Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/5F003454895D11EE9A09AA30C4F9AE02.roa
File: 5F003454895D11EE9A09AA30C4F9AE02.roa (raw, json)
Hash identifier: NC4A46t37iiSnTXwlZxDtnyo2DE6x35bPsML1Ta8wlM=
Subject key identifier: 30:01:14:65:FA:36:8B:63:E3:70:27:8F:0F:96:95:58:17:7E:19:5A
Certificate issuer: /CN=A918404E/serialNumber=9C7C776F6BF6003283F0CAB43E2DC61494997162
Certificate serial: 07DF
Authority key identifier: 9C:7C:77:6F:6B:F6:00:32:83:F0:CA:B4:3E:2D:C6:14:94:99:71:62
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/5F003454895D11EE9A09AA30C4F9AE02.roa
Signing time: Tue 19 Dec 2023 07:39:21 +0000
ROA not before: Tue 19 Dec 2023 07:39:21 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 132115
IP address blocks: 45.117.200.0/24 maxlen: 24
45.117.201.0/24 maxlen: 24
45.117.202.0/24 maxlen: 24
45.117.203.0/24 maxlen: 24
45.117.204.0/24 maxlen: 24
45.117.205.0/24 maxlen: 24
45.117.206.0/24 maxlen: 24
45.117.207.0/24 maxlen: 24
45.126.160.0/24 maxlen: 24
45.126.161.0/24 maxlen: 24
45.126.162.0/24 maxlen: 24
45.126.163.0/24 maxlen: 24
103.24.188.0/24 maxlen: 24
103.24.189.0/24 maxlen: 24
103.24.190.0/24 maxlen: 24
103.24.191.0/24 maxlen: 24
103.57.236.0/24 maxlen: 24
103.57.237.0/24 maxlen: 24
103.57.238.0/24 maxlen: 24
103.57.239.0/24 maxlen: 24
103.57.240.0/24 maxlen: 24
103.57.241.0/24 maxlen: 24
103.57.242.0/24 maxlen: 24
103.57.243.0/24 maxlen: 24
103.57.244.0/24 maxlen: 24
103.57.245.0/24 maxlen: 24
103.57.246.0/24 maxlen: 24
103.57.247.0/24 maxlen: 24
103.70.208.0/24 maxlen: 24
103.70.209.0/24 maxlen: 24
103.70.210.0/24 maxlen: 24
103.70.211.0/24 maxlen: 24
103.225.176.0/24 maxlen: 24
103.225.177.0/24 maxlen: 24
103.225.178.0/24 maxlen: 24
103.225.179.0/24 maxlen: 24
103.244.4.0/24 maxlen: 24
103.244.5.0/24 maxlen: 24
103.244.6.0/24 maxlen: 24
103.244.7.0/24 maxlen: 24
150.107.10.0/24 maxlen: 24
150.107.11.0/24 maxlen: 24
150.129.124.0/24 maxlen: 24
150.129.125.0/24 maxlen: 24
150.129.126.0/24 maxlen: 24
150.129.127.0/24 maxlen: 24
202.142.64.0/24 maxlen: 24
202.142.65.0/24 maxlen: 24
202.142.66.0/24 maxlen: 24
202.142.67.0/24 maxlen: 24
202.142.68.0/24 maxlen: 24
202.142.69.0/24 maxlen: 24
202.142.70.0/24 maxlen: 24
202.142.71.0/24 maxlen: 24
202.142.72.0/24 maxlen: 24
202.142.73.0/24 maxlen: 24
202.142.74.0/24 maxlen: 24
202.142.75.0/24 maxlen: 24
202.142.76.0/24 maxlen: 24
202.142.77.0/24 maxlen: 24
202.142.78.0/24 maxlen: 24
202.142.79.0/24 maxlen: 24
202.142.81.0/24 maxlen: 24
202.142.83.0/24 maxlen: 24
202.142.85.0/24 maxlen: 24
202.142.86.0/24 maxlen: 24
202.142.87.0/24 maxlen: 24
202.142.89.0/24 maxlen: 24
202.142.90.0/24 maxlen: 24
202.142.91.0/24 maxlen: 24
202.142.92.0/24 maxlen: 24
202.142.93.0/24 maxlen: 24
202.142.95.0/24 maxlen: 24
202.142.96.0/24 maxlen: 24
202.142.97.0/24 maxlen: 24
202.142.98.0/24 maxlen: 24
202.142.99.0/24 maxlen: 24
202.142.100.0/24 maxlen: 24
202.142.101.0/24 maxlen: 24
202.142.102.0/24 maxlen: 24
202.142.103.0/24 maxlen: 24
202.142.104.0/24 maxlen: 24
202.142.105.0/24 maxlen: 24
202.142.106.0/24 maxlen: 24
202.142.107.0/24 maxlen: 24
202.142.110.0/24 maxlen: 24
202.142.112.0/24 maxlen: 24
202.142.113.0/24 maxlen: 24
202.142.114.0/24 maxlen: 24
202.142.115.0/24 maxlen: 24
202.142.118.0/24 maxlen: 24
202.142.119.0/24 maxlen: 24
202.142.120.0/24 maxlen: 24
202.142.123.0/24 maxlen: 24
202.142.124.0/24 maxlen: 24
202.142.125.0/24 maxlen: 24
202.142.126.0/24 maxlen: 24
202.142.127.0/24 maxlen: 24
2406:3c80::/48 maxlen: 48
2406:3c80:1::/48 maxlen: 48
2406:3c80:2::/48 maxlen: 48
2406:3c80:3::/48 maxlen: 48
2406:3c80:4::/48 maxlen: 48
2406:3c80:5::/48 maxlen: 48
2406:3c80:6::/48 maxlen: 48
2406:3c80:7::/48 maxlen: 48
2406:3c80:8::/48 maxlen: 48
2406:3c80:400::/48 maxlen: 48
2406:3c80:401::/48 maxlen: 48
2406:3c80:402::/48 maxlen: 48
2406:3c80:403::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.crl
rsync://rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 13 Jun 2024 22:26:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2015 (0x7df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918404E/serialNumber=9C7C776F6BF6003283F0CAB43E2DC61494997162
Validity
Not Before: Dec 19 07:39:21 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=658148a9-2df8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4f:63:5d:23:0d:5f:c3:b9:0f:51:96:5d:c6:
88:74:f6:5c:c5:9f:19:d5:bc:84:bf:8a:25:90:b3:
bc:af:4e:a5:83:da:3f:e4:b1:9f:49:dc:8c:03:05:
4f:28:c0:5f:66:f3:4d:de:cf:40:5f:40:4c:e1:36:
c8:e5:78:d0:7d:d3:0b:cc:4a:4a:f4:cc:d3:14:32:
b0:62:ae:a7:a2:c6:7b:95:d7:6b:78:14:74:f2:f4:
ec:88:80:e3:43:88:9f:50:a0:aa:d0:0e:76:67:57:
53:80:52:b2:de:83:bc:08:d5:3d:d4:f1:d4:a1:a8:
e0:a2:d5:52:cb:c4:7d:d1:d8:ab:1c:a4:0f:18:32:
10:11:1e:99:bc:ca:c6:3e:20:29:ce:3d:df:0b:ae:
08:47:f8:79:40:e7:98:1b:48:79:30:38:59:7a:e4:
2b:88:54:43:53:6d:88:16:52:45:fa:27:d5:75:d5:
e3:bb:90:3e:c2:e2:60:18:a4:4d:42:44:b6:c1:48:
22:4e:1c:48:86:35:06:5f:52:de:3e:d2:07:5c:41:
80:9b:6c:48:8d:da:6b:05:48:27:0b:05:aa:2d:08:
d7:0f:eb:08:c0:7c:1b:4a:fa:15:88:a8:67:6a:6f:
c9:09:88:ab:de:6c:44:f2:6c:b4:eb:e7:6c:e8:19:
f1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:01:14:65:FA:36:8B:63:E3:70:27:8F:0F:96:95:58:17:7E:19:5A
X509v3 Authority Key Identifier:
keyid:9C:7C:77:6F:6B:F6:00:32:83:F0:CA:B4:3E:2D:C6:14:94:99:71:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/5F003454895D11EE9A09AA30C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.200.0/21
45.126.160.0/22
103.24.188.0/22
103.57.236.0-103.57.247.255
103.70.208.0/22
103.225.176.0/22
103.244.4.0/22
150.107.10.0/23
150.129.124.0/22
202.142.64.0/20
202.142.81.0/24
202.142.83.0/24
202.142.85.0-202.142.87.255
202.142.89.0-202.142.93.255
202.142.95.0-202.142.107.255
202.142.110.0/24
202.142.112.0/22
202.142.118.0-202.142.120.255
202.142.123.0-202.142.127.255
IPv6:
2406:3c80::-2406:3c80:8:ffff:ffff:ffff:ffff:ffff
2406:3c80:400::/46
Signature Algorithm: sha256WithRSAEncryption
5e:15:8d:67:2f:2f:62:69:a1:98:28:6c:06:e3:0a:95:d0:ee:
0c:c4:0a:9c:44:4f:20:8b:2a:3f:5d:21:92:cf:82:47:6a:d7:
3b:96:e0:cf:bc:39:fb:7b:51:65:86:32:30:ff:71:5f:53:33:
79:d2:d1:25:4a:5f:60:e3:96:7b:d7:87:3d:a5:a0:4c:03:ec:
a6:c5:a2:26:1f:be:d1:83:71:c2:93:2a:e8:9e:a7:d3:86:91:
d0:99:87:77:21:d9:1b:bc:6d:07:8c:29:83:06:59:f5:fc:98:
41:8f:14:c6:ba:80:20:9b:6f:ff:ac:0b:a6:2b:de:34:21:60:
12:7a:aa:6b:5c:c9:80:24:5f:a0:8a:0c:28:45:cd:cb:71:11:
aa:25:dd:31:2b:83:5e:77:df:19:a3:58:1f:8d:de:ce:35:bf:
d8:73:10:d4:40:27:2e:b0:cb:47:dc:1a:10:85:82:10:99:60:
78:af:c6:59:d5:99:8d:c1:85:f1:3d:3a:6a:28:d3:3f:0d:41:
8e:9a:61:c5:ee:a0:3a:f3:21:d7:22:1d:77:c8:61:b7:66:f2:
75:89:ee:85:aa:23:98:4e:aa:9e:e7:c8:7f:5c:ff:40:e1:7f:
d5:cf:ff:d2:f5:b5:e9:10:42:da:e3:4c:06:69:d1:7c:59:89:
fe:24:78:01
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgICB98wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQwNEUxMTAvBgNVBAUTKDlDN0M3NzZGNkJGNjAwMzI4M0YwQ0FCNDNFMkRDNjE0
OTQ5OTcxNjIwHhcNMjMxMjE5MDczOTIxWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgxNDhhOS0yZGY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs09jXSMNX8O5D1GWXcaIdPZcxZ8Z1byEv4olkLO8r06lg9o/5LGfSdyMAwVP
KMBfZvNN3s9AX0BM4TbI5XjQfdMLzEpK9MzTFDKwYq6nosZ7lddreBR08vTsiIDj
Q4ifUKCq0A52Z1dTgFKy3oO8CNU91PHUoajgotVSy8R90dirHKQPGDIQER6ZvMrG
PiApzj3fC64IR/h5QOeYG0h5MDhZeuQriFRDU22IFlJF+ifVddXju5A+wuJgGKRN
QkS2wUgiThxIhjUGX1LePtIHXEGAm2xIjdprBUgnCwWqLQjXD+sIwHwbSvoViKhn
am/JCYir3mxE8my06+ds6BnxnQIDAQABo4IDWTCCA1UwHQYDVR0OBBYEFDABFGX6
Notj43Anjw+WlVgXfhlaMB8GA1UdIwQYMBaAFJx8d29r9gAyg/DKtD4txhSUmXFi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDA0RS9CQzAzMEM3NkYx
REExMUVBQUZDNkM3MEFDNEY5QUUwMi9uSHgzYjJ2MkFES0Q4TXEwUGkzR0ZKU1pj
V0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25IeDNiMnYyQURLRDhNcTBQaTNHRkpTWmNXSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQwNEUvQkMwMzBDNzZGMURBMTFFQUFGQzZDNzBBQzRGOUFFMDIvNUYwMDM0NTQ4
OTVEMTFFRTlBMDlBQTMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeIGCCsGAQUFBwEHAQH/
BIHSMIHPMIGpBAIAATCBogMEAy11yAMEAi1+oAMEAmcYvDAMAwQCZznsAwQDZznw
AwQCZ0bQAwQCZ+GwAwQCZ/QEAwQBlmsKAwQCloF8AwQEyo5AAwQAyo5RAwQAyo5T
MAwDBADKjlUDBAPKjlAwDAMEAMqOWQMEAcqOXDAMAwQAyo5fAwQCyo5oAwQAyo5u
AwQCyo5wMAwDBAHKjnYDBADKjngwDAMEAMqOewMEB8qOADAhBAIAAjAbMBADBQck
BjyAAwcAJAY8gAAIAwcCJAY8gAQAMA0GCSqGSIb3DQEBCwUAA4IBAQBeFY1nLy9i
aaGYKGwG4wqV0O4MxAqcRE8giyo/XSGSz4JHatc7luDPvDn7e1FlhjIw/3FfUzN5
0tElSl9g45Z714c9paBMA+ymxaImH77Rg3HCkyronqfThpHQmYd3IdkbvG0HjCmD
Bln1/JhBjxTGuoAgm2//rAumK940IWASeqprXMmAJF+gigwoRc3LcRGqJd0xK4Ne
d98Zo1gfjd7ONb/YcxDUQCcusMtH3BoQhYIQmWB4r8ZZ1ZmNwYXxPTpqKNM/DUGO
mmHF7qA68yHXIh13yGG3ZvJ1ie6FqiOYTqqe58h/XP9A4X/Vz//S9bXpEELa40wG
adF8WYn+JHgB
-----END CERTIFICATE-----
Generated at Thu Jun 6 23:31:23 2024 by rpki-client on console-fra.rpki-client.org