Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: TVWvvZExQIRv1PgXlt0FiX2yh8ZiyTiS/eyaHEQDHpM=
Subject key identifier: 3D:FE:4E:6A:E6:34:8E:A4:A1:08:3E:AF:D6:73:A6:8B:35:F9:35:78
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 05CA
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Tue 06 Feb 2024 12:44:47 +0000
ROA not before: Tue 06 Feb 2024 12:44:47 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 25 Apr 2024 23:53:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1482 (0x5ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: Feb 6 12:44:47 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65c229bf-d221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:96:e7:a4:b5:61:b0:35:90:b7:5b:cc:ae:fc:
3f:b8:9a:7c:d8:20:4b:64:04:19:5a:ad:d0:a4:d9:
01:91:76:a7:ec:eb:ea:a4:fc:2e:ec:f3:81:a9:5d:
eb:ad:e9:3d:83:2c:0b:02:64:d7:1d:bc:2b:b4:8f:
c6:48:ec:50:f9:20:7f:d2:92:94:01:4f:80:73:bb:
3c:69:05:da:90:a4:ca:fb:2b:d0:ca:94:bf:43:fb:
ec:2a:68:2b:15:d1:c0:15:35:1a:48:af:b4:76:a5:
b4:89:12:fa:ba:02:65:e7:54:88:7c:b0:4b:76:26:
3e:27:0d:41:d5:d5:42:f2:d6:28:6a:39:c0:99:f2:
52:8b:21:f6:db:0c:9c:e7:90:e9:87:9b:f8:28:c0:
a7:7b:b4:08:23:39:db:51:b7:f7:9e:64:71:b7:5f:
9f:7b:ea:89:4e:68:a0:fc:c2:ed:90:b2:87:61:3d:
15:81:06:83:06:47:e0:e1:66:0d:10:5d:0e:5c:35:
e6:f3:9a:5f:4e:12:42:5f:7a:43:6c:92:06:1b:59:
c4:fb:da:37:67:56:89:91:c0:07:09:dd:23:ba:b2:
21:0d:ef:d2:87:0d:3b:d5:ab:dd:26:e2:c0:bd:5e:
06:a3:a8:67:e4:5e:ff:bc:f3:4c:bc:a6:d9:c1:3c:
5e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:FE:4E:6A:E6:34:8E:A4:A1:08:3E:AF:D6:73:A6:8B:35:F9:35:78
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.241.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:3d:0d:ba:ab:05:2e:8a:24:1b:ec:ab:03:0c:3f:d8:ff:d3:
79:f3:df:9b:03:8d:d2:aa:8e:f3:16:de:1c:54:4d:77:f9:1d:
a8:85:a8:f7:4c:04:e6:92:51:c9:52:91:f2:04:49:45:b5:a0:
7c:77:b0:01:f9:f4:65:b7:0d:17:93:53:6c:f0:be:a6:3e:98:
71:74:71:64:89:9f:85:29:e8:fb:25:af:7e:fd:ef:23:7d:b3:
96:3c:fc:17:b0:fc:0c:e1:5f:db:cc:eb:cd:c7:50:fd:2b:97:
c8:0d:c7:9a:63:92:ad:ed:b5:11:b4:ab:73:d4:4f:57:74:6b:
31:81:03:19:db:b5:af:fa:e7:7a:be:23:19:82:7c:56:2d:54:
e3:33:1c:78:cc:af:61:e0:8d:b6:3d:8f:8a:4e:97:2e:d3:44:
f8:de:47:fd:5f:19:b2:42:d4:41:ad:17:c7:09:ab:65:fa:95:
ad:b4:92:04:04:7a:76:a0:3f:f8:b7:df:ab:b7:05:f4:22:0e:
16:94:f2:85:46:17:da:7c:c0:36:19:53:94:23:26:87:4c:e7:
70:7b:81:d0:fd:3d:92:20:65:1c:03:0a:5f:af:97:fd:49:5b:
b5:b6:30:73:e6:d1:45:a3:7d:20:06:b1:14:09:a2:e9:d2:77:
b5:25:52:d6
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgICBcowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjQwMjA2MTI0NDQ3WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWMyMjliZi1kMjIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA85bnpLVhsDWQt1vMrvw/uJp82CBLZAQZWq3QpNkBkXan7OvqpPwu7POBqV3r
rek9gywLAmTXHbwrtI/GSOxQ+SB/0pKUAU+Ac7s8aQXakKTK+yvQypS/Q/vsKmgr
FdHAFTUaSK+0dqW0iRL6ugJl51SIfLBLdiY+Jw1B1dVC8tYoajnAmfJSiyH22wyc
55Dph5v4KMCne7QIIznbUbf3nmRxt1+fe+qJTmig/MLtkLKHYT0VgQaDBkfg4WYN
EF0OXDXm85pfThJCX3pDbJIGG1nE+9o3Z1aJkcAHCd0jurIhDe/Shw071avdJuLA
vV4Go6hn5F7/vPNMvKbZwTxezQIDAQABo4IDADCCAvwwHQYDVR0OBBYEFD3+Tmrm
NI6koQg+r9Zzpos1+TV4MB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYkGCCsGAQUFBwEHAQH/
BHoweDB2BAIAATBwMAwDBACB4xEDBAKB4xAwDAMEAIHjHQMEBYHjAAMEAIHjPwME
AYHjsAMEAoHjwAMEApw7EAMEA5w7MAMEAJw7SQMEA5w7UAMEAZw7XgMEAJw7bAME
AJw7ewMEBJw7gAMEAJw7kgMEAJw72AMEAJw78TANBgkqhkiG9w0BAQsFAAOCAQEA
DT0NuqsFLookG+yrAww/2P/TefPfmwON0qqO8xbeHFRNd/kdqIWo90wE5pJRyVKR
8gRJRbWgfHewAfn0ZbcNF5NTbPC+pj6YcXRxZImfhSno+yWvfv3vI32zljz8F7D8
DOFf28zrzcdQ/SuXyA3HmmOSre21EbSrc9RPV3RrMYEDGdu1r/rner4jGYJ8Vi1U
4zMceMyvYeCNtj2Pik6XLtNE+N5H/V8ZskLUQa0XxwmrZfqVrbSSBAR6dqA/+Lff
q7cF9CIOFpTyhUYX2nzANhlTlCMmh0zncHuB0P09kiBlHAMKX6+X/UlbtbYwc+bR
RaN9IAaxFAmi6dJ3tSVS1g==
-----END CERTIFICATE-----
Generated at Fri Apr 19 00:52:32 2024 by rpki-client on console-ams.rpki-client.org