Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/81CA43EEAD7811EB905E2C41C4F9AE02.roa
File: 81CA43EEAD7811EB905E2C41C4F9AE02.roa (raw, json)
Hash identifier: NI1ZoCOniGYBu2VFAx4PdtMcylM7TuUiNnsC0whwimk=
Subject key identifier: 51:B5:D5:9F:AD:57:BA:75:0C:F0:A6:85:75:DF:5F:C5:AC:C6:6F:DC
Certificate issuer: /CN=A91F91EB/serialNumber=9BC16900802772BE629260C4AAED5F3FEF7EB3E7
Certificate serial: 0BBD
Authority key identifier: 9B:C1:69:00:80:27:72:BE:62:92:60:C4:AA:ED:5F:3F:EF:7E:B3:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8FpAIAncr5ikmDEqu1fP-9-s-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/81CA43EEAD7811EB905E2C41C4F9AE02.roa
Signing time: Thu 18 Jan 2024 02:53:49 +0000
ROA not before: Thu 18 Jan 2024 02:53:49 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 45474
IP address blocks: 27.126.192.0/24 maxlen: 24
27.126.193.0/24 maxlen: 24
27.126.194.0/24 maxlen: 24
27.126.195.0/24 maxlen: 24
27.126.196.0/24 maxlen: 24
27.126.197.0/24 maxlen: 24
27.126.198.0/24 maxlen: 24
27.126.199.0/24 maxlen: 24
27.126.200.0/24 maxlen: 24
27.126.201.0/24 maxlen: 24
27.126.202.0/24 maxlen: 24
27.126.203.0/24 maxlen: 24
27.126.204.0/24 maxlen: 24
27.126.205.0/24 maxlen: 24
27.126.206.0/24 maxlen: 24
27.126.207.0/24 maxlen: 24
27.126.208.0/24 maxlen: 24
27.126.210.0/24 maxlen: 24
27.126.211.0/24 maxlen: 24
27.126.212.0/24 maxlen: 24
27.126.213.0/24 maxlen: 24
27.126.214.0/24 maxlen: 24
27.126.215.0/24 maxlen: 24
27.126.216.0/24 maxlen: 24
27.126.217.0/24 maxlen: 24
27.126.218.0/24 maxlen: 24
27.126.219.0/24 maxlen: 24
27.126.220.0/24 maxlen: 24
27.126.224.0/24 maxlen: 24
27.126.225.0/24 maxlen: 24
27.126.226.0/24 maxlen: 24
27.126.227.0/24 maxlen: 24
27.126.230.0/24 maxlen: 24
27.126.231.0/24 maxlen: 24
27.126.232.0/21 maxlen: 24
27.126.240.0/21 maxlen: 24
27.126.248.0/21 maxlen: 24
45.116.40.0/22 maxlen: 24
103.3.24.0/22 maxlen: 24
113.21.192.0/19 maxlen: 19
113.21.192.0/24 maxlen: 24
113.21.193.0/24 maxlen: 24
113.21.194.0/24 maxlen: 24
113.21.195.0/24 maxlen: 24
113.21.196.0/24 maxlen: 24
113.21.197.0/24 maxlen: 24
113.21.198.0/24 maxlen: 24
113.21.199.0/24 maxlen: 24
113.21.200.0/24 maxlen: 24
113.21.201.0/24 maxlen: 24
113.21.202.0/24 maxlen: 24
113.21.203.0/24 maxlen: 24
113.21.204.0/24 maxlen: 24
113.21.205.0/24 maxlen: 24
113.21.206.0/24 maxlen: 24
113.21.207.0/24 maxlen: 24
113.21.208.0/24 maxlen: 24
113.21.209.0/24 maxlen: 24
113.21.210.0/24 maxlen: 24
113.21.211.0/24 maxlen: 24
113.21.212.0/24 maxlen: 24
113.21.213.0/24 maxlen: 24
113.21.214.0/24 maxlen: 24
113.21.215.0/24 maxlen: 24
113.21.216.0/24 maxlen: 24
113.21.217.0/24 maxlen: 24
113.21.218.0/24 maxlen: 24
113.21.219.0/24 maxlen: 24
113.21.220.0/24 maxlen: 24
113.21.221.0/24 maxlen: 24
113.21.222.0/24 maxlen: 24
113.21.223.0/24 maxlen: 24
180.233.160.0/19 maxlen: 19
180.233.160.0/24 maxlen: 24
180.233.161.0/24 maxlen: 24
180.233.162.0/24 maxlen: 24
180.233.163.0/24 maxlen: 24
180.233.164.0/24 maxlen: 24
180.233.165.0/24 maxlen: 24
180.233.166.0/24 maxlen: 24
180.233.167.0/24 maxlen: 24
180.233.168.0/24 maxlen: 24
180.233.169.0/24 maxlen: 24
180.233.170.0/24 maxlen: 24
180.233.171.0/24 maxlen: 24
180.233.172.0/24 maxlen: 24
180.233.173.0/24 maxlen: 24
180.233.174.0/24 maxlen: 24
180.233.175.0/24 maxlen: 24
180.233.176.0/24 maxlen: 24
180.233.177.0/24 maxlen: 24
180.233.178.0/24 maxlen: 24
180.233.179.0/24 maxlen: 24
180.233.180.0/24 maxlen: 24
180.233.181.0/24 maxlen: 24
180.233.182.0/24 maxlen: 24
180.233.183.0/24 maxlen: 24
180.233.184.0/24 maxlen: 24
180.233.185.0/24 maxlen: 24
180.233.186.0/24 maxlen: 24
180.233.187.0/24 maxlen: 24
180.233.188.0/24 maxlen: 24
180.233.189.0/24 maxlen: 24
180.233.190.0/24 maxlen: 24
180.233.191.0/24 maxlen: 24
2404:ae00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/m8FpAIAncr5ikmDEqu1fP-9-s-c.crl
rsync://rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/m8FpAIAncr5ikmDEqu1fP-9-s-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8FpAIAncr5ikmDEqu1fP-9-s-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 18:11:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3005 (0xbbd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F91EB/serialNumber=9BC16900802772BE629260C4AAED5F3FEF7EB3E7
Validity
Not Before: Jan 18 02:53:49 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65a892bd-2b93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:30:e8:f1:f6:5e:15:fd:88:c5:e7:07:dd:a6:
92:1a:ce:43:55:c7:40:5b:ec:c8:59:8e:43:78:fd:
a4:5f:e5:d2:53:60:03:e3:3a:06:6d:cd:e5:41:5a:
09:71:50:09:b6:5f:fd:d9:ff:05:92:3c:30:32:67:
2a:bf:15:ce:84:93:08:f8:fd:e1:69:f9:66:b5:6f:
3f:e3:0f:dd:2a:f9:89:d2:c4:b9:88:cf:0e:82:ec:
5a:f5:66:25:29:aa:75:fa:7a:22:2f:1c:37:e9:24:
f9:39:cb:25:05:29:01:86:8e:6e:96:fa:21:50:9e:
df:b8:39:a8:e1:98:c3:80:72:30:83:40:ae:a3:d9:
4e:1d:44:0b:7c:e6:0c:8f:ee:a2:83:67:a4:26:d9:
c8:5d:27:9e:1a:0a:83:75:7b:76:1a:d3:7b:45:a8:
f4:43:9b:52:fa:5f:52:ee:ab:9e:46:50:1a:b6:f8:
66:c1:70:bc:8d:d3:6c:16:42:15:cd:f3:e3:8d:68:
92:24:0e:95:e2:0a:54:f0:90:20:96:36:86:52:5a:
c1:3c:2b:30:b1:00:a7:b9:a9:9c:d3:20:f5:80:84:
3e:27:4b:fd:b5:f0:ed:ea:b8:f5:bd:12:76:a2:7e:
c8:e2:2e:34:cc:e7:dc:26:0f:15:6c:a2:f8:66:fc:
35:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B5:D5:9F:AD:57:BA:75:0C:F0:A6:85:75:DF:5F:C5:AC:C6:6F:DC
X509v3 Authority Key Identifier:
keyid:9B:C1:69:00:80:27:72:BE:62:92:60:C4:AA:ED:5F:3F:EF:7E:B3:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/m8FpAIAncr5ikmDEqu1fP-9-s-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8FpAIAncr5ikmDEqu1fP-9-s-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F91EB/50EFE074F70511E9ADBA451FC4F9AE02/81CA43EEAD7811EB905E2C41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.126.192.0-27.126.208.255
27.126.210.0-27.126.220.255
27.126.224.0/22
27.126.230.0-27.126.255.255
45.116.40.0/22
103.3.24.0/22
113.21.192.0/19
180.233.160.0/19
IPv6:
2404:ae00::/32
Signature Algorithm: sha256WithRSAEncryption
6c:e8:c5:34:28:43:7f:b0:38:72:8e:59:ef:af:44:58:c3:5b:
20:6c:1f:46:0a:ca:a4:d0:de:38:0b:e7:92:0b:75:78:9a:72:
3b:5b:b1:24:3a:31:dc:60:fa:3e:4f:85:92:ab:53:f5:f9:b1:
12:62:7f:7b:a6:a9:04:b3:a8:7b:07:4c:7a:f8:a9:83:eb:aa:
0d:01:3b:94:aa:5a:ae:66:ee:e9:53:99:06:4e:04:75:b7:d3:
17:da:a6:03:24:28:5f:0c:74:87:88:69:65:2c:e7:0b:c5:74:
3e:05:71:b0:9a:8c:7e:36:ff:8b:15:1e:25:86:93:58:4f:18:
18:6c:3e:6f:42:5a:ec:40:65:1d:bc:e9:59:a7:14:83:5b:71:
01:dd:df:3f:c7:1e:59:1a:ca:51:9b:53:c3:de:72:b6:8c:79:
3a:78:b3:d6:6c:47:74:f8:c6:74:a3:b1:63:7c:96:86:10:08:
2e:c7:7a:df:71:73:41:11:7e:3f:26:af:e8:dd:33:26:a7:32:
60:23:01:0f:b7:88:6c:e5:94:52:89:ef:35:cd:af:a1:27:60:
7d:a2:8b:91:ee:34:d9:23:75:80:3e:ba:c0:9d:d1:d5:f1:01:
0b:58:e8:42:f3:be:05:54:1b:a0:5b:e7:3c:2f:7d:1a:2c:66:
03:d4:9f:46
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgICC70wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjkxRUIxMTAvBgNVBAUTKDlCQzE2OTAwODAyNzcyQkU2MjkyNjBDNEFBRUQ1RjNG
RUY3RUIzRTcwHhcNMjQwMTE4MDI1MzQ5WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWE4OTJiZC0yYjkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2jDo8fZeFf2IxecH3aaSGs5DVcdAW+zIWY5DeP2kX+XSU2AD4zoGbc3lQVoJ
cVAJtl/92f8FkjwwMmcqvxXOhJMI+P3haflmtW8/4w/dKvmJ0sS5iM8Oguxa9WYl
Kap1+noiLxw36ST5OcslBSkBho5ulvohUJ7fuDmo4ZjDgHIwg0Cuo9lOHUQLfOYM
j+6ig2ekJtnIXSeeGgqDdXt2GtN7Raj0Q5tS+l9S7queRlAatvhmwXC8jdNsFkIV
zfPjjWiSJA6V4gpU8JAgljaGUlrBPCswsQCnuamc0yD1gIQ+J0v9tfDt6rj1vRJ2
on7I4i40zOfcJg8VbKL4Zvw1vwIDAQABo4IC5TCCAuEwHQYDVR0OBBYEFFG11Z+t
V7p1DPCmhXXfX8Wsxm/cMB8GA1UdIwQYMBaAFJvBaQCAJ3K+YpJgxKrtXz/vfrPn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTFFQi81MEVGRTA3NEY3
MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi9tOEZwQUlBbmNyNWlrbURFcXUxZlAtOS1z
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL204RnBBSUFuY3I1aWttREVxdTFmUC05LXMtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjkxRUIvNTBFRkUwNzRGNzA1MTFFOUFEQkE0NTFGQzRGOUFFMDIvODFDQTQzRUVB
RDc4MTFFQjkwNUUyQzQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbwYIKwYBBQUHAQcBAf8E
YDBeME0EAgABMEcwDAMEBht+wAMEABt+0DAMAwQBG37SAwQAG37cAwQCG37gMAsD
BAEbfuYDAwAbfgMEAi10KAMEAmcDGAMEBXEVwAMEBbTpoDANBAIAAjAHAwUAJASu
ADANBgkqhkiG9w0BAQsFAAOCAQEAbOjFNChDf7A4co5Z769EWMNbIGwfRgrKpNDe
OAvnkgt1eJpyO1uxJDox3GD6Pk+FkqtT9fmxEmJ/e6apBLOoewdMevipg+uqDQE7
lKparmbu6VOZBk4EdbfTF9qmAyQoXwx0h4hpZSznC8V0PgVxsJqMfjb/ixUeJYaT
WE8YGGw+b0Ja7EBlHbzpWacUg1txAd3fP8ceWRrKUZtTw95ytox5Oniz1mxHdPjG
dKOxY3yWhhAILsd633FzQRF+Pyav6N0zJqcyYCMBD7eIbOWUUonvNc2voSdgfaKL
ke402SN1gD66wJ3R1fEBC1joQvO+BVQboFvnPC99GixmA9SfRg==
-----END CERTIFICATE-----
Generated at Wed Nov 20 20:07:29 2024 by rpki-client on console-fra.rpki-client.org