Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5CAB807015A711EE8398177FC4F9AE02.roa
File: 5CAB807015A711EE8398177FC4F9AE02.roa (raw, json)
Hash identifier: jDq/bgBfkzgC85qxfEuN4O2K7QL6BifKjr1tgmzClV8=
Subject key identifier: B9:74:BB:AF:08:83:B6:23:38:46:4D:26:E7:67:DA:90:95:26:F9:9A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 94AD
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5CAB807015A711EE8398177FC4F9AE02.roa
Signing time: Tue 16 Jul 2024 09:19:46 +0000
ROA not before: Tue 16 Jul 2024 09:19:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55824
IP address blocks: 45.118.48.0/21 maxlen: 21
45.118.48.0/22 maxlen: 24
45.118.52.0/22 maxlen: 24
45.118.96.0/22 maxlen: 24
45.118.100.0/22 maxlen: 24
45.118.168.0/22 maxlen: 24
45.118.172.0/22 maxlen: 24
45.118.192.0/22 maxlen: 24
45.118.196.0/22 maxlen: 24
45.118.208.0/22 maxlen: 24
45.118.212.0/22 maxlen: 24
45.119.16.0/22 maxlen: 24
45.119.20.0/22 maxlen: 24
45.119.32.0/22 maxlen: 24
45.119.36.0/22 maxlen: 24
45.119.168.0/22 maxlen: 24
45.119.172.0/22 maxlen: 24
45.124.184.0/22 maxlen: 24
45.124.188.0/22 maxlen: 24
45.125.144.0/22 maxlen: 24
45.125.148.0/22 maxlen: 24
45.125.176.0/22 maxlen: 24
45.125.180.0/22 maxlen: 24
45.127.64.0/24 maxlen: 24
45.127.65.0/24 maxlen: 24
45.127.66.0/24 maxlen: 24
45.127.67.0/24 maxlen: 24
45.127.68.0/24 maxlen: 24
45.127.69.0/24 maxlen: 24
45.127.70.0/24 maxlen: 24
45.127.71.0/24 maxlen: 24
45.127.72.0/24 maxlen: 24
45.127.73.0/24 maxlen: 24
45.127.74.0/24 maxlen: 24
45.127.75.0/24 maxlen: 24
45.127.76.0/24 maxlen: 24
45.127.77.0/24 maxlen: 24
103.58.80.0/22 maxlen: 24
103.58.84.0/22 maxlen: 24
103.58.120.0/22 maxlen: 23
103.58.120.0/24 maxlen: 24
103.58.122.0/23 maxlen: 24
103.58.124.0/22 maxlen: 24
103.58.168.0/22 maxlen: 24
103.58.172.0/22 maxlen: 24
103.58.200.0/22 maxlen: 24
103.58.204.0/22 maxlen: 24
103.58.240.0/22 maxlen: 24
103.58.244.0/22 maxlen: 24
103.59.16.0/22 maxlen: 23
103.59.17.0/24 maxlen: 24
103.59.18.0/23 maxlen: 24
103.59.20.0/22 maxlen: 24
103.59.66.0/24 maxlen: 24
103.59.80.0/22 maxlen: 24
103.59.84.0/22 maxlen: 24
103.59.224.0/22 maxlen: 24
103.59.228.0/22 maxlen: 24
103.60.48.0/22 maxlen: 24
103.60.52.0/22 maxlen: 24
103.68.177.0/24 maxlen: 24
103.88.228.0/24 maxlen: 24
103.127.161.0/24 maxlen: 24
103.194.24.0/24 maxlen: 24
103.194.25.0/24 maxlen: 24
103.194.28.0/22 maxlen: 24
103.194.56.0/22 maxlen: 24
103.194.60.0/22 maxlen: 24
103.194.136.0/22 maxlen: 24
103.194.140.0/22 maxlen: 24
103.194.200.0/22 maxlen: 24
103.194.204.0/22 maxlen: 24
103.194.216.0/22 maxlen: 24
103.194.220.0/22 maxlen: 24
103.213.16.0/22 maxlen: 24
103.213.20.0/22 maxlen: 24
103.218.144.0/22 maxlen: 24
103.218.148.0/22 maxlen: 24
220.156.190.0/23 maxlen: 24
2001:df1:5200::/48 maxlen: 48
2001:df3:1e00::/48 maxlen: 48
2406:f00:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Dec 2024 10:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38061 (0x94ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jul 16 09:19:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66963b32-535d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:61:72:63:6f:1b:e9:70:82:05:99:8a:00:cc:
2e:97:d8:78:fa:d5:b9:f9:54:a4:3f:2d:8e:4b:93:
9a:18:aa:bb:3d:78:16:4f:a0:eb:66:28:88:f0:31:
86:f9:1c:8e:09:5a:10:02:b3:20:cc:2a:b3:f8:07:
94:48:c1:fd:ab:21:2e:f1:fc:48:00:b7:cb:6d:81:
cd:97:f5:d9:8a:3a:00:91:59:6a:f7:23:f8:a0:d8:
44:52:50:9b:45:59:1a:69:82:75:8f:d2:8e:5c:19:
ed:20:a9:ff:05:88:e1:2a:65:bf:72:14:5a:51:68:
f2:fa:5e:5c:18:42:c4:c4:34:59:0a:9e:8c:97:e4:
3e:b1:83:90:97:d8:89:85:4a:11:89:71:06:70:46:
bc:e1:75:eb:c1:14:9d:03:82:cb:66:c5:d9:6c:f6:
6a:62:6d:1c:46:0e:4a:c5:22:c1:bf:d3:c4:2b:af:
14:5e:91:53:31:cd:43:39:a2:5d:a9:61:03:9d:60:
db:aa:92:87:91:ce:fd:28:07:bc:37:6b:f2:fe:b1:
88:cb:d1:ab:c0:7a:fb:aa:4b:35:13:ae:0f:be:a2:
bc:b5:1e:9e:b8:ae:5b:0f:eb:fe:30:e8:71:2c:b3:
b0:01:8f:14:a5:d1:7b:df:bb:1a:f7:da:8d:a7:da:
18:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:74:BB:AF:08:83:B6:23:38:46:4D:26:E7:67:DA:90:95:26:F9:9A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5CAB807015A711EE8398177FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.48.0/21
45.118.96.0/21
45.118.168.0/21
45.118.192.0/21
45.118.208.0/21
45.119.16.0/21
45.119.32.0/21
45.119.168.0/21
45.124.184.0/21
45.125.144.0/21
45.125.176.0/21
45.127.64.0-45.127.77.255
103.58.80.0/21
103.58.120.0/21
103.58.168.0/21
103.58.200.0/21
103.58.240.0/21
103.59.16.0/21
103.59.66.0/24
103.59.80.0/21
103.59.224.0/21
103.60.48.0/21
103.68.177.0/24
103.88.228.0/24
103.127.161.0/24
103.194.24.0/23
103.194.28.0/22
103.194.56.0/21
103.194.136.0/21
103.194.200.0/21
103.194.216.0/21
103.213.16.0/21
103.218.144.0/21
220.156.190.0/23
IPv6:
2001:df1:5200::/48
2001:df3:1e00::/48
2406:f00:3::/48
Signature Algorithm: sha256WithRSAEncryption
90:19:8c:84:c2:f7:9f:92:13:52:f8:8b:14:6b:ef:b3:51:3a:
3c:98:e1:72:e8:d6:e2:1b:82:c7:1f:cb:c9:f2:fd:55:18:11:
70:ee:24:2f:6b:77:1a:17:d1:7a:c7:00:1f:65:17:5b:3d:1f:
61:56:a5:e5:65:18:52:48:d8:cf:77:3e:42:71:ff:ac:d6:3f:
c3:19:12:ec:14:6d:b6:eb:77:5a:24:8b:5c:4d:94:12:fa:5a:
6c:36:f7:ad:de:7f:7c:35:41:eb:d5:b6:0b:be:aa:e5:b4:b5:
0d:01:5a:8b:d1:7b:6a:27:c5:61:6f:43:8d:77:4e:88:ef:17:
1b:8a:f9:b1:28:b6:2e:ce:38:63:f7:4c:29:58:8c:f6:a7:b8:
d4:b9:f6:e8:90:ad:3c:5a:33:c6:33:4f:39:88:f4:a3:52:30:
ec:a4:00:4b:b7:84:4a:be:a9:4d:50:7a:58:b2:2d:a2:f2:eb:
62:41:b4:72:d3:da:c9:4b:5d:8c:42:8d:9f:db:f9:ce:a9:56:
9e:7f:c0:58:90:c6:ee:54:e6:da:78:f3:eb:d0:f4:0e:12:bd:
ba:e7:01:59:0f:3e:ca:3f:d3:a4:33:5e:c4:88:b3:cc:5a:08:
ab:93:30:b2:d0:7f:82:fd:10:48:36:bb:e6:0e:7c:2b:dc:c7:
cb:1f:b7:e8
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgIDAJStMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDcxNjA5MTk0NloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY5NjNiMzItNTM1ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFhcmNvG+lwggWZigDMLpfYePrVuflUpD8tjkuTmhiquz14Fk+g62YoiPAx
hvkcjglaEAKzIMwqs/gHlEjB/ashLvH8SAC3y22BzZf12Yo6AJFZavcj+KDYRFJQ
m0VZGmmCdY/SjlwZ7SCp/wWI4Splv3IUWlFo8vpeXBhCxMQ0WQqejJfkPrGDkJfY
iYVKEYlxBnBGvOF168EUnQOCy2bF2Wz2amJtHEYOSsUiwb/TxCuvFF6RUzHNQzmi
XalhA51g26qSh5HO/SgHvDdr8v6xiMvRq8B6+6pLNROuD76ivLUenriuWw/r/jDo
cSyzsAGPFKXRe9+7GvfajafaGF0CAwEAAaOCA44wggOKMB0GA1UdDgQWBBS5dLuv
CIO2IzhGTSbnZ9qQlSb5mjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzVDQUI4MDcw
MTVBNzExRUU4Mzk4MTc3RkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBFgYIKwYBBQUHAQcB
Af8EggEFMIIBATCB2wQCAAEwgdQDBAMtdjADBAMtdmADBAMtdqgDBAMtdsADBAMt
dtADBAMtdxADBAMtdyADBAMtd6gDBAMtfLgDBAMtfZADBAMtfbAwDAMEBi1/QAME
AS1/TAMEA2c6UAMEA2c6eAMEA2c6qAMEA2c6yAMEA2c68AMEA2c7EAMEAGc7QgME
A2c7UAMEA2c74AMEA2c8MAMEAGdEsQMEAGdY5AMEAGd/oQMEAWfCGAMEAmfCHAME
A2fCOAMEA2fCiAMEA2fCyAMEA2fC2AMEA2fVEAMEA2fakAMEAdycvjAhBAIAAjAb
AwcAIAEN8VIAAwcAIAEN8x4AAwcAJAYPAAADMA0GCSqGSIb3DQEBCwUAA4IBAQCQ
GYyEwvefkhNS+IsUa++zUTo8mOFy6NbiG4LHH8vJ8v1VGBFw7iQva3caF9F6xwAf
ZRdbPR9hVqXlZRhSSNjPdz5Ccf+s1j/DGRLsFG2263daJItcTZQS+lpsNvet3n98
NUHr1bYLvqrltLUNAVqL0XtqJ8Vhb0ONd06I7xcbivmxKLYuzjhj90wpWIz2p7jU
ufbokK08WjPGM085iPSjUjDspABLt4RKvqlNUHpYsi2i8utiQbRy09rJS12MQo2f
2/nOqVaef8BYkMbuVObaePPr0PQOEr265wFZDz7KP9OkM17EiLPMWgirkzCy0H+C
/RBINrvmDnwr3MfLH7fo
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:17:14 2024 by rpki-client on console-ams.rpki-client.org