Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/D8B92776A16A11EAA517B11EC4F9AE02.roa
File: D8B92776A16A11EAA517B11EC4F9AE02.roa (raw, json)
Hash identifier: UARPOnkXRvTJEjl5A6FQUbx+klUgqei7D2em6aJeaYw=
Subject key identifier: 70:78:56:71:96:16:EB:C7:00:0C:FD:4E:98:68:06:C9:66:FC:A8:08
Certificate issuer: /CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2
Certificate serial: 198A
Authority key identifier: 6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/D8B92776A16A11EAA517B11EC4F9AE02.roa
Signing time: Wed 08 Nov 2023 16:02:40 +0000
ROA not before: Wed 08 Nov 2023 16:02:40 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 24499
IP address blocks: 37.111.128.0/18 maxlen: 18
37.111.128.0/21 maxlen: 21
37.111.128.0/24 maxlen: 24
37.111.129.0/24 maxlen: 24
37.111.130.0/24 maxlen: 24
37.111.131.0/24 maxlen: 24
37.111.132.0/24 maxlen: 24
37.111.133.0/24 maxlen: 24
37.111.134.0/24 maxlen: 24
37.111.135.0/24 maxlen: 24
37.111.136.0/21 maxlen: 21
37.111.136.0/24 maxlen: 24
37.111.137.0/24 maxlen: 24
37.111.138.0/24 maxlen: 24
37.111.139.0/24 maxlen: 24
37.111.140.0/24 maxlen: 24
37.111.141.0/24 maxlen: 24
37.111.142.0/24 maxlen: 24
37.111.143.0/24 maxlen: 24
37.111.144.0/21 maxlen: 21
37.111.144.0/24 maxlen: 24
37.111.145.0/24 maxlen: 24
37.111.146.0/24 maxlen: 24
37.111.147.0/24 maxlen: 24
37.111.148.0/24 maxlen: 24
37.111.149.0/24 maxlen: 24
37.111.150.0/24 maxlen: 24
37.111.151.0/24 maxlen: 24
37.111.152.0/21 maxlen: 21
37.111.152.0/24 maxlen: 24
37.111.153.0/24 maxlen: 24
37.111.154.0/24 maxlen: 24
37.111.155.0/24 maxlen: 24
37.111.156.0/24 maxlen: 24
37.111.157.0/24 maxlen: 24
37.111.158.0/24 maxlen: 24
37.111.159.0/24 maxlen: 24
37.111.160.0/24 maxlen: 24
37.111.161.0/24 maxlen: 24
37.111.162.0/24 maxlen: 24
37.111.163.0/24 maxlen: 24
37.111.164.0/24 maxlen: 24
37.111.165.0/24 maxlen: 24
37.111.166.0/24 maxlen: 24
37.111.167.0/24 maxlen: 24
37.111.168.0/24 maxlen: 24
37.111.169.0/24 maxlen: 24
37.111.170.0/24 maxlen: 24
37.111.171.0/24 maxlen: 24
37.111.172.0/24 maxlen: 24
37.111.173.0/24 maxlen: 24
37.111.174.0/24 maxlen: 24
37.111.175.0/24 maxlen: 24
37.111.176.0/24 maxlen: 24
37.111.177.0/24 maxlen: 24
37.111.178.0/24 maxlen: 24
37.111.179.0/24 maxlen: 24
37.111.180.0/24 maxlen: 24
37.111.181.0/24 maxlen: 24
37.111.182.0/24 maxlen: 24
37.111.183.0/24 maxlen: 24
37.111.184.0/24 maxlen: 24
37.111.185.0/24 maxlen: 24
37.111.186.0/24 maxlen: 24
37.111.187.0/24 maxlen: 24
37.111.188.0/24 maxlen: 24
37.111.189.0/24 maxlen: 24
37.111.190.0/24 maxlen: 24
37.111.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl
rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 01 May 2024 15:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6538 (0x198a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FBD28/serialNumber=6E48610AA0E6B0E2C5EED402DD07833AA73E7EA2
Validity
Not Before: Nov 8 16:02:40 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=654bb120-3db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f0:09:e9:2e:e4:be:f7:8a:6f:0f:0b:b6:f6:
b1:7c:f5:25:fe:68:14:04:08:5d:6c:d1:71:9d:0f:
00:2e:a8:77:72:fe:e2:2d:ad:55:01:6a:52:ca:2a:
38:ef:7c:66:63:83:e0:73:bf:fd:dd:50:f2:e8:5b:
84:eb:0f:ce:07:bc:22:f3:c3:f8:2a:6b:f6:4b:5a:
73:40:e5:e1:5b:13:7c:4b:c7:d5:af:dd:b4:3b:7d:
49:28:7a:f3:6c:0e:4d:c8:bf:4f:3e:fb:6a:a4:dd:
32:4d:c4:11:e3:15:c3:5d:49:73:74:d2:49:8f:f4:
2f:6b:6f:85:ea:45:a7:8e:c4:a6:35:37:aa:4b:d3:
51:ca:65:70:9e:83:c6:09:2c:11:08:52:0c:89:22:
bc:3a:9c:21:87:04:2b:58:fa:57:5e:8c:2b:20:17:
40:3c:e4:e7:07:dc:d0:53:df:fd:ea:86:5d:be:51:
fd:b8:9d:0a:40:67:84:e7:a0:29:47:b4:4d:1e:4c:
79:c3:38:c9:55:cb:fd:a3:0a:d7:d4:8e:d7:04:72:
22:24:2f:fb:e7:d7:a1:89:30:1f:85:a4:ea:83:81:
5a:9e:85:4c:27:23:18:5b:79:4f:9d:86:a0:b5:e0:
04:3a:c2:0b:3f:0c:ec:47:e6:e9:92:77:e3:aa:3a:
41:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:78:56:71:96:16:EB:C7:00:0C:FD:4E:98:68:06:C9:66:FC:A8:08
X509v3 Authority Key Identifier:
keyid:6E:48:61:0A:A0:E6:B0:E2:C5:EE:D4:02:DD:07:83:3A:A7:3E:7E:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/bkhhCqDmsOLF7tQC3QeDOqc-fqI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/bkhhCqDmsOLF7tQC3QeDOqc-fqI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBD28/26758BB43AB511E7B8609F1CC4F9AE02/D8B92776A16A11EAA517B11EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
37.111.128.0/18
Signature Algorithm: sha256WithRSAEncryption
36:4a:0c:f0:76:fb:ac:e3:31:08:eb:1b:55:c1:f4:d5:4c:e8:
5b:73:81:23:30:47:64:28:51:45:5e:d8:76:92:e6:0a:f3:18:
52:2d:a6:78:d3:72:c6:dc:68:04:7c:2f:5e:7b:cc:b7:77:f4:
6b:a6:79:90:bc:76:36:5f:e8:1b:cd:d4:81:c0:bc:3e:55:06:
c6:02:f7:17:08:45:b9:00:c6:18:30:b6:46:0f:80:45:e8:84:
ee:99:e7:ef:9e:5a:8c:18:fd:ed:e8:2c:d4:1c:41:e3:0f:3a:
99:9c:4f:62:01:a9:ca:3c:e8:9c:b4:a1:f9:38:ae:7c:4c:6e:
32:3a:42:b4:92:97:65:2f:04:84:40:6c:13:0f:30:f4:0f:23:
b3:ff:2d:da:b3:d3:7b:db:e4:14:c9:54:c7:f8:8d:f5:60:e2:
19:54:04:20:77:de:88:72:77:67:6f:20:cd:08:ef:12:34:ff:
ad:3d:de:34:60:5c:79:5b:b9:fd:40:fa:e7:3f:3a:2a:a6:73:
c4:56:5f:8d:bc:4b:20:7c:aa:b3:53:a4:a0:54:66:d3:72:2c:
38:90:32:67:8e:80:2d:66:01:fb:9a:c5:bc:46:53:dc:e3:1b:
97:43:c9:e7:f7:5e:fb:e2:d6:4b:7c:62:a0:60:6b:ac:63:89:
da:1a:9e:ba
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkJEMjgxMTAvBgNVBAUTKDZFNDg2MTBBQTBFNkIwRTJDNUVFRDQwMkREMDc4MzNB
QTczRTdFQTIwHhcNMjMxMTA4MTYwMjQwWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTRiYjEyMC0zZGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz/AJ6S7kvveKbw8LtvaxfPUl/mgUBAhdbNFxnQ8ALqh3cv7iLa1VAWpSyio4
73xmY4Pgc7/93VDy6FuE6w/OB7wi88P4Kmv2S1pzQOXhWxN8S8fVr920O31JKHrz
bA5NyL9PPvtqpN0yTcQR4xXDXUlzdNJJj/Qva2+F6kWnjsSmNTeqS9NRymVwnoPG
CSwRCFIMiSK8OpwhhwQrWPpXXowrIBdAPOTnB9zQU9/96oZdvlH9uJ0KQGeE56Ap
R7RNHkx5wzjJVcv9owrX1I7XBHIiJC/759ehiTAfhaTqg4FanoVMJyMYW3lPnYag
teAEOsILPwzsR+bpknfjqjpBIQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHB4VnGW
FuvHAAz9TphoBslm/KgIMB8GA1UdIwQYMBaAFG5IYQqg5rDixe7UAt0HgzqnPn6i
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQkQyOC8yNjc1OEJCNDNB
QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9ia2hoQ3FEbXNPTEY3dFFDM1FlRE9xYy1m
cUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL2JraGhDcURtc09MRjd0UUMzUWVET3FjLWZxSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkJEMjgvMjY3NThCQjQzQUI1MTFFN0I4NjA5RjFDQzRGOUFFMDIvRDhCOTI3NzZB
MTZBMTFFQUE1MTdCMTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAYlb4AwDQYJKoZIhvcNAQELBQADggEBADZKDPB2+6zjMQjr
G1XB9NVM6FtzgSMwR2QoUUVe2HaS5grzGFItpnjTcsbcaAR8L157zLd39GumeZC8
djZf6BvN1IHAvD5VBsYC9xcIRbkAxhgwtkYPgEXohO6Z5++eWowY/e3oLNQcQeMP
OpmcT2IBqco86Jy0ofk4rnxMbjI6QrSSl2UvBIRAbBMPMPQPI7P/Ldqz03vb5BTJ
VMf4jfVg4hlUBCB33ohyd2dvIM0I7xI0/6093jRgXHlbuf1A+uc/Oiqmc8RWX428
SyB8qrNTpKBUZtNyLDiQMmeOgC1mAfuaxbxGU9zjG5dDyef3Xvvi1kt8YqBga6xj
idoanro=
-----END CERTIFICATE-----
Generated at Wed Apr 24 16:36:14 2024 by rpki-client on console-fra.rpki-client.org