Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/E4E0C13C5EBF11EAB066F050C4F9AE02.roa
File: E4E0C13C5EBF11EAB066F050C4F9AE02.roa (raw, json)
Hash identifier: bieKTo0wXKRNmPrQ3uCx3cCv+zy2+axSWTwdJZo+d9g=
Subject key identifier: 3A:36:C0:B7:EB:2F:B2:D7:66:14:DA:B2:AC:98:1F:3A:69:65:03:F0
Certificate issuer: /CN=A9145446/serialNumber=7D65EBE14C3046E73E3986957302A26E081F1AF8
Certificate serial: 278A
Authority key identifier: 7D:65:EB:E1:4C:30:46:E7:3E:39:86:95:73:02:A2:6E:08:1F:1A:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/E4E0C13C5EBF11EAB066F050C4F9AE02.roa
Signing time: Fri 22 Nov 2024 07:31:34 +0000
ROA not before: Fri 22 Nov 2024 07:31:34 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 7629
IP address blocks: 45.118.36.0/22 maxlen: 22
103.1.116.0/22 maxlen: 22
103.1.116.0/23 maxlen: 23
103.1.118.0/23 maxlen: 23
103.233.32.0/23 maxlen: 23
103.233.34.0/23 maxlen: 23
125.5.0.0/16 maxlen: 16
125.5.0.0/20 maxlen: 20
125.5.0.0/22 maxlen: 22
125.5.0.0/23 maxlen: 23
125.5.2.0/23 maxlen: 23
125.5.2.0/24 maxlen: 24
125.5.3.0/24 maxlen: 24
125.5.4.0/23 maxlen: 23
125.5.5.0/24 maxlen: 24
125.5.12.0/24 maxlen: 24
125.5.14.0/23 maxlen: 23
125.5.16.0/21 maxlen: 21
125.5.18.0/24 maxlen: 24
125.5.21.0/24 maxlen: 24
125.5.22.0/23 maxlen: 23
125.5.22.0/24 maxlen: 24
125.5.23.0/24 maxlen: 24
125.5.24.0/23 maxlen: 23
125.5.24.0/24 maxlen: 24
125.5.26.0/23 maxlen: 23
125.5.27.0/24 maxlen: 24
125.5.28.0/22 maxlen: 22
125.5.32.0/19 maxlen: 19
125.5.64.0/18 maxlen: 18
125.5.72.0/21 maxlen: 21
125.5.80.0/21 maxlen: 21
125.5.82.0/24 maxlen: 24
125.5.87.0/24 maxlen: 24
125.5.88.0/23 maxlen: 23
125.5.96.0/19 maxlen: 19
125.5.128.0/17 maxlen: 17
125.5.128.0/19 maxlen: 19
125.5.128.0/20 maxlen: 20
125.5.144.0/21 maxlen: 21
125.5.152.0/23 maxlen: 23
125.5.154.0/23 maxlen: 23
125.5.154.0/24 maxlen: 24
125.5.160.0/20 maxlen: 20
125.5.173.0/24 maxlen: 24
125.5.174.0/23 maxlen: 23
125.5.176.0/20 maxlen: 20
125.5.177.0/24 maxlen: 24
125.5.178.0/23 maxlen: 23
125.5.180.0/22 maxlen: 22
125.5.184.0/21 maxlen: 21
125.5.192.0/21 maxlen: 21
125.5.195.0/24 maxlen: 24
125.5.200.0/23 maxlen: 23
125.5.201.0/24 maxlen: 24
125.5.204.0/22 maxlen: 22
125.5.208.0/20 maxlen: 20
125.5.209.0/24 maxlen: 24
125.5.210.0/24 maxlen: 24
125.5.211.0/24 maxlen: 24
125.5.212.0/24 maxlen: 24
125.5.213.0/24 maxlen: 24
125.5.224.0/20 maxlen: 20
125.5.224.0/24 maxlen: 24
125.5.240.0/23 maxlen: 23
125.5.244.0/24 maxlen: 24
125.5.251.0/24 maxlen: 24
125.5.252.0/22 maxlen: 22
202.57.64.0/19 maxlen: 19
202.57.64.0/20 maxlen: 20
202.57.80.0/20 maxlen: 20
202.57.96.0/21 maxlen: 21
202.57.96.0/24 maxlen: 24
202.57.102.0/23 maxlen: 23
202.57.104.0/22 maxlen: 22
202.57.108.0/23 maxlen: 23
202.57.111.0/24 maxlen: 24
202.57.114.0/23 maxlen: 23
202.57.116.0/22 maxlen: 22
202.57.119.0/24 maxlen: 24
202.57.120.0/21 maxlen: 21
202.57.120.0/22 maxlen: 22
202.57.124.0/23 maxlen: 23
202.57.127.0/24 maxlen: 24
202.163.192.0/18 maxlen: 18
202.163.192.0/21 maxlen: 21
202.163.200.0/22 maxlen: 22
202.163.204.0/22 maxlen: 22
202.163.208.0/21 maxlen: 21
202.163.216.0/22 maxlen: 22
202.163.220.0/22 maxlen: 22
203.131.64.0/18 maxlen: 18
203.131.64.0/21 maxlen: 21
203.131.72.0/21 maxlen: 21
203.131.80.0/20 maxlen: 20
203.131.96.0/19 maxlen: 19
203.131.128.0/18 maxlen: 18
203.131.128.0/19 maxlen: 19
203.131.160.0/19 maxlen: 19
203.172.0.0/19 maxlen: 19
222.126.0.0/17 maxlen: 17
222.126.0.0/18 maxlen: 18
222.126.97.0/24 maxlen: 24
222.126.98.0/23 maxlen: 23
222.126.100.0/22 maxlen: 22
222.126.104.0/21 maxlen: 21
222.126.112.0/20 maxlen: 20
2404:d8::/33 maxlen: 33
2404:d8::/36 maxlen: 36
2404:d8:8000::/34 maxlen: 34
2404:d8:9000::/36 maxlen: 36
2404:d8:a000::/36 maxlen: 36
2404:d8:a001::/48 maxlen: 48
2404:d8:c000::/36 maxlen: 36
2404:d8:d000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.crl
rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 15:45:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10122 (0x278a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9145446/serialNumber=7D65EBE14C3046E73E3986957302A26E081F1AF8
Validity
Not Before: Nov 22 07:31:34 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67403356-5b6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f8:35:69:e7:2a:e4:29:29:02:4a:7f:3b:e3:
ef:8b:25:fb:ea:a7:68:ac:8d:7c:68:be:6c:23:b7:
f7:8d:cc:3c:51:11:f4:a4:f5:28:26:23:b2:ec:80:
31:fa:3b:4c:b8:82:8c:b4:57:92:0a:13:c0:5a:f6:
b9:4a:5f:27:67:d9:4e:4b:2f:b0:7b:bb:c1:0e:2f:
c9:2b:28:04:c8:24:ce:03:f4:30:c6:f2:09:9d:44:
c7:5d:f0:fd:30:d5:4e:50:5e:73:bf:c6:a4:be:28:
a4:e3:84:7d:d0:e5:a8:e3:d1:f5:bc:cf:1e:26:3b:
9b:61:7d:30:2a:2e:c0:da:01:87:6a:b0:8b:a1:d1:
ea:c3:07:a3:73:35:ea:87:07:98:8c:8c:36:8a:1d:
c4:5e:d6:4c:7e:60:79:e3:90:e1:26:d0:c5:3b:0d:
a9:96:d9:fb:34:c0:9d:bb:d1:37:c8:12:99:a7:d5:
be:ca:a7:2a:57:97:0e:20:3e:d4:78:ef:f6:e9:c1:
f1:0c:10:3c:7b:63:be:ce:b5:cb:48:96:65:c5:00:
cd:09:90:0b:82:e8:66:29:79:02:26:37:c1:06:18:
7e:ac:6c:4f:67:4e:f8:a0:c7:80:1b:6a:e7:98:a5:
9b:65:64:be:87:3b:b7:d7:d8:ea:6c:19:28:0b:10:
54:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:36:C0:B7:EB:2F:B2:D7:66:14:DA:B2:AC:98:1F:3A:69:65:03:F0
X509v3 Authority Key Identifier:
keyid:7D:65:EB:E1:4C:30:46:E7:3E:39:86:95:73:02:A2:6E:08:1F:1A:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/E4E0C13C5EBF11EAB066F050C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.36.0/22
103.1.116.0/22
103.233.32.0/22
125.5.0.0/16
202.57.64.0-202.57.109.255
202.57.111.0/24
202.57.114.0-202.57.127.255
202.163.192.0/18
203.131.64.0-203.131.191.255
203.172.0.0/19
222.126.0.0/17
IPv6:
2404:d8::-2404:d8:dfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3d:d4:26:54:27:07:ac:61:9e:27:15:28:80:05:ab:47:07:a3:
dd:87:1f:30:bc:f7:6c:33:ba:a1:03:5c:ec:b0:14:b5:2d:3d:
82:57:49:e1:c1:c0:a3:b1:87:05:53:b1:9f:41:3b:e6:61:fa:
d9:15:23:ba:fb:72:65:87:c3:e5:31:46:24:46:6c:fa:d8:cb:
9f:32:c0:83:a6:ba:71:26:48:a4:ae:69:29:46:f6:33:d2:73:
06:39:07:c2:52:5a:61:81:b0:da:6c:85:c7:b1:97:35:ca:3c:
a5:af:58:74:1a:86:d4:04:25:1b:4b:d8:4d:03:a0:bb:9d:7f:
f0:fe:16:fe:cb:c5:d5:77:e0:24:87:f6:b7:a3:14:3c:c0:4a:
ac:c0:a5:18:e6:78:4a:18:8b:67:c1:59:36:6c:95:5c:c5:dc:
79:01:54:bd:e7:11:32:67:ee:e1:31:77:c9:d1:e7:fe:97:08:
35:f5:d0:0d:9d:f2:f2:65:50:f7:4d:e8:a4:cd:dd:b1:15:7a:
27:12:ff:98:4c:c5:a7:f0:4e:2e:c0:4f:ac:70:51:c6:28:f2:
58:eb:1d:e4:80:01:8f:82:b4:bf:e1:41:22:9b:ce:21:1d:5d:
ce:bd:4f:ab:03:82:a5:4a:d1:3a:50:d0:a2:06:1c:ea:6b:2c:
d5:e8:ad:35
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgICJ4owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU0NDYxMTAvBgNVBAUTKDdENjVFQkUxNEMzMDQ2RTczRTM5ODY5NTczMDJBMjZF
MDgxRjFBRjgwHhcNMjQxMTIyMDczMTM0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQwMzM1Ni01YjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyPg1aecq5CkpAkp/O+PviyX76qdorI18aL5sI7f3jcw8URH0pPUoJiOy7IAx
+jtMuIKMtFeSChPAWva5Sl8nZ9lOSy+we7vBDi/JKygEyCTOA/QwxvIJnUTHXfD9
MNVOUF5zv8akviik44R90OWo49H1vM8eJjubYX0wKi7A2gGHarCLodHqwwejczXq
hweYjIw2ih3EXtZMfmB545DhJtDFOw2pltn7NMCdu9E3yBKZp9W+yqcqV5cOID7U
eO/26cHxDBA8e2O+zrXLSJZlxQDNCZALguhmKXkCJjfBBhh+rGxPZ074oMeAG2rn
mKWbZWS+hzu319jqbBkoCxBU/QIDAQABo4IDAjCCAv4wHQYDVR0OBBYEFDo2wLfr
L7LXZhTasqyYHzppZQPwMB8GA1UdIwQYMBaAFH1l6+FMMEbnPjmGlXMCom4IHxr4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTQ0Ni9BQ0EyRTc1QzFG
QzUxMUU1QjQ1MERENjJDNEY5QUUwMi9mV1hyNFV3d1J1Yy1PWWFWY3dLaWJnZ2ZH
dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZXWHI0VXd3UnVjLU9ZYVZjd0tpYmdnZkd2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDU0NDYvQUNBMkU3NUMxRkM1MTFFNUI0NTBERDYyQzRGOUFFMDIvRTRFMEMxM0M1
RUJGMTFFQUIwNjZGMDUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYsGCCsGAQUFBwEHAQH/
BHwwejBfBAIAATBZAwQCLXYkAwQCZwF0AwQCZ+kgAwMAfQUwDAMEBso5QAMEAco5
bAMEAMo5bzAMAwQByjlyAwQHyjkAAwQGyqPAMAwDBAbLg0ADBAbLg4ADBAXLrAAD
BAfefgAwFwQCAAIwETAPAwUDJAQA2AMGBSQEANjAMA0GCSqGSIb3DQEBCwUAA4IB
AQA91CZUJwesYZ4nFSiABatHB6Pdhx8wvPdsM7qhA1zssBS1LT2CV0nhwcCjsYcF
U7GfQTvmYfrZFSO6+3Jlh8PlMUYkRmz62MufMsCDprpxJkikrmkpRvYz0nMGOQfC
UlphgbDabIXHsZc1yjylr1h0GobUBCUbS9hNA6C7nX/w/hb+y8XVd+Akh/a3oxQ8
wEqswKUY5nhKGItnwVk2bJVcxdx5AVS95xEyZ+7hMXfJ0ef+lwg19dANnfLyZVD3
Teikzd2xFXonEv+YTMWn8E4uwE+scFHGKPJY6x3kgAGPgrS/4UEim84hHV3OvU+r
A4KlStE6UNCiBhzqayzV6K01
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:55:42 2024 by rpki-client on console-fra.rpki-client.org