Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/E4903B32983F11EE944B4D50C4F9AE02.roa
File: E4903B32983F11EE944B4D50C4F9AE02.roa (raw, json)
Hash identifier: LDB4V7LGYU5U332Q1BfaECotac4MMsQNDLrZ50tN94M=
Subject key identifier: 2F:58:85:53:56:39:A4:9B:56:3F:3C:20:AD:AF:F6:59:03:94:29:81
Certificate issuer: /CN=A91CD39D/serialNumber=56B983E46BCBA115FF2265FE491909C7D74147F3
Certificate serial: 0446
Authority key identifier: 56:B9:83:E4:6B:CB:A1:15:FF:22:65:FE:49:19:09:C7:D7:41:47:F3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/E4903B32983F11EE944B4D50C4F9AE02.roa
Signing time: Sat 09 Mar 2024 11:19:00 +0000
ROA not before: Sat 09 Mar 2024 11:19:00 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 55410
IP address blocks: 42.104.64.0/21 maxlen: 24
42.104.72.0/21 maxlen: 24
42.104.80.0/21 maxlen: 24
42.104.88.0/21 maxlen: 24
42.104.96.0/21 maxlen: 24
42.104.104.0/21 maxlen: 24
42.104.112.0/21 maxlen: 24
42.104.120.0/21 maxlen: 24
43.245.88.0/22 maxlen: 24
103.29.44.0/22 maxlen: 24
118.185.0.0/16 maxlen: 16
118.185.0.0/21 maxlen: 24
118.185.8.0/21 maxlen: 24
118.185.16.0/21 maxlen: 24
118.185.24.0/21 maxlen: 21
118.185.24.0/24 maxlen: 24
118.185.25.0/24 maxlen: 24
118.185.26.0/24 maxlen: 24
118.185.27.0/24 maxlen: 24
118.185.28.0/24 maxlen: 24
118.185.29.0/24 maxlen: 24
118.185.30.0/24 maxlen: 24
118.185.31.0/24 maxlen: 24
118.185.32.0/21 maxlen: 24
118.185.40.0/21 maxlen: 24
118.185.48.0/21 maxlen: 24
118.185.56.0/21 maxlen: 24
118.185.64.0/21 maxlen: 24
118.185.72.0/21 maxlen: 24
118.185.80.0/21 maxlen: 24
118.185.88.0/21 maxlen: 24
118.185.96.0/21 maxlen: 21
118.185.97.0/24 maxlen: 24
118.185.98.0/24 maxlen: 24
118.185.99.0/24 maxlen: 24
118.185.100.0/24 maxlen: 24
118.185.101.0/24 maxlen: 24
118.185.102.0/24 maxlen: 24
118.185.103.0/24 maxlen: 24
118.185.104.0/21 maxlen: 24
118.185.112.0/21 maxlen: 24
118.185.120.0/21 maxlen: 24
118.185.128.0/20 maxlen: 21
118.185.128.0/24 maxlen: 24
118.185.129.0/24 maxlen: 24
118.185.130.0/24 maxlen: 24
118.185.131.0/24 maxlen: 24
118.185.132.0/24 maxlen: 24
118.185.133.0/24 maxlen: 24
118.185.134.0/24 maxlen: 24
118.185.135.0/24 maxlen: 24
118.185.136.0/24 maxlen: 24
118.185.137.0/24 maxlen: 24
118.185.138.0/24 maxlen: 24
118.185.139.0/24 maxlen: 24
118.185.140.0/24 maxlen: 24
118.185.141.0/24 maxlen: 24
118.185.142.0/24 maxlen: 24
118.185.143.0/24 maxlen: 24
118.185.144.0/21 maxlen: 24
118.185.152.0/21 maxlen: 24
118.185.160.0/21 maxlen: 24
118.185.168.0/21 maxlen: 24
118.185.176.0/21 maxlen: 24
118.185.184.0/21 maxlen: 24
118.185.192.0/21 maxlen: 24
118.185.200.0/21 maxlen: 24
118.185.208.0/21 maxlen: 24
118.185.216.0/21 maxlen: 24
118.185.224.0/21 maxlen: 24
118.185.232.0/21 maxlen: 24
118.185.240.0/21 maxlen: 24
118.185.248.0/21 maxlen: 24
122.15.0.0/16 maxlen: 16
122.15.0.0/21 maxlen: 24
122.15.8.0/21 maxlen: 24
122.15.16.0/21 maxlen: 24
122.15.24.0/21 maxlen: 24
122.15.32.0/21 maxlen: 24
122.15.40.0/21 maxlen: 24
122.15.48.0/21 maxlen: 24
122.15.56.0/21 maxlen: 24
122.15.64.0/21 maxlen: 24
122.15.72.0/21 maxlen: 24
122.15.80.0/21 maxlen: 24
122.15.88.0/21 maxlen: 24
122.15.96.0/21 maxlen: 24
122.15.104.0/21 maxlen: 24
122.15.112.0/21 maxlen: 24
122.15.120.0/21 maxlen: 24
122.15.128.0/21 maxlen: 24
122.15.136.0/21 maxlen: 24
122.15.144.0/21 maxlen: 24
122.15.152.0/21 maxlen: 24
122.15.160.0/21 maxlen: 24
122.15.168.0/21 maxlen: 24
122.15.176.0/21 maxlen: 24
122.15.184.0/21 maxlen: 24
122.15.192.0/21 maxlen: 24
122.15.200.0/21 maxlen: 24
122.15.208.0/21 maxlen: 24
122.15.216.0/21 maxlen: 24
122.15.224.0/21 maxlen: 24
122.15.232.0/21 maxlen: 24
122.15.240.0/21 maxlen: 21
122.15.248.0/21 maxlen: 24
123.63.0.0/16 maxlen: 16
123.63.0.0/21 maxlen: 24
123.63.8.0/21 maxlen: 24
123.63.16.0/21 maxlen: 24
123.63.24.0/21 maxlen: 24
123.63.32.0/21 maxlen: 24
123.63.40.0/21 maxlen: 24
123.63.48.0/21 maxlen: 24
123.63.56.0/21 maxlen: 24
123.63.64.0/21 maxlen: 24
123.63.72.0/21 maxlen: 24
123.63.80.0/21 maxlen: 24
123.63.88.0/21 maxlen: 24
123.63.96.0/21 maxlen: 24
123.63.104.0/21 maxlen: 24
123.63.112.0/21 maxlen: 24
123.63.120.0/21 maxlen: 24
123.63.128.0/18 maxlen: 18
123.63.128.0/20 maxlen: 24
123.63.144.0/21 maxlen: 24
123.63.152.0/21 maxlen: 24
123.63.160.0/19 maxlen: 19
123.63.160.0/21 maxlen: 24
123.63.168.0/21 maxlen: 24
123.63.176.0/21 maxlen: 24
123.63.184.0/21 maxlen: 24
123.63.192.0/18 maxlen: 18
123.63.192.0/21 maxlen: 24
123.63.200.0/21 maxlen: 24
123.63.208.0/21 maxlen: 24
123.63.216.0/21 maxlen: 24
123.63.224.0/19 maxlen: 19
123.63.224.0/21 maxlen: 24
123.63.232.0/21 maxlen: 24
123.63.240.0/21 maxlen: 24
123.63.248.0/21 maxlen: 24
124.247.192.0/24 maxlen: 24
124.247.194.0/24 maxlen: 24
124.247.198.0/24 maxlen: 24
124.247.199.0/24 maxlen: 24
124.247.201.0/24 maxlen: 24
124.247.203.0/24 maxlen: 24
124.247.204.0/24 maxlen: 24
124.247.205.0/24 maxlen: 24
182.19.0.0/19 maxlen: 19
182.19.0.0/20 maxlen: 24
182.19.16.0/20 maxlen: 24
182.19.32.0/19 maxlen: 19
182.19.32.0/20 maxlen: 24
182.19.48.0/20 maxlen: 24
182.19.64.0/20 maxlen: 24
182.19.80.0/21 maxlen: 24
182.19.88.0/21 maxlen: 24
182.19.96.0/19 maxlen: 24
2400:5200:401::/48 maxlen: 48
2400:5200:402::/48 maxlen: 48
2400:5200:403::/48 maxlen: 48
2400:5200:404::/48 maxlen: 48
2400:5200:c00::/40 maxlen: 48
2400:5200:1000::/40 maxlen: 48
2400:5200:1400::/40 maxlen: 48
2400:5200:1800::/40 maxlen: 48
2400:5200:1c00::/40 maxlen: 48
2400:5200:2000::/36 maxlen: 48
2400:5200:3000::/36 maxlen: 48
2400:5200:4000::/36 maxlen: 48
2400:5200:5000::/36 maxlen: 48
2400:5200:6000::/36 maxlen: 48
2400:5200:7000::/36 maxlen: 48
2400:5200:8000::/36 maxlen: 48
2400:5200:9000::/36 maxlen: 48
2400:5200:a000::/36 maxlen: 48
2400:5200:b000::/36 maxlen: 48
2400:5200:c000::/36 maxlen: 48
2400:5200:d000::/36 maxlen: 48
2400:5200:e000::/36 maxlen: 48
2400:5200:f000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/VrmD5GvLoRX_ImX-SRkJx9dBR_M.crl
rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/VrmD5GvLoRX_ImX-SRkJx9dBR_M.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 02 May 2024 02:32:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1094 (0x446)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD39D/serialNumber=56B983E46BCBA115FF2265FE491909C7D74147F3
Validity
Not Before: Mar 9 11:19:00 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65ec45a3-7eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:90:d5:20:7e:d0:73:1f:34:0b:63:6c:b9:48:
43:be:32:3e:2e:d5:d5:64:d1:aa:24:67:d2:27:da:
d7:95:c4:7a:e3:f2:36:60:63:24:b6:b7:04:6c:35:
4d:46:ad:99:e0:a4:17:b5:2d:79:30:1d:c3:f7:f7:
b5:26:30:63:f7:e3:7b:e8:0e:de:ab:63:68:56:db:
2d:16:80:2d:34:44:91:d7:3f:04:73:81:a3:24:68:
5a:82:ef:bc:45:9b:f4:d1:4e:1f:c3:36:a1:49:04:
ae:2c:8a:f8:88:43:65:c3:08:71:bc:62:7c:96:e4:
9c:63:89:7d:1e:bb:0e:76:36:cb:72:66:51:85:b3:
4e:ef:6c:d0:8a:71:fa:c1:43:e0:b1:ae:f9:73:cc:
13:b8:c3:a6:45:17:0c:da:fc:64:92:68:fd:2c:be:
d2:12:d3:0e:5c:83:1b:8f:5f:fb:a3:64:e9:60:ec:
0b:f2:ba:0b:8a:de:23:47:2c:5c:6a:d7:37:dc:96:
af:1f:be:42:bc:9c:38:ed:f3:b9:5f:28:c2:0d:4a:
17:91:e0:5d:10:56:5c:99:07:5c:9d:47:d6:e1:83:
5d:65:49:25:90:a8:02:63:42:62:5f:48:54:79:29:
dc:e8:91:ff:a4:8e:2a:06:d6:84:7f:2a:03:6b:b6:
58:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:58:85:53:56:39:A4:9B:56:3F:3C:20:AD:AF:F6:59:03:94:29:81
X509v3 Authority Key Identifier:
keyid:56:B9:83:E4:6B:CB:A1:15:FF:22:65:FE:49:19:09:C7:D7:41:47:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/VrmD5GvLoRX_ImX-SRkJx9dBR_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/E4903B32983F11EE944B4D50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.104.64.0/18
43.245.88.0/22
103.29.44.0/22
118.185.0.0/16
122.15.0.0/16
123.63.0.0/16
124.247.192.0/24
124.247.194.0/24
124.247.198.0/23
124.247.201.0/24
124.247.203.0-124.247.205.255
182.19.0.0/17
IPv6:
2400:5200:401::-2400:5200:404:ffff:ffff:ffff:ffff:ffff
2400:5200:c00::/40
2400:5200:1000::/40
2400:5200:1400::/40
2400:5200:1800::/40
2400:5200:1c00::/40
2400:5200:2000::-2400:5200:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ac:52:ce:a4:66:cc:dd:04:74:d3:80:1f:34:5b:a8:92:ac:fc:
90:68:15:1d:44:36:04:4d:93:1a:fe:8a:c7:91:11:fc:9d:42:
85:c3:8f:d6:66:de:1a:52:20:08:10:9a:57:a1:40:d0:ab:aa:
99:2d:bd:31:f3:fd:86:56:08:dc:98:75:c5:dd:ec:dc:49:e7:
4d:67:c1:63:ea:89:b4:63:3f:50:cc:7d:96:b7:c4:ad:24:b4:
7c:c6:13:97:f1:14:e6:0c:57:7b:94:df:f9:08:9c:ac:fa:63:
a8:66:94:93:97:b9:35:c2:85:0a:23:59:b8:a0:72:b1:46:1f:
58:4c:cd:40:1f:8d:bc:c1:88:5b:ca:f2:f1:c3:5c:bf:d6:82:
dc:2a:52:c4:a3:22:87:38:a9:5b:42:55:04:02:57:0c:2b:d0:
8b:83:7c:80:0f:f6:b4:ba:58:6f:86:df:04:a0:db:f9:e1:84:
0e:d9:ef:9a:be:dc:b6:af:ad:25:b9:bd:01:00:75:22:fe:6a:
50:31:4e:76:05:7b:63:37:96:fc:09:73:1f:b5:93:28:d0:7c:
ca:4a:93:9e:ea:92:d5:84:9e:33:43:d3:b0:9a:43:b5:14:03:
c2:3d:45:d0:18:9e:4e:ef:18:37:6f:7b:fb:04:80:46:a3:f4:
c0:10:77:b4
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgICBEYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0QzOUQxMTAvBgNVBAUTKDU2Qjk4M0U0NkJDQkExMTVGRjIyNjVGRTQ5MTkwOUM3
RDc0MTQ3RjMwHhcNMjQwMzA5MTExOTAwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWVjNDVhMy03ZWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAppDVIH7Qcx80C2NsuUhDvjI+LtXVZNGqJGfSJ9rXlcR64/I2YGMktrcEbDVN
Rq2Z4KQXtS15MB3D9/e1JjBj9+N76A7eq2NoVtstFoAtNESR1z8Ec4GjJGhagu+8
RZv00U4fwzahSQSuLIr4iENlwwhxvGJ8luScY4l9HrsOdjbLcmZRhbNO72zQinH6
wUPgsa75c8wTuMOmRRcM2vxkkmj9LL7SEtMOXIMbj1/7o2TpYOwL8roLit4jRyxc
atc33JavH75CvJw47fO5XyjCDUoXkeBdEFZcmQdcnUfW4YNdZUklkKgCY0JiX0hU
eSnc6JH/pI4qBtaEfyoDa7ZYBwIDAQABo4IDNDCCAzAwHQYDVR0OBBYEFC9YhVNW
OaSbVj88IK2v9lkDlCmBMB8GA1UdIwQYMBaAFFa5g+Rry6EV/yJl/kkZCcfXQUfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDM5RC9ERTdEMkY5NDRF
NzYxMUVDQTU3MjBCNzlDNEY5QUUwMi9Wcm1ENUd2TG9SWF9JbVgtU1JrSng5ZEJS
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZybUQ1R3ZMb1JYX0ltWC1TUmtKeDlkQlJfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0QzOUQvREU3RDJGOTQ0RTc2MTFFQ0E1NzIwQjc5QzRGOUFFMDIvRTQ5MDNCMzI5
ODNGMTFFRTk0NEI0RDUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgb0GCCsGAQUFBwEHAQH/
BIGtMIGqMFMEAgABME0DBAYqaEADBAIr9VgDBAJnHSwDAwB2uQMDAHoPAwMAez8D
BAB898ADBAB898IDBAF898YDBAB898kwDAMEAHz3ywMEAXz3zAMEB7YTADBTBAIA
AjBNMBIDBwAkAFIABAEDBwAkAFIABAQDBgAkAFIADAMGACQAUgAQAwYAJABSABQD
BgAkAFIAGAMGACQAUgAcMA8DBgUkAFIAIAMFACQAUgAwDQYJKoZIhvcNAQELBQAD
ggEBAKxSzqRmzN0EdNOAHzRbqJKs/JBoFR1ENgRNkxr+iseREfydQoXDj9Zm3hpS
IAgQmlehQNCrqpktvTHz/YZWCNyYdcXd7NxJ501nwWPqibRjP1DMfZa3xK0ktHzG
E5fxFOYMV3uU3/kInKz6Y6hmlJOXuTXChQojWbigcrFGH1hMzUAfjbzBiFvK8vHD
XL/WgtwqUsSjIoc4qVtCVQQCVwwr0IuDfIAP9rS6WG+G3wSg2/nhhA7Z75q+3Lav
rSW5vQEAdSL+alAxTnYFe2M3lvwJcx+1kyjQfMpKk57qktWEnjND07CaQ7UUA8I9
RdAYnk7vGDdve/sEgEaj9MAQd7Q=
-----END CERTIFICATE-----
Generated at Thu Apr 25 03:19:30 2024 by rpki-client on console-fra.rpki-client.org