Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/84559BB01D4611EDBB06705BC4F9AE02.roa
File: 84559BB01D4611EDBB06705BC4F9AE02.roa (raw, json)
Hash identifier: 0cTzS5c/6Y55wy74W4s0A+8p1h9o3kwalzmIm9vcVZ0=
Subject key identifier: 8A:3A:CC:1F:E6:BC:8D:41:C6:23:36:81:D2:4D:13:0D:02:B8:B9:C3
Certificate issuer: /CN=A91D462A/serialNumber=CF712CB389EE84DA19CA981DE630F509FF44CD45
Certificate serial: 19A0
Authority key identifier: CF:71:2C:B3:89:EE:84:DA:19:CA:98:1D:E6:30:F5:09:FF:44:CD:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/84559BB01D4611EDBB06705BC4F9AE02.roa
Signing time: Tue 13 Aug 2024 02:04:03 +0000
ROA not before: Tue 13 Aug 2024 02:04:03 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 9484
IP address blocks: 45.117.32.0/22 maxlen: 22
45.117.32.0/24 maxlen: 24
45.117.33.0/24 maxlen: 24
45.117.34.0/24 maxlen: 24
45.117.35.0/24 maxlen: 24
202.21.96.0/19 maxlen: 19
202.21.96.0/24 maxlen: 24
202.21.97.0/24 maxlen: 24
202.21.98.0/24 maxlen: 24
202.21.99.0/24 maxlen: 24
202.21.100.0/24 maxlen: 24
202.21.101.0/24 maxlen: 24
202.21.102.0/24 maxlen: 24
202.21.103.0/24 maxlen: 24
202.21.104.0/24 maxlen: 24
202.21.105.0/24 maxlen: 24
202.21.106.0/24 maxlen: 24
202.21.107.0/24 maxlen: 24
202.21.108.0/24 maxlen: 24
202.21.109.0/24 maxlen: 24
202.21.110.0/24 maxlen: 24
202.21.111.0/24 maxlen: 24
202.21.112.0/24 maxlen: 24
202.21.113.0/24 maxlen: 24
202.21.114.0/24 maxlen: 24
202.21.115.0/24 maxlen: 24
202.21.116.0/24 maxlen: 24
202.21.117.0/24 maxlen: 24
202.21.118.0/24 maxlen: 24
202.21.119.0/24 maxlen: 24
202.21.120.0/24 maxlen: 24
202.21.121.0/24 maxlen: 24
202.21.122.0/23 maxlen: 24
202.21.124.0/22 maxlen: 22
202.21.124.0/24 maxlen: 24
202.21.125.0/24 maxlen: 24
202.21.126.0/24 maxlen: 24
202.21.127.0/24 maxlen: 24
202.126.92.0/22 maxlen: 24
202.131.224.0/19 maxlen: 19
202.131.224.0/24 maxlen: 24
202.131.225.0/24 maxlen: 24
202.131.226.0/24 maxlen: 24
202.131.227.0/24 maxlen: 24
202.131.228.0/24 maxlen: 24
202.131.229.0/24 maxlen: 24
202.131.230.0/24 maxlen: 24
202.131.231.0/24 maxlen: 24
202.131.232.0/24 maxlen: 24
202.131.233.0/24 maxlen: 24
202.131.234.0/24 maxlen: 24
202.131.235.0/24 maxlen: 24
202.131.236.0/24 maxlen: 24
202.131.237.0/24 maxlen: 24
202.131.238.0/24 maxlen: 24
202.131.239.0/24 maxlen: 24
202.131.240.0/24 maxlen: 24
202.131.241.0/24 maxlen: 24
202.131.242.0/24 maxlen: 24
202.131.243.0/24 maxlen: 24
202.131.244.0/24 maxlen: 24
202.131.245.0/24 maxlen: 24
202.131.246.0/24 maxlen: 24
202.131.247.0/24 maxlen: 24
202.131.248.0/24 maxlen: 24
202.131.249.0/24 maxlen: 24
202.131.250.0/24 maxlen: 24
202.131.251.0/24 maxlen: 24
202.131.252.0/24 maxlen: 24
202.131.253.0/24 maxlen: 24
202.131.254.0/24 maxlen: 24
202.131.255.0/24 maxlen: 24
2407:6400::/32 maxlen: 48
2407:6400:400:700::/56 maxlen: 56
2407:6400:400:800::/56 maxlen: 56
2407:6400:400:900::/56 maxlen: 56
2407:6400:400:1000::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.crl
rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 15:54:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6560 (0x19a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D462A/serialNumber=CF712CB389EE84DA19CA981DE630F509FF44CD45
Validity
Not Before: Aug 13 02:04:03 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66babf13-b410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:90:a1:b0:e1:51:ba:36:e3:ad:aa:c7:b2:60:
a8:5d:19:97:51:f9:58:ca:5d:77:f8:20:b1:2e:b4:
6a:e3:9d:bc:aa:f4:44:33:99:53:cd:4c:96:0e:ac:
b1:1a:14:a8:e6:64:41:98:a7:94:6f:9d:af:4a:cb:
19:ac:96:21:b9:e0:97:8f:b6:bb:6f:c6:2c:91:46:
60:c6:c2:6b:34:19:ac:4d:3c:57:0e:60:1d:fe:be:
74:16:94:44:8c:17:5a:13:9f:4e:98:e0:12:69:48:
4b:45:08:cc:29:3d:4c:e8:c3:a2:51:37:f0:6b:84:
db:5a:67:9b:f2:57:71:bb:f7:23:1a:07:87:d1:e5:
6c:01:3e:a0:e9:22:ef:65:12:7a:94:b9:ac:8b:91:
45:90:71:81:a9:a5:58:fc:ec:22:31:1a:83:38:44:
9d:fe:a1:41:b2:43:36:c5:08:28:c1:e6:bf:d5:6b:
15:a6:9e:10:38:b8:66:d3:ca:81:fe:b1:9c:5e:d7:
4f:9a:1c:f4:7b:41:2c:31:a8:51:76:84:92:f7:54:
7d:05:d9:9c:54:e2:a3:5c:15:14:91:4c:25:5e:b6:
b9:71:5c:82:dc:08:6a:c3:7b:f5:35:4c:09:dd:4b:
a5:02:13:36:f4:2a:90:fa:b8:d3:c4:9c:1f:43:47:
5a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:3A:CC:1F:E6:BC:8D:41:C6:23:36:81:D2:4D:13:0D:02:B8:B9:C3
X509v3 Authority Key Identifier:
keyid:CF:71:2C:B3:89:EE:84:DA:19:CA:98:1D:E6:30:F5:09:FF:44:CD:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/84559BB01D4611EDBB06705BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.32.0/22
202.21.96.0/19
202.126.92.0/22
202.131.224.0/19
IPv6:
2407:6400::/32
Signature Algorithm: sha256WithRSAEncryption
bf:a9:9a:60:af:83:46:fe:5f:c6:75:08:14:ac:fd:91:fb:bc:
96:63:41:77:98:23:a3:bd:ff:c3:7e:99:0c:ef:3c:99:2b:27:
18:04:ab:ff:5a:4e:11:24:47:2d:c1:f0:e1:fb:15:b0:56:72:
24:4d:e7:d7:93:1e:b4:45:ea:6a:a4:c6:c7:9e:e7:74:1d:60:
b4:0c:57:c2:a4:de:c9:5b:73:e9:42:fc:63:39:e7:13:96:87:
7c:df:fd:68:e2:e9:7b:cf:20:15:9f:e4:85:4d:44:61:0b:02:
92:d4:4a:66:fc:5e:5e:6e:05:c6:ae:b3:f7:16:c8:e6:d3:88:
26:23:18:40:dc:f3:48:e5:0e:63:25:5d:dc:0a:91:bc:1f:27:
d5:cc:5e:e5:58:88:50:a8:79:53:7b:a5:11:e8:c0:67:89:3b:
36:c1:68:13:7e:0a:ef:e1:dc:6b:c7:9c:98:d1:a5:ec:7c:f8:
e4:eb:d8:ca:a3:8e:c8:aa:b6:16:24:59:bc:2e:35:07:10:b0:
86:7e:78:c1:d1:b7:cd:27:5a:56:f8:c8:ff:77:19:bb:c9:e8:
e2:49:6c:f2:79:7b:74:e5:24:dc:c7:39:73:26:5e:43:75:52:
87:52:95:9a:24:74:c8:59:0b:df:11:c7:3d:85:e4:48:98:d3:
a9:fd:7f:1d
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICGaAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQ2MkExMTAvBgNVBAUTKENGNzEyQ0IzODlFRTg0REExOUNBOTgxREU2MzBGNTA5
RkY0NENENDUwHhcNMjQwODEzMDIwNDAzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJhYmYxMy1iNDEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz5ChsOFRujbjrarHsmCoXRmXUflYyl13+CCxLrRq4528qvREM5lTzUyWDqyx
GhSo5mRBmKeUb52vSssZrJYhueCXj7a7b8YskUZgxsJrNBmsTTxXDmAd/r50FpRE
jBdaE59OmOASaUhLRQjMKT1M6MOiUTfwa4TbWmeb8ldxu/cjGgeH0eVsAT6g6SLv
ZRJ6lLmsi5FFkHGBqaVY/OwiMRqDOESd/qFBskM2xQgowea/1WsVpp4QOLhm08qB
/rGcXtdPmhz0e0EsMahRdoSS91R9BdmcVOKjXBUUkUwlXra5cVyC3Ahqw3v1NUwJ
3UulAhM29CqQ+rjTxJwfQ0davQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFIo6zB/m
vI1BxiM2gdJNEw0CuLnDMB8GA1UdIwQYMBaAFM9xLLOJ7oTaGcqYHeYw9Qn/RM1F
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDYyQS80Q0JEM0Y4NDUw
RDUxMUU3OTMxM0FFMTJDNEY5QUUwMi96M0VzczRudWhOb1p5cGdkNWpEMUNmOUV6
VVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ozRXNzNG51aE5vWnlwZ2Q1akQxQ2Y5RXpVVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQ2MkEvNENCRDNGODQ1MEQ1MTFFNzkzMTNBRTEyQzRGOUFFMDIvODQ1NTlCQjAx
RDQ2MTFFREJCMDY3MDVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAItdSADBAXKFWADBALKflwDBAXKg+AwDQQCAAIwBwMFACQH
ZAAwDQYJKoZIhvcNAQELBQADggEBAL+pmmCvg0b+X8Z1CBSs/ZH7vJZjQXeYI6O9
/8N+mQzvPJkrJxgEq/9aThEkRy3B8OH7FbBWciRN59eTHrRF6mqkxsee53QdYLQM
V8Kk3slbc+lC/GM55xOWh3zf/Wji6XvPIBWf5IVNRGELApLUSmb8Xl5uBcaus/cW
yObTiCYjGEDc80jlDmMlXdwKkbwfJ9XMXuVYiFCoeVN7pRHowGeJOzbBaBN+Cu/h
3GvHnJjRpex8+OTr2MqjjsiqthYkWbwuNQcQsIZ+eMHRt80nWlb4yP93GbvJ6OJJ
bPJ5e3TlJNzHOXMmXkN1UodSlZokdMhZC98Rxz2F5EiY06n9fx0=
-----END CERTIFICATE-----
Generated at Sun Nov 24 17:20:52 2024 by rpki-client on console-fra.rpki-client.org