Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/BD01635A9E0311EF9BB72D70C4F9AE02.roa
File: BD01635A9E0311EF9BB72D70C4F9AE02.roa (raw, json)
Hash identifier: WzPfg8xrKMqogipUv19Kx2NAVcJf9lq4ZKvG1t0+PGw=
Subject key identifier: 0C:05:E1:B6:2F:BF:E4:69:67:BA:22:69:92:DB:F0:01:D8:4A:07:D2
Certificate issuer: /CN=A91EE03B/serialNumber=B9E60CF179F4EACBDB9492BA5F7CACF45239CCF4
Certificate serial: 0164
Authority key identifier: B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/BD01635A9E0311EF9BB72D70C4F9AE02.roa
Signing time: Mon 18 Nov 2024 20:37:53 +0000
ROA not before: Mon 18 Nov 2024 20:37:53 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 202662
IP address blocks: 2401:b60::/48 maxlen: 48
2401:b60:1::/48 maxlen: 48
2401:b60:2::/48 maxlen: 48
2401:b60:3::/48 maxlen: 48
2401:b60:4::/48 maxlen: 48
2401:b60:5::/48 maxlen: 48
2401:b60:8::/48 maxlen: 48
2401:b60:9::/48 maxlen: 48
2401:b60:10::/48 maxlen: 48
2401:b60:11::/48 maxlen: 48
2401:b60:12::/48 maxlen: 48
2401:b60:13::/48 maxlen: 48
2401:b60:14::/48 maxlen: 48
2401:b60:15::/48 maxlen: 48
2401:b60:16::/48 maxlen: 48
2401:b60:17::/48 maxlen: 48
2401:b60:18::/48 maxlen: 48
2401:b60:19::/48 maxlen: 48
2401:b60:22::/48 maxlen: 48
2401:b60:23::/48 maxlen: 48
2401:b60:24::/48 maxlen: 48
2401:b60:25::/48 maxlen: 48
2401:b60:26::/48 maxlen: 48
2401:b60:27::/48 maxlen: 48
2401:b60:28::/48 maxlen: 48
2401:b60:29::/48 maxlen: 48
2401:b60:30::/48 maxlen: 48
2401:b60:31::/48 maxlen: 48
2401:b60:32::/48 maxlen: 48
2401:b60:33::/48 maxlen: 48
2401:b60:34::/48 maxlen: 48
2401:b60:35::/48 maxlen: 48
2401:b60:36::/48 maxlen: 48
2401:b60:39::/48 maxlen: 48
2401:b60:3a::/48 maxlen: 48
2401:b60:3b::/48 maxlen: 48
2401:b60:3c::/48 maxlen: 48
2401:b60:3d::/48 maxlen: 48
2401:b60:3e::/48 maxlen: 48
2401:b60:3f::/48 maxlen: 48
2401:b60:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.crl
rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Dec 2024 03:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 356 (0x164)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EE03B/serialNumber=B9E60CF179F4EACBDB9492BA5F7CACF45239CCF4
Validity
Not Before: Nov 18 20:37:53 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=673ba5a0-1182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c5:cf:2c:f7:13:6a:1d:53:a1:e6:1b:74:1e:
b3:7f:dd:97:47:09:11:47:e6:2f:10:2a:12:00:2e:
c4:12:ef:f6:07:26:40:8c:c7:3b:71:24:a8:72:e8:
8d:42:43:d4:d4:0b:a8:24:0f:e4:05:19:be:e2:a4:
df:ed:19:09:d2:24:6d:72:84:c4:e4:a7:e5:ba:99:
3b:47:87:ea:fb:0f:2e:c3:bf:cf:fb:be:79:19:fe:
31:0e:30:7d:57:3c:9d:72:f3:13:96:af:10:4a:2b:
88:d4:54:ef:0a:de:c9:78:82:83:12:43:5b:cc:d9:
d4:86:f9:61:48:b8:84:32:6e:e9:34:8d:de:1c:0c:
64:10:3e:8e:97:37:87:4f:3e:56:c2:ba:ad:5e:7a:
64:f4:1a:73:6b:f9:fd:46:cb:a3:3a:0b:5d:96:b3:
ce:fe:5d:44:a5:d8:c5:7b:82:1b:58:30:9d:01:e9:
6e:0e:ce:13:d4:5f:a7:ee:8d:ec:63:94:41:d8:65:
7b:80:27:fd:12:6f:aa:b9:19:96:bd:00:7d:b2:2e:
fe:55:51:f2:24:e7:a7:11:f7:5f:9a:3c:7c:b6:ad:
ae:db:62:aa:8e:aa:f1:84:ed:96:3c:4c:e4:72:9b:
66:b5:a1:d5:94:9a:46:9a:7d:63:32:01:f6:61:aa:
22:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:05:E1:B6:2F:BF:E4:69:67:BA:22:69:92:DB:F0:01:D8:4A:07:D2
X509v3 Authority Key Identifier:
keyid:B9:E6:0C:F1:79:F4:EA:CB:DB:94:92:BA:5F:7C:AC:F4:52:39:CC:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/ueYM8Xn06svblJK6X3ys9FI5zPQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ueYM8Xn06svblJK6X3ys9FI5zPQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EE03B/AF9671660B6E11EEB29BB170C4F9AE02/BD01635A9E0311EF9BB72D70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:b60::-2401:b60:5:ffff:ffff:ffff:ffff:ffff
2401:b60:8::/47
2401:b60:10::-2401:b60:19:ffff:ffff:ffff:ffff:ffff
2401:b60:22::-2401:b60:29:ffff:ffff:ffff:ffff:ffff
2401:b60:30::-2401:b60:36:ffff:ffff:ffff:ffff:ffff
2401:b60:39::-2401:b60:3f:ffff:ffff:ffff:ffff:ffff
2401:b60:e000::/40
Signature Algorithm: sha256WithRSAEncryption
6d:00:67:49:18:13:4b:45:7f:a9:43:e7:56:fd:03:09:bd:8e:
5c:b0:b7:bd:f9:9e:d1:d9:b4:89:93:ab:9a:2d:d8:2f:ad:e1:
8c:52:1c:74:3c:51:f1:00:1e:97:9b:8f:44:5a:e9:88:c1:57:
cf:69:5c:e9:0b:c0:90:de:80:1b:99:ea:2f:d0:fa:1e:93:13:
36:de:ed:d2:8b:7a:7b:2d:9c:f8:1b:95:57:71:75:dd:30:1a:
ce:3d:1a:95:fe:e9:83:fd:43:73:4d:ad:b1:9a:4f:54:c9:c9:
90:98:f6:86:d0:b5:53:0c:07:47:a0:f2:fc:97:12:9a:56:e7:
f6:b4:60:fd:8b:00:3d:ac:a7:33:ee:bf:7f:69:f1:30:a1:7f:
17:8c:8d:1c:f6:df:0f:65:ca:6a:03:51:22:90:e2:13:8a:6e:
58:88:db:00:ce:29:7c:bd:2b:de:d6:9f:68:79:14:f7:22:c7:
20:03:38:a8:a7:dc:ea:d2:99:3c:1b:41:95:83:a0:db:62:97:
89:78:a7:8d:b5:5a:8b:fa:e5:03:c1:c8:e0:5d:5e:2b:cd:75:
7b:91:be:46:d5:28:d7:39:44:73:94:ef:c1:6c:9e:17:42:1d:
a0:a0:3f:1e:25:bb:28:8e:79:c4:4c:f3:be:f7:81:73:16:5d:
a1:f1:70:52
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgICAWQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUUwM0IxMTAvBgNVBAUTKEI5RTYwQ0YxNzlGNEVBQ0JEQjk0OTJCQTVGN0NBQ0Y0
NTIzOUNDRjQwHhcNMjQxMTE4MjAzNzUzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNiYTVhMC0xMTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvMXPLPcTah1ToeYbdB6zf92XRwkRR+YvECoSAC7EEu/2ByZAjMc7cSSocuiN
QkPU1AuoJA/kBRm+4qTf7RkJ0iRtcoTE5Kflupk7R4fq+w8uw7/P+755Gf4xDjB9
VzydcvMTlq8QSiuI1FTvCt7JeIKDEkNbzNnUhvlhSLiEMm7pNI3eHAxkED6OlzeH
Tz5WwrqtXnpk9Bpza/n9RsujOgtdlrPO/l1EpdjFe4IbWDCdAeluDs4T1F+n7o3s
Y5RB2GV7gCf9Em+quRmWvQB9si7+VVHyJOenEfdfmjx8tq2u22KqjqrxhO2WPEzk
cptmtaHVlJpGmn1jMgH2YaoiNwIDAQABo4IDAzCCAv8wHQYDVR0OBBYEFAwF4bYv
v+RpZ7oiaZLb8AHYSgfSMB8GA1UdIwQYMBaAFLnmDPF59OrL25SSul98rPRSOcz0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRTAzQi9BRjk2NzE2NjBC
NkUxMUVFQjI5QkIxNzBDNEY5QUUwMi91ZVlNOFhuMDZzdmJsSks2WDN5czlGSTV6
UFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VlWU04WG4wNnN2YmxKSzZYM3lzOUZJNXpQUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUUwM0IvQUY5NjcxNjYwQjZFMTFFRUIyOUJCMTcwQzRGOUFFMDIvQkQwMTYzNUE5
RTAzMTFFRjlCQjcyRDcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYwGCCsGAQUFBwEHAQH/
BH0wezB5BAIAAjBzMBADBQUkAQtgAwcBJAELYAAEAwcBJAELYAAIMBIDBwQkAQtg
ABADBwEkAQtgABgwEgMHASQBC2AAIgMHASQBC2AAKDASAwcEJAELYAAwAwcAJAEL
YAA2MBIDBwAkAQtgADkDBwYkAQtgAAADBgAkAQtg4DANBgkqhkiG9w0BAQsFAAOC
AQEAbQBnSRgTS0V/qUPnVv0DCb2OXLC3vfme0dm0iZOrmi3YL63hjFIcdDxR8QAe
l5uPRFrpiMFXz2lc6QvAkN6AG5nqL9D6HpMTNt7t0ot6ey2c+BuVV3F13TAazj0a
lf7pg/1Dc02tsZpPVMnJkJj2htC1UwwHR6Dy/JcSmlbn9rRg/YsAPaynM+6/f2nx
MKF/F4yNHPbfD2XKagNRIpDiE4puWIjbAM4pfL0r3tafaHkU9yLHIAM4qKfc6tKZ
PBtBlYOg22KXiXinjbVai/rlA8HI4F1eK811e5G+RtUo1zlEc5TvwWyeF0IdoKA/
HiW7KI55xEzzvveBcxZdofFwUg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:44:02 2024 by rpki-client on console-ams.rpki-client.org