Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6CF60CB6785811E99A6E965AC4F9AE02.roa
File: 6CF60CB6785811E99A6E965AC4F9AE02.roa (raw, json)
Hash identifier: hEv61h6PeBurd+rTRipxXpTc52EWMqbc1U8DalQNmB8=
Subject key identifier: 11:B0:BD:34:44:B1:21:5D:BC:C3:C4:C7:3B:4E:68:DE:23:9A:5A:A2
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 3350
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6CF60CB6785811E99A6E965AC4F9AE02.roa
Signing time: Tue 30 Jan 2024 16:12:34 +0000
ROA not before: Tue 30 Jan 2024 16:12:34 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 135478
IP address blocks: 45.126.80.0/23 maxlen: 23
45.126.82.0/23 maxlen: 23
45.126.82.0/24 maxlen: 24
101.128.64.0/22 maxlen: 22
101.128.64.0/24 maxlen: 24
101.128.65.0/24 maxlen: 24
101.128.67.0/24 maxlen: 24
101.128.68.0/22 maxlen: 22
101.128.68.0/24 maxlen: 24
101.128.72.0/22 maxlen: 22
101.128.72.0/24 maxlen: 24
101.128.76.0/22 maxlen: 22
101.128.76.0/24 maxlen: 24
101.128.80.0/22 maxlen: 22
101.128.80.0/24 maxlen: 24
101.128.84.0/22 maxlen: 22
101.128.84.0/24 maxlen: 24
101.128.88.0/22 maxlen: 22
101.128.88.0/24 maxlen: 24
101.128.92.0/22 maxlen: 22
101.128.92.0/24 maxlen: 24
101.128.96.0/22 maxlen: 22
101.128.96.0/24 maxlen: 24
101.128.100.0/22 maxlen: 22
101.128.100.0/24 maxlen: 24
101.128.104.0/22 maxlen: 22
101.128.104.0/24 maxlen: 24
101.128.112.0/22 maxlen: 22
101.128.112.0/24 maxlen: 24
101.128.116.0/22 maxlen: 22
101.128.116.0/24 maxlen: 24
101.128.120.0/22 maxlen: 22
101.128.120.0/24 maxlen: 24
101.128.124.0/22 maxlen: 22
101.128.124.0/24 maxlen: 24
175.158.36.0/22 maxlen: 22
175.158.36.0/24 maxlen: 24
175.158.40.0/22 maxlen: 22
175.158.40.0/24 maxlen: 24
175.158.44.0/22 maxlen: 22
175.158.44.0/24 maxlen: 24
175.158.48.0/22 maxlen: 22
175.158.48.0/24 maxlen: 24
175.158.52.0/22 maxlen: 22
175.158.52.0/24 maxlen: 24
175.158.56.0/22 maxlen: 22
175.158.56.0/24 maxlen: 24
175.158.60.0/22 maxlen: 22
2405:8180::/32 maxlen: 32
2405:8180::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 07 May 2024 15:54:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13136 (0x3350)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Validity
Not Before: Jan 30 16:12:34 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65b91ff2-463f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9e:92:a8:33:be:05:1b:7d:95:53:0f:ac:6d:
cf:07:0a:43:82:30:88:10:53:87:30:d5:a1:5e:50:
08:c2:36:2d:84:97:5d:da:53:18:38:39:c8:6a:fc:
de:d1:5d:a4:a0:37:4f:86:27:0f:fd:01:ac:8e:1c:
c4:f2:87:8f:03:77:01:5e:c9:d8:b9:0e:ca:f2:a0:
23:41:4a:e8:aa:2d:c0:c9:82:62:73:ba:37:99:03:
b0:7a:85:10:b0:3b:64:56:cf:8c:64:12:bc:b0:91:
ae:97:b4:1f:cb:ec:42:36:ac:0d:1f:50:43:7d:cb:
3c:67:2d:1c:09:98:48:c4:e5:40:ae:37:00:7e:44:
ce:63:25:07:f7:38:3d:56:8b:c9:3d:d6:16:c8:be:
da:c4:6e:8e:cd:63:98:39:c1:e1:9c:5e:7b:e1:14:
06:fd:50:a9:67:fa:61:b5:d1:da:6e:1e:c6:a5:1c:
2f:d3:8a:4c:4e:f5:96:90:08:c9:cb:70:05:42:29:
1e:20:11:d3:f5:22:c6:ba:c9:ca:d9:ff:ee:75:77:
ee:d5:b8:c9:18:d6:22:f9:14:0e:7f:8c:12:36:b7:
2c:ba:9f:b4:ac:b1:4a:f8:82:35:6c:91:52:54:81:
d2:c0:cf:f0:27:e9:6a:01:24:69:b3:58:79:b4:5c:
c7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B0:BD:34:44:B1:21:5D:BC:C3:C4:C7:3B:4E:68:DE:23:9A:5A:A2
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/6CF60CB6785811E99A6E965AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.126.80.0/22
101.128.64.0-101.128.107.255
101.128.112.0/20
175.158.36.0-175.158.63.255
IPv6:
2405:8180::/32
Signature Algorithm: sha256WithRSAEncryption
9e:cf:16:ea:cf:42:39:3e:82:93:7c:4d:c3:6f:57:28:84:ce:
be:c9:61:28:ed:6a:ae:e9:14:4d:bc:de:1a:5f:ff:4c:fa:a1:
3e:d5:01:83:e0:4e:9c:9a:13:60:bb:0e:77:8a:4c:8c:ba:b3:
db:c2:88:43:cd:bb:8d:01:eb:0e:d1:26:a3:f3:b8:14:e2:79:
64:21:0a:43:09:5a:37:85:94:5b:ac:fb:4a:2c:7c:56:e8:1f:
9b:f4:4e:f9:d1:ce:ba:dc:20:0f:41:a1:03:3a:13:a3:32:30:
8a:8a:97:51:a7:ff:6b:0c:d9:e3:02:40:fe:c6:00:84:2a:94:
6d:86:5f:1e:42:4e:41:7c:c1:da:52:59:8b:a9:43:53:c8:56:
19:56:74:63:11:88:a1:c8:c2:b6:67:df:82:77:6e:0a:00:a4:
c6:23:e6:b4:cc:05:50:72:53:cb:e2:95:e9:f4:b1:cc:71:9f:
5c:db:4f:be:96:13:44:76:cd:96:a2:02:3d:5a:2f:d7:90:3f:
cf:1b:f8:17:f0:06:08:8d:1f:6a:7e:6b:e6:a5:c3:0d:7c:4f:
7f:10:8d:0f:0d:fa:17:49:99:32:91:87:13:30:0c:94:60:9e:
fb:90:46:cf:cb:77:54:3d:eb:52:22:b4:c0:66:1e:77:39:e4:
0a:37:74:3a
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgICM1AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjQwMTMwMTYxMjM0WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5MWZmMi00NjNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw56SqDO+BRt9lVMPrG3PBwpDgjCIEFOHMNWhXlAIwjYthJdd2lMYODnIavze
0V2koDdPhicP/QGsjhzE8oePA3cBXsnYuQ7K8qAjQUroqi3AyYJic7o3mQOweoUQ
sDtkVs+MZBK8sJGul7Qfy+xCNqwNH1BDfcs8Zy0cCZhIxOVArjcAfkTOYyUH9zg9
VovJPdYWyL7axG6OzWOYOcHhnF574RQG/VCpZ/phtdHabh7GpRwv04pMTvWWkAjJ
y3AFQikeIBHT9SLGusnK2f/udXfu1bjJGNYi+RQOf4wSNrcsup+0rLFK+II1bJFS
VIHSwM/wJ+lqASRps1h5tFzHyQIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFBGwvTRE
sSFdvMPExztOaN4jmlqiMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvNkNGNjBDQjY3
ODU4MTFFOTlBNkU5NjVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQcBAf8E
QTA/MC4EAgABMCgDBAItflAwDAMEBmWAQAMEAmWAaAMEBGWAcDAMAwQCr54kAwQG
r54AMA0EAgACMAcDBQAkBYGAMA0GCSqGSIb3DQEBCwUAA4IBAQCezxbqz0I5PoKT
fE3Db1cohM6+yWEo7Wqu6RRNvN4aX/9M+qE+1QGD4E6cmhNguw53ikyMurPbwohD
zbuNAesO0Saj87gU4nlkIQpDCVo3hZRbrPtKLHxW6B+b9E750c663CAPQaEDOhOj
MjCKipdRp/9rDNnjAkD+xgCEKpRthl8eQk5BfMHaUlmLqUNTyFYZVnRjEYihyMK2
Z9+Cd24KAKTGI+a0zAVQclPL4pXp9LHMcZ9c20++lhNEds2WogI9Wi/XkD/PG/gX
8AYIjR9qfmvmpcMNfE9/EI0PDfoXSZkykYcTMAyUYJ77kEbPy3dUPetSIrTAZh53
OeQKN3Q6
-----END CERTIFICATE-----
Generated at Tue Apr 30 19:21:34 2024 by rpki-client on console-ams.rpki-client.org