Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/D8B92776A16A11EAA517B11EC4F9AE02.roa
File: D8B92776A16A11EAA517B11EC4F9AE02.roa (raw, json)
Hash identifier: Kdp9AKQeL2FX/yJ9dKy0ocxr3Mori7J9VoVLko7H5hQ=
Subject key identifier: 20:06:F2:2D:08:7D:20:07:72:E7:59:85:F3:46:2A:B2:BE:CC:68:B1
Certificate issuer: /CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2
Certificate serial: 1A40
Authority key identifier: 6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/D8B92776A16A11EAA517B11EC4F9AE02.roa
Signing time: Thu 24 Oct 2024 15:52:52 +0000
ROA not before: Thu 24 Oct 2024 15:52:52 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 24499
IP address blocks: 37.111.128.0/18 maxlen: 18
37.111.128.0/21 maxlen: 21
37.111.128.0/24 maxlen: 24
37.111.129.0/24 maxlen: 24
37.111.130.0/24 maxlen: 24
37.111.131.0/24 maxlen: 24
37.111.132.0/24 maxlen: 24
37.111.133.0/24 maxlen: 24
37.111.134.0/24 maxlen: 24
37.111.135.0/24 maxlen: 24
37.111.136.0/21 maxlen: 21
37.111.136.0/24 maxlen: 24
37.111.137.0/24 maxlen: 24
37.111.138.0/24 maxlen: 24
37.111.139.0/24 maxlen: 24
37.111.140.0/24 maxlen: 24
37.111.141.0/24 maxlen: 24
37.111.142.0/24 maxlen: 24
37.111.143.0/24 maxlen: 24
37.111.144.0/21 maxlen: 21
37.111.144.0/24 maxlen: 24
37.111.145.0/24 maxlen: 24
37.111.146.0/24 maxlen: 24
37.111.147.0/24 maxlen: 24
37.111.148.0/24 maxlen: 24
37.111.149.0/24 maxlen: 24
37.111.150.0/24 maxlen: 24
37.111.151.0/24 maxlen: 24
37.111.152.0/21 maxlen: 21
37.111.152.0/24 maxlen: 24
37.111.153.0/24 maxlen: 24
37.111.154.0/24 maxlen: 24
37.111.155.0/24 maxlen: 24
37.111.156.0/24 maxlen: 24
37.111.157.0/24 maxlen: 24
37.111.158.0/24 maxlen: 24
37.111.159.0/24 maxlen: 24
37.111.160.0/24 maxlen: 24
37.111.161.0/24 maxlen: 24
37.111.162.0/24 maxlen: 24
37.111.163.0/24 maxlen: 24
37.111.164.0/24 maxlen: 24
37.111.165.0/24 maxlen: 24
37.111.166.0/24 maxlen: 24
37.111.167.0/24 maxlen: 24
37.111.168.0/24 maxlen: 24
37.111.169.0/24 maxlen: 24
37.111.170.0/24 maxlen: 24
37.111.171.0/24 maxlen: 24
37.111.172.0/24 maxlen: 24
37.111.173.0/24 maxlen: 24
37.111.174.0/24 maxlen: 24
37.111.175.0/24 maxlen: 24
37.111.176.0/24 maxlen: 24
37.111.177.0/24 maxlen: 24
37.111.178.0/24 maxlen: 24
37.111.179.0/24 maxlen: 24
37.111.180.0/24 maxlen: 24
37.111.181.0/24 maxlen: 24
37.111.182.0/24 maxlen: 24
37.111.183.0/24 maxlen: 24
37.111.184.0/24 maxlen: 24
37.111.185.0/24 maxlen: 24
37.111.186.0/24 maxlen: 24
37.111.187.0/24 maxlen: 24
37.111.188.0/24 maxlen: 24
37.111.189.0/24 maxlen: 24
37.111.190.0/24 maxlen: 24
37.111.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl
rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6720 (0x1a40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2
Validity
Not Before: Oct 24 15:52:52 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=671a6d54-5046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bb:c7:f4:24:ac:70:f3:e3:2e:96:c1:6b:f6:
cd:91:47:c9:57:14:0b:87:dc:35:c1:32:51:14:d9:
86:9c:60:6c:fa:f4:da:b2:26:d3:69:f4:79:34:f6:
a3:47:1c:ed:2f:5d:e0:68:50:67:fd:b8:f5:e7:d0:
d5:ea:e1:fe:1f:78:0f:a8:23:34:c2:22:2c:f0:e3:
07:81:2a:e2:75:dd:7f:22:ac:df:88:84:f8:fb:ec:
73:4a:d5:ac:32:b2:22:48:dc:3a:8b:ab:27:49:aa:
e7:6f:7d:91:cc:25:42:b3:a1:7a:ec:df:e3:f4:f9:
f4:89:79:80:21:d7:a3:f6:a0:69:4e:31:fc:80:bd:
8e:51:bb:9e:f3:a1:19:ed:f2:9e:e9:55:80:28:7e:
bb:e3:a3:8b:04:d4:a4:68:2d:0b:a9:67:24:f1:01:
e7:6f:a1:fd:78:ee:da:a8:af:e5:67:43:40:c3:5f:
f4:97:46:87:06:48:f0:cb:78:00:c8:5b:0c:80:ea:
87:9e:d5:4c:60:53:63:64:97:84:5b:83:bf:d7:fe:
f4:6c:58:36:f1:e6:db:e2:c7:85:2b:32:20:48:ca:
16:87:c5:9b:6d:51:89:3f:74:7a:52:4d:ed:a3:60:
03:43:40:73:ce:f2:a1:5b:71:ac:9f:6f:d1:52:5e:
85:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:06:F2:2D:08:7D:20:07:72:E7:59:85:F3:46:2A:B2:BE:CC:68:B1
X509v3 Authority Key Identifier:
keyid:6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/D8B92776A16A11EAA517B11EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
37.111.128.0/18
Signature Algorithm: sha256WithRSAEncryption
56:67:04:c2:29:fc:41:1e:f9:a2:4c:f9:41:16:b4:fb:d4:78:
02:79:3a:22:2b:c5:18:57:90:3b:59:14:ce:75:ee:12:9f:98:
e3:69:35:6d:89:27:2d:b6:f3:fe:23:1f:17:c0:b6:56:f6:96:
dd:5d:c9:d3:d7:8e:7a:28:4d:50:ae:00:17:97:e3:6f:64:79:
74:73:d7:a5:70:dd:27:5b:73:96:09:8a:74:ec:72:b9:9e:f3:
ae:fb:ef:cb:30:a8:c0:d2:fd:fe:04:cf:76:45:3f:4f:d3:f2:
7b:0f:ad:4a:bb:2f:11:51:03:f8:dc:46:26:d4:2e:57:eb:84:
10:42:87:3e:e9:eb:5a:48:10:7e:3a:58:86:f8:10:b1:c8:d9:
41:7f:0b:04:85:d6:94:22:ae:2d:70:eb:13:5f:61:4f:d5:7a:
f4:79:ab:ed:e7:2e:7c:e1:51:79:dc:7c:5d:26:fa:c0:4f:54:
6b:b6:ff:f7:fe:30:e5:5a:5c:46:9c:2d:65:f3:68:8a:c9:57:
fc:c1:00:a6:f7:6e:6d:29:f7:40:d7:90:f6:be:36:ca:8a:e4:
00:d2:e1:12:d6:72:25:4f:39:2d:57:53:bb:2e:a3:f7:e7:d7:
a3:9f:4c:df:3c:0e:e5:d4:1d:42:09:97:26:3f:67:34:ed:66:
35:9b:8a:cc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGkAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkJEMjgxMTAvBgNVBAUTKDZFNDg2MTBBQTBFNkIwRTJDNUVFRDQwMkREMDc4MzNB
QTczRTdFQTIwHhcNMjQxMDI0MTU1MjUyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzFhNmQ1NC01MDQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy7vH9CSscPPjLpbBa/bNkUfJVxQLh9w1wTJRFNmGnGBs+vTasibTafR5NPaj
RxztL13gaFBn/bj159DV6uH+H3gPqCM0wiIs8OMHgSridd1/IqzfiIT4++xzStWs
MrIiSNw6i6snSarnb32RzCVCs6F67N/j9Pn0iXmAIdej9qBpTjH8gL2OUbue86EZ
7fKe6VWAKH6746OLBNSkaC0LqWck8QHnb6H9eO7aqK/lZ0NAw1/0l0aHBkjwy3gA
yFsMgOqHntVMYFNjZJeEW4O/1/70bFg28ebb4seFKzIgSMoWh8WbbVGJP3R6Uk3t
o2ADQ0BzzvKhW3Gsn2/RUl6F3QIDAQABo4IClTCCApEwHQYDVR0OBBYEFCAG8i0I
fSAHcudZhfNGKrK+zGixMB8GA1UdIwQYMBaAFG5IYQqg5rDixe7UAt0HgzqnPn6i
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC8yNjc1OEJCNDNB
QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNPTEY3dFFDM1FlRE9xYy1m
cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL2JraGhDcURtc09MRjd0UUMzUWVET3FjLWZxSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkJEMjgvMjY3NThCQjQzQUI1MTFFN0I4NjA5RjFDQzRGOUFFMDIvRDhCOTI3NzZB
MTZBMTFFQUE1MTdCMTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAYlb4AwDQYJKoZIhvcNAQELBQADggEBAFZnBMIp/EEe+aJM
+UEWtPvUeAJ5OiIrxRhXkDtZFM517hKfmONpNW2JJy228/4jHxfAtlb2lt1dydPX
jnooTVCuABeX429keXRz16Vw3Sdbc5YJinTscrme867778swqMDS/f4Ez3ZFP0/T
8nsPrUq7LxFRA/jcRibULlfrhBBChz7p61pIEH46WIb4ELHI2UF/CwSF1pQiri1w
6xNfYU/VevR5q+3nLnzhUXncfF0m+sBPVGu2//f+MOVaXEacLWXzaIrJV/zBAKb3
bm0p90DXkPa+NsqK5ADS4RLWciVPOS1XU7suo/fn16OfTN88DuXUHUIJlyY/ZzTt
ZjWbisw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:56:23 2024 by rpki-client on console-fra.rpki-client.org