Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/6BDD8DBA4AD811EFAECCDA0FC4F9AE02.roa
File: 6BDD8DBA4AD811EFAECCDA0FC4F9AE02.roa (raw, json)
Hash identifier: DB0+EV/wjZ8hgRmxdeOh9oqwLTckqJeeREMfiYlibiw=
Subject key identifier: 51:B9:AD:B2:D7:A5:DD:52:7E:BA:52:98:BB:0B:A3:36:62:59:6A:BA
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 1807
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/6BDD8DBA4AD811EFAECCDA0FC4F9AE02.roa
Signing time: Thu 25 Jul 2024 22:51:26 +0000
ROA not before: Thu 25 Jul 2024 22:51:26 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 9714
IP address blocks: 49.255.24.0/22 maxlen: 22
49.255.28.0/22 maxlen: 22
116.240.16.0/22 maxlen: 22
116.240.192.0/20 maxlen: 20
202.138.0.0/24 maxlen: 24
202.138.1.0/24 maxlen: 24
202.141.208.0/20 maxlen: 20
210.50.0.0/21 maxlen: 21
210.50.192.0/21 maxlen: 21
210.50.198.0/24 maxlen: 24
211.27.224.0/22 maxlen: 22
211.27.227.0/24 maxlen: 24
2403:4800:1100::/40 maxlen: 40
2403:4800:1100::/48 maxlen: 48
2407:dc00::/40 maxlen: 40
2407:dc00:3::/48 maxlen: 48
2407:dc00:100::/40 maxlen: 40
2407:dc00:103::/48 maxlen: 48
2407:dc00:200::/40 maxlen: 40
2407:dc00:300::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 16:57:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6151 (0x1807)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Jul 25 22:51:26 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=66a2d6ed-94ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f1:ac:9b:c8:14:e9:83:fb:80:f5:32:8f:67:
2c:28:cf:d5:e0:35:5f:2d:60:ec:bf:e8:cc:33:21:
f2:ae:da:09:bd:ad:bd:d6:a1:bc:ab:c9:13:62:2d:
f3:2a:48:76:08:fe:0f:61:59:8a:1a:6d:87:13:0d:
c2:1d:97:09:5e:16:e0:92:0d:fd:c5:19:55:69:96:
a1:41:aa:07:7d:3a:c5:d2:e3:bb:57:6d:0a:b5:71:
5b:c7:c0:1f:42:ea:b9:e5:34:1b:4a:8d:22:3c:ba:
0e:3d:92:76:8b:3f:b9:1f:1a:32:24:bf:20:00:dd:
28:d8:1b:b2:9c:b4:ae:cf:f1:75:e7:6b:aa:3d:cc:
57:b5:2e:94:04:ec:22:30:ec:12:d5:61:29:e8:f6:
92:2c:72:e2:f8:87:35:e1:01:f7:36:60:b4:77:cb:
d2:f6:08:82:63:6a:a9:a3:74:57:1b:18:ca:f7:82:
ae:7d:b8:de:b8:9c:d1:1d:5d:df:b8:48:0c:60:f0:
61:42:b3:d2:42:82:34:61:bd:07:b7:04:f7:a6:01:
3c:47:a4:de:d1:98:c5:9e:b7:e5:75:fa:fb:3e:2a:
87:5b:15:19:5b:2d:06:10:32:f6:bd:38:22:b7:e5:
dd:eb:76:7b:08:28:ac:43:92:65:e4:99:49:f6:b0:
f2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B9:AD:B2:D7:A5:DD:52:7E:BA:52:98:BB:0B:A3:36:62:59:6A:BA
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/6BDD8DBA4AD811EFAECCDA0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
49.255.24.0/21
116.240.16.0/22
116.240.192.0/20
202.138.0.0/23
202.141.208.0/20
210.50.0.0/21
210.50.192.0/21
211.27.224.0/22
IPv6:
2403:4800:1100::/40
2407:dc00::/38
Signature Algorithm: sha256WithRSAEncryption
81:d7:4b:dc:e2:83:c7:6b:ed:0d:ae:57:2f:bb:8f:f6:ad:72:
86:1d:b6:6b:33:6f:7c:e9:72:6a:f6:fa:88:57:e7:91:e2:1a:
76:af:2f:48:75:2c:aa:64:96:65:1d:db:55:ad:e7:85:c2:09:
e6:46:94:c7:b5:5f:5e:13:ca:5b:3e:7a:26:dc:f8:99:df:de:
c4:2d:10:09:12:d9:10:76:d2:61:88:e6:46:1a:88:b4:e3:ff:
43:29:89:87:eb:3c:ae:a3:17:a8:25:e8:6f:7f:69:9e:87:7f:
fc:8a:f0:16:cb:00:62:7e:08:ea:3c:31:56:b7:ce:64:a3:4a:
28:82:7f:75:8f:aa:75:d3:bf:01:be:a7:1a:6a:d7:75:b4:99:
8b:1a:82:9a:1e:d0:1a:fc:ea:2b:6a:92:20:01:45:6a:d2:e9:
24:5e:b0:8d:b5:aa:3d:39:9e:4e:ae:59:15:23:fc:9a:2c:54:
5b:9b:59:1c:26:fe:d5:6e:ab:82:95:75:07:a3:5f:38:56:33:
3a:93:76:d0:d5:04:4c:cd:76:a7:de:07:34:60:45:6e:ff:64:
95:ac:3f:44:ab:f6:89:3f:ed:13:c9:fa:a2:76:5a:36:6d:ba:
fa:ee:b6:6a:4a:45:dc:ae:57:f6:76:0f:6c:1c:eb:51:e2:80:
ea:2c:8b:18
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgICGAcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjQwNzI1MjI1MTI2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmEyZDZlZC05NGFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxvGsm8gU6YP7gPUyj2csKM/V4DVfLWDsv+jMMyHyrtoJva291qG8q8kTYi3z
Kkh2CP4PYVmKGm2HEw3CHZcJXhbgkg39xRlVaZahQaoHfTrF0uO7V20KtXFbx8Af
Quq55TQbSo0iPLoOPZJ2iz+5HxoyJL8gAN0o2BuynLSuz/F152uqPcxXtS6UBOwi
MOwS1WEp6PaSLHLi+Ic14QH3NmC0d8vS9giCY2qpo3RXGxjK94KufbjeuJzRHV3f
uEgMYPBhQrPSQoI0Yb0HtwT3pgE8R6Te0ZjFnrfldfr7PiqHWxUZWy0GEDL2vTgi
t+Xd63Z7CCisQ5Jl5JlJ9rDyQQIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFFG5rbLX
pd1SfrpSmLsLozZiWWq6MB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvNkJERDhEQkE0
QUQ4MTFFRkFFQ0NEQTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E
UjBQMDYEAgABMDADBAMx/xgDBAJ08BADBAR08MADBAHKigADBATKjdADBAPSMgAD
BAPSMsADBALTG+AwFgQCAAIwEAMGACQDSAARAwYCJAfcAAAwDQYJKoZIhvcNAQEL
BQADggEBAIHXS9zig8dr7Q2uVy+7j/atcoYdtmszb3zpcmr2+ohX55HiGnavL0h1
LKpklmUd21Wt54XCCeZGlMe1X14Tyls+eibc+Jnf3sQtEAkS2RB20mGI5kYaiLTj
/0MpiYfrPK6jF6gl6G9/aZ6Hf/yK8BbLAGJ+COo8MVa3zmSjSiiCf3WPqnXTvwG+
pxpq13W0mYsagpoe0Br86itqkiABRWrS6SResI21qj05nk6uWRUj/JosVFubWRwm
/tVuq4KVdQejXzhWMzqTdtDVBEzNdqfeBzRgRW7/ZJWsP0Sr9ok/7RPJ+qJ2WjZt
uvrutmpKRdyuV/Z2D2wc61HigOosixg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:22 2024 by rpki-client on console-ams.rpki-client.org