Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/0DE55C3271BC11EF8CBFE24FC4F9AE02.roa
File: 0DE55C3271BC11EF8CBFE24FC4F9AE02.roa (raw, json)
Hash identifier: DEbmSsAiMTclNVK5f5T6EU/Sz4/VKVtrcqefVKll84Q=
Subject key identifier: 3B:41:67:B9:94:DC:00:E9:F2:D0:9D:06:94:6A:1F:BD:C5:DD:26:FB
Certificate issuer: /CN=A91AAEB2/serialNumber=9B98FB7D468983A2C14772733248EFFA3462E126
Certificate serial: C9
Authority key identifier: 9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/0DE55C3271BC11EF8CBFE24FC4F9AE02.roa
Signing time: Sat 21 Dec 2024 05:50:19 +0000
ROA not before: Sat 21 Dec 2024 05:50:19 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 4621
IP address blocks: 103.1.160.0/22 maxlen: 22
202.28.2.0/24 maxlen: 24
202.28.3.0/24 maxlen: 24
202.28.20.0/24 maxlen: 24
202.28.21.0/24 maxlen: 24
202.28.22.0/24 maxlen: 24
202.28.36.0/24 maxlen: 24
202.28.37.0/24 maxlen: 24
202.28.38.0/24 maxlen: 24
202.28.39.0/24 maxlen: 24
202.28.52.0/24 maxlen: 24
202.28.56.0/24 maxlen: 24
202.28.60.0/24 maxlen: 24
202.28.62.0/24 maxlen: 24
202.28.63.0/24 maxlen: 24
202.28.82.0/24 maxlen: 24
202.28.83.0/24 maxlen: 24
202.28.84.0/24 maxlen: 24
202.28.86.0/24 maxlen: 24
202.28.108.0/24 maxlen: 24
202.28.120.0/24 maxlen: 24
202.28.194.0/24 maxlen: 24
202.28.198.0/24 maxlen: 24
202.28.253.0/24 maxlen: 24
202.29.3.0/24 maxlen: 24
202.29.5.0/24 maxlen: 24
202.29.7.0/24 maxlen: 24
202.29.13.0/24 maxlen: 24
202.29.14.0/24 maxlen: 24
202.29.15.0/24 maxlen: 24
202.29.34.0/24 maxlen: 24
202.29.38.0/24 maxlen: 24
202.29.48.0/24 maxlen: 24
202.29.50.0/24 maxlen: 24
202.29.51.0/24 maxlen: 24
202.29.54.0/24 maxlen: 24
202.29.55.0/24 maxlen: 24
202.29.56.0/24 maxlen: 24
202.29.62.0/24 maxlen: 24
202.29.68.0/24 maxlen: 24
202.29.75.0/24 maxlen: 24
202.29.76.0/24 maxlen: 24
202.29.79.0/24 maxlen: 24
202.29.90.0/24 maxlen: 24
202.29.92.0/24 maxlen: 24
202.29.129.0/24 maxlen: 24
202.29.153.0/24 maxlen: 24
202.44.138.0/24 maxlen: 24
202.44.139.0/24 maxlen: 24
203.159.128.0/17 maxlen: 17
203.159.129.0/24 maxlen: 24
203.159.134.0/24 maxlen: 24
203.159.135.0/24 maxlen: 24
203.159.142.0/24 maxlen: 24
203.159.144.0/24 maxlen: 24
203.159.147.0/24 maxlen: 24
203.159.148.0/24 maxlen: 24
203.159.149.0/24 maxlen: 24
203.159.150.0/24 maxlen: 24
203.159.151.0/24 maxlen: 24
203.159.153.0/24 maxlen: 24
203.159.155.0/24 maxlen: 24
203.159.156.0/24 maxlen: 24
203.159.158.0/24 maxlen: 24
203.159.159.0/24 maxlen: 24
203.159.161.0/24 maxlen: 24
203.159.163.0/24 maxlen: 24
203.159.165.0/24 maxlen: 24
203.159.166.0/24 maxlen: 24
203.159.167.0/24 maxlen: 24
203.159.168.0/24 maxlen: 24
203.159.169.0/24 maxlen: 24
203.159.170.0/24 maxlen: 24
203.159.172.0/24 maxlen: 24
203.159.173.0/24 maxlen: 24
203.159.176.0/24 maxlen: 24
203.159.177.0/24 maxlen: 24
203.159.180.0/24 maxlen: 24
203.159.182.0/24 maxlen: 24
203.159.185.0/24 maxlen: 24
203.159.186.0/24 maxlen: 24
203.159.187.0/24 maxlen: 24
203.159.188.0/24 maxlen: 24
203.159.189.0/24 maxlen: 24
203.159.190.0/24 maxlen: 24
203.159.194.0/24 maxlen: 24
203.159.195.0/24 maxlen: 24
203.159.197.0/24 maxlen: 24
203.159.198.0/24 maxlen: 24
203.159.199.0/24 maxlen: 24
203.159.200.0/24 maxlen: 24
203.159.201.0/24 maxlen: 24
203.159.202.0/24 maxlen: 24
203.159.203.0/24 maxlen: 24
203.159.204.0/24 maxlen: 24
203.159.209.0/24 maxlen: 24
203.159.210.0/24 maxlen: 24
203.159.212.0/24 maxlen: 24
203.159.213.0/24 maxlen: 24
203.159.214.0/24 maxlen: 24
203.159.216.0/24 maxlen: 24
203.159.218.0/24 maxlen: 24
203.159.219.0/24 maxlen: 24
203.159.221.0/24 maxlen: 24
203.159.222.0/24 maxlen: 24
203.159.224.0/24 maxlen: 24
203.159.225.0/24 maxlen: 24
203.159.226.0/24 maxlen: 24
203.159.227.0/24 maxlen: 24
203.159.228.0/24 maxlen: 24
203.159.230.0/24 maxlen: 24
203.159.231.0/24 maxlen: 24
203.159.238.0/24 maxlen: 24
203.159.239.0/24 maxlen: 24
203.159.240.0/24 maxlen: 24
203.159.241.0/24 maxlen: 24
203.159.242.0/24 maxlen: 24
203.159.243.0/24 maxlen: 24
203.159.244.0/24 maxlen: 24
203.159.245.0/24 maxlen: 24
203.159.246.0/24 maxlen: 24
203.159.247.0/24 maxlen: 24
203.159.248.0/21 maxlen: 21
2001:3c8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl
rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 05 Apr 2025 05:08:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 201 (0xc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AAEB2
Validity
Not Before: Dec 21 05:50:19 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6766571b-7e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:41:6b:34:d5:5e:db:74:e9:62:91:0a:c2:6d:
0e:d9:6a:2d:9e:d7:67:c0:e5:4b:f2:07:45:fe:04:
13:0f:62:74:43:7f:d1:b3:fa:7d:87:5b:49:00:6b:
8d:c8:61:b0:fa:b8:d4:bd:a4:4b:e2:ec:11:4c:ac:
05:ed:83:c7:ed:9a:83:e7:51:a6:04:f8:84:d6:fd:
21:b5:86:4f:2b:c0:e7:ba:37:4e:19:59:8c:17:92:
37:3e:26:79:45:64:7d:4d:fd:35:ec:89:06:5e:e5:
dd:1e:88:5f:49:ee:05:0c:98:14:f5:01:ea:a1:29:
5e:86:b2:e0:9d:2f:b1:fd:0b:43:5a:21:4a:d0:29:
80:3b:54:1f:ce:88:aa:8b:5c:e0:52:fc:b6:11:60:
86:4a:bd:51:58:d4:65:17:69:50:37:71:ec:db:40:
89:c6:e6:bc:a7:47:78:ea:15:94:2f:8f:b6:94:34:
e0:b7:d6:14:5b:a9:cf:9e:c5:c5:81:cb:94:91:67:
af:27:38:08:4e:e9:14:b5:0b:0e:cf:03:94:6f:19:
7c:5d:3c:d2:f8:63:21:85:68:1f:16:7a:ff:8c:85:
18:45:20:a7:15:44:7b:cc:67:b5:f0:0a:57:93:ff:
09:0b:2b:7d:e2:54:1e:f7:c5:28:13:4d:ca:31:18:
27:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:41:67:B9:94:DC:00:E9:F2:D0:9D:06:94:6A:1F:BD:C5:DD:26:FB
X509v3 Authority Key Identifier:
keyid:9B:98:FB:7D:46:89:83:A2:C1:47:72:73:32:48:EF:FA:34:62:E1:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/m5j7fUaJg6LBR3JzMkjv-jRi4SY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m5j7fUaJg6LBR3JzMkjv-jRi4SY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAEB2/3952100E6E8311EFAB726180C4F9AE02/0DE55C3271BC11EF8CBFE24FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.1.160.0/22
202.28.2.0/23
202.28.20.0-202.28.22.255
202.28.36.0/22
202.28.52.0/24
202.28.56.0/24
202.28.60.0/24
202.28.62.0/23
202.28.82.0-202.28.84.255
202.28.86.0/24
202.28.108.0/24
202.28.120.0/24
202.28.194.0/24
202.28.198.0/24
202.28.253.0/24
202.29.3.0/24
202.29.5.0/24
202.29.7.0/24
202.29.13.0-202.29.15.255
202.29.34.0/24
202.29.38.0/24
202.29.48.0/24
202.29.50.0/23
202.29.54.0-202.29.56.255
202.29.62.0/24
202.29.68.0/24
202.29.75.0-202.29.76.255
202.29.79.0/24
202.29.90.0/24
202.29.92.0/24
202.29.129.0/24
202.29.153.0/24
202.44.138.0/23
203.159.128.0/17
IPv6:
2001:3c8::/32
Signature Algorithm: sha256WithRSAEncryption
97:8a:2a:dc:95:06:b2:13:c6:b4:9c:9b:ee:31:b4:a8:b7:cd:
0b:8f:f3:ce:79:94:25:8f:7e:7e:3a:11:79:4b:44:ed:b9:53:
c1:b3:54:e8:7f:7d:f7:a4:f3:04:85:9d:ad:5e:ba:20:97:1a:
b1:de:3e:83:fd:49:3f:9d:2d:da:c8:09:83:9c:61:4b:8a:14:
5b:23:67:c7:a7:16:39:3b:e6:22:1d:45:a6:52:14:b9:50:86:
81:0b:99:47:7b:c1:36:05:62:8f:bd:1b:ed:16:c1:98:39:13:
7c:0d:49:3a:52:8f:b7:c4:c6:df:db:f6:48:54:5c:f7:f5:e2:
5a:4e:37:cd:ff:75:d6:e1:0e:74:91:c5:8f:fa:31:3c:47:57:
30:b9:c7:2b:98:d5:22:05:52:c6:b7:72:d2:8d:bd:4a:b2:4c:
a3:11:d8:f2:63:47:37:96:86:c6:28:24:66:8f:cf:94:6b:c9:
2a:3c:e1:bc:9a:df:72:ae:32:b3:1b:93:f4:c1:42:88:31:e5:
8f:b3:38:15:46:c4:d0:53:74:38:6a:9a:9b:59:29:70:16:c7:
ec:9b:09:36:88:2e:80:81:78:cb:82:79:29:e8:38:8b:38:77:
4d:45:77:1b:22:58:93:9d:b9:e2:2e:7c:c9:55:ed:d7:d7:f7:
1f:51:59:9d
-----BEGIN CERTIFICATE-----
MIIGdjCCBV6gAwIBAgICAMkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUFFQjIxMTAvBgNVBAUTKDlCOThGQjdENDY4OTgzQTJDMTQ3NzI3MzMyNDhFRkZB
MzQ2MkUxMjYwHhcNMjQxMjIxMDU1MDE5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY2NTcxYi03ZTg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtEFrNNVe23TpYpEKwm0O2WotntdnwOVL8gdF/gQTD2J0Q3/Rs/p9h1tJAGuN
yGGw+rjUvaRL4uwRTKwF7YPH7ZqD51GmBPiE1v0htYZPK8DnujdOGVmMF5I3PiZ5
RWR9Tf017IkGXuXdHohfSe4FDJgU9QHqoSlehrLgnS+x/QtDWiFK0CmAO1Qfzoiq
i1zgUvy2EWCGSr1RWNRlF2lQN3Hs20CJxua8p0d46hWUL4+2lDTgt9YUW6nPnsXF
gcuUkWevJzgITukUtQsOzwOUbxl8XTzS+GMhhWgfFnr/jIUYRSCnFUR7zGe18ApX
k/8JCyt94lQe98UoE03KMRgnuwIDAQABo4IDmjCCA5YwHQYDVR0OBBYEFDtBZ7mU
3ADp8tCdBpRqH73F3Sb7MB8GA1UdIwQYMBaAFJuY+31GiYOiwUdyczJI7/o0YuEm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUVCMi8zOTUyMTAwRTZF
ODMxMUVGQUI3MjYxODBDNEY5QUUwMi9tNWo3ZlVhSmc2TEJSM0p6TWtqdi1qUmk0
U1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL201ajdmVWFKZzZMQlIzSnpNa2p2LWpSaTRTWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUFFQjIvMzk1MjEwMEU2RTgzMTFFRkFCNzI2MTgwQzRGOUFFMDIvMERFNTVDMzI3
MUJDMTFFRjhDQkZFMjRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEiBggrBgEFBQcBBwEB
/wSCAREwggENMIH7BAIAATCB9AMEAmcBoAMEAcocAjAMAwQCyhwUAwQAyhwWAwQC
yhwkAwQAyhw0AwQAyhw4AwQAyhw8AwQByhw+MAwDBAHKHFIDBADKHFQDBADKHFYD
BADKHGwDBADKHHgDBADKHMIDBADKHMYDBADKHP0DBADKHQMDBADKHQUDBADKHQcw
DAMEAModDQMEBModAAMEAModIgMEAModJgMEAModMAMEAcodMjAMAwQByh02AwQA
yh04AwQAyh0+AwQAyh1EMAwDBADKHUsDBADKHUwDBADKHU8DBADKHVoDBADKHVwD
BADKHYEDBADKHZkDBAHKLIoDBAfLn4AwDQQCAAIwBwMFACABA8gwDQYJKoZIhvcN
AQELBQADggEBAJeKKtyVBrITxrScm+4xtKi3zQuP8855lCWPfn46EXlLRO25U8Gz
VOh/ffek8wSFna1euiCXGrHePoP9ST+dLdrICYOcYUuKFFsjZ8enFjk75iIdRaZS
FLlQhoELmUd7wTYFYo+9G+0WwZg5E3wNSTpSj7fExt/b9khUXPf14lpON83/ddbh
DnSRxY/6MTxHVzC5xyuY1SIFUsa3ctKNvUqyTKMR2PJjRzeWhsYoJGaPz5RrySo8
4bya33KuMrMbk/TBQogx5Y+zOBVGxNBTdDhqmptZKXAWx+ybCTaILoCBeMuCeSno
OIs4d01FdxsiWJOdueIufMlV7dfX9x9RWZ0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:15:47 2025 by rpki-client