Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918AA4D/6C055824058711E3BFE57CA15911EA32/517E7D1AB0EC11E5A6934B42C4F9AE02.roa
File: 517E7D1AB0EC11E5A6934B42C4F9AE02.roa (raw, json)
Hash identifier: mZztKr45nO/gM/3Jsp/t6m3zKzm9X2x6Vn1aMOLEY00=
Subject key identifier: AE:1D:7E:45:68:94:B2:29:26:88:DB:94:6A:9B:2C:A4:01:DA:4B:CD
Certificate issuer: /CN=A918AA4D/serialNumber=D5C8F1DC94D3C3481D6C69536956A4A528D5EDC3
Certificate serial: 2FA6
Authority key identifier: D5:C8:F1:DC:94:D3:C3:48:1D:6C:69:53:69:56:A4:A5:28:D5:ED:C3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1cjx3JTTw0gdbGlTaVakpSjV7cM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918AA4D/6C055824058711E3BFE57CA15911EA32/517E7D1AB0EC11E5A6934B42C4F9AE02.roa
Signing time: Sat 06 Jul 2024 16:02:02 +0000
ROA not before: Sat 06 Jul 2024 16:02:02 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 10024
IP address blocks: 27.125.196.0/22 maxlen: 22
27.125.196.0/23 maxlen: 23
27.125.196.0/24 maxlen: 24
27.125.197.0/24 maxlen: 24
27.125.198.0/23 maxlen: 23
27.125.198.0/24 maxlen: 24
27.125.199.0/24 maxlen: 24
43.245.16.0/22 maxlen: 22
43.245.16.0/23 maxlen: 23
43.245.16.0/24 maxlen: 24
43.245.17.0/24 maxlen: 24
43.245.18.0/23 maxlen: 23
43.245.18.0/24 maxlen: 24
43.245.19.0/24 maxlen: 24
103.3.200.0/22 maxlen: 22
103.3.200.0/23 maxlen: 23
103.3.200.0/24 maxlen: 24
103.3.201.0/24 maxlen: 24
103.3.202.0/23 maxlen: 23
103.3.202.0/24 maxlen: 24
103.3.203.0/24 maxlen: 24
119.75.192.0/20 maxlen: 20
119.75.192.0/23 maxlen: 23
119.75.192.0/24 maxlen: 24
119.75.193.0/24 maxlen: 24
119.75.194.0/23 maxlen: 23
119.75.194.0/24 maxlen: 24
119.75.195.0/24 maxlen: 24
119.75.196.0/23 maxlen: 23
119.75.196.0/24 maxlen: 24
119.75.197.0/24 maxlen: 24
119.75.198.0/23 maxlen: 23
119.75.198.0/24 maxlen: 24
119.75.199.0/24 maxlen: 24
119.75.200.0/23 maxlen: 23
119.75.200.0/24 maxlen: 24
119.75.201.0/24 maxlen: 24
119.75.202.0/23 maxlen: 23
119.75.202.0/24 maxlen: 24
119.75.203.0/24 maxlen: 24
119.75.204.0/23 maxlen: 23
119.75.204.0/24 maxlen: 24
119.75.205.0/24 maxlen: 24
119.75.206.0/23 maxlen: 23
119.75.206.0/24 maxlen: 24
119.75.207.0/24 maxlen: 24
203.92.64.0/18 maxlen: 18
203.92.64.0/23 maxlen: 23
203.92.64.0/24 maxlen: 24
203.92.65.0/24 maxlen: 24
203.92.66.0/23 maxlen: 23
203.92.66.0/24 maxlen: 24
203.92.67.0/24 maxlen: 24
203.92.68.0/23 maxlen: 23
203.92.68.0/24 maxlen: 24
203.92.69.0/24 maxlen: 24
203.92.70.0/23 maxlen: 23
203.92.70.0/24 maxlen: 24
203.92.71.0/24 maxlen: 24
203.92.72.0/23 maxlen: 23
203.92.72.0/24 maxlen: 24
203.92.73.0/24 maxlen: 24
203.92.74.0/23 maxlen: 23
203.92.74.0/24 maxlen: 24
203.92.75.0/24 maxlen: 24
203.92.76.0/23 maxlen: 23
203.92.76.0/24 maxlen: 24
203.92.77.0/24 maxlen: 24
203.92.78.0/23 maxlen: 23
203.92.78.0/24 maxlen: 24
203.92.79.0/24 maxlen: 24
203.92.80.0/23 maxlen: 23
203.92.80.0/24 maxlen: 24
203.92.81.0/24 maxlen: 24
203.92.82.0/23 maxlen: 23
203.92.82.0/24 maxlen: 24
203.92.83.0/24 maxlen: 24
203.92.84.0/23 maxlen: 23
203.92.84.0/24 maxlen: 24
203.92.85.0/24 maxlen: 24
203.92.86.0/23 maxlen: 23
203.92.86.0/24 maxlen: 24
203.92.87.0/24 maxlen: 24
203.92.88.0/23 maxlen: 23
203.92.88.0/24 maxlen: 24
203.92.89.0/24 maxlen: 24
203.92.90.0/23 maxlen: 23
203.92.90.0/24 maxlen: 24
203.92.91.0/24 maxlen: 24
203.92.92.0/23 maxlen: 23
203.92.92.0/24 maxlen: 24
203.92.93.0/24 maxlen: 24
203.92.94.0/23 maxlen: 23
203.92.94.0/24 maxlen: 24
203.92.95.0/24 maxlen: 24
203.92.96.0/23 maxlen: 23
203.92.96.0/24 maxlen: 24
203.92.97.0/24 maxlen: 24
203.92.98.0/23 maxlen: 23
203.92.98.0/24 maxlen: 24
203.92.99.0/24 maxlen: 24
203.92.100.0/23 maxlen: 23
203.92.100.0/24 maxlen: 24
203.92.101.0/24 maxlen: 24
203.92.102.0/23 maxlen: 23
203.92.102.0/24 maxlen: 24
203.92.103.0/24 maxlen: 24
203.92.104.0/23 maxlen: 23
203.92.104.0/24 maxlen: 24
203.92.105.0/24 maxlen: 24
203.92.106.0/23 maxlen: 23
203.92.106.0/24 maxlen: 24
203.92.107.0/24 maxlen: 24
203.92.108.0/23 maxlen: 23
203.92.108.0/24 maxlen: 24
203.92.109.0/24 maxlen: 24
203.92.110.0/23 maxlen: 23
203.92.110.0/24 maxlen: 24
203.92.111.0/24 maxlen: 24
203.92.112.0/23 maxlen: 23
203.92.112.0/24 maxlen: 24
203.92.113.0/24 maxlen: 24
203.92.114.0/23 maxlen: 23
203.92.114.0/24 maxlen: 24
203.92.115.0/24 maxlen: 24
203.92.116.0/23 maxlen: 23
203.92.116.0/24 maxlen: 24
203.92.117.0/24 maxlen: 24
203.92.118.0/23 maxlen: 23
203.92.118.0/24 maxlen: 24
203.92.119.0/24 maxlen: 24
203.92.120.0/23 maxlen: 23
203.92.120.0/24 maxlen: 24
203.92.121.0/24 maxlen: 24
203.92.122.0/23 maxlen: 23
203.92.122.0/24 maxlen: 24
203.92.123.0/24 maxlen: 24
203.92.124.0/23 maxlen: 23
203.92.124.0/24 maxlen: 24
203.92.125.0/24 maxlen: 24
203.92.126.0/23 maxlen: 23
203.92.126.0/24 maxlen: 24
203.92.127.0/24 maxlen: 24
2406:a400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918AA4D/6C055824058711E3BFE57CA15911EA32/1cjx3JTTw0gdbGlTaVakpSjV7cM.crl
rsync://rpki.apnic.net/member_repository/A918AA4D/6C055824058711E3BFE57CA15911EA32/1cjx3JTTw0gdbGlTaVakpSjV7cM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1cjx3JTTw0gdbGlTaVakpSjV7cM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 15:24:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12198 (0x2fa6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918AA4D/serialNumber=D5C8F1DC94D3C3481D6C69536956A4A528D5EDC3
Validity
Not Before: Jul 6 16:02:02 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66896a79-dd88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:9b:69:34:35:5c:b5:37:8e:f2:6b:4b:7b:b5:
c8:6b:08:33:25:4c:ed:d4:90:de:cb:c2:46:59:9b:
f5:d4:23:e6:65:7e:b2:b6:9c:38:a1:ca:d9:53:ec:
15:d3:6f:de:ae:33:9b:1d:51:3c:af:11:b8:9a:57:
56:2b:f8:e1:1c:08:56:37:ee:35:de:7d:ed:ae:fd:
c3:cb:91:a7:4b:c4:72:b8:8f:93:31:86:1d:f7:3c:
bc:63:80:d9:49:93:9b:ed:24:6b:87:c1:c5:67:5a:
a3:f0:95:31:4e:97:fd:7d:3e:02:9a:ab:08:5d:fc:
02:46:df:b9:f0:7b:53:b8:2b:97:dd:dd:ea:1e:91:
53:50:77:8d:f3:63:9f:41:c7:c3:4a:3a:d8:97:d0:
e8:f4:2f:83:bc:fa:0e:e0:92:5a:5a:23:e1:4d:aa:
b3:29:4b:fe:59:11:31:b3:32:ca:28:bd:d4:f4:7e:
98:d7:64:60:40:61:56:0b:e0:ca:af:7f:8a:40:b3:
15:a7:f9:c2:38:83:8d:6e:a1:5d:c0:11:c4:53:25:
1b:ad:90:29:de:9b:7b:aa:0f:37:38:18:11:d3:38:
7c:8e:09:91:0b:2d:63:df:bb:4f:bc:9a:f7:18:61:
15:bf:cc:58:84:17:af:52:b2:b5:08:0e:18:99:03:
16:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1D:7E:45:68:94:B2:29:26:88:DB:94:6A:9B:2C:A4:01:DA:4B:CD
X509v3 Authority Key Identifier:
keyid:D5:C8:F1:DC:94:D3:C3:48:1D:6C:69:53:69:56:A4:A5:28:D5:ED:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918AA4D/6C055824058711E3BFE57CA15911EA32/1cjx3JTTw0gdbGlTaVakpSjV7cM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1cjx3JTTw0gdbGlTaVakpSjV7cM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918AA4D/6C055824058711E3BFE57CA15911EA32/517E7D1AB0EC11E5A6934B42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.125.196.0/22
43.245.16.0/22
103.3.200.0/22
119.75.192.0/20
203.92.64.0/18
IPv6:
2406:a400::/32
Signature Algorithm: sha256WithRSAEncryption
73:8c:d2:89:09:cb:85:94:52:9e:78:ad:85:05:53:d5:51:a9:
0d:e7:b8:16:d5:36:8d:d5:95:c3:eb:0f:d1:cb:15:a7:bc:88:
c5:d5:22:b4:92:41:2b:23:e3:1a:4b:f5:af:1e:5a:25:6a:9a:
f9:3a:07:8d:9e:07:af:4f:c6:a4:aa:a0:3e:fa:1a:e7:ba:c1:
96:e9:33:fa:9d:d4:3d:e4:bd:2b:61:d5:f1:12:bc:36:18:fd:
71:64:34:4f:12:d5:7a:cf:1f:f7:b1:26:5e:7c:f8:50:0a:19:
e8:ba:e3:44:be:ea:5d:e8:91:d4:d5:30:1f:cb:fe:29:06:76:
8d:d0:02:17:f7:62:a9:ec:07:5e:a9:55:92:72:9d:fa:2d:8a:
0f:9d:54:d9:96:88:11:80:ff:79:1e:b3:31:ad:9f:fb:ee:63:
5e:14:66:fa:5e:bd:2c:66:b9:f8:eb:4c:55:d4:85:7c:c4:4a:
00:18:8d:75:3b:c6:03:03:1a:e9:46:a1:bf:39:8d:c6:dd:e6:
cb:88:e7:8b:2e:aa:a6:1d:3b:18:53:2d:03:ae:88:ff:fc:b4:
c1:75:de:1e:db:8e:18:b7:e1:b1:b0:a7:6b:de:a3:62:4a:1b:
71:5b:40:3c:68:4c:89:5d:6e:25:6e:cf:5e:96:39:b0:da:8e:
72:c7:eb:f3
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICL6YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEFBNEQxMTAvBgNVBAUTKEQ1QzhGMURDOTREM0MzNDgxRDZDNjk1MzY5NTZBNEE1
MjhENUVEQzMwHhcNMjQwNzA2MTYwMjAyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg5NmE3OS1kZDg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtZtpNDVctTeO8mtLe7XIawgzJUzt1JDey8JGWZv11CPmZX6ytpw4ocrZU+wV
02/erjObHVE8rxG4mldWK/jhHAhWN+413n3trv3Dy5GnS8RyuI+TMYYd9zy8Y4DZ
SZOb7SRrh8HFZ1qj8JUxTpf9fT4CmqsIXfwCRt+58HtTuCuX3d3qHpFTUHeN82Of
QcfDSjrYl9Do9C+DvPoO4JJaWiPhTaqzKUv+WRExszLKKL3U9H6Y12RgQGFWC+DK
r3+KQLMVp/nCOIONbqFdwBHEUyUbrZAp3pt7qg83OBgR0zh8jgmRCy1j37tPvJr3
GGEVv8xYhBevUrK1CA4YmQMWVwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFK4dfkVo
lLIpJojblGqbLKQB2kvNMB8GA1UdIwQYMBaAFNXI8dyU08NIHWxpU2lWpKUo1e3D
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QUE0RC82QzA1NTgyNDA1
ODcxMUUzQkZFNTdDQTE1OTExRUEzMi8xY2p4M0pUVHcwZ2RiR2xUYVZha3BTalY3
Y00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFjangzSlRUdzBnZGJHbFRhVmFrcFNqVjdjTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEFBNEQvNkMwNTU4MjQwNTg3MTFFM0JGRTU3Q0ExNTkxMUVBMzIvNTE3RTdEMUFC
MEVDMTFFNUE2OTM0QjQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAIbfcQDBAIr9RADBAJnA8gDBAR3S8ADBAbLXEAwDQQCAAIw
BwMFACQGpAAwDQYJKoZIhvcNAQELBQADggEBAHOM0okJy4WUUp54rYUFU9VRqQ3n
uBbVNo3VlcPrD9HLFae8iMXVIrSSQSsj4xpL9a8eWiVqmvk6B42eB69PxqSqoD76
Gue6wZbpM/qd1D3kvSth1fESvDYY/XFkNE8S1XrPH/exJl58+FAKGei640S+6l3o
kdTVMB/L/ikGdo3QAhf3YqnsB16pVZJynfotig+dVNmWiBGA/3keszGtn/vuY14U
ZvpevSxmufjrTFXUhXzESgAYjXU7xgMDGulGob85jcbd5suI54suqqYdOxhTLQOu
iP/8tMF13h7bjhi34bGwp2veo2JKG3FbQDxoTIldbiVuz16WObDajnLH6/M=
-----END CERTIFICATE-----
Generated at Sun Nov 24 17:20:10 2024 by rpki-client on console-fra.rpki-client.org