Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/E4E0C13C5EBF11EAB066F050C4F9AE02.roa
File: E4E0C13C5EBF11EAB066F050C4F9AE02.roa (raw, json)
Hash identifier: 6y4oTrnz74YauFQZzRhlX2HTfT0Ue3SVc/vvTdquy7M=
Subject key identifier: 61:D8:16:EF:53:9E:D8:7B:11:38:91:AF:64:A3:FA:7C:97:82:F5:04
Certificate issuer: /CN=A9145446/serialNumber=7D65EBE14C3046E73E3986957302A26E081F1AF8
Certificate serial: 25A1
Authority key identifier: 7D:65:EB:E1:4C:30:46:E7:3E:39:86:95:73:02:A2:6E:08:1F:1A:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/E4E0C13C5EBF11EAB066F050C4F9AE02.roa
Signing time: Fri 03 May 2024 09:50:32 +0000
ROA not before: Fri 03 May 2024 09:50:32 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 7629
IP address blocks: 45.118.36.0/22 maxlen: 22
103.1.116.0/22 maxlen: 22
103.1.116.0/23 maxlen: 23
103.1.118.0/23 maxlen: 23
103.233.34.0/23 maxlen: 23
125.5.0.0/16 maxlen: 16
125.5.0.0/20 maxlen: 20
125.5.0.0/22 maxlen: 22
125.5.0.0/23 maxlen: 23
125.5.2.0/23 maxlen: 23
125.5.2.0/24 maxlen: 24
125.5.3.0/24 maxlen: 24
125.5.4.0/23 maxlen: 23
125.5.5.0/24 maxlen: 24
125.5.12.0/24 maxlen: 24
125.5.14.0/23 maxlen: 23
125.5.16.0/21 maxlen: 21
125.5.18.0/24 maxlen: 24
125.5.21.0/24 maxlen: 24
125.5.22.0/23 maxlen: 23
125.5.22.0/24 maxlen: 24
125.5.23.0/24 maxlen: 24
125.5.24.0/23 maxlen: 23
125.5.24.0/24 maxlen: 24
125.5.26.0/23 maxlen: 23
125.5.27.0/24 maxlen: 24
125.5.28.0/22 maxlen: 22
125.5.32.0/19 maxlen: 19
125.5.64.0/18 maxlen: 18
125.5.72.0/21 maxlen: 21
125.5.80.0/21 maxlen: 21
125.5.82.0/24 maxlen: 24
125.5.87.0/24 maxlen: 24
125.5.88.0/23 maxlen: 23
125.5.96.0/19 maxlen: 19
125.5.128.0/17 maxlen: 17
125.5.128.0/19 maxlen: 19
125.5.128.0/20 maxlen: 20
125.5.144.0/21 maxlen: 21
125.5.152.0/23 maxlen: 23
125.5.154.0/23 maxlen: 23
125.5.154.0/24 maxlen: 24
125.5.160.0/20 maxlen: 20
125.5.173.0/24 maxlen: 24
125.5.174.0/23 maxlen: 23
125.5.176.0/20 maxlen: 20
125.5.177.0/24 maxlen: 24
125.5.178.0/23 maxlen: 23
125.5.180.0/22 maxlen: 22
125.5.184.0/21 maxlen: 21
125.5.192.0/21 maxlen: 21
125.5.195.0/24 maxlen: 24
125.5.200.0/23 maxlen: 23
125.5.201.0/24 maxlen: 24
125.5.204.0/22 maxlen: 22
125.5.208.0/20 maxlen: 20
125.5.209.0/24 maxlen: 24
125.5.210.0/24 maxlen: 24
125.5.211.0/24 maxlen: 24
125.5.212.0/24 maxlen: 24
125.5.213.0/24 maxlen: 24
125.5.224.0/20 maxlen: 20
125.5.224.0/24 maxlen: 24
125.5.240.0/23 maxlen: 23
125.5.244.0/24 maxlen: 24
125.5.251.0/24 maxlen: 24
125.5.252.0/22 maxlen: 22
202.57.64.0/20 maxlen: 20
202.57.80.0/20 maxlen: 20
202.57.96.0/21 maxlen: 21
202.57.96.0/24 maxlen: 24
202.57.102.0/23 maxlen: 23
202.57.104.0/22 maxlen: 22
202.57.111.0/24 maxlen: 24
202.57.114.0/23 maxlen: 23
202.57.116.0/22 maxlen: 22
202.57.119.0/24 maxlen: 24
202.57.120.0/22 maxlen: 22
202.57.124.0/23 maxlen: 23
202.57.127.0/24 maxlen: 24
202.163.192.0/18 maxlen: 18
202.163.192.0/21 maxlen: 21
202.163.200.0/22 maxlen: 22
202.163.204.0/22 maxlen: 22
202.163.208.0/21 maxlen: 21
202.163.216.0/22 maxlen: 22
202.163.220.0/22 maxlen: 22
203.131.64.0/18 maxlen: 18
203.131.64.0/21 maxlen: 21
203.131.72.0/21 maxlen: 21
203.131.80.0/20 maxlen: 20
203.131.96.0/19 maxlen: 19
203.131.128.0/18 maxlen: 18
203.131.128.0/19 maxlen: 19
203.131.160.0/19 maxlen: 19
203.172.0.0/19 maxlen: 19
222.126.0.0/17 maxlen: 17
222.126.0.0/18 maxlen: 18
222.126.97.0/24 maxlen: 24
222.126.98.0/23 maxlen: 23
222.126.100.0/22 maxlen: 22
222.126.104.0/21 maxlen: 21
222.126.112.0/20 maxlen: 20
2404:d8::/33 maxlen: 33
2404:d8::/36 maxlen: 36
2404:d8:8000::/34 maxlen: 34
2404:d8:a000::/36 maxlen: 36
2404:d8:c000::/36 maxlen: 36
2404:d8:d000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.crl
rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 16:11:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9633 (0x25a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9145446/serialNumber=7D65EBE14C3046E73E3986957302A26E081F1AF8
Validity
Not Before: May 3 09:50:32 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=6634b368-ff45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1a:7a:85:56:ae:9e:02:e1:90:43:8a:bd:f4:
f2:3a:19:95:fb:3f:d5:ad:fa:4e:61:88:27:94:8e:
b6:cb:cd:aa:c7:10:ce:9d:61:de:79:32:53:24:30:
f6:ba:4c:10:62:97:21:9d:95:d2:d7:f0:c8:14:14:
51:ff:5f:41:c8:b9:a8:75:3b:45:de:85:60:d9:8b:
14:78:b3:b6:43:08:be:21:bf:58:81:6c:3a:3a:1c:
a3:d0:35:ed:66:33:03:6c:f4:93:e1:15:25:45:d6:
e5:08:97:3a:a0:8d:7b:61:68:d3:d0:e6:1f:ee:85:
91:df:f0:39:f2:07:a8:16:2a:e9:52:e6:2a:56:a2:
b9:52:32:94:38:a0:bf:70:4c:25:74:f7:c9:36:5a:
44:0f:04:b4:dc:7f:99:5d:22:89:52:d9:f6:33:3c:
8e:07:ec:dd:82:99:95:52:b2:f8:18:a8:f1:d0:21:
ce:6e:1d:80:9e:e5:93:c4:6f:f6:50:e3:1f:43:04:
cc:9e:e2:a7:22:93:ab:e9:0c:8e:91:78:6b:96:b1:
73:ae:b5:97:32:a6:15:03:c3:7a:0d:d4:76:26:18:
87:a7:09:50:a4:6d:a9:69:76:89:01:78:1b:fe:dd:
cd:ec:1c:29:f3:c1:46:1c:ef:67:fb:8e:48:68:92:
c9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D8:16:EF:53:9E:D8:7B:11:38:91:AF:64:A3:FA:7C:97:82:F5:04
X509v3 Authority Key Identifier:
keyid:7D:65:EB:E1:4C:30:46:E7:3E:39:86:95:73:02:A2:6E:08:1F:1A:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/fWXr4UwwRuc-OYaVcwKibggfGvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWXr4UwwRuc-OYaVcwKibggfGvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9145446/ACA2E75C1FC511E5B450DD62C4F9AE02/E4E0C13C5EBF11EAB066F050C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.36.0/22
103.1.116.0/22
103.233.34.0/23
125.5.0.0/16
202.57.64.0-202.57.107.255
202.57.111.0/24
202.57.114.0-202.57.125.255
202.57.127.0/24
202.163.192.0/18
203.131.64.0-203.131.191.255
203.172.0.0/19
222.126.0.0/17
IPv6:
2404:d8::-2404:d8:dfff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
81:48:af:12:47:6b:ac:b4:24:69:f2:9d:31:d7:13:ec:41:94:
75:f7:b8:37:23:03:f0:51:d9:ee:d4:72:2b:67:06:2e:6f:08:
99:f1:03:7c:7a:b9:9c:a8:bd:4f:ea:71:89:f5:ee:94:61:4d:
6e:5d:3e:6a:e3:f4:38:a8:2f:49:05:d6:2b:f7:f2:5a:2b:23:
c1:7e:d2:4a:fb:9b:d9:e6:07:8d:d0:07:97:b8:d5:ba:0a:06:
d6:70:13:75:80:90:3a:ee:42:3d:c1:df:4f:cc:46:15:c4:ba:
9b:11:67:f2:04:d1:46:9c:1d:c1:3e:5f:03:32:90:f9:ce:12:
73:ca:a6:7d:97:ef:df:ea:47:2d:27:81:d7:af:10:d4:72:a9:
2e:82:cd:87:af:91:41:80:15:8a:93:93:0c:10:22:6e:54:22:
c1:d3:38:5a:20:4e:d0:79:72:91:96:95:85:f3:92:6b:62:49:
c3:d8:36:58:10:fd:f5:35:fb:da:a2:7a:9f:27:0f:03:03:36:
86:7e:51:b2:1a:01:ab:f7:35:e7:89:66:57:39:98:da:9d:65:
c3:90:33:95:16:1f:15:78:61:82:78:5e:66:58:70:47:b2:3e:
97:ca:45:30:a0:a7:16:9a:0b:5d:c1:fa:ad:30:d0:0e:a4:3b:
a6:82:69:79
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgICJaEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDU0NDYxMTAvBgNVBAUTKDdENjVFQkUxNEMzMDQ2RTczRTM5ODY5NTczMDJBMjZF
MDgxRjFBRjgwHhcNMjQwNTAzMDk1MDMyWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM0YjM2OC1mZjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmhp6hVaungLhkEOKvfTyOhmV+z/VrfpOYYgnlI62y82qxxDOnWHeeTJTJDD2
ukwQYpchnZXS1/DIFBRR/19ByLmodTtF3oVg2YsUeLO2Qwi+Ib9YgWw6Ohyj0DXt
ZjMDbPST4RUlRdblCJc6oI17YWjT0OYf7oWR3/A58geoFirpUuYqVqK5UjKUOKC/
cEwldPfJNlpEDwS03H+ZXSKJUtn2MzyOB+zdgpmVUrL4GKjx0CHObh2AnuWTxG/2
UOMfQwTMnuKnIpOr6QyOkXhrlrFzrrWXMqYVA8N6DdR2JhiHpwlQpG2paXaJAXgb
/t3N7Bwp88FGHO9n+45IaJLJCQIDAQABo4IDCjCCAwYwHQYDVR0OBBYEFGHYFu9T
nth7ETiRr2Sj+nyXgvUEMB8GA1UdIwQYMBaAFH1l6+FMMEbnPjmGlXMCom4IHxr4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NTQ0Ni9BQ0EyRTc1QzFG
QzUxMUU1QjQ1MERENjJDNEY5QUUwMi9mV1hyNFV3d1J1Yy1PWWFWY3dLaWJnZ2ZH
dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZXWHI0VXd3UnVjLU9ZYVZjd0tpYmdnZkd2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDU0NDYvQUNBMkU3NUMxRkM1MTFFNUI0NTBERDYyQzRGOUFFMDIvRTRFMEMxM0M1
RUJGMTFFQUIwNjZGMDUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZMGCCsGAQUFBwEHAQH/
BIGDMIGAMGUEAgABMF8DBAItdiQDBAJnAXQDBAFn6SIDAwB9BTAMAwQGyjlAAwQC
yjloAwQAyjlvMAwDBAHKOXIDBAHKOXwDBADKOX8DBAbKo8AwDAMEBsuDQAMEBsuD
gAMEBcusAAMEB95+ADAXBAIAAjARMA8DBQMkBADYAwYFJAQA2MAwDQYJKoZIhvcN
AQELBQADggEBAIFIrxJHa6y0JGnynTHXE+xBlHX3uDcjA/BR2e7UcitnBi5vCJnx
A3x6uZyovU/qcYn17pRhTW5dPmrj9DioL0kF1iv38lorI8F+0kr7m9nmB43QB5e4
1boKBtZwE3WAkDruQj3B30/MRhXEupsRZ/IE0UacHcE+XwMykPnOEnPKpn2X79/q
Ry0ngdevENRyqS6CzYevkUGAFYqTkwwQIm5UIsHTOFogTtB5cpGWlYXzkmtiScPY
NlgQ/fU1+9qiep8nDwMDNoZ+UbIaAav3NeeJZlc5mNqdZcOQM5UWHxV4YYJ4XmZY
cEeyPpfKRTCgpxaaC13B+q0w0A6kO6aCaXk=
-----END CERTIFICATE-----
Generated at Thu May 16 18:26:03 2024 by rpki-client on console-fra.rpki-client.org