Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/6E0B5938066711EFA1505F46C4F9AE02.roa
File: 6E0B5938066711EFA1505F46C4F9AE02.roa (raw, json)
Hash identifier: 4LEPmQqJ/bhe0/QWWis2Uf3VhnJ/oX1Gw/a6rKhwX7I=
Subject key identifier: EF:14:C3:59:40:60:5E:A6:94:ED:20:6D:BA:47:2A:73:A6:C5:A5:F1
Certificate issuer: /CN=A916A983/serialNumber=71565F2D7B924CD72B455B68B667194010BB1A9F
Certificate serial: 1246
Authority key identifier: 71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/6E0B5938066711EFA1505F46C4F9AE02.roa
Signing time: Mon 29 Apr 2024 20:31:17 +0000
ROA not before: Mon 29 Apr 2024 20:31:17 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 1221
IP address blocks: 1.120.0.0/13 maxlen: 13
1.128.0.0/11 maxlen: 11
58.160.0.0/12 maxlen: 12
60.224.0.0/13 maxlen: 13
61.8.0.0/19 maxlen: 19
61.9.128.0/17 maxlen: 17
101.103.0.0/16 maxlen: 16
101.160.0.0/11 maxlen: 11
110.140.0.0/15 maxlen: 15
110.142.0.0/16 maxlen: 16
110.143.0.0/16 maxlen: 16
110.144.0.0/13 maxlen: 13
120.144.0.0/13 maxlen: 13
120.152.0.0/14 maxlen: 14
120.156.0.0/15 maxlen: 15
120.158.0.0/16 maxlen: 16
121.208.0.0/12 maxlen: 12
123.209.0.0/16 maxlen: 16
123.210.0.0/15 maxlen: 15
124.176.0.0/12 maxlen: 12
125.255.0.0/16 maxlen: 16
202.7.64.0/19 maxlen: 19
202.12.128.0/18 maxlen: 18
202.12.192.0/19 maxlen: 19
202.12.224.0/20 maxlen: 20
202.12.240.0/23 maxlen: 23
202.12.242.0/24 maxlen: 24
203.2.228.0/24 maxlen: 24
203.9.190.0/23 maxlen: 23
203.12.42.0/24 maxlen: 24
203.12.144.0/21 maxlen: 21
203.13.21.0/24 maxlen: 24
203.14.0.0/20 maxlen: 20
203.15.68.0/24 maxlen: 24
203.16.180.0/22 maxlen: 22
203.17.40.0/21 maxlen: 21
203.17.162.0/24 maxlen: 24
203.18.76.0/23 maxlen: 23
203.18.112.0/20 maxlen: 20
203.22.129.0/24 maxlen: 24
203.24.134.0/23 maxlen: 23
203.24.170.0/24 maxlen: 24
203.26.8.0/22 maxlen: 22
203.26.175.0/24 maxlen: 24
203.27.69.0/24 maxlen: 24
203.27.128.0/18 maxlen: 18
203.27.237.0/24 maxlen: 24
203.29.160.0/20 maxlen: 20
203.34.33.0/24 maxlen: 24
203.34.68.0/24 maxlen: 24
203.35.0.0/16 maxlen: 16
203.36.0.0/14 maxlen: 14
203.40.0.0/13 maxlen: 13
203.48.0.0/14 maxlen: 14
203.52.0.0/15 maxlen: 15
203.54.0.0/16 maxlen: 16
203.58.32.0/19 maxlen: 19
203.58.64.0/18 maxlen: 18
203.58.128.0/17 maxlen: 17
203.62.148.0/22 maxlen: 22
203.62.248.0/21 maxlen: 21
203.92.224.0/19 maxlen: 24
203.100.224.0/19 maxlen: 19
203.143.192.0/18 maxlen: 18
203.143.192.0/19 maxlen: 19
203.143.224.0/19 maxlen: 19
210.23.128.0/19 maxlen: 19
2001:8000::/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.crl
rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 18:05:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4678 (0x1246)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916A983/serialNumber=71565F2D7B924CD72B455B68B667194010BB1A9F
Validity
Not Before: Apr 29 20:31:17 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=66300395-1537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:71:8f:5b:7f:31:06:f7:65:57:73:85:33:e4:
5b:1f:ad:56:9f:ce:a9:aa:ee:ad:46:62:b4:ab:91:
e5:86:8f:e6:7e:b4:49:54:74:39:1f:27:eb:00:3e:
92:c3:e3:c5:17:b2:72:5a:32:a8:d4:00:bc:07:3f:
0c:28:19:a2:6b:2d:8f:83:96:fd:a5:b2:20:20:d3:
f6:95:43:cf:5e:48:9b:0f:ae:aa:c8:9c:19:be:91:
7d:a7:a5:ba:9a:92:b1:9d:fa:0a:6f:44:9d:45:39:
98:26:ca:ac:a8:0a:63:dc:ef:3f:a1:47:ea:7e:da:
63:54:e2:be:a0:63:13:f6:89:5a:84:fb:64:9f:7a:
49:bd:93:42:14:0d:ea:cd:ab:26:c9:f7:94:af:a1:
11:91:c9:6e:6d:c4:2f:bd:ed:99:ec:e3:0a:9e:1f:
94:aa:01:9d:0d:87:a8:64:95:f4:6b:2f:9d:4f:22:
89:62:0d:a2:12:89:77:1e:a3:05:e3:a9:aa:b1:74:
81:b7:93:60:ad:2c:ea:cb:21:41:66:5b:e8:da:87:
eb:90:5a:f1:b4:92:7a:b6:e9:52:10:96:1e:5f:54:
1c:fd:41:5e:66:2f:2e:53:26:cc:d0:75:69:49:c0:
f9:4d:87:3b:3a:47:84:f9:a9:7f:79:f8:be:69:c7:
ab:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:14:C3:59:40:60:5E:A6:94:ED:20:6D:BA:47:2A:73:A6:C5:A5:F1
X509v3 Authority Key Identifier:
keyid:71:56:5F:2D:7B:92:4C:D7:2B:45:5B:68:B6:67:19:40:10:BB:1A:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/cVZfLXuSTNcrRVtotmcZQBC7Gp8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cVZfLXuSTNcrRVtotmcZQBC7Gp8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A983/16730D20CD0F11E89D9FF165C4F9AE02/6E0B5938066711EFA1505F46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.120.0.0-1.159.255.255
58.160.0.0/12
60.224.0.0/13
61.8.0.0/19
61.9.128.0/17
101.103.0.0/16
101.160.0.0/11
110.140.0.0-110.151.255.255
120.144.0.0-120.158.255.255
121.208.0.0/12
123.209.0.0-123.211.255.255
124.176.0.0/12
125.255.0.0/16
202.7.64.0/19
202.12.128.0-202.12.242.255
203.2.228.0/24
203.9.190.0/23
203.12.42.0/24
203.12.144.0/21
203.13.21.0/24
203.14.0.0/20
203.15.68.0/24
203.16.180.0/22
203.17.40.0/21
203.17.162.0/24
203.18.76.0/23
203.18.112.0/20
203.22.129.0/24
203.24.134.0/23
203.24.170.0/24
203.26.8.0/22
203.26.175.0/24
203.27.69.0/24
203.27.128.0/18
203.27.237.0/24
203.29.160.0/20
203.34.33.0/24
203.34.68.0/24
203.35.0.0-203.54.255.255
203.58.32.0-203.58.255.255
203.62.148.0/22
203.62.248.0/21
203.92.224.0/19
203.100.224.0/19
203.143.192.0/18
210.23.128.0/19
IPv6:
2001:8000::/20
Signature Algorithm: sha256WithRSAEncryption
1f:7b:e6:64:23:de:49:cb:f8:40:5a:b6:05:2a:f6:e0:33:15:
f2:c9:c6:2b:88:c3:b8:b6:3e:3a:bc:84:ac:d4:e0:ab:17:27:
c5:1d:68:38:ac:55:43:8b:c5:77:a2:2d:65:6e:2d:6f:a3:a9:
91:51:96:75:cc:49:70:dc:ba:06:db:0b:c3:7b:10:3e:9b:ba:
98:66:e2:e4:57:74:bf:69:9a:d4:b7:a7:af:ef:62:48:27:a1:
52:2e:d4:ae:20:c2:d3:83:08:5d:4a:f2:73:fb:8d:23:81:3b:
2e:6a:c4:bd:28:68:fc:30:20:b2:ac:ea:69:3c:d0:de:18:be:
07:87:a5:88:9c:8b:b5:b1:f8:75:6e:2e:2a:b1:5e:17:cf:bf:
2b:c9:1c:83:55:74:f1:17:03:dd:14:c4:96:c4:81:a2:a3:ce:
d6:c9:d2:08:f6:87:2d:18:a0:89:0c:92:2b:63:da:50:2c:7a:
43:c4:b7:2b:ec:de:84:f8:34:b0:ba:dc:b7:5b:a2:72:dd:fd:
7a:99:55:af:a0:4a:dc:55:69:c8:8e:ca:5b:f5:49:d0:d2:90:
de:df:b1:44:ce:74:ff:48:4c:13:78:75:84:3d:cf:00:dc:c0:
35:01:63:b3:78:4f:d4:a6:43:bc:65:05:d5:59:37:49:46:55:
43:f6:ad:2a
-----BEGIN CERTIFICATE-----
MIIGvTCCBaWgAwIBAgICEkYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkE5ODMxMTAvBgNVBAUTKDcxNTY1RjJEN0I5MjRDRDcyQjQ1NUI2OEI2NjcxOTQw
MTBCQjFBOUYwHhcNMjQwNDI5MjAzMTE3WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMwMDM5NS0xNTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA23GPW38xBvdlV3OFM+RbH61Wn86pqu6tRmK0q5Hlho/mfrRJVHQ5HyfrAD6S
w+PFF7JyWjKo1AC8Bz8MKBmiay2Pg5b9pbIgINP2lUPPXkibD66qyJwZvpF9p6W6
mpKxnfoKb0SdRTmYJsqsqApj3O8/oUfqftpjVOK+oGMT9olahPtkn3pJvZNCFA3q
zasmyfeUr6ERkclubcQvve2Z7OMKnh+UqgGdDYeoZJX0ay+dTyKJYg2iEol3HqMF
46mqsXSBt5NgrSzqyyFBZlvo2ofrkFrxtJJ6tulSEJYeX1Qc/UFeZi8uUybM0HVp
ScD5TYc7OkeE+al/efi+acerIQIDAQABo4ID4TCCA90wHQYDVR0OBBYEFO8Uw1lA
YF6mlO0gbbpHKnOmxaXxMB8GA1UdIwQYMBaAFHFWXy17kkzXK0VbaLZnGUAQuxqf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QTk4My8xNjczMEQyMENE
MEYxMUU4OUQ5RkYxNjVDNEY5QUUwMi9jVlpmTFh1U1ROY3JSVnRvdG1jWlFCQzdH
cDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NWWmZMWHVTVE5jclJWdG90bWNaUUJDN0dwOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkE5ODMvMTY3MzBEMjBDRDBGMTFFODlEOUZGMTY1QzRGOUFFMDIvNkUwQjU5Mzgw
NjY3MTFFRkExNTA1RjQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFpBggrBgEFBQcBBwEB
/wSCAVgwggFUMIIBQgQCAAEwggE6MAoDAwMBeAMDBQGAAwMEOqADAwM84AMEBT0I
AAMEBz0JgAMDAGVnAwMFZaAwCgMDAm6MAwMDbpAwCgMDBHiQAwMAeJ4DAwR50DAK
AwMAe9EDAwJ70AMDBHywAwMAff8DBAXKB0AwDAMEB8oMgAMEAMoM8gMEAMsC5AME
AcsJvgMEAMsMKgMEA8sMkAMEAMsNFQMEBMsOAAMEAMsPRAMEAssQtAMEA8sRKAME
AMsRogMEAcsSTAMEBMsScAMEAMsWgQMEAcsYhgMEAMsYqgMEAssaCAMEAMsarwME
AMsbRQMEBssbgAMEAMsb7QMEBMsdoAMEAMsiIQMEAMsiRDAKAwMAyyMDAwDLNjAL
AwQFyzogAwMAyzoDBALLPpQDBAPLPvgDBAXLXOADBAXLZOADBAbLj8ADBAXSF4Aw
DAQCAAIwBgMEBCABgDANBgkqhkiG9w0BAQsFAAOCAQEAH3vmZCPeScv4QFq2BSr2
4DMV8snGK4jDuLY+OryErNTgqxcnxR1oOKxVQ4vFd6ItZW4tb6OpkVGWdcxJcNy6
BtsLw3sQPpu6mGbi5Fd0v2ma1Lenr+9iSCehUi7UriDC04MIXUryc/uNI4E7LmrE
vSho/DAgsqzqaTzQ3hi+B4eliJyLtbH4dW4uKrFeF8+/K8kcg1V08RcD3RTElsSB
oqPO1snSCPaHLRigiQySK2PaUCx6Q8S3K+zehPg0sLrct1uict39eplVr6BK3FVp
yI7KW/VJ0NKQ3t+xRM50/0hME3h1hD3PANzANQFjs3hP1KZDvGUF1Vk3SUZVQ/at
Kg==
-----END CERTIFICATE-----
Generated at Fri May 31 19:47:49 2024 by rpki-client on console-fra.rpki-client.org