Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/8C2F4DBA8D3111EFA61E9282C4F9AE02.roa
File: 8C2F4DBA8D3111EFA61E9282C4F9AE02.roa (raw, json)
Hash identifier: rGSaf9r5NHWNkGd2dlgWyn72IpJZOpkzcKbp3O1O8bg=
Subject key identifier: EF:B2:4D:AC:49:26:9D:B0:30:37:41:91:89:46:25:5F:2D:B9:BE:15
Certificate issuer: /CN=A918404E/serialNumber=9C7C776F6BF6003283F0CAB43E2DC61494997162
Certificate serial: 089F
Authority key identifier: 9C:7C:77:6F:6B:F6:00:32:83:F0:CA:B4:3E:2D:C6:14:94:99:71:62
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/8C2F4DBA8D3111EFA61E9282C4F9AE02.roa
Signing time: Fri 18 Oct 2024 09:21:39 +0000
ROA not before: Fri 18 Oct 2024 09:21:39 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 132115
IP address blocks: 45.117.200.0/24 maxlen: 24
45.117.201.0/24 maxlen: 24
45.117.202.0/24 maxlen: 24
45.117.203.0/24 maxlen: 24
45.117.204.0/24 maxlen: 24
45.117.205.0/24 maxlen: 24
45.117.206.0/24 maxlen: 24
45.117.207.0/24 maxlen: 24
45.126.160.0/24 maxlen: 24
45.126.161.0/24 maxlen: 24
45.126.162.0/24 maxlen: 24
45.126.163.0/24 maxlen: 24
103.24.188.0/24 maxlen: 24
103.24.189.0/24 maxlen: 24
103.24.190.0/24 maxlen: 24
103.24.191.0/24 maxlen: 24
103.57.236.0/24 maxlen: 24
103.57.237.0/24 maxlen: 24
103.57.238.0/24 maxlen: 24
103.57.239.0/24 maxlen: 24
103.57.240.0/24 maxlen: 24
103.57.241.0/24 maxlen: 24
103.57.242.0/24 maxlen: 24
103.57.243.0/24 maxlen: 24
103.57.244.0/24 maxlen: 24
103.57.245.0/24 maxlen: 24
103.57.246.0/24 maxlen: 24
103.57.247.0/24 maxlen: 24
103.70.208.0/24 maxlen: 24
103.70.209.0/24 maxlen: 24
103.70.210.0/24 maxlen: 24
103.70.211.0/24 maxlen: 24
103.75.192.0/24 maxlen: 24
103.75.193.0/24 maxlen: 24
103.75.194.0/24 maxlen: 24
103.75.195.0/24 maxlen: 24
103.225.176.0/24 maxlen: 24
103.225.177.0/24 maxlen: 24
103.225.178.0/24 maxlen: 24
103.225.179.0/24 maxlen: 24
103.244.4.0/24 maxlen: 24
103.244.5.0/24 maxlen: 24
103.244.6.0/24 maxlen: 24
103.244.7.0/24 maxlen: 24
150.107.10.0/24 maxlen: 24
150.107.11.0/24 maxlen: 24
150.129.124.0/24 maxlen: 24
150.129.125.0/24 maxlen: 24
150.129.126.0/24 maxlen: 24
150.129.127.0/24 maxlen: 24
202.142.64.0/24 maxlen: 24
202.142.65.0/24 maxlen: 24
202.142.66.0/24 maxlen: 24
202.142.67.0/24 maxlen: 24
202.142.68.0/24 maxlen: 24
202.142.69.0/24 maxlen: 24
202.142.70.0/24 maxlen: 24
202.142.71.0/24 maxlen: 24
202.142.72.0/24 maxlen: 24
202.142.73.0/24 maxlen: 24
202.142.74.0/24 maxlen: 24
202.142.75.0/24 maxlen: 24
202.142.76.0/24 maxlen: 24
202.142.77.0/24 maxlen: 24
202.142.78.0/24 maxlen: 24
202.142.79.0/24 maxlen: 24
202.142.81.0/24 maxlen: 24
202.142.83.0/24 maxlen: 24
202.142.85.0/24 maxlen: 24
202.142.86.0/24 maxlen: 24
202.142.87.0/24 maxlen: 24
202.142.89.0/24 maxlen: 24
202.142.90.0/24 maxlen: 24
202.142.91.0/24 maxlen: 24
202.142.92.0/24 maxlen: 24
202.142.93.0/24 maxlen: 24
202.142.95.0/24 maxlen: 24
202.142.96.0/24 maxlen: 24
202.142.97.0/24 maxlen: 24
202.142.98.0/24 maxlen: 24
202.142.99.0/24 maxlen: 24
202.142.100.0/24 maxlen: 24
202.142.101.0/24 maxlen: 24
202.142.102.0/24 maxlen: 24
202.142.103.0/24 maxlen: 24
202.142.104.0/24 maxlen: 24
202.142.105.0/24 maxlen: 24
202.142.106.0/24 maxlen: 24
202.142.107.0/24 maxlen: 24
202.142.110.0/24 maxlen: 24
202.142.112.0/24 maxlen: 24
202.142.113.0/24 maxlen: 24
202.142.114.0/24 maxlen: 24
202.142.115.0/24 maxlen: 24
202.142.118.0/24 maxlen: 24
202.142.119.0/24 maxlen: 24
202.142.120.0/24 maxlen: 24
202.142.123.0/24 maxlen: 24
202.142.124.0/24 maxlen: 24
202.142.125.0/24 maxlen: 24
202.142.126.0/24 maxlen: 24
202.142.127.0/24 maxlen: 24
2406:3c80::/48 maxlen: 48
2406:3c80:1::/48 maxlen: 48
2406:3c80:2::/48 maxlen: 48
2406:3c80:3::/48 maxlen: 48
2406:3c80:4::/48 maxlen: 48
2406:3c80:5::/48 maxlen: 48
2406:3c80:6::/48 maxlen: 48
2406:3c80:7::/48 maxlen: 48
2406:3c80:8::/48 maxlen: 48
2406:3c80:400::/48 maxlen: 48
2406:3c80:401::/48 maxlen: 48
2406:3c80:402::/48 maxlen: 48
2406:3c80:403::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.crl
rsync://rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2207 (0x89f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918404E/serialNumber=9C7C776F6BF6003283F0CAB43E2DC61494997162
Validity
Not Before: Oct 18 09:21:39 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=671228a3-f14b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:87:35:a7:cd:0a:44:d7:77:8c:f5:bd:01:e9:
74:81:09:a6:4a:dd:aa:83:91:9a:b6:e7:13:a5:cf:
ee:61:ca:39:09:16:1d:bf:3a:ef:77:9e:ed:90:38:
69:ee:0b:33:79:15:88:0c:80:07:49:fd:82:a3:11:
c3:44:86:92:6b:48:62:f1:b9:d3:de:ed:6e:57:f5:
dd:fd:e8:58:b8:4c:3f:62:fb:d1:07:71:b9:26:18:
10:45:9b:7c:76:9e:90:87:ca:82:a2:c7:4b:a1:da:
a5:e8:56:16:91:d5:08:a8:8a:a5:6f:4f:1d:ba:f7:
ba:a4:71:89:11:df:47:c8:26:91:94:77:2e:ac:88:
15:8c:59:86:ae:db:70:38:f6:71:6e:2d:84:a6:f1:
e2:7a:df:c2:85:72:f0:87:5e:cb:c2:f4:6c:a3:6b:
00:62:87:9a:30:43:71:8c:d8:5f:0c:0f:27:0e:76:
2a:18:24:31:90:bf:e7:7b:20:75:fa:98:5f:12:e2:
c1:d0:40:58:38:f8:34:32:7c:35:b9:79:b0:4a:50:
a8:f9:93:b0:7b:04:0f:c2:e4:10:b2:48:9d:dd:fc:
92:64:a9:3b:2a:b2:01:da:14:9f:ca:6f:4d:08:1f:
28:22:b0:51:21:2b:93:f4:0d:97:cf:f3:7f:30:c3:
5f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:B2:4D:AC:49:26:9D:B0:30:37:41:91:89:46:25:5F:2D:B9:BE:15
X509v3 Authority Key Identifier:
keyid:9C:7C:77:6F:6B:F6:00:32:83:F0:CA:B4:3E:2D:C6:14:94:99:71:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nHx3b2v2ADKD8Mq0Pi3GFJSZcWI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918404E/BC030C76F1DA11EAAFC6C70AC4F9AE02/8C2F4DBA8D3111EFA61E9282C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.200.0/21
45.126.160.0/22
103.24.188.0/22
103.57.236.0-103.57.247.255
103.70.208.0/22
103.75.192.0/22
103.225.176.0/22
103.244.4.0/22
150.107.10.0/23
150.129.124.0/22
202.142.64.0/20
202.142.81.0/24
202.142.83.0/24
202.142.85.0-202.142.87.255
202.142.89.0-202.142.93.255
202.142.95.0-202.142.107.255
202.142.110.0/24
202.142.112.0/22
202.142.118.0-202.142.120.255
202.142.123.0-202.142.127.255
IPv6:
2406:3c80::-2406:3c80:8:ffff:ffff:ffff:ffff:ffff
2406:3c80:400::/46
Signature Algorithm: sha256WithRSAEncryption
16:e8:9e:ce:31:37:3e:e5:ce:5d:77:6e:4a:69:a5:be:44:19:
e5:5e:d4:30:0a:49:00:ec:d4:7b:0f:58:e6:b6:cb:4b:2a:2b:
7c:d0:a7:fb:0b:88:3c:ff:d0:da:cc:a1:3e:26:74:2f:23:54:
20:3d:09:b9:bf:36:36:47:57:b0:bc:54:dd:13:c7:4c:b4:2e:
e4:9d:04:a9:41:6b:90:63:50:60:51:48:72:9e:39:c8:9f:ed:
70:ea:b9:ec:e7:5f:20:84:fa:54:54:96:c0:16:6d:63:20:84:
40:9a:a5:bf:d6:da:14:1e:de:ab:92:21:c8:71:83:fe:58:0f:
06:c4:eb:a3:ee:8b:09:89:43:3a:6d:40:42:b7:67:86:73:be:
22:7c:00:44:3a:6d:85:67:79:45:74:e9:b2:e5:01:8b:54:d2:
31:2f:64:c1:70:80:9f:63:96:4e:ae:07:0f:14:49:cf:40:b6:
ee:d5:6c:fe:0b:00:a2:72:f9:74:c1:d5:f5:62:1d:b6:05:4f:
2b:83:ac:c0:78:4c:0b:01:16:68:e9:65:90:5a:4a:33:1d:0a:
e4:07:d8:d9:7e:7c:83:e7:87:c6:22:93:21:e3:f3:78:47:1d:
f5:da:ca:88:27:be:dc:52:3a:d7:4b:59:56:f5:f7:98:07:f5:
80:14:e9:c9
-----BEGIN CERTIFICATE-----
MIIGOzCCBSOgAwIBAgICCJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODQwNEUxMTAvBgNVBAUTKDlDN0M3NzZGNkJGNjAwMzI4M0YwQ0FCNDNFMkRDNjE0
OTQ5OTcxNjIwHhcNMjQxMDE4MDkyMTM5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzEyMjhhMy1mMTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Ic1p80KRNd3jPW9Ael0gQmmSt2qg5GatucTpc/uYco5CRYdvzrvd57tkDhp
7gszeRWIDIAHSf2CoxHDRIaSa0hi8bnT3u1uV/Xd/ehYuEw/YvvRB3G5JhgQRZt8
dp6Qh8qCosdLodql6FYWkdUIqIqlb08duve6pHGJEd9HyCaRlHcurIgVjFmGrttw
OPZxbi2EpvHiet/ChXLwh17LwvRso2sAYoeaMENxjNhfDA8nDnYqGCQxkL/neyB1
+phfEuLB0EBYOPg0Mnw1uXmwSlCo+ZOwewQPwuQQskid3fySZKk7KrIB2hSfym9N
CB8oIrBRISuT9A2Xz/N/MMNfnwIDAQABo4IDXzCCA1swHQYDVR0OBBYEFO+yTaxJ
Jp2wMDdBkYlGJV8tub4VMB8GA1UdIwQYMBaAFJx8d29r9gAyg/DKtD4txhSUmXFi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDA0RS9CQzAzMEM3NkYx
REExMUVBQUZDNkM3MEFDNEY5QUUwMi9uSHgzYjJ2MkFES0Q4TXEwUGkzR0ZKU1pj
V0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25IeDNiMnYyQURLRDhNcTBQaTNHRkpTWmNXSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQwNEUvQkMwMzBDNzZGMURBMTFFQUFGQzZDNzBBQzRGOUFFMDIvOEMyRjREQkE4
RDMxMTFFRkE2MUU5MjgyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgegGCCsGAQUFBwEHAQH/
BIHYMIHVMIGvBAIAATCBqAMEAy11yAMEAi1+oAMEAmcYvDAMAwQCZznsAwQDZznw
AwQCZ0bQAwQCZ0vAAwQCZ+GwAwQCZ/QEAwQBlmsKAwQCloF8AwQEyo5AAwQAyo5R
AwQAyo5TMAwDBADKjlUDBAPKjlAwDAMEAMqOWQMEAcqOXDAMAwQAyo5fAwQCyo5o
AwQAyo5uAwQCyo5wMAwDBAHKjnYDBADKjngwDAMEAMqOewMEB8qOADAhBAIAAjAb
MBADBQckBjyAAwcAJAY8gAAIAwcCJAY8gAQAMA0GCSqGSIb3DQEBCwUAA4IBAQAW
6J7OMTc+5c5dd25KaaW+RBnlXtQwCkkA7NR7D1jmtstLKit80Kf7C4g8/9DazKE+
JnQvI1QgPQm5vzY2R1ewvFTdE8dMtC7knQSpQWuQY1BgUUhynjnIn+1w6rns518g
hPpUVJbAFm1jIIRAmqW/1toUHt6rkiHIcYP+WA8GxOuj7osJiUM6bUBCt2eGc74i
fABEOm2FZ3lFdOmy5QGLVNIxL2TBcICfY5ZOrgcPFEnPQLbu1Wz+CwCicvl0wdX1
Yh22BU8rg6zAeEwLARZo6WWQWkozHQrkB9jZfnyD54fGIpMh4/N4Rx312sqIJ77c
UjrXS1lW9feYB/WAFOnJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:33 2024 by rpki-client on console-ams.rpki-client.org