Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/6141379A9E1B11EEACF75D41C4F9AE02.roa
File: 6141379A9E1B11EEACF75D41C4F9AE02.roa (raw, json)
Hash identifier: 3FUEy+2LEThEwx8uzrzA49jcsPTOyQ72dHgfTlUabfs=
Subject key identifier: EA:3F:6D:42:F3:26:6E:85:70:72:13:53:30:B1:67:E7:85:DD:3F:54
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 2835
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/6141379A9E1B11EEACF75D41C4F9AE02.roa
Signing time: Thu 28 Dec 2023 16:03:23 +0000
ROA not before: Thu 28 Dec 2023 16:03:23 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 45458
IP address blocks: 27.100.40.0/21 maxlen: 24
27.100.41.0/29 maxlen: 29
49.0.112.0/20 maxlen: 20
49.0.112.0/21 maxlen: 24
49.0.120.0/21 maxlen: 24
49.229.16.0/20 maxlen: 24
49.229.32.0/19 maxlen: 19
49.229.32.0/20 maxlen: 24
49.229.48.0/24 maxlen: 24
49.229.49.0/24 maxlen: 24
49.229.50.0/24 maxlen: 24
49.229.53.0/24 maxlen: 24
49.229.54.0/24 maxlen: 24
49.229.55.0/24 maxlen: 24
49.229.56.0/24 maxlen: 24
49.229.57.0/24 maxlen: 24
49.229.58.0/24 maxlen: 24
49.229.59.0/24 maxlen: 24
49.229.60.0/24 maxlen: 24
49.229.61.0/24 maxlen: 24
49.229.62.0/24 maxlen: 24
49.229.63.0/24 maxlen: 24
49.229.64.0/19 maxlen: 19
49.229.64.0/24 maxlen: 24
49.229.65.0/24 maxlen: 24
49.229.66.0/24 maxlen: 24
49.229.67.0/24 maxlen: 24
49.229.69.0/24 maxlen: 24
49.229.70.0/24 maxlen: 24
49.229.71.0/24 maxlen: 24
49.229.72.0/24 maxlen: 24
49.229.73.0/24 maxlen: 24
49.229.74.0/24 maxlen: 24
49.229.76.0/24 maxlen: 24
49.229.77.0/24 maxlen: 24
49.229.78.0/24 maxlen: 24
49.229.79.0/24 maxlen: 24
49.229.80.0/24 maxlen: 24
49.229.81.0/24 maxlen: 24
49.229.82.0/24 maxlen: 24
49.229.83.0/24 maxlen: 24
49.229.84.0/24 maxlen: 24
49.229.85.0/24 maxlen: 24
49.229.86.0/24 maxlen: 24
49.229.87.0/24 maxlen: 24
49.229.96.0/20 maxlen: 20
49.229.96.0/24 maxlen: 24
49.229.97.0/24 maxlen: 24
49.229.98.0/24 maxlen: 24
49.229.99.0/24 maxlen: 24
49.229.102.0/24 maxlen: 24
49.229.103.0/24 maxlen: 24
49.229.104.0/24 maxlen: 24
49.229.105.0/24 maxlen: 24
49.229.106.0/24 maxlen: 24
49.229.107.0/24 maxlen: 24
49.229.108.0/24 maxlen: 24
49.229.109.0/24 maxlen: 24
49.229.110.0/24 maxlen: 24
49.229.152.0/21 maxlen: 21
49.229.152.0/23 maxlen: 23
49.229.154.0/24 maxlen: 24
49.229.155.0/24 maxlen: 24
49.229.156.0/24 maxlen: 24
49.229.157.0/24 maxlen: 24
49.229.158.0/24 maxlen: 24
49.229.159.0/24 maxlen: 24
49.231.0.0/19 maxlen: 24
49.231.32.0/22 maxlen: 24
49.231.36.0/22 maxlen: 24
49.231.40.0/22 maxlen: 24
49.231.64.0/20 maxlen: 24
49.231.80.0/21 maxlen: 24
49.231.88.0/21 maxlen: 24
49.231.121.0/24 maxlen: 24
49.231.125.0/24 maxlen: 24
49.231.128.0/21 maxlen: 21
49.231.131.0/24 maxlen: 24
49.231.135.0/24 maxlen: 24
49.231.136.0/21 maxlen: 24
49.231.144.0/20 maxlen: 24
49.231.160.0/19 maxlen: 24
49.231.192.0/18 maxlen: 24
58.64.0.0/19 maxlen: 23
58.64.0.0/20 maxlen: 24
58.64.16.0/21 maxlen: 24
58.64.25.0/24 maxlen: 24
58.64.26.0/23 maxlen: 24
58.64.28.0/22 maxlen: 24
58.64.32.0/20 maxlen: 24
103.3.65.0/24 maxlen: 24
103.3.66.0/23 maxlen: 24
103.48.12.0/24 maxlen: 24
110.49.0.0/17 maxlen: 23
110.49.0.0/18 maxlen: 24
110.49.64.0/19 maxlen: 24
110.49.96.0/23 maxlen: 24
110.49.98.0/24 maxlen: 24
110.49.100.0/22 maxlen: 24
110.49.104.0/21 maxlen: 24
110.49.112.0/20 maxlen: 24
110.49.144.0/24 maxlen: 24
110.49.150.0/24 maxlen: 24
110.49.169.0/24 maxlen: 24
115.178.56.0/24 maxlen: 24
115.178.58.0/24 maxlen: 24
119.31.4.0/22 maxlen: 22
119.31.64.0/24 maxlen: 24
202.80.224.0/19 maxlen: 23
202.80.225.0/24 maxlen: 24
202.80.226.0/23 maxlen: 24
202.80.228.0/22 maxlen: 24
202.80.232.0/21 maxlen: 24
202.80.240.0/20 maxlen: 24
2405:9800:7::/48 maxlen: 48
2405:9800:9::/48 maxlen: 48
2405:9800:a::/48 maxlen: 48
2405:9800:9802::/48 maxlen: 48
2405:9800:9803::/48 maxlen: 48
2405:9800:9811::/48 maxlen: 48
2405:9800:c000::/36 maxlen: 47
2405:9800:c000::/37 maxlen: 48
2405:9800:c800::/40 maxlen: 48
2405:9800:c900::/45 maxlen: 48
2405:9800:c908::/46 maxlen: 48
2405:9800:c90d::/48 maxlen: 48
2405:9800:c90e::/47 maxlen: 48
2405:9800:c910::/44 maxlen: 48
2405:9800:c920::/43 maxlen: 48
2405:9800:c940::/42 maxlen: 48
2405:9800:c980::/41 maxlen: 48
2405:9800:ca00::/39 maxlen: 48
2405:9800:cc00::/38 maxlen: 48
2405:9800:d000::/36 maxlen: 48
2405:9800:f000::/36 maxlen: 36
2405:9800:f000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 13 May 2024 16:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10293 (0x2835)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Validity
Not Before: Dec 28 16:03:23 2023 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=658d9c4b-23f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:12:bc:5a:93:a6:30:a4:00:c2:e3:21:2b:ea:
51:53:9c:35:f2:cf:48:40:a5:9f:f0:d4:a8:45:91:
6d:b7:3d:bb:f9:80:24:fb:4f:af:4d:3a:ea:d8:08:
21:0a:24:aa:52:db:ec:92:65:bf:93:99:a5:ff:ea:
67:c1:cb:a8:48:4d:f9:91:48:05:10:7d:b5:60:bf:
21:ea:d0:5a:b0:5c:1f:79:49:dc:14:f3:95:5f:0e:
6e:78:a2:2b:25:1d:0f:cf:97:44:14:a7:44:f2:5e:
43:4b:9e:2b:02:e6:2d:0c:45:fd:f6:d3:51:7d:84:
ed:8d:29:e9:1f:44:22:dc:d6:d3:31:90:4e:89:73:
f5:9e:13:ea:51:96:02:05:21:c3:f3:2b:a2:07:07:
9f:95:ad:82:27:96:34:d2:52:ba:5e:c4:6f:67:f4:
4e:38:ae:66:c5:e9:ef:83:b8:9e:0e:f1:38:ff:ff:
01:5f:43:6b:af:17:3d:5a:47:c3:d7:99:ac:f5:d2:
77:9b:3a:b3:a2:14:79:0d:ff:6a:f7:5b:ab:22:f0:
88:76:03:30:c2:3f:c6:4b:5b:a8:18:5f:37:ae:45:
06:09:0e:1e:e6:bb:19:35:73:c8:3d:d3:51:aa:75:
e3:f6:ba:c2:e8:68:ec:84:11:49:f4:d5:c2:3b:c2:
9f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:3F:6D:42:F3:26:6E:85:70:72:13:53:30:B1:67:E7:85:DD:3F:54
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/6141379A9E1B11EEACF75D41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.100.40.0/21
49.0.112.0/20
49.229.16.0-49.229.111.255
49.229.152.0/21
49.231.0.0-49.231.43.255
49.231.64.0/19
49.231.121.0/24
49.231.125.0/24
49.231.128.0/17
58.64.0.0-58.64.47.255
103.3.65.0-103.3.67.255
103.48.12.0/24
110.49.0.0/17
110.49.144.0/24
110.49.150.0/24
110.49.169.0/24
115.178.56.0/24
115.178.58.0/24
119.31.4.0/22
119.31.64.0/24
202.80.224.0/19
IPv6:
2405:9800:7::/48
2405:9800:9::-2405:9800:a:ffff:ffff:ffff:ffff:ffff
2405:9800:9802::/47
2405:9800:9811::/48
2405:9800:c000::/35
2405:9800:f000::/36
Signature Algorithm: sha256WithRSAEncryption
a8:9e:fe:7c:dc:11:92:0e:97:17:57:11:3f:79:67:1c:4a:5d:
9c:54:99:7b:32:46:ab:58:6e:e5:fa:3b:a1:33:3c:a1:6a:79:
a0:19:4d:91:4a:d7:b2:40:ed:4c:02:2f:80:91:fe:ca:5c:2e:
99:ef:50:d9:30:64:db:03:b6:91:93:a3:1c:b8:62:cd:47:a0:
2e:0c:9b:63:da:05:4e:e6:03:00:0a:69:95:c3:75:84:4d:9c:
69:19:00:df:8e:90:25:63:80:20:a5:20:9d:79:5a:21:fe:90:
de:85:40:1d:f2:f4:62:1a:72:97:17:8c:73:33:53:f0:86:f4:
32:58:7d:60:1c:8d:09:f1:ba:de:ed:61:ce:3d:77:c3:d3:c2:
ff:65:47:95:80:07:44:95:6c:8f:3a:55:94:5b:12:28:2a:a8:
66:04:b3:3c:5c:0c:64:df:f1:44:9e:b0:2e:bc:2e:81:be:14:
b5:67:3f:bf:b2:e2:55:e5:4a:af:b6:c0:89:36:b3:e9:20:18:
73:3e:01:90:d2:3f:6d:27:a5:c7:66:65:9b:6f:54:6c:3a:24:
6b:ad:0a:a3:40:ea:62:f9:fb:57:97:d8:96:af:62:4a:8f:1c:
bc:50:b9:09:5b:67:eb:7f:f3:2c:f3:97:93:36:fc:f4:26:1c:
bd:53:6c:bb
-----BEGIN CERTIFICATE-----
MIIGVDCCBTygAwIBAgICKDUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjMxMjI4MTYwMzIzWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThkOWM0Yi0yM2Y5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoRK8WpOmMKQAwuMhK+pRU5w18s9IQKWf8NSoRZFttz27+YAk+0+vTTrq2Agh
CiSqUtvskmW/k5ml/+pnwcuoSE35kUgFEH21YL8h6tBasFwfeUncFPOVXw5ueKIr
JR0Pz5dEFKdE8l5DS54rAuYtDEX99tNRfYTtjSnpH0Qi3NbTMZBOiXP1nhPqUZYC
BSHD8yuiBwefla2CJ5Y00lK6XsRvZ/ROOK5mxenvg7ieDvE4//8BX0Nrrxc9WkfD
15ms9dJ3mzqzohR5Df9q91urIvCIdgMwwj/GS1uoGF83rkUGCQ4e5rsZNXPIPdNR
qnXj9rrC6GjshBFJ9NXCO8KfnQIDAQABo4IDeDCCA3QwHQYDVR0OBBYEFOo/bULz
Jm6FcHITUzCxZ+eF3T9UMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvNjE0MTM3OUE5
RTFCMTFFRUFDRjc1RDQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEABggrBgEFBQcBBwEB
/wSB8DCB7TCBowQCAAEwgZwDBAMbZCgDBAQxAHAwDAMEBDHlEAMEBDHlYAMEAzHl
mDALAwMAMecDBAIx5ygDBAUx50ADBAAx53kDBAAx530DBAcx54AwCwMDBjpAAwQE
OkAgMAwDBABnA0EDBAJnA0ADBABnMAwDBAduMQADBABuMZADBABuMZYDBABuMakD
BABzsjgDBABzsjoDBAJ3HwQDBAB3H0ADBAXKUOAwRQQCAAIwPwMHACQFmAAABzAS
AwcAJAWYAAAJAwcAJAWYAAAKAwcBJAWYAJgCAwcAJAWYAJgRAwYFJAWYAMADBgQk
BZgA8DANBgkqhkiG9w0BAQsFAAOCAQEAqJ7+fNwRkg6XF1cRP3lnHEpdnFSZezJG
q1hu5fo7oTM8oWp5oBlNkUrXskDtTAIvgJH+ylwume9Q2TBk2wO2kZOjHLhizUeg
LgybY9oFTuYDAApplcN1hE2caRkA346QJWOAIKUgnXlaIf6Q3oVAHfL0YhpylxeM
czNT8Ib0Mlh9YByNCfG63u1hzj13w9PC/2VHlYAHRJVsjzpVlFsSKCqoZgSzPFwM
ZN/xRJ6wLrwugb4UtWc/v7LiVeVKr7bAiTaz6SAYcz4BkNI/bSelx2Zlm29UbDok
a60Ko0DqYvn7V5fYlq9iSo8cvFC5CVtn63/zLPOXkzb89CYcvVNsuw==
-----END CERTIFICATE-----
Generated at Mon May 6 17:42:38 2024 by rpki-client on console-ams.rpki-client.org