Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa
File: C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa (raw, json)
Hash identifier: 3T+hS156WeoOexddqYS/Epx6TiPWIS8fDiY/9pM3Sc8=
Subject key identifier: 9A:93:2A:2C:D1:23:82:99:4B:C5:84:F9:C6:3B:C0:2F:6F:CF:29:8A
Certificate issuer: /CN=A919E1AE/serialNumber=53BDE26D825F677F9AC4286F9A67661F5C49B569
Certificate serial: 0842
Authority key identifier: 53:BD:E2:6D:82:5F:67:7F:9A:C4:28:6F:9A:67:66:1F:5C:49:B5:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa
Signing time: Wed 27 Mar 2024 04:37:57 +0000
ROA not before: Wed 27 Mar 2024 04:37:57 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 17924
IP address blocks: 45.64.240.0/22 maxlen: 24
49.130.0.0/15 maxlen: 15
49.130.0.0/17 maxlen: 18
49.130.128.0/24 maxlen: 24
49.130.129.0/24 maxlen: 24
49.130.130.0/24 maxlen: 24
49.130.131.0/24 maxlen: 24
49.130.132.0/23 maxlen: 24
49.130.134.0/23 maxlen: 24
49.130.136.0/21 maxlen: 21
49.130.144.0/20 maxlen: 20
49.130.160.0/19 maxlen: 19
49.130.192.0/18 maxlen: 18
49.131.0.0/17 maxlen: 18
49.131.128.0/17 maxlen: 17
103.1.16.0/22 maxlen: 22
121.202.0.0/15 maxlen: 15
121.202.0.0/18 maxlen: 18
121.202.64.0/19 maxlen: 19
121.202.96.0/20 maxlen: 20
121.202.124.0/24 maxlen: 24
121.202.126.0/24 maxlen: 24
121.202.127.0/24 maxlen: 24
121.202.128.0/17 maxlen: 17
121.202.131.0/24 maxlen: 24
121.202.132.0/24 maxlen: 24
121.202.137.0/24 maxlen: 24
121.202.142.0/24 maxlen: 24
121.202.150.0/24 maxlen: 24
121.202.160.0/19 maxlen: 19
121.202.206.0/24 maxlen: 24
121.202.232.0/22 maxlen: 22
121.202.236.0/22 maxlen: 22
121.202.251.0/24 maxlen: 24
121.202.252.0/24 maxlen: 24
121.202.253.0/24 maxlen: 24
121.202.254.0/24 maxlen: 24
121.203.0.0/20 maxlen: 20
121.203.16.0/20 maxlen: 20
121.203.32.0/20 maxlen: 20
121.203.48.0/20 maxlen: 20
121.203.64.0/18 maxlen: 18
121.203.64.0/21 maxlen: 21
121.203.72.0/21 maxlen: 21
121.203.80.0/21 maxlen: 21
121.203.88.0/21 maxlen: 21
121.203.96.0/21 maxlen: 21
121.203.104.0/21 maxlen: 21
121.203.112.0/21 maxlen: 21
121.203.120.0/21 maxlen: 21
121.203.128.0/18 maxlen: 18
121.203.192.0/19 maxlen: 19
121.203.224.0/20 maxlen: 20
121.203.240.0/21 maxlen: 21
121.203.248.0/21 maxlen: 21
180.219.0.0/16 maxlen: 16
180.219.0.0/20 maxlen: 24
180.219.16.0/20 maxlen: 24
180.219.32.0/20 maxlen: 24
180.219.48.0/20 maxlen: 24
180.219.64.0/20 maxlen: 24
180.219.80.0/20 maxlen: 24
180.219.96.0/20 maxlen: 24
180.219.112.0/20 maxlen: 24
180.219.128.0/20 maxlen: 24
180.219.144.0/20 maxlen: 24
180.219.160.0/20 maxlen: 24
180.219.176.0/20 maxlen: 24
180.219.192.0/19 maxlen: 19
180.219.192.0/20 maxlen: 24
180.219.208.0/21 maxlen: 24
180.219.216.0/21 maxlen: 24
180.219.224.0/19 maxlen: 19
180.219.224.0/21 maxlen: 24
180.219.232.0/21 maxlen: 24
180.219.240.0/21 maxlen: 24
180.219.248.0/21 maxlen: 24
182.152.0.0/15 maxlen: 15
182.152.0.0/17 maxlen: 17
182.152.128.0/17 maxlen: 17
182.152.128.0/21 maxlen: 21
182.152.136.0/21 maxlen: 21
182.152.144.0/21 maxlen: 21
182.152.152.0/21 maxlen: 21
182.152.160.0/21 maxlen: 21
182.152.168.0/21 maxlen: 21
182.152.176.0/21 maxlen: 21
182.152.184.0/21 maxlen: 21
182.152.192.0/21 maxlen: 21
182.152.200.0/21 maxlen: 21
182.152.208.0/21 maxlen: 21
182.152.216.0/21 maxlen: 21
182.152.224.0/21 maxlen: 21
182.152.232.0/21 maxlen: 21
182.152.240.0/21 maxlen: 21
182.152.248.0/21 maxlen: 21
182.153.0.0/18 maxlen: 19
182.153.64.0/19 maxlen: 19
182.153.128.0/19 maxlen: 19
182.153.160.0/19 maxlen: 19
182.153.192.0/19 maxlen: 19
182.153.224.0/19 maxlen: 19
182.153.248.0/21 maxlen: 21
203.78.32.0/21 maxlen: 21
203.78.32.0/24 maxlen: 24
203.78.36.0/24 maxlen: 24
203.78.37.0/24 maxlen: 24
203.78.40.0/22 maxlen: 22
203.78.40.0/24 maxlen: 24
203.78.41.0/24 maxlen: 24
203.78.42.0/24 maxlen: 24
2407:b400::/32 maxlen: 32
2407:b400:31:11::/64 maxlen: 64
2407:b400:51:3::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.crl
rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 23 Jun 2024 20:06:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2114 (0x842)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919E1AE/serialNumber=53BDE26D825F677F9AC4286F9A67661F5C49B569
Validity
Not Before: Mar 27 04:37:57 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6603a2a5-dc22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:42:01:31:03:5e:c0:3f:a6:6b:c0:9b:6c:19:
93:a1:44:b0:45:55:73:cd:f8:87:a0:85:27:28:2e:
65:48:05:ce:c8:08:e4:7f:e7:8a:a6:82:14:bd:78:
18:44:21:6e:9d:be:5c:c0:84:a6:d5:66:19:d3:a8:
d3:f8:b7:fc:be:0e:6a:b4:5d:11:4d:37:01:03:e6:
fd:9e:4e:96:82:fc:19:1c:c4:e8:3d:36:f6:76:ac:
e0:23:53:80:97:bb:ae:f3:63:03:68:51:f9:1b:d2:
8d:3f:e7:ac:19:bc:99:37:81:04:a2:69:cd:da:4a:
69:03:ba:b2:92:32:2f:f0:55:4c:d5:0e:2f:63:fa:
3f:c6:79:9d:d5:a8:a3:c8:05:7b:6b:c2:08:6f:2d:
fd:76:75:44:8f:21:1c:ef:c0:29:46:fb:7f:1d:a0:
29:56:b6:7d:b3:93:46:c3:4b:76:0a:a6:04:e9:8b:
f0:81:26:07:c7:2e:f5:a3:2b:6b:6d:67:0c:b1:a9:
67:ca:6f:cf:83:9c:08:69:b1:d7:c1:ea:da:fb:2d:
af:64:04:fc:63:b9:d7:e3:ea:3d:5e:f4:93:95:d2:
be:4d:0a:05:f9:b9:8a:58:d3:73:6f:53:e0:0a:db:
79:10:ef:9b:77:dc:d5:7f:c8:44:ff:24:3f:64:5e:
c9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:93:2A:2C:D1:23:82:99:4B:C5:84:F9:C6:3B:C0:2F:6F:CF:29:8A
X509v3 Authority Key Identifier:
keyid:53:BD:E2:6D:82:5F:67:7F:9A:C4:28:6F:9A:67:66:1F:5C:49:B5:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.240.0/22
49.130.0.0/15
103.1.16.0/22
121.202.0.0/15
180.219.0.0/16
182.152.0.0/15
203.78.32.0-203.78.43.255
IPv6:
2407:b400::/32
Signature Algorithm: sha256WithRSAEncryption
da:3b:70:2e:bc:9f:ad:be:1a:80:b6:c9:1b:b8:57:06:a8:87:
4a:8d:f1:ed:f9:27:7a:69:65:61:d5:ff:74:5b:b7:d1:24:73:
57:5f:9d:90:95:2c:2a:bf:0b:11:b1:62:3a:03:38:7b:a7:62:
48:05:4e:bb:09:a5:60:6f:62:d9:cf:37:a2:b1:4b:27:a4:5f:
88:d6:01:6e:4a:a6:f7:63:d6:ab:04:c6:2c:85:62:5e:b0:c8:
85:95:25:28:52:d4:54:6b:8b:f1:a4:80:8b:51:41:93:92:79:
fc:a7:8f:9e:67:38:7a:ef:51:48:87:3b:c9:b1:9d:da:97:98:
cc:13:56:67:bf:3d:05:c7:4d:86:e6:f3:18:a6:85:65:80:fa:
e1:88:a3:f4:c9:79:1c:31:d8:c9:aa:c3:81:ff:ca:52:15:6c:
32:64:e4:6c:82:25:f6:15:1e:bb:25:98:d2:ed:cb:7c:24:cd:
39:70:03:f5:e4:49:37:8d:47:6b:db:04:0c:4b:8e:84:39:14:
c6:b3:f9:96:ff:9e:2a:2e:b0:a2:a3:50:cc:aa:14:90:0d:71:
51:96:8e:33:8e:b2:45:ae:d1:c2:b0:73:d5:3d:22:77:6a:0a:
25:30:75:70:41:6e:c2:64:c9:9b:e7:a4:f1:b5:f8:a2:70:9e:
ae:d8:b4:a1
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgICCEIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUUxQUUxMTAvBgNVBAUTKDUzQkRFMjZEODI1RjY3N0Y5QUM0Mjg2RjlBNjc2NjFG
NUM0OUI1NjkwHhcNMjQwMzI3MDQzNzU3WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjAzYTJhNS1kYzIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzkIBMQNewD+ma8CbbBmToUSwRVVzzfiHoIUnKC5lSAXOyAjkf+eKpoIUvXgY
RCFunb5cwISm1WYZ06jT+Lf8vg5qtF0RTTcBA+b9nk6WgvwZHMToPTb2dqzgI1OA
l7uu82MDaFH5G9KNP+esGbyZN4EEomnN2kppA7qykjIv8FVM1Q4vY/o/xnmd1aij
yAV7a8IIby39dnVEjyEc78ApRvt/HaApVrZ9s5NGw0t2CqYE6YvwgSYHxy71oytr
bWcMsalnym/Pg5wIabHXwera+y2vZAT8Y7nX4+o9XvSTldK+TQoF+bmKWNNzb1Pg
Ctt5EO+bd9zVf8hE/yQ/ZF7JSQIDAQABo4ICzDCCAsgwHQYDVR0OBBYEFJqTKizR
I4KZS8WE+cY7wC9vzymKMB8GA1UdIwQYMBaAFFO94m2CX2d/msQob5pnZh9cSbVp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTFBRS9CNDBCQjFCOEIx
MkUxMUVBOUE5NUI1NkFDNEY5QUUwMi9VNzNpYllKZlozLWF4Q2h2bW1kbUgxeEp0
V2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U3M2liWUpmWjMtYXhDaHZtbWRtSDF4SnRXay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUUxQUUvQjQwQkIxQjhCMTJFMTFFQTlBOTVCNTZBQzRGOUFFMDIvQzhEQzZCRDhF
QkYzMTFFRUFEMEMwMTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVgYIKwYBBQUHAQcBAf8E
RzBFMDQEAgABMC4DBAItQPADAwExggMEAmcBEAMDAXnKAwMAtNsDAwG2mDAMAwQF
y04gAwQCy04oMA0EAgACMAcDBQAkB7QAMA0GCSqGSIb3DQEBCwUAA4IBAQDaO3Au
vJ+tvhqAtskbuFcGqIdKjfHt+Sd6aWVh1f90W7fRJHNXX52QlSwqvwsRsWI6Azh7
p2JIBU67CaVgb2LZzzeisUsnpF+I1gFuSqb3Y9arBMYshWJesMiFlSUoUtRUa4vx
pICLUUGTknn8p4+eZzh671FIhzvJsZ3al5jME1Znvz0Fx02G5vMYpoVlgPrhiKP0
yXkcMdjJqsOB/8pSFWwyZORsgiX2FR67JZjS7ct8JM05cAP15Ek3jUdr2wQMS46E
ORTGs/mW/54qLrCio1DMqhSQDXFRlo4zjrJFrtHCsHPVPSJ3agolMHVwQW7CZMmb
56TxtfiicJ6u2LSh
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:33:56 2024 by rpki-client on console-fra.rpki-client.org