Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/CFE47524218611EFBC84066BC4F9AE02.roa
File: CFE47524218611EFBC84066BC4F9AE02.roa (raw, json)
Hash identifier: 69t0EaLHyltEqbgcpxOEuaxVwmi/Z2Wj4iHeA/wh8EY=
Subject key identifier: 33:90:05:6F:A8:4D:C6:9C:47:49:D2:CA:FC:A3:53:70:95:A0:CC:7C
Certificate issuer: /CN=A91AA48F/serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503
Certificate serial: 3436
Authority key identifier: BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/CFE47524218611EFBC84066BC4F9AE02.roa
Signing time: Mon 02 Sep 2024 14:50:49 +0000
ROA not before: Mon 02 Sep 2024 14:50:49 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 45143
IP address blocks: 14.100.128.0/17 maxlen: 24
111.65.31.0/24 maxlen: 24
111.65.32.0/24 maxlen: 24
111.65.33.0/24 maxlen: 24
111.65.34.0/24 maxlen: 24
111.65.35.0/24 maxlen: 24
111.65.36.0/24 maxlen: 24
111.65.37.0/24 maxlen: 24
111.65.38.0/24 maxlen: 24
111.65.39.0/24 maxlen: 24
111.65.40.0/24 maxlen: 24
111.65.41.0/24 maxlen: 24
111.65.42.0/24 maxlen: 24
111.65.43.0/24 maxlen: 24
111.65.44.0/24 maxlen: 24
111.65.45.0/24 maxlen: 24
111.65.46.0/24 maxlen: 24
111.65.47.0/24 maxlen: 24
111.65.48.0/24 maxlen: 24
111.65.49.0/24 maxlen: 24
111.65.50.0/24 maxlen: 24
111.65.51.0/24 maxlen: 24
111.65.52.0/24 maxlen: 24
111.65.53.0/24 maxlen: 24
111.65.54.0/24 maxlen: 24
111.65.55.0/24 maxlen: 24
111.65.56.0/24 maxlen: 24
111.65.57.0/24 maxlen: 24
111.65.58.0/24 maxlen: 24
111.65.59.0/24 maxlen: 24
111.65.60.0/24 maxlen: 24
111.65.61.0/24 maxlen: 24
111.65.62.0/24 maxlen: 24
111.65.63.0/24 maxlen: 24
111.65.64.0/24 maxlen: 24
111.65.65.0/24 maxlen: 24
111.65.66.0/24 maxlen: 24
111.65.67.0/24 maxlen: 24
111.65.68.0/24 maxlen: 24
111.65.69.0/24 maxlen: 24
111.65.70.0/24 maxlen: 24
111.65.71.0/24 maxlen: 24
111.65.72.0/24 maxlen: 24
111.65.73.0/24 maxlen: 24
111.65.74.0/24 maxlen: 24
111.65.75.0/24 maxlen: 24
111.65.76.0/24 maxlen: 24
111.65.77.0/24 maxlen: 24
111.65.78.0/24 maxlen: 24
111.65.79.0/24 maxlen: 24
119.234.0.0/16 maxlen: 24
180.255.128.0/17 maxlen: 24
202.78.56.0/24 maxlen: 24
202.78.57.0/24 maxlen: 24
202.78.58.0/24 maxlen: 24
2400:1c00:1::/48 maxlen: 48
2400:1c00:2::/48 maxlen: 48
2400:1c00:3::/48 maxlen: 48
2400:1c00:4::/48 maxlen: 48
2400:1c00:b::/48 maxlen: 48
2400:1c00:c::/48 maxlen: 48
2400:1c00:1a::/48 maxlen: 48
2400:1c00:1b::/48 maxlen: 48
2400:1c00:1c::/48 maxlen: 48
2400:1c00:1e::/48 maxlen: 48
2400:1c00:1f::/48 maxlen: 48
2400:1c00:20::/44 maxlen: 44
2400:1c00:30::/44 maxlen: 44
2400:1c00:40::/44 maxlen: 44
2400:1c00:50::/44 maxlen: 44
2400:1c00:64::/48 maxlen: 48
2400:1c00:66::/48 maxlen: 48
2400:1c00:70::/44 maxlen: 44
2400:1c00:80::/43 maxlen: 43
2400:1c00:a0::/43 maxlen: 43
2400:1c00:f0::/44 maxlen: 44
2400:1c00:100::/44 maxlen: 44
2400:1c00:110::/44 maxlen: 44
2400:1c00:120::/44 maxlen: 44
2400:1c00:130::/44 maxlen: 44
2400:1c00:140::/44 maxlen: 44
2400:1c00:150::/44 maxlen: 44
2400:1c00:160::/44 maxlen: 44
2400:1c00:190::/44 maxlen: 44
2400:1c00:1a0::/44 maxlen: 44
2400:1c00:1b0::/44 maxlen: 44
2400:1c00:1d0::/44 maxlen: 44
2400:1c00:1e0::/44 maxlen: 44
2400:1c00:220::/44 maxlen: 44
2400:1c00:230::/44 maxlen: 44
2400:1c00:310::/45 maxlen: 45
2400:1c00:318::/45 maxlen: 45
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl
rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 02:50:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13366 (0x3436)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AA48F/serialNumber=BE0E7A890F7281C654632E8BE80EBBF9FFB56503
Validity
Not Before: Sep 2 14:50:49 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d5d0c9-1264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:04:36:d3:88:20:55:a0:dd:f2:cb:e1:a2:fe:
47:b9:99:71:40:a2:ef:77:cf:f9:76:fe:ae:ab:6a:
b9:be:71:1c:46:a8:20:16:33:97:be:97:e0:cb:9f:
1a:67:67:c9:0e:d5:cd:0d:0e:ed:1d:c1:dd:ac:32:
e4:ff:e5:22:02:75:99:1a:df:56:2d:43:02:67:bc:
13:7e:f3:6b:3d:5c:cc:5a:9f:de:15:be:24:f0:c5:
24:d6:fe:73:61:77:d3:d6:08:37:c2:db:3c:38:0b:
05:6d:08:37:60:fd:fd:bd:ab:21:c2:66:1e:b2:26:
d8:8c:ac:21:f8:ea:af:b4:a8:00:96:a4:0a:76:d3:
f6:8d:32:24:86:34:a0:08:0c:ac:c8:7e:53:b7:de:
11:3b:e1:86:86:08:b2:71:6b:d4:f4:25:9b:be:7e:
33:a0:64:b7:e5:d4:a8:81:ea:69:01:46:72:c5:b8:
8f:96:b5:a4:95:02:68:08:3a:0f:5c:c8:bf:ae:ae:
86:61:77:ff:3c:6c:b9:89:5f:2f:f6:41:9f:a2:6a:
6f:0a:79:ff:cf:67:40:d2:78:3b:ca:55:06:85:b0:
71:d0:83:7a:4f:6a:f4:44:04:d0:94:7a:2e:82:49:
34:38:c0:3c:14:ea:f5:f4:62:9b:11:2a:8a:fb:70:
e2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:90:05:6F:A8:4D:C6:9C:47:49:D2:CA:FC:A3:53:70:95:A0:CC:7C
X509v3 Authority Key Identifier:
keyid:BE:0E:7A:89:0F:72:81:C6:54:63:2E:8B:E8:0E:BB:F9:FF:B5:65:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vg56iQ9ygcZUYy6L6A67-f-1ZQM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA48F/8C81A8561D8D11E2866C50EB08B02CD2/CFE47524218611EFBC84066BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.100.128.0/17
111.65.31.0-111.65.79.255
119.234.0.0/16
180.255.128.0/17
202.78.56.0-202.78.58.255
IPv6:
2400:1c00:1::-2400:1c00:4:ffff:ffff:ffff:ffff:ffff
2400:1c00:b::-2400:1c00:c:ffff:ffff:ffff:ffff:ffff
2400:1c00:1a::-2400:1c00:1c:ffff:ffff:ffff:ffff:ffff
2400:1c00:1e::-2400:1c00:5f:ffff:ffff:ffff:ffff:ffff
2400:1c00:64::/48
2400:1c00:66::/48
2400:1c00:70::-2400:1c00:bf:ffff:ffff:ffff:ffff:ffff
2400:1c00:f0::-2400:1c00:16f:ffff:ffff:ffff:ffff:ffff
2400:1c00:190::-2400:1c00:1bf:ffff:ffff:ffff:ffff:ffff
2400:1c00:1d0::-2400:1c00:1ef:ffff:ffff:ffff:ffff:ffff
2400:1c00:220::/43
2400:1c00:310::/44
Signature Algorithm: sha256WithRSAEncryption
86:d7:08:d9:91:31:a7:56:1a:46:0e:82:a4:65:75:9d:3b:d4:
08:29:3b:91:45:33:cc:d1:6d:09:45:58:db:f1:88:17:d8:b2:
e2:65:35:1e:c9:56:2c:cb:39:8d:bd:b9:c1:92:79:b3:37:87:
b0:5d:af:83:88:e3:c5:ab:fb:78:f3:b9:69:64:b0:5a:e0:c8:
da:91:33:39:3d:ae:6f:8a:a6:f3:62:09:71:bb:76:f3:47:6f:
4c:92:c6:1b:ee:9e:32:ec:a8:85:30:f8:12:f2:43:63:45:61:
09:11:e1:bf:06:fb:7c:16:34:e0:84:3f:75:95:a8:33:64:ca:
ef:e5:18:13:11:e8:b7:6f:1c:77:0f:e4:05:64:c8:5f:87:b0:
60:bd:b7:27:45:c5:1e:d9:91:f2:36:b4:02:56:b0:87:81:bf:
80:0a:5f:de:61:46:b4:ee:6a:37:34:39:ef:a3:2c:74:fa:26:
06:ad:56:41:73:e0:ab:53:20:6d:e2:e5:48:48:94:79:f6:80:
a3:5f:8c:4a:f1:42:0a:f9:a7:10:4d:be:82:63:de:3a:30:53:
15:09:43:9e:9b:d6:17:12:bb:61:78:73:9e:b2:a6:5c:17:af:
56:9b:ab:71:65:cd:35:df:58:49:7a:04:b0:f2:87:13:8a:74:
e0:70:01:5a
-----BEGIN CERTIFICATE-----
MIIGbDCCBVSgAwIBAgICNDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUE0OEYxMTAvBgNVBAUTKEJFMEU3QTg5MEY3MjgxQzY1NDYzMkU4QkU4MEVCQkY5
RkZCNTY1MDMwHhcNMjQwOTAyMTQ1MDQ5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ1ZDBjOS0xMjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwQQ204ggVaDd8svhov5HuZlxQKLvd8/5dv6uq2q5vnEcRqggFjOXvpfgy58a
Z2fJDtXNDQ7tHcHdrDLk/+UiAnWZGt9WLUMCZ7wTfvNrPVzMWp/eFb4k8MUk1v5z
YXfT1gg3wts8OAsFbQg3YP39vashwmYesibYjKwh+OqvtKgAlqQKdtP2jTIkhjSg
CAysyH5Tt94RO+GGhgiycWvU9CWbvn4zoGS35dSogeppAUZyxbiPlrWklQJoCDoP
XMi/rq6GYXf/PGy5iV8v9kGfompvCnn/z2dA0ng7ylUGhbBx0IN6T2r0RATQlHou
gkk0OMA8FOr19GKbESqK+3DipQIDAQABo4IDkDCCA4wwHQYDVR0OBBYEFDOQBW+o
TcacR0nSyvyjU3CVoMx8MB8GA1UdIwQYMBaAFL4OeokPcoHGVGMui+gOu/n/tWUD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ4Ri84QzgxQTg1NjFE
OEQxMUUyODY2QzUwRUIwOEIwMkNEMi92ZzU2aVE5eWdjWlVZeTZMNkE2Ny1mLTFa
UU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZnNTZpUTl5Z2NaVVl5Nkw2QTY3LWYtMVpRTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUE0OEYvOEM4MUE4NTYxRDhEMTFFMjg2NkM1MEVCMDhCMDJDRDIvQ0ZFNDc1MjQy
MTg2MTFFRkJDODQwNjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEYBggrBgEFBQcBBwEB
/wSCAQcwggEDMDMEAgABMC0DBAcOZIAwDAMEAG9BHwMEBG9BQAMDAHfqAwQHtP+A
MAwDBAPKTjgDBADKTjowgcsEAgACMIHEMBIDBwAkABwAAAEDBwAkABwAAAQwEgMH
ACQAHAAACwMHACQAHAAADDASAwcBJAAcAAAaAwcAJAAcAAAcMBIDBwEkABwAAB4D
BwUkABwAAEADBwAkABwAAGQDBwAkABwAAGYwEgMHBCQAHAAAcAMHBiQAHAAAgDAS
AwcEJAAcAADwAwcEJAAcAAFgMBIDBwQkABwAAZADBwYkABwAAYAwEgMHBCQAHAAB
0AMHBCQAHAAB4AMHBSQAHAACIAMHBCQAHAADEDANBgkqhkiG9w0BAQsFAAOCAQEA
htcI2ZExp1YaRg6CpGV1nTvUCCk7kUUzzNFtCUVY2/GIF9iy4mU1HslWLMs5jb25
wZJ5szeHsF2vg4jjxav7ePO5aWSwWuDI2pEzOT2ub4qm82IJcbt280dvTJLGG+6e
MuyohTD4EvJDY0VhCRHhvwb7fBY04IQ/dZWoM2TK7+UYExHot28cdw/kBWTIX4ew
YL23J0XFHtmR8ja0Alawh4G/gApf3mFGtO5qNzQ576MsdPomBq1WQXPgq1MgbeLl
SEiUefaAo1+MSvFCCvmnEE2+gmPeOjBTFQlDnpvWFxK7YXhznrKmXBevVpurcWXN
Nd9YSXoEsPKHE4p04HABWg==
-----END CERTIFICATE-----
Generated at Sun Nov 24 15:31:21 2024 by rpki-client on console-ams.rpki-client.org