Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
File: B32F80267BD111EBBB223C84C4F9AE02.roa (raw, json)
Hash identifier: qKiV0IifWKZY1JQ44Petgk24Yce0GGlR2IjNCc8NQlg=
Subject key identifier: B0:DA:E3:F5:7A:6F:76:45:DB:E4:36:6C:BC:F5:C3:42:6F:59:97:D5
Certificate issuer: /CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Certificate serial: 0671
Authority key identifier: 95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
Signing time: Tue 12 Nov 2024 06:18:02 +0000
ROA not before: Tue 12 Nov 2024 06:18:02 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 21859
IP address blocks: 129.227.17.0/24 maxlen: 24
129.227.18.0/24 maxlen: 24
129.227.19.0/24 maxlen: 24
129.227.29.0/24 maxlen: 24
129.227.30.0/24 maxlen: 24
129.227.31.0/24 maxlen: 24
129.227.63.0/24 maxlen: 24
129.227.176.0/23 maxlen: 24
129.227.192.0/24 maxlen: 24
129.227.193.0/24 maxlen: 24
129.227.194.0/23 maxlen: 24
156.59.16.0/22 maxlen: 24
156.59.48.0/23 maxlen: 24
156.59.50.0/23 maxlen: 24
156.59.52.0/22 maxlen: 24
156.59.73.0/24 maxlen: 24
156.59.80.0/21 maxlen: 24
156.59.94.0/23 maxlen: 24
156.59.108.0/24 maxlen: 24
156.59.123.0/24 maxlen: 24
156.59.128.0/21 maxlen: 24
156.59.136.0/21 maxlen: 24
156.59.146.0/24 maxlen: 24
156.59.216.0/24 maxlen: 24
156.59.224.0/24 maxlen: 24
156.59.225.0/24 maxlen: 24
156.59.241.0/24 maxlen: 24
162.128.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 19:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1649 (0x671)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EDB37/serialNumber=95FEBE93A33A3394BD1F60DCBBDDB9FDE072B7F3
Validity
Not Before: Nov 12 06:18:02 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6732f319-24ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e6:78:f5:8c:f6:62:e3:90:54:43:21:e1:cd:
d8:24:a6:1e:d9:49:6e:de:23:fc:39:f8:fd:2e:36:
fe:00:9b:2e:c9:85:db:9d:43:cb:a6:f0:07:89:0d:
5e:e5:02:28:44:37:e5:fd:88:22:6f:92:a8:67:0e:
ed:fe:e0:ad:f3:e2:10:1f:55:54:12:e7:b6:0d:c7:
b7:ab:de:13:e9:6f:ea:67:b0:24:9d:94:bc:96:08:
fa:81:6f:0d:01:f7:db:07:f8:0d:66:b8:43:f0:5c:
8f:f3:27:ce:a0:62:1c:05:65:38:b7:64:45:f4:7b:
51:e3:5b:7c:46:ba:11:b9:7d:56:95:49:ed:12:b6:
4b:26:95:de:ca:68:ab:e6:fe:e2:04:25:fe:a6:fb:
32:e2:9f:58:03:28:0c:81:ab:f2:09:ea:bd:e2:dd:
05:17:d2:69:a5:98:77:d7:ba:c7:69:87:c9:67:1c:
09:31:cb:93:8e:23:c3:eb:0f:0f:ef:46:91:f3:8a:
27:75:b1:18:31:33:a9:d4:37:e0:61:77:97:8b:e6:
75:ff:0b:8b:47:5d:6c:ea:cb:a0:1f:4f:b3:da:b6:
6a:95:9b:55:65:0d:3e:fe:ac:02:01:4b:89:23:9b:
ea:a0:5e:b3:a0:0c:96:d3:d5:12:6c:5c:c6:c9:21:
80:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:DA:E3:F5:7A:6F:76:45:DB:E4:36:6C:BC:F5:C3:42:6F:59:97:D5
X509v3 Authority Key Identifier:
keyid:95:FE:BE:93:A3:3A:33:94:BD:1F:60:DC:BB:DD:B9:FD:E0:72:B7:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/lf6-k6M6M5S9H2Dcu925_eByt_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lf6-k6M6M5S9H2Dcu925_eByt_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDB37/4DE635E078A011EB950D3175C4F9AE02/B32F80267BD111EBBB223C84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
129.227.17.0-129.227.19.255
129.227.29.0-129.227.31.255
129.227.63.0/24
129.227.176.0/23
129.227.192.0/22
156.59.16.0/22
156.59.48.0/21
156.59.73.0/24
156.59.80.0/21
156.59.94.0/23
156.59.108.0/24
156.59.123.0/24
156.59.128.0/20
156.59.146.0/24
156.59.216.0/24
156.59.224.0/23
156.59.241.0/24
162.128.149.0/24
Signature Algorithm: sha256WithRSAEncryption
52:3b:c3:99:9a:9e:49:af:67:28:25:8b:1d:b2:5f:dd:75:ff:
ec:57:47:6a:bb:21:d4:88:85:74:8f:c3:4c:f5:85:10:8e:17:
0e:38:ec:c6:1a:56:62:78:d5:e1:c0:ce:3e:26:b6:af:4e:77:
4c:75:9c:34:de:93:5f:d2:5a:58:df:4c:c9:aa:10:77:25:86:
65:ae:d9:4c:9d:6c:24:dd:30:66:20:96:06:ac:b5:ec:84:c6:
53:5b:9c:ab:da:8b:08:3d:b0:b0:01:5e:20:29:c3:f5:02:d9:
f8:0b:6e:05:56:1b:a6:c9:11:bf:b1:cd:4b:cf:e6:7c:79:4c:
3b:59:95:46:18:bf:f6:fa:44:6b:0e:65:12:89:fe:08:21:84:
e9:b8:51:ac:a6:6d:c9:5f:ca:e0:cd:ac:25:11:be:82:72:0a:
00:ce:6e:9c:33:99:ef:bf:04:05:4c:bf:1c:9c:98:43:73:b0:
55:10:f2:d7:9a:0f:48:da:76:18:20:6a:23:e2:f8:35:37:3f:
c9:96:8d:8f:e8:c8:48:0d:52:d7:56:59:92:27:9d:85:44:78:
c7:a9:1f:0d:b5:70:30:24:65:54:e6:15:39:14:a1:69:de:42:
b1:04:37:be:93:fe:0f:03:24:b0:46:4f:30:69:44:55:f3:2c:
d6:ca:aa:64
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgICBnEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RURCMzcxMTAvBgNVBAUTKDk1RkVCRTkzQTMzQTMzOTRCRDFGNjBEQ0JCRERCOUZE
RTA3MkI3RjMwHhcNMjQxMTEyMDYxODAyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzMyZjMxOS0yNGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvOZ49Yz2YuOQVEMh4c3YJKYe2Ulu3iP8Ofj9Ljb+AJsuyYXbnUPLpvAHiQ1e
5QIoRDfl/Ygib5KoZw7t/uCt8+IQH1VUEue2Dce3q94T6W/qZ7AknZS8lgj6gW8N
AffbB/gNZrhD8FyP8yfOoGIcBWU4t2RF9HtR41t8RroRuX1WlUntErZLJpXeymir
5v7iBCX+pvsy4p9YAygMgavyCeq94t0FF9JppZh317rHaYfJZxwJMcuTjiPD6w8P
70aR84ondbEYMTOp1DfgYXeXi+Z1/wuLR11s6sugH0+z2rZqlZtVZQ0+/qwCAUuJ
I5vqoF6zoAyW09USbFzGySGA6QIDAQABo4IDDzCCAwswHQYDVR0OBBYEFLDa4/V6
b3ZF2+Q2bLz1w0JvWZfVMB8GA1UdIwQYMBaAFJX+vpOjOjOUvR9g3Lvduf3gcrfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFREIzNy80REU2MzVFMDc4
QTAxMUVCOTUwRDMxNzVDNEY5QUUwMi9sZjYtazZNNk01UzlIMkRjdTkyNV9lQnl0
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2xmNi1rNk02TTVTOUgyRGN1OTI1X2VCeXRfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RURCMzcvNERFNjM1RTA3OEEwMTFFQjk1MEQzMTc1QzRGOUFFMDIvQjMyRjgwMjY3
QkQxMTFFQkJCMjIzQzg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZgGCCsGAQUFBwEHAQH/
BIGIMIGFMIGCBAIAATB8MAwDBACB4xEDBAKB4xAwDAMEAIHjHQMEBYHjAAMEAIHj
PwMEAYHjsAMEAoHjwAMEApw7EAMEA5w7MAMEAJw7SQMEA5w7UAMEAZw7XgMEAJw7
bAMEAJw7ewMEBJw7gAMEAJw7kgMEAJw72AMEAZw74AMEAJw78QMEAKKAlTANBgkq
hkiG9w0BAQsFAAOCAQEAUjvDmZqeSa9nKCWLHbJf3XX/7FdHarsh1IiFdI/DTPWF
EI4XDjjsxhpWYnjV4cDOPia2r053THWcNN6TX9JaWN9MyaoQdyWGZa7ZTJ1sJN0w
ZiCWBqy17ITGU1ucq9qLCD2wsAFeICnD9QLZ+AtuBVYbpskRv7HNS8/mfHlMO1mV
Rhi/9vpEaw5lEon+CCGE6bhRrKZtyV/K4M2sJRG+gnIKAM5unDOZ778EBUy/HJyY
Q3OwVRDy15oPSNp2GCBqI+L4NTc/yZaNj+jISA1S11ZZkiedhUR4x6kfDbVwMCRl
VOYVORShad5CsQQ3vpP+DwMksEZPMGlEVfMs1sqqZA==
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:11:50 2024 by rpki-client on console-fra.rpki-client.org