7:6b:fc:d6:7e:e4:d1:f7:de:fb:53:48:f2:d4:9a:
6a:bf:ee:a2:0c:7f:1e:39:54:7d:82:8a:a5:c3:a1:
6e:79:1b:d3:74:0e:76:ce:f1:64:f6:cc:32:4d:ce:
d3:ad:b2:ac:c2:47:59:a1:5c:eb:81:8e:f7:87:b2:
2c:d7:18:f1:1a:68:b2:c8:7c:3e:ba:39:57:40:9a:
02:2d:83:a2:a2:40:c4:ba:69:f4:f0:2a:8a:e1:47:
12:4d:25:f9:85:a5:4a:e4:c9:3d:b1:9a:69:0a:2c:
21:22:2c:46:62:17:cc:28:1b:d8:7e:1e:dc:cc:13:
e7:2c:5e:4d:90:f6:43:71:44:e9:ed:ed:16:73:19:
c6:2e:dd:c5:3f:64:71:93:5e:2c:43:0d:ec:e8:b7:
42:be:55:c7:df:b1:9e:0f:c3:6b:d6:2d:90:2d:d2:
7c:46:a2:20:fc:43:09:fa:9f:b6:8a:f6:12:16:67:
9f:2c:73:7d:bd:38:5a:18:03:92:48:de:e1:3a:5d:
75:94:58:6e:7c:13:a2:f5:27:40:0b:4c:64:21:e8:
0d:f5:91:98:50:4b:ec:6c:01:8f:82:f3:8a:d9:04:
82:bb:03:d9:01:cd:ea:9f:c9:96:bf:92:02:90:78:
83:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DB:66:62:31:50:E7:2A:0B:D3:E2:CC:2B:26:20:A8:00:21:86:4F
X509v3 Authority Key Identifier:
keyid:5F:EE:DE:9D:38:25:43:F0:51:52:7F:A5:33:D4:7A:91:70:77:E6:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/X-7enTglQ_BRUn-lM9R6kXB35jI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/X-7enTglQ_BRUn-lM9R6kXB35jI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA198/AD629222B52511E6AF6C895EC4F9AE02/1A0D44FA3B5411EABAC6EE18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
8.128.0.0/10
Signature Algorithm: sha256WithRSAEncryption
29:d7:39:40:47:c8:3b:a7:22:a0:c1:2b:91:a4:af:a0:aa:1f:
a8:35:95:a7:a9:ca:28:5e:2a:89:3a:08:da:c4:97:df:57:5b:
ef:7b:18:ab:86:33:63:47:33:59:74:31:54:cb:65:12:4c:28:
c1:32:12:4a:61:e7:c1:4d:26:0d:d5:a7:fe:96:3b:93:ee:02:
91:fa:7d:53:ef:25:d1:8e:d5:1b:5c:e2:ea:74:a7:d3:24:0b:
35:39:e2:90:9c:65:3a:52:5e:e1:fc:1d:66:14:2a:a1:92:b6:
f2:11:c3:36:43:b3:9c:5e:31:23:9b:02:7f:67:f0:b5:34:2a:
6a:fc:8e:fd:d6:68:06:6b:65:1e:14:6c:bb:25:94:d2:b6:c8:
6a:4e:63:52:9f:07:a4:18:34:d5:e7:98:57:70:ce:07:83:2e:
54:44:bd:c7:da:55:a6:16:ce:92:d8:ca:f6:9d:11:32:ef:66:
2d:23:5e:1c:58:0b:93:8b:f5:8d:34:63:f1:1d:04:79:65:97:
c7:d7:ec:57:85:6d:fc:b6:d6:fb:e5:4a:56:67:44:55:82:95:
a6:c9:96:66:07:57:a1:88:ae:a1:4d:f9:4b:44:01:ee:cf:06:
84:f6:31:5a:1b:25:fe:6e:a5:09:d8:bd:15:43:5f:08:40:57:
e7:d0:d1:80
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICHMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUExOTgxMTAvBgNVBAUTKDVGRUVERTlEMzgyNTQzRjA1MTUyN0ZBNTMzRDQ3QTkx
NzA3N0U2MzIwHhcNMjMwOTI4MTYzMzQyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTE1YWFlNS0yZjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7gCrW08IojDgC/jamMbXa/zWfuTR9977U0jy1Jpqv+6iDH8eOVR9goqlw6Fu
eRvTdA52zvFk9swyTc7TrbKswkdZoVzrgY73h7Is1xjxGmiyyHw+ujlXQJoCLYOi
okDEumn08CqK4UcSTSX5haVK5Mk9sZppCiwhIixGYhfMKBvYfh7czBPnLF5NkPZD
cUTp7e0WcxnGLt3FP2Rxk14sQw3s6LdCvlXH37GeD8Nr1i2QLdJ8RqIg/EMJ+p+2
ivYSFmefLHN9vThaGAOSSN7hOl11lFhufBOi9SdAC0xkIegN9ZGYUEvsbAGPgvOK
2QSCuwPZAc3qn8mWv5ICkHiDKwIDAQABo4IClDCCApAwHQYDVR0OBBYEFGfbZmIx
UOcqC9PizCsmIKgAIYZPMB8GA1UdIwQYMBaAFF/u3p04JUPwUVJ/pTPUepFwd+Yy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTE5OC9BRDYyOTIyMkI1
MjUxMUU2QUY2Qzg5NUVDNEY5QUUwMi9YLTdlblRnbFFfQlJVbi1sTTlSNmtYQjM1
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1gtN2VuVGdsUV9CUlVuLWxNOVI2a1hCMzVqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUExOTgvQUQ2MjkyMjJCNTI1MTFFNkFGNkM4OTVFQzRGOUFFMDIvMUEwRDQ0RkEz
QjU0MTFFQUJBQzZFRTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwYIgDANBgkqhkiG9w0BAQsFAAOCAQEAKdc5QEfIO6cioMEr
kaSvoKofqDWVp6nKKF4qiToI2sSX31db73sYq4YzY0czWXQxVMtlEkwowTISSmHn
wU0mDdWn/pY7k+4Ckfp9U+8l0Y7VG1zi6nSn0yQLNTnikJxlOlJe4fwdZhQqoZK2
8hHDNkOznF4xI5sCf2fwtTQqavyO/dZoBmtlHhRsuyWU0rbIak5jUp8HpBg01eeY
V3DOB4MuVES9x9pVphbOktjK9p0RMu9mLSNeHFgLk4v1jTRj8R0EeWWXx9fsV4Vt
/LbW++VKVmdEVYKVpsmWZgdXoYiuoU35S0QB7s8GhPYxWhsl/m6lCdi9FUNfCEBX
59DRgA==
-----END CERTIFICATE-----
Generated at Mon May 20 17:22:33 2024 by rpki-client on console-fra.rpki-client.org