Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/425832460EB611EFB9CD4F47C4F9AE02.roa
File: 425832460EB611EFB9CD4F47C4F9AE02.roa (raw, json)
Hash identifier: xbaZ5wvR+xbnWOVlmnOUvc/bfyu8MsFLeh8cN7kC+88=
Subject key identifier: 36:86:F6:E6:8C:A9:DA:4F:AF:9F:53:00:39:7D:6B:9C:27:66:AE:A2
Certificate issuer: /CN=A91697FA/serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Certificate serial: 34AB
Authority key identifier: 9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/425832460EB611EFB9CD4F47C4F9AE02.roa
Signing time: Fri 10 May 2024 10:15:43 +0000
ROA not before: Fri 10 May 2024 10:15:43 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 7693
IP address blocks: 58.181.128.0/17 maxlen: 17
58.181.128.0/20 maxlen: 20
58.181.144.0/20 maxlen: 20
58.181.146.0/23 maxlen: 23
58.181.160.0/20 maxlen: 20
58.181.176.0/20 maxlen: 20
58.181.192.0/20 maxlen: 20
58.181.200.0/24 maxlen: 24
58.181.208.0/20 maxlen: 20
58.181.212.0/24 maxlen: 24
58.181.224.0/20 maxlen: 20
58.181.225.0/24 maxlen: 24
58.181.240.0/20 maxlen: 20
58.181.248.0/23 maxlen: 23
58.181.252.0/22 maxlen: 22
103.19.104.0/22 maxlen: 22
202.44.144.0/24 maxlen: 24
202.149.96.0/19 maxlen: 19
202.149.96.0/20 maxlen: 20
202.149.112.0/20 maxlen: 20
203.107.128.0/17 maxlen: 17
203.107.128.0/20 maxlen: 20
203.107.129.0/24 maxlen: 24
203.107.130.0/24 maxlen: 24
203.107.144.0/20 maxlen: 20
203.107.160.0/20 maxlen: 20
203.107.176.0/20 maxlen: 20
203.107.192.0/20 maxlen: 20
203.107.192.0/24 maxlen: 24
203.107.208.0/20 maxlen: 20
203.107.224.0/20 maxlen: 20
203.107.231.0/24 maxlen: 24
203.107.240.0/20 maxlen: 20
203.107.255.0/24 maxlen: 24
203.155.0.0/16 maxlen: 16
203.155.0.0/20 maxlen: 20
203.155.0.0/23 maxlen: 23
203.155.16.0/20 maxlen: 20
203.155.32.0/20 maxlen: 20
203.155.42.0/24 maxlen: 24
203.155.48.0/20 maxlen: 20
203.155.54.0/23 maxlen: 23
203.155.64.0/20 maxlen: 20
203.155.66.0/24 maxlen: 24
203.155.80.0/20 maxlen: 20
203.155.96.0/20 maxlen: 20
203.155.112.0/20 maxlen: 20
203.155.128.0/20 maxlen: 20
203.155.144.0/20 maxlen: 20
203.155.160.0/20 maxlen: 20
203.155.176.0/20 maxlen: 20
203.155.192.0/20 maxlen: 20
203.155.208.0/20 maxlen: 20
203.155.219.0/24 maxlen: 24
203.155.224.0/20 maxlen: 20
203.155.240.0/20 maxlen: 20
203.155.253.0/24 maxlen: 24
203.155.255.0/24 maxlen: 24
203.188.0.0/18 maxlen: 18
203.188.0.0/20 maxlen: 24
203.188.32.0/20 maxlen: 24
203.195.96.0/20 maxlen: 20
203.195.105.0/24 maxlen: 24
203.209.0.0/18 maxlen: 18
203.209.0.0/20 maxlen: 20
203.209.16.0/20 maxlen: 20
203.209.32.0/20 maxlen: 20
203.209.48.0/20 maxlen: 20
203.209.64.0/18 maxlen: 18
203.209.64.0/20 maxlen: 20
203.209.80.0/20 maxlen: 20
203.209.93.0/24 maxlen: 24
203.209.96.0/20 maxlen: 20
203.209.112.0/20 maxlen: 20
203.209.122.0/24 maxlen: 24
203.209.123.0/24 maxlen: 24
203.209.125.0/24 maxlen: 24
2405:a000::/32 maxlen: 32
2405:a000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.crl
rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 14:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13483 (0x34ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91697FA/serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Validity
Not Before: May 10 10:15:43 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=663df3cf-ab13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d9:72:19:75:dd:31:40:ea:36:b4:b7:65:1e:
54:3c:bd:fc:5b:cc:e4:84:e6:de:a7:e5:7f:1c:a6:
2c:47:af:99:6e:a0:4e:50:43:80:02:59:da:8f:28:
97:ad:5f:60:f4:a9:62:88:4c:80:f2:67:38:fa:67:
c3:b9:94:e3:e5:ca:80:4a:9b:e7:5a:7f:8c:0a:13:
1c:3e:83:a7:35:a2:bd:04:24:6f:d8:4e:08:8b:a9:
da:96:bb:d5:32:aa:09:e8:cd:f7:4e:8a:4b:fd:42:
33:ba:46:79:08:66:83:40:d6:f3:ef:8b:19:d8:60:
c4:5d:c8:e1:3f:bf:1f:30:3b:64:77:de:77:28:97:
e8:7f:a9:a7:bb:1f:83:34:c0:49:c0:78:76:c6:49:
09:a6:c5:fe:f0:e1:42:63:4e:c3:4a:dd:7a:4c:4c:
9a:f5:38:31:1a:5d:67:0b:17:ba:6a:72:97:4e:c8:
55:cb:44:eb:94:6c:82:b0:6d:31:97:c2:3e:ce:12:
e9:d3:fd:e5:8f:f1:2a:02:fa:61:ac:2a:fb:5e:60:
2e:77:81:09:bd:24:c9:9f:95:c5:f3:f5:db:c0:f5:
5b:a1:91:e0:b6:46:9e:7b:02:58:f8:88:33:15:13:
e1:38:0a:df:4d:40:e5:9f:ab:c5:e6:ae:b5:4d:33:
48:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:86:F6:E6:8C:A9:DA:4F:AF:9F:53:00:39:7D:6B:9C:27:66:AE:A2
X509v3 Authority Key Identifier:
keyid:9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/425832460EB611EFB9CD4F47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.181.128.0/17
103.19.104.0/22
202.44.144.0/24
202.149.96.0/19
203.107.128.0/17
203.155.0.0/16
203.188.0.0/18
203.195.96.0/20
203.209.0.0/17
IPv6:
2405:a000::/32
Signature Algorithm: sha256WithRSAEncryption
04:df:05:9f:62:e7:10:ab:94:33:49:88:c0:00:f3:63:f5:45:
69:f3:33:75:1f:82:1d:e2:76:da:16:87:d7:a6:27:41:a5:ed:
fd:29:02:bf:0e:9c:49:35:e3:9b:df:63:0e:a9:0f:44:84:ef:
fa:23:84:49:87:3c:4c:d5:ad:cc:ea:b0:0d:f0:1c:96:bd:23:
2c:59:48:cf:47:11:67:23:0f:99:6a:ab:bf:38:a4:4e:5a:dc:
0a:e5:21:82:e1:2d:8d:39:fc:9d:b6:b4:07:ff:4d:f2:bc:c9:
fe:42:32:ed:31:3d:34:79:60:0b:31:3c:99:60:4b:94:f1:22:
d7:12:9a:95:ea:d9:f9:18:78:64:dd:3b:4a:37:97:78:9b:4d:
9e:19:4d:d4:12:9f:ae:93:a9:77:4c:2f:0c:37:8d:ae:b9:22:
dd:8c:5d:a6:5e:f1:a6:18:8a:ba:9f:55:4f:61:d3:fd:c2:ec:
4e:f3:df:2a:8f:26:5a:ec:a4:cd:83:aa:13:97:52:e1:c2:55:
5e:43:52:81:38:4e:15:9c:36:66:98:ef:e9:76:22:a6:ab:5e:
91:78:62:76:c4:e1:98:02:bf:d8:7c:54:1e:b1:30:7e:76:6e:
78:89:2d:34:24:74:9d:02:81:a9:84:4c:a9:1b:34:3e:5c:a5:
5a:69:86:6e
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICNKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk3RkExMTAvBgNVBAUTKDlGODJEQkM5NDY2MzEyQzVCQTJFOTIxMjc5MzAyNDAw
OTU2QTk4MkEwHhcNMjQwNTEwMTAxNTQzWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNkZjNjZi1hYjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz9lyGXXdMUDqNrS3ZR5UPL38W8zkhObep+V/HKYsR6+ZbqBOUEOAAlnajyiX
rV9g9KliiEyA8mc4+mfDuZTj5cqASpvnWn+MChMcPoOnNaK9BCRv2E4Ii6nalrvV
MqoJ6M33TopL/UIzukZ5CGaDQNbz74sZ2GDEXcjhP78fMDtkd953KJfof6mnux+D
NMBJwHh2xkkJpsX+8OFCY07DSt16TEya9TgxGl1nCxe6anKXTshVy0TrlGyCsG0x
l8I+zhLp0/3lj/EqAvphrCr7XmAud4EJvSTJn5XF8/XbwPVboZHgtkaeewJY+Igz
FRPhOArfTUDln6vF5q61TTNIoQIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFDaG9uaM
qdpPr59TADl9a5wnZq6iMB8GA1UdIwQYMBaAFJ+C28lGYxLFui6SEnkwJACVapgq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTdGQS8yN0Y4M0I3MDFE
ODMxMUUyOTMyOTIxRDgwOEIwMkNEMi9uNExieVVaakVzVzZMcElTZVRBa0FKVnFt
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL240TGJ5VVpqRXNXNkxwSVNlVEFrQUpWcW1Dby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njk3RkEvMjdGODNCNzAxRDgzMTFFMjkzMjkyMUQ4MDhCMDJDRDIvNDI1ODMyNDYw
RUI2MTFFRkI5Q0Q0RjQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMDsEAgABMDUDBAc6tYADBAJnE2gDBADKLJADBAXKlWADBAfLa4ADAwDLmwME
Bsu8AAMEBMvDYAMEB8vRADANBAIAAjAHAwUAJAWgADANBgkqhkiG9w0BAQsFAAOC
AQEABN8Fn2LnEKuUM0mIwADzY/VFafMzdR+CHeJ22haH16YnQaXt/SkCvw6cSTXj
m99jDqkPRITv+iOESYc8TNWtzOqwDfAclr0jLFlIz0cRZyMPmWqrvzikTlrcCuUh
guEtjTn8nba0B/9N8rzJ/kIy7TE9NHlgCzE8mWBLlPEi1xKalerZ+Rh4ZN07SjeX
eJtNnhlN1BKfrpOpd0wvDDeNrrki3Yxdpl7xphiKup9VT2HT/cLsTvPfKo8mWuyk
zYOqE5dS4cJVXkNSgThOFZw2Zpjv6XYipqtekXhidsThmAK/2HxUHrEwfnZueIkt
NCR0nQKBqYRMqRs0PlylWmmGbg==
-----END CERTIFICATE-----
Generated at Fri May 31 16:40:57 2024 by rpki-client on console-ams.rpki-client.org