Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/A3F9947EED6311EDB69EB62AC4F9AE02.roa
File: A3F9947EED6311EDB69EB62AC4F9AE02.roa (raw, json)
Hash identifier: W4iU9Jva98fCsOhuzdYqGJyhisBfbuiS4nAlTMlCziw=
Subject key identifier: 63:1C:D3:D5:A5:62:A5:23:21:4A:CF:B2:C3:2C:6E:7F:8C:F6:7C:B6
Certificate issuer: /CN=A91EB2B8/serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F
Certificate serial: 0175
Authority key identifier: A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/A3F9947EED6311EDB69EB62AC4F9AE02.roa
Signing time: Mon 15 Apr 2024 08:19:43 +0000
ROA not before: Mon 15 Apr 2024 08:19:43 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 139057
IP address blocks: 2407:2440:1::/48 maxlen: 48
2407:2440:2::/48 maxlen: 48
2407:2440:3::/48 maxlen: 48
2407:2440:4::/48 maxlen: 48
2407:2440:5::/48 maxlen: 48
2407:2440:6::/48 maxlen: 48
2407:2440:7::/48 maxlen: 48
2407:2440:8::/48 maxlen: 48
2407:2440:9::/48 maxlen: 48
2407:2440:a::/48 maxlen: 48
2407:2440:b::/48 maxlen: 48
2407:2440:c::/48 maxlen: 48
2407:2440:d::/48 maxlen: 48
2407:2440:e::/48 maxlen: 48
2407:2440:f::/48 maxlen: 48
2407:2440:10::/48 maxlen: 48
2407:2440:11::/48 maxlen: 48
2407:2440:12::/48 maxlen: 48
2407:2440:13::/48 maxlen: 48
2407:2440:14::/48 maxlen: 48
2407:2440:15::/48 maxlen: 48
2407:2440:16::/48 maxlen: 48
2407:2440:17::/48 maxlen: 48
2407:2440:18::/48 maxlen: 48
2407:2440:19::/48 maxlen: 48
2407:2440:1e::/48 maxlen: 48
2407:2440:1f::/48 maxlen: 48
2407:2440:20::/48 maxlen: 48
2407:2440:22::/48 maxlen: 48
2407:2440:23::/48 maxlen: 48
2407:2440:25::/48 maxlen: 48
2407:2440:28::/48 maxlen: 48
2407:2440:29::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl
rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 12 May 2024 02:50:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 373 (0x175)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EB2B8/serialNumber=A69700E78D0C812AD2E2C114C82C655A0ACD447F
Validity
Not Before: Apr 15 08:19:43 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=661ce31e-eba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9c:05:d7:8f:2c:dd:ea:cc:ee:63:50:1f:5d:
25:eb:1f:4e:74:5c:21:0c:bc:d5:e2:13:ce:bb:67:
9e:b3:df:82:c3:b4:aa:c6:04:a8:fb:b6:a7:74:92:
da:90:40:f8:91:63:78:0f:b6:7e:bf:58:58:10:9a:
2e:9b:a7:73:f4:59:c0:52:d1:e6:0e:32:fb:aa:2c:
f6:84:fd:f8:ce:6c:7f:b9:f4:a3:a8:1c:6f:e1:46:
58:60:15:96:99:5a:e8:5d:19:44:bb:f6:ae:5e:37:
cd:cb:74:d6:19:30:44:d9:7a:9b:e5:59:78:f3:6a:
4b:82:f5:20:fe:bf:b8:fe:29:46:9e:af:04:b8:33:
be:4d:27:07:83:af:98:b8:bf:9f:3b:46:4d:20:71:
67:1d:9f:0d:70:dc:79:a8:e9:c8:83:74:1b:1a:88:
71:75:7c:ed:56:1c:a4:63:47:a8:8e:43:70:63:47:
a4:98:e4:d0:9d:ad:28:24:97:77:ce:d7:b1:a3:72:
fc:52:5e:0d:89:3c:35:63:50:cc:72:90:bb:cb:6e:
ea:a0:91:b7:01:27:c2:eb:7d:ae:30:d1:ff:0c:37:
11:79:7b:f7:70:5d:ec:0c:f3:a5:4e:fa:ea:01:17:
84:8f:02:80:f0:e6:4a:c6:fb:76:1e:4f:43:2e:fd:
34:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:1C:D3:D5:A5:62:A5:23:21:4A:CF:B2:C3:2C:6E:7F:8C:F6:7C:B6
X509v3 Authority Key Identifier:
keyid:A6:97:00:E7:8D:0C:81:2A:D2:E2:C1:14:C8:2C:65:5A:0A:CD:44:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/ppcA540MgSrS4sEUyCxlWgrNRH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ppcA540MgSrS4sEUyCxlWgrNRH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB2B8/3F44CBAE2F4D11ED8F5A6A64C4F9AE02/A3F9947EED6311EDB69EB62AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:2440:1::-2407:2440:19:ffff:ffff:ffff:ffff:ffff
2407:2440:1e::-2407:2440:20:ffff:ffff:ffff:ffff:ffff
2407:2440:22::/47
2407:2440:25::/48
2407:2440:28::/47
Signature Algorithm: sha256WithRSAEncryption
02:0b:d8:e9:43:77:eb:81:d4:01:5c:f9:09:60:fd:07:eb:96:
23:17:02:06:b7:50:33:ba:d9:ec:97:6e:20:e8:8a:46:c2:68:
49:f4:f8:c3:51:b7:d5:cf:5f:35:45:67:a4:9b:d1:fc:24:e4:
1d:51:2c:0b:b7:a2:8b:f9:11:74:a0:9a:23:56:91:90:32:ed:
4a:c9:8f:53:13:77:be:3f:f9:3d:b7:00:ba:da:42:c8:9a:07:
55:ed:be:2b:b3:c9:0c:92:87:8b:62:6f:9c:ba:32:e8:cd:71:
a3:c5:b6:fc:9c:9e:0c:12:aa:d2:58:85:0e:56:1d:8c:11:ef:
10:17:39:5e:52:d3:84:31:75:08:6f:33:3b:a3:86:87:bf:ed:
b0:46:67:f5:83:26:11:cc:0d:db:62:2b:11:8d:ec:ae:15:d5:
e0:1d:b0:c0:70:11:24:f6:6e:29:12:02:d2:1f:34:f2:83:c5:
d5:15:6f:0e:6c:d0:71:84:fd:53:72:dd:99:6d:65:94:3e:a8:
a7:66:80:5d:0b:fb:10:be:4e:e9:50:b1:83:b7:84:15:81:b9:
6d:8c:18:5f:aa:78:15:5d:5d:35:aa:30:c6:46:5a:c6:be:69:
04:e4:3f:84:1b:ab:b7:f8:3f:45:37:d2:94:35:ef:c8:d4:ab:
45:79:19:54
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgICAXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUIyQjgxMTAvBgNVBAUTKEE2OTcwMEU3OEQwQzgxMkFEMkUyQzExNEM4MkM2NTVB
MEFDRDQ0N0YwHhcNMjQwNDE1MDgxOTQzWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjFjZTMxZS1lYmE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArJwF148s3erM7mNQH10l6x9OdFwhDLzV4hPOu2ees9+Cw7SqxgSo+7andJLa
kED4kWN4D7Z+v1hYEJoum6dz9FnAUtHmDjL7qiz2hP34zmx/ufSjqBxv4UZYYBWW
mVroXRlEu/auXjfNy3TWGTBE2Xqb5Vl482pLgvUg/r+4/ilGnq8EuDO+TScHg6+Y
uL+fO0ZNIHFnHZ8NcNx5qOnIg3QbGohxdXztVhykY0eojkNwY0ekmOTQna0oJJd3
ztexo3L8Ul4NiTw1Y1DMcpC7y27qoJG3ASfC632uMNH/DDcReXv3cF3sDPOlTvrq
AReEjwKA8OZKxvt2Hk9DLv00AQIDAQABo4IC0jCCAs4wHQYDVR0OBBYEFGMc09Wl
YqUjIUrPssMsbn+M9ny2MB8GA1UdIwQYMBaAFKaXAOeNDIEq0uLBFMgsZVoKzUR/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjJCOC8zRjQ0Q0JBRTJG
NEQxMUVEOEY1QTZBNjRDNEY5QUUwMi9wcGNBNTQwTWdTclM0c0VVeUN4bFdnck5S
SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BwY0E1NDBNZ1NyUzRzRVV5Q3hsV2dyTlJIOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUIyQjgvM0Y0NENCQUUyRjREMTFFRDhGNUE2QTY0QzRGOUFFMDIvQTNGOTk0N0VF
RDYzMTFFREI2OUVCNjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXAYIKwYBBQUHAQcBAf8E
TTBLMEkEAgACMEMwEgMHACQHJEAAAQMHASQHJEAAGDASAwcBJAckQAAeAwcAJAck
QAAgAwcBJAckQAAiAwcAJAckQAAlAwcBJAckQAAoMA0GCSqGSIb3DQEBCwUAA4IB
AQACC9jpQ3frgdQBXPkJYP0H65YjFwIGt1Azutnsl24g6IpGwmhJ9PjDUbfVz181
RWekm9H8JOQdUSwLt6KL+RF0oJojVpGQMu1KyY9TE3e+P/k9twC62kLImgdV7b4r
s8kMkoeLYm+cujLozXGjxbb8nJ4MEqrSWIUOVh2MEe8QFzleUtOEMXUIbzM7o4aH
v+2wRmf1gyYRzA3bYisRjeyuFdXgHbDAcBEk9m4pEgLSHzTyg8XVFW8ObNBxhP1T
ct2ZbWWUPqinZoBdC/sQvk7pULGDt4QVgbltjBhfqngVXV01qjDGRlrGvmkE5D+E
G6u3+D9FN9KUNe/I1KtFeRlU
-----END CERTIFICATE-----
Generated at Sun May 5 06:01:20 2024 by rpki-client on console-fra.rpki-client.org