Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/93840DE204E611ED89D3B27BC4F9AE02.roa
File: 93840DE204E611ED89D3B27BC4F9AE02.roa (raw, json)
Hash identifier: Tra2m9br+70DR7E4OQkNdt1e6QXjZmJJfqTvZfV9wL0=
Subject key identifier: 99:8E:F7:BB:2A:28:43:A9:5B:5B:BB:A9:97:AE:3B:50:6A:A8:A6:14
Certificate issuer: /CN=A91F8928/serialNumber=F5C9D30E9D0771CD07E51B2E4A52B52253ABD026
Certificate serial: 0B88
Authority key identifier: F5:C9:D3:0E:9D:07:71:CD:07:E5:1B:2E:4A:52:B5:22:53:AB:D0:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/93840DE204E611ED89D3B27BC4F9AE02.roa
Signing time: Mon 06 May 2024 19:58:17 +0000
ROA not before: Mon 06 May 2024 19:58:17 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 55492
IP address blocks: 27.131.12.0/22 maxlen: 22
27.131.12.0/24 maxlen: 24
27.131.13.0/24 maxlen: 24
27.131.14.0/24 maxlen: 24
27.131.15.0/24 maxlen: 24
45.127.244.0/22 maxlen: 22
45.127.244.0/24 maxlen: 24
45.127.245.0/24 maxlen: 24
45.127.246.0/24 maxlen: 24
45.127.247.0/24 maxlen: 24
103.196.232.0/24 maxlen: 24
103.196.234.0/23 maxlen: 23
103.196.234.0/24 maxlen: 24
103.196.235.0/24 maxlen: 24
2401:c5c0::/35 maxlen: 35
2401:c5c0::/48 maxlen: 48
2401:c5c0:1::/48 maxlen: 48
2401:c5c0:2::/48 maxlen: 48
2401:c5c0:3::/48 maxlen: 48
2401:c5c0:4::/48 maxlen: 48
2401:c5c0:5::/48 maxlen: 48
2401:c5c0:6::/48 maxlen: 48
2401:c5c0:7::/48 maxlen: 48
2401:c5c0:d::/48 maxlen: 48
2401:c5c0:11::/48 maxlen: 48
2401:c5c0:12::/48 maxlen: 48
2401:c5c0:13::/48 maxlen: 48
2401:c5c0:14::/48 maxlen: 48
2401:c5c0:15::/48 maxlen: 48
2401:c5c0:16::/48 maxlen: 48
2401:c5c0:50::/48 maxlen: 48
2401:c5c0:60::/48 maxlen: 48
2401:c5c0:d1::/48 maxlen: 48
2401:c5c0:d2::/48 maxlen: 48
2401:c5c0:100::/48 maxlen: 48
2401:c5c0:200::/48 maxlen: 48
2401:c5c0:400::/42 maxlen: 42
2401:c5c0:440::/42 maxlen: 42
2401:c5c0:dfa::/48 maxlen: 48
2401:c5c0:dfb::/48 maxlen: 48
2401:c5c0:dfc::/48 maxlen: 48
2401:c5c0:dfd::/48 maxlen: 48
2401:c5c0:dfe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.crl
rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 31 May 2024 19:41:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2952 (0xb88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8928/serialNumber=F5C9D30E9D0771CD07E51B2E4A52B52253ABD026
Validity
Not Before: May 6 19:58:17 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66393659-91b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a8:c6:31:e2:34:38:18:4e:5c:f1:24:74:9c:
06:3a:03:9a:ea:4d:f6:61:09:eb:17:c5:96:ab:70:
02:c4:86:f2:dd:b1:4d:25:a2:8a:b1:4d:f5:74:4c:
f8:47:c9:4e:29:94:d9:24:20:95:f2:9c:d1:60:59:
a4:49:fb:eb:e2:06:f9:95:53:68:e4:3b:29:43:eb:
af:31:e6:63:2a:93:42:04:cc:42:a7:d8:7e:02:53:
00:8c:3e:48:ba:75:ae:c7:35:12:88:64:aa:ec:49:
36:41:57:a4:28:66:05:fa:c0:db:3e:63:b1:f7:30:
aa:3a:24:e3:f1:0e:c8:41:2b:10:2d:6c:99:83:92:
85:c6:9d:f2:d4:d0:53:f5:08:e1:32:2f:18:e9:8f:
a9:c5:a1:51:22:ab:32:13:f5:ee:b5:57:0a:1a:72:
a0:ec:de:22:df:4b:9c:43:46:b1:b1:99:78:16:f5:
1c:ba:79:38:bd:11:15:49:4a:ba:a4:b3:ae:98:98:
39:1a:e6:7f:cc:98:5b:7d:49:b8:cc:d9:20:60:e2:
44:f9:31:8a:51:d4:5f:41:cd:f5:22:50:f8:a5:e3:
ab:88:7c:e8:b0:d9:e3:92:bb:46:ee:70:2e:56:3d:
b4:f5:b3:5f:de:0a:89:c0:e8:71:f4:eb:fc:aa:b0:
57:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:8E:F7:BB:2A:28:43:A9:5B:5B:BB:A9:97:AE:3B:50:6A:A8:A6:14
X509v3 Authority Key Identifier:
keyid:F5:C9:D3:0E:9D:07:71:CD:07:E5:1B:2E:4A:52:B5:22:53:AB:D0:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9cnTDp0Hcc0H5RsuSlK1IlOr0CY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8928/4DA7BB200B5B11EAA3EBC650C4F9AE02/93840DE204E611ED89D3B27BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.131.12.0/22
45.127.244.0/22
103.196.232.0/24
103.196.234.0/23
IPv6:
2401:c5c0::/35
Signature Algorithm: sha256WithRSAEncryption
2e:94:1c:a8:6b:21:41:d9:15:ff:94:f9:de:3f:83:62:3c:1a:
09:65:ae:98:31:10:3b:2e:65:ac:ea:ee:0f:db:82:b7:66:ed:
0f:c9:6e:b2:6f:57:be:81:9b:4c:76:5a:0a:32:ed:a5:38:bc:
7c:30:0d:1c:4a:81:f1:4c:1d:15:68:08:ef:a9:3a:da:fa:e3:
61:92:6f:f3:66:62:96:88:87:b4:59:fc:db:0a:a4:0e:aa:c1:
95:2e:4e:2e:f5:70:39:45:ec:4a:5e:a7:de:be:13:c5:3a:e6:
03:6b:50:ea:ca:95:ae:e0:f6:f3:55:b8:a0:83:b4:8b:4a:14:
18:d2:8e:3e:1f:39:d4:a3:d3:b2:d0:5f:80:e1:58:7c:cf:68:
63:a8:ff:dd:4b:e9:16:b1:56:c5:46:10:00:96:20:5a:bf:58:
d9:7d:32:18:a2:ec:dd:a7:45:55:e4:39:7f:9c:86:00:a9:18:
c1:13:20:8f:10:32:c5:98:8e:5e:42:61:73:35:79:08:a7:7a:
8a:13:f4:63:dd:fb:3b:38:29:a8:a0:84:68:79:0b:f8:25:fa:
ae:52:d7:92:a1:ed:ba:1b:d4:a4:21:d9:28:34:e8:d0:e8:38:
4b:7a:4f:10:0d:23:f7:91:c8:4f:38:52:78:c8:0e:91:ab:30:
23:0c:e6:8d
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICC4gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjg5MjgxMTAvBgNVBAUTKEY1QzlEMzBFOUQwNzcxQ0QwN0U1MUIyRTRBNTJCNTIy
NTNBQkQwMjYwHhcNMjQwNTA2MTk1ODE3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM5MzY1OS05MWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx6jGMeI0OBhOXPEkdJwGOgOa6k32YQnrF8WWq3ACxIby3bFNJaKKsU31dEz4
R8lOKZTZJCCV8pzRYFmkSfvr4gb5lVNo5DspQ+uvMeZjKpNCBMxCp9h+AlMAjD5I
unWuxzUSiGSq7Ek2QVekKGYF+sDbPmOx9zCqOiTj8Q7IQSsQLWyZg5KFxp3y1NBT
9QjhMi8Y6Y+pxaFRIqsyE/XutVcKGnKg7N4i30ucQ0axsZl4FvUcunk4vREVSUq6
pLOumJg5GuZ/zJhbfUm4zNkgYOJE+TGKUdRfQc31IlD4peOriHzosNnjkrtG7nAu
Vj209bNf3gqJwOhx9Ov8qrBXNwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFJmO97sq
KEOpW1u7qZeuO1BqqKYUMB8GA1UdIwQYMBaAFPXJ0w6dB3HNB+UbLkpStSJTq9Am
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODkyOC80REE3QkIyMDBC
NUIxMUVBQTNFQkM2NTBDNEY5QUUwMi85Y25URHAwSGNjMEg1UnN1U2xLMUlsT3Iw
Q1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzljblREcDBIY2MwSDVSc3VTbEsxSWxPcjBDWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Rjg5MjgvNERBN0JCMjAwQjVCMTFFQUEzRUJDNjUwQzRGOUFFMDIvOTM4NDBERTIw
NEU2MTFFRDg5RDNCMjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMB4EAgABMBgDBAIbgwwDBAItf/QDBABnxOgDBAFnxOowDgQCAAIwCAMGBSQB
xcAAMA0GCSqGSIb3DQEBCwUAA4IBAQAulByoayFB2RX/lPneP4NiPBoJZa6YMRA7
LmWs6u4P24K3Zu0PyW6yb1e+gZtMdloKMu2lOLx8MA0cSoHxTB0VaAjvqTra+uNh
km/zZmKWiIe0WfzbCqQOqsGVLk4u9XA5RexKXqfevhPFOuYDa1DqypWu4PbzVbig
g7SLShQY0o4+HznUo9Oy0F+A4Vh8z2hjqP/dS+kWsVbFRhAAliBav1jZfTIYouzd
p0VV5Dl/nIYAqRjBEyCPEDLFmI5eQmFzNXkIp3qKE/Rj3fs7OCmooIRoeQv4Jfqu
UteSoe26G9SkIdkoNOjQ6DhLek8QDSP3kchPOFJ4yA6RqzAjDOaN
-----END CERTIFICATE-----
Generated at Fri May 24 21:43:36 2024 by rpki-client on console-ams.rpki-client.org