Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/E9EDE9AAF05A11ECBD921381C4F9AE02.roa
File: E9EDE9AAF05A11ECBD921381C4F9AE02.roa (raw, json)
Hash identifier: zWd+mcCk9l+jHD4vYbrupaGOty0zdeubNycUNDATtLs=
Subject key identifier: 6C:82:95:AD:F3:7D:06:59:DB:07:2B:8C:16:80:A6:4B:4D:96:87:AF
Certificate issuer: /CN=A9195BA9/serialNumber=DA9D1F9C4FD9A27C75DACA7DE2299568380C0859
Certificate serial: 097C
Authority key identifier: DA:9D:1F:9C:4F:D9:A2:7C:75:DA:CA:7D:E2:29:95:68:38:0C:08:59
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2p0fnE_Zonx12sp94imVaDgMCFk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/E9EDE9AAF05A11ECBD921381C4F9AE02.roa
Signing time: Fri 20 Dec 2024 20:09:30 +0000
ROA not before: Fri 20 Dec 2024 20:09:30 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 18106
IP address blocks: 45.121.84.0/22 maxlen: 22
45.121.84.0/24 maxlen: 24
45.121.85.0/24 maxlen: 24
45.121.86.0/24 maxlen: 24
45.121.87.0/24 maxlen: 24
103.4.196.0/22 maxlen: 22
103.4.196.0/24 maxlen: 24
103.4.197.0/24 maxlen: 24
103.4.198.0/24 maxlen: 24
103.4.199.0/24 maxlen: 24
103.26.220.0/22 maxlen: 22
103.60.60.0/22 maxlen: 22
103.60.60.0/24 maxlen: 24
103.60.61.0/24 maxlen: 24
103.60.62.0/24 maxlen: 24
103.60.63.0/24 maxlen: 24
103.247.108.0/22 maxlen: 22
103.247.108.0/24 maxlen: 24
103.247.109.0/24 maxlen: 24
103.247.110.0/24 maxlen: 24
103.247.111.0/24 maxlen: 24
202.55.64.0/19 maxlen: 20
202.55.64.0/24 maxlen: 24
202.55.65.0/24 maxlen: 24
202.55.66.0/24 maxlen: 24
202.55.67.0/24 maxlen: 24
202.55.68.0/24 maxlen: 24
202.55.69.0/24 maxlen: 24
202.55.70.0/24 maxlen: 24
202.55.71.0/24 maxlen: 24
202.55.72.0/24 maxlen: 24
202.55.73.0/24 maxlen: 24
202.55.74.0/24 maxlen: 24
202.55.75.0/24 maxlen: 24
202.55.76.0/24 maxlen: 24
202.55.77.0/24 maxlen: 24
202.55.78.0/24 maxlen: 24
202.55.79.0/24 maxlen: 24
202.55.80.0/24 maxlen: 24
202.55.81.0/24 maxlen: 24
202.55.83.0/24 maxlen: 24
202.55.84.0/24 maxlen: 24
202.55.85.0/24 maxlen: 24
202.55.86.0/24 maxlen: 24
202.55.87.0/24 maxlen: 24
202.55.88.0/24 maxlen: 24
202.55.89.0/24 maxlen: 24
202.55.90.0/24 maxlen: 24
202.55.91.0/24 maxlen: 24
202.55.92.0/24 maxlen: 24
202.55.93.0/24 maxlen: 24
202.55.94.0/24 maxlen: 24
202.55.95.0/24 maxlen: 24
202.73.32.0/19 maxlen: 19
202.73.32.0/20 maxlen: 20
202.73.32.0/24 maxlen: 24
202.73.33.0/24 maxlen: 24
202.73.34.0/24 maxlen: 24
202.73.35.0/24 maxlen: 24
202.73.36.0/24 maxlen: 24
202.73.37.0/24 maxlen: 24
202.73.38.0/24 maxlen: 24
202.73.39.0/24 maxlen: 24
202.73.40.0/24 maxlen: 24
202.73.41.0/24 maxlen: 24
202.73.42.0/24 maxlen: 24
202.73.43.0/24 maxlen: 24
202.73.44.0/24 maxlen: 24
202.73.45.0/24 maxlen: 24
202.73.46.0/24 maxlen: 24
202.73.47.0/24 maxlen: 24
202.73.48.0/20 maxlen: 20
202.73.48.0/24 maxlen: 24
202.73.49.0/24 maxlen: 24
202.73.50.0/24 maxlen: 24
202.73.51.0/24 maxlen: 24
202.73.52.0/24 maxlen: 24
202.73.53.0/24 maxlen: 24
202.73.54.0/24 maxlen: 24
202.73.55.0/24 maxlen: 24
202.73.56.0/24 maxlen: 24
202.73.57.0/24 maxlen: 24
202.73.58.0/24 maxlen: 24
202.73.59.0/24 maxlen: 24
202.73.60.0/24 maxlen: 24
202.73.61.0/24 maxlen: 24
202.73.62.0/24 maxlen: 24
202.73.63.0/24 maxlen: 24
202.83.96.0/20 maxlen: 20
202.83.96.0/24 maxlen: 24
202.83.97.0/24 maxlen: 24
202.83.98.0/24 maxlen: 24
202.83.99.0/24 maxlen: 24
202.83.100.0/24 maxlen: 24
202.83.101.0/24 maxlen: 24
202.83.102.0/24 maxlen: 24
202.83.103.0/24 maxlen: 24
202.83.104.0/24 maxlen: 24
202.83.105.0/24 maxlen: 24
202.83.106.0/24 maxlen: 24
202.83.107.0/24 maxlen: 24
202.83.108.0/24 maxlen: 24
202.83.109.0/24 maxlen: 24
202.83.110.0/24 maxlen: 24
202.83.111.0/24 maxlen: 24
2001:d98::/32 maxlen: 32
2001:d98::/36 maxlen: 36
2001:d98:1000::/36 maxlen: 36
2001:d98:2000::/36 maxlen: 36
2001:d98:3000::/36 maxlen: 36
2001:d98:4000::/36 maxlen: 36
2001:d98:5000::/36 maxlen: 36
2001:d98:6000::/36 maxlen: 36
2001:d98:7000::/36 maxlen: 36
2001:d98:8000::/36 maxlen: 36
2001:d98:9000::/36 maxlen: 36
2001:d98:a000::/36 maxlen: 36
2001:d98:b000::/36 maxlen: 36
2001:d98:c000::/36 maxlen: 36
2001:d98:d000::/36 maxlen: 36
2001:d98:e000::/36 maxlen: 36
2001:d98:f000::/36 maxlen: 36
2402:7480::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/2p0fnE_Zonx12sp94imVaDgMCFk.crl
rsync://rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/2p0fnE_Zonx12sp94imVaDgMCFk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2p0fnE_Zonx12sp94imVaDgMCFk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 20:13:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2428 (0x97c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9195BA9
Validity
Not Before: Dec 20 20:09:30 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6765cef9-55a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:43:df:36:7a:f2:7b:4a:5f:20:cb:7e:7a:9d:
0f:bf:b0:9f:b5:d6:ca:84:30:d1:0e:db:8c:86:f2:
8f:48:e1:cc:c9:51:60:57:9a:ff:f8:05:76:e9:fb:
f1:85:c8:da:b4:5e:5a:98:1c:6e:05:1e:df:71:dd:
ad:41:21:a1:88:75:53:4b:a8:46:f4:73:76:84:dc:
dc:58:9d:6c:ef:b3:89:cd:10:8b:62:ed:67:ac:8e:
89:30:96:38:bc:b1:c8:7d:24:1c:7b:d7:b4:8a:a4:
14:82:de:fa:68:ed:d5:4e:41:b3:d1:46:5b:f1:04:
68:5e:e1:ae:5d:ed:82:35:4c:ce:69:64:50:d3:64:
7f:cd:71:96:25:46:af:f8:ed:e1:4e:c3:14:6c:9c:
2a:ea:13:0b:90:33:4a:80:fe:db:1b:e3:35:2c:10:
a7:80:68:5c:fa:5d:22:35:3d:fb:37:a5:cc:a4:f9:
92:25:4b:ee:34:69:7b:4b:ad:c1:fd:7b:df:e1:e3:
ec:aa:ad:87:51:d0:56:3b:f0:86:25:a6:46:9d:07:
99:86:6d:e5:d0:70:40:ca:33:22:c7:ee:d7:bc:1e:
b7:3e:64:14:47:24:fa:29:04:4d:d1:41:b9:96:fc:
89:3c:87:ab:a8:0d:ef:4b:c9:80:1f:99:45:ed:77:
9f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:82:95:AD:F3:7D:06:59:DB:07:2B:8C:16:80:A6:4B:4D:96:87:AF
X509v3 Authority Key Identifier:
keyid:DA:9D:1F:9C:4F:D9:A2:7C:75:DA:CA:7D:E2:29:95:68:38:0C:08:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/2p0fnE_Zonx12sp94imVaDgMCFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2p0fnE_Zonx12sp94imVaDgMCFk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195BA9/DF7A7F14838E11EA8CEA0960C4F9AE02/E9EDE9AAF05A11ECBD921381C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.121.84.0/22
103.4.196.0/22
103.26.220.0/22
103.60.60.0/22
103.247.108.0/22
202.55.64.0/19
202.73.32.0/19
202.83.96.0/20
IPv6:
2001:d98::/32
2402:7480::/32
Signature Algorithm: sha256WithRSAEncryption
91:ef:73:1c:e7:7a:5c:6f:60:bc:56:fa:ff:9d:aa:84:86:1e:
3c:b3:b9:d3:44:63:bc:24:dc:9b:0c:4f:84:71:7e:bb:ae:c5:
7b:e9:a2:b2:53:11:76:39:21:93:3b:15:cc:db:54:72:18:cf:
17:1c:a3:a8:20:68:a3:45:8e:af:b9:74:44:c3:f6:39:f4:b8:
48:47:40:c3:7e:5e:36:36:4c:a2:d0:66:6b:90:4e:5c:7b:75:
b7:d1:63:82:3b:44:b5:f6:d4:f8:8e:dc:0a:9f:3e:1b:1e:2a:
e3:83:c2:94:3f:e8:9f:27:df:3a:47:10:46:65:d7:78:2e:ad:
d6:29:f1:d5:b9:eb:a9:80:4c:43:d1:dc:a2:d8:0b:43:c3:93:
60:65:41:99:e3:52:e0:ae:8d:4e:2c:d2:d6:bd:ed:e3:6d:20:
aa:1a:09:2d:d4:5e:67:a7:eb:17:2d:5d:81:73:0b:0f:af:6a:
0f:9d:ab:9a:4a:2a:b0:80:dc:d7:42:5a:e2:28:3f:91:25:b2:
95:32:24:fe:3d:b5:b6:26:b1:c4:ef:96:dc:d0:8c:93:c4:f0:
89:9c:83:7e:ef:ae:81:1c:ee:83:c3:4b:05:9a:61:0a:2d:40:
54:88:0c:ae:90:18:04:89:b0:56:cc:12:a5:19:6e:41:99:9c:
57:65:9a:0c
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgICCXwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTVCQTkxMTAvBgNVBAUTKERBOUQxRjlDNEZEOUEyN0M3NURBQ0E3REUyMjk5NTY4
MzgwQzA4NTkwHhcNMjQxMjIwMjAwOTMwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY1Y2VmOS01NWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA20PfNnrye0pfIMt+ep0Pv7CftdbKhDDRDtuMhvKPSOHMyVFgV5r/+AV26fvx
hcjatF5amBxuBR7fcd2tQSGhiHVTS6hG9HN2hNzcWJ1s77OJzRCLYu1nrI6JMJY4
vLHIfSQce9e0iqQUgt76aO3VTkGz0UZb8QRoXuGuXe2CNUzOaWRQ02R/zXGWJUav
+O3hTsMUbJwq6hMLkDNKgP7bG+M1LBCngGhc+l0iNT37N6XMpPmSJUvuNGl7S63B
/Xvf4ePsqq2HUdBWO/CGJaZGnQeZhm3l0HBAyjMix+7XvB63PmQURyT6KQRN0UG5
lvyJPIerqA3vS8mAH5lF7XefKQIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFGyCla3z
fQZZ2wcrjBaApktNloevMB8GA1UdIwQYMBaAFNqdH5xP2aJ8ddrKfeIplWg4DAhZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUJBOS9ERjdBN0YxNDgz
OEUxMUVBOENFQTA5NjBDNEY5QUUwMi8ycDBmbkVfWm9ueDEyc3A5NGltVmFEZ01D
RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJwMGZuRV9ab254MTJzcDk0aW1WYURnTUNGay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTVCQTkvREY3QTdGMTQ4MzhFMTFFQThDRUEwOTYwQzRGOUFFMDIvRTlFREU5QUFG
MDVBMTFFQ0JEOTIxMzgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXwYIKwYBBQUHAQcBAf8E
UDBOMDYEAgABMDADBAIteVQDBAJnBMQDBAJnGtwDBAJnPDwDBAJn92wDBAXKN0AD
BAXKSSADBATKU2AwFAQCAAIwDgMFACABDZgDBQAkAnSAMA0GCSqGSIb3DQEBCwUA
A4IBAQCR73Mc53pcb2C8Vvr/naqEhh48s7nTRGO8JNybDE+EcX67rsV76aKyUxF2
OSGTOxXM21RyGM8XHKOoIGijRY6vuXREw/Y59LhIR0DDfl42Nkyi0GZrkE5ce3W3
0WOCO0S19tT4jtwKnz4bHirjg8KUP+ifJ986RxBGZdd4Lq3WKfHVueupgExD0dyi
2AtDw5NgZUGZ41Lgro1OLNLWve3jbSCqGgkt1F5np+sXLV2BcwsPr2oPnauaSiqw
gNzXQlriKD+RJbKVMiT+PbW2JrHE75bc0IyTxPCJnIN+766BHO6Dw0sFmmEKLUBU
iAyukBgEibBWzBKlGW5BmZxXZZoM
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:13 2025 by rpki-client