Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/845C3BA698FA11EE8BBC4F59C4F9AE02.roa
File: 845C3BA698FA11EE8BBC4F59C4F9AE02.roa (raw, json)
Hash identifier: CCvUE911biDeGlxGl+cTmdeSxPgf4buhx/6k69yLPK0=
Subject key identifier: BB:D5:0D:26:BC:1F:97:53:19:17:D0:12:44:F3:1E:03:49:08:6A:1B
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 499C
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/845C3BA698FA11EE8BBC4F59C4F9AE02.roa
Signing time: Thu 13 Feb 2025 08:35:21 +0000
ROA not before: Thu 13 Feb 2025 08:35:21 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135918
IP address blocks: 42.96.0.0/22 maxlen: 22
49.236.208.0/22 maxlen: 22
103.14.224.0/23 maxlen: 23
103.28.32.0/22 maxlen: 22
103.65.234.0/23 maxlen: 23
103.67.196.0/23 maxlen: 23
103.67.198.0/23 maxlen: 23
103.68.84.0/23 maxlen: 23
103.69.86.0/23 maxlen: 23
103.69.96.0/23 maxlen: 23
103.74.100.0/22 maxlen: 22
103.95.196.0/22 maxlen: 22
103.110.32.0/23 maxlen: 23
103.129.126.0/23 maxlen: 23
103.139.154.0/23 maxlen: 23
103.149.252.0/23 maxlen: 23
103.151.52.0/23 maxlen: 23
103.151.238.0/23 maxlen: 23
103.153.64.0/23 maxlen: 23
103.157.204.0/23 maxlen: 23
103.160.2.0/23 maxlen: 23
103.161.96.0/23 maxlen: 23
103.161.112.0/23 maxlen: 23
103.161.118.0/23 maxlen: 23
103.161.180.0/23 maxlen: 23
103.162.24.0/23 maxlen: 24
103.176.22.0/23 maxlen: 23
103.176.24.0/23 maxlen: 23
103.176.250.0/23 maxlen: 24
103.177.34.0/23 maxlen: 23
103.178.230.0/23 maxlen: 23
103.178.232.0/23 maxlen: 23
103.179.174.0/23 maxlen: 23
103.180.138.0/23 maxlen: 23
103.183.120.0/23 maxlen: 23
103.188.82.0/23 maxlen: 23
103.190.120.0/23 maxlen: 23
103.211.200.0/23 maxlen: 23
103.211.206.0/23 maxlen: 23
103.218.122.0/23 maxlen: 23
103.228.36.0/23 maxlen: 23
103.228.74.0/23 maxlen: 23
103.229.52.0/23 maxlen: 23
103.231.248.0/23 maxlen: 23
103.239.66.0/23 maxlen: 23
103.252.92.0/23 maxlen: 23
103.252.94.0/23 maxlen: 23
163.61.110.0/23 maxlen: 23
202.158.244.0/22 maxlen: 22
2401:5ec0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 14:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18844 (0x499c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Feb 13 08:35:21 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67adaec9-4d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5c:f7:e8:56:37:69:3f:18:ca:06:12:e9:10:
21:35:35:5b:3b:50:08:b9:bb:9a:40:51:85:24:fe:
1f:1c:e2:99:76:22:37:76:c4:4b:97:dc:70:bc:a3:
60:b2:aa:14:9a:52:2d:0a:a2:59:dd:81:c5:77:8a:
56:39:51:81:3d:be:ea:53:d0:e4:f8:2f:b3:cb:95:
f1:7f:4b:61:d2:ed:6b:99:3c:58:a7:1f:d9:b4:a7:
0e:e8:39:9a:91:56:fa:a9:ac:ed:ea:70:e0:87:da:
29:9d:27:2f:fe:83:b3:99:b1:cb:b5:4a:91:b2:56:
32:06:c9:03:42:b8:ff:07:71:33:55:e1:02:c4:dc:
b4:51:cc:80:9c:75:d8:da:01:9a:39:92:b8:13:e3:
9f:19:bb:98:93:f4:d2:98:8c:88:f6:d0:d8:e6:8e:
15:16:bd:d7:1a:88:85:fb:b5:5f:0d:40:5e:02:ff:
2e:a8:69:c3:39:82:36:c8:09:1d:02:d0:c8:e0:bf:
47:c8:16:7f:88:1e:90:60:a8:86:7b:02:29:2d:b8:
da:16:97:c3:18:8a:a6:e3:68:3f:ab:86:b6:06:2a:
75:75:ab:fc:fa:04:98:ad:35:27:67:80:b0:f0:06:
dd:14:0b:69:63:a2:ab:1f:62:75:18:70:62:72:ff:
02:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D5:0D:26:BC:1F:97:53:19:17:D0:12:44:F3:1E:03:49:08:6A:1B
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/845C3BA698FA11EE8BBC4F59C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.96.0.0/22
49.236.208.0/22
103.14.224.0/23
103.28.32.0/22
103.65.234.0/23
103.67.196.0/22
103.68.84.0/23
103.69.86.0/23
103.69.96.0/23
103.74.100.0/22
103.95.196.0/22
103.110.32.0/23
103.129.126.0/23
103.139.154.0/23
103.149.252.0/23
103.151.52.0/23
103.151.238.0/23
103.153.64.0/23
103.157.204.0/23
103.160.2.0/23
103.161.96.0/23
103.161.112.0/23
103.161.118.0/23
103.161.180.0/23
103.162.24.0/23
103.176.22.0-103.176.25.255
103.176.250.0/23
103.177.34.0/23
103.178.230.0-103.178.233.255
103.179.174.0/23
103.180.138.0/23
103.183.120.0/23
103.188.82.0/23
103.190.120.0/23
103.211.200.0/23
103.211.206.0/23
103.218.122.0/23
103.228.36.0/23
103.228.74.0/23
103.229.52.0/23
103.231.248.0/23
103.239.66.0/23
103.252.92.0/22
163.61.110.0/23
202.158.244.0/22
IPv6:
2401:5ec0::/48
Signature Algorithm: sha256WithRSAEncryption
3c:00:34:78:3b:88:22:b2:8b:e1:f4:eb:29:26:a2:5e:a6:e3:
01:e0:5b:8e:01:8a:79:56:dc:d1:a8:b6:ea:3f:c4:fa:a1:df:
0e:55:04:94:2d:45:f3:2a:a7:7e:06:b0:92:c7:bd:01:41:95:
b1:38:9b:60:29:3f:f5:79:e7:30:36:f5:34:ee:77:db:9f:92:
f1:b1:da:5a:b3:8a:0a:27:3e:a2:41:62:86:70:bb:9a:58:a5:
fb:fb:cd:b2:28:37:c7:be:36:f1:40:20:0f:7a:43:9d:d4:38:
ac:e2:fd:4b:c2:6c:13:06:d4:02:c2:03:8e:72:cc:f2:44:84:
7e:96:b0:d7:5a:02:01:45:9c:ec:d0:93:09:f1:01:c6:54:c7:
95:00:b1:9a:a9:19:6d:44:04:72:0a:5c:5c:29:96:d0:5a:42:
ce:7a:d8:3e:3f:7d:03:35:aa:23:e9:fb:f8:5f:a9:b0:a6:bb:
a8:44:50:4c:da:df:81:b4:3a:d5:41:0f:60:17:4b:d9:59:b8:
f5:2e:5b:8b:4d:76:88:38:90:84:eb:cd:aa:61:6f:3e:dc:9d:
35:69:d8:84:b4:85:78:39:1d:af:7b:d0:1d:ea:86:39:d1:2f:
2c:17:47:40:00:bf:56:7c:d5:e6:56:83:1e:ec:51:c4:6c:ac:
20:33:5b:0d
-----BEGIN CERTIFICATE-----
MIIGpDCCBYygAwIBAgICSZwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjUwMjEzMDgzNTIxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FkYWVjOS00ZDRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo1z36FY3aT8YygYS6RAhNTVbO1AIubuaQFGFJP4fHOKZdiI3dsRLl9xwvKNg
sqoUmlItCqJZ3YHFd4pWOVGBPb7qU9Dk+C+zy5Xxf0th0u1rmTxYpx/ZtKcO6Dma
kVb6qazt6nDgh9opnScv/oOzmbHLtUqRslYyBskDQrj/B3EzVeECxNy0UcyAnHXY
2gGaOZK4E+OfGbuYk/TSmIyI9tDY5o4VFr3XGoiF+7VfDUBeAv8uqGnDOYI2yAkd
AtDI4L9HyBZ/iB6QYKiGewIpLbjaFpfDGIqm42g/q4a2Bip1dav8+gSYrTUnZ4Cw
8AbdFAtpY6KrH2J1GHBicv8C+wIDAQABo4IDyDCCA8QwHQYDVR0OBBYEFLvVDSa8
H5dTGRfQEkTzHgNJCGobMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvODQ1QzNCQTY5
OEZBMTFFRThCQkM0RjU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFQBggrBgEFBQcBBwEB
/wSCAT8wggE7MIIBJgQCAAEwggEeAwQCKmAAAwQCMezQAwQBZw7gAwQCZxwgAwQB
Z0HqAwQCZ0PEAwQBZ0RUAwQBZ0VWAwQBZ0VgAwQCZ0pkAwQCZ1/EAwQBZ24gAwQB
Z4F+AwQBZ4uaAwQBZ5X8AwQBZ5c0AwQBZ5fuAwQBZ5lAAwQBZ53MAwQBZ6ACAwQB
Z6FgAwQBZ6FwAwQBZ6F2AwQBZ6G0AwQBZ6IYMAwDBAFnsBYDBAFnsBgDBAFnsPoD
BAFnsSIwDAMEAWey5gMEAWey6AMEAWezrgMEAWe0igMEAWe3eAMEAWe8UgMEAWe+
eAMEAWfTyAMEAWfTzgMEAWfaegMEAWfkJAMEAWfkSgMEAWflNAMEAWfn+AMEAWfv
QgMEAmf8XAMEAaM9bgMEAsqe9DAPBAIAAjAJAwcAJAFewAAAMA0GCSqGSIb3DQEB
CwUAA4IBAQA8ADR4O4gisovh9OspJqJepuMB4FuOAYp5VtzRqLbqP8T6od8OVQSU
LUXzKqd+BrCSx70BQZWxOJtgKT/1eecwNvU07nfbn5Lxsdpas4oKJz6iQWKGcLua
WKX7+82yKDfHvjbxQCAPekOd1Dis4v1LwmwTBtQCwgOOcszyRIR+lrDXWgIBRZzs
0JMJ8QHGVMeVALGaqRltRARyClxcKZbQWkLOetg+P30DNaoj6fv4X6mwpruoRFBM
2t+BtDrVQQ9gF0vZWbj1LluLTXaIOJCE682qYW8+3J01adiEtIV4OR2ve9Ad6oY5
0S8sF0dAAL9WfNXmVoMe7FHEbKwgM1sN
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:35:52 2025 by rpki-client