Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/CBCB218CD86F11E9A6AF7518C4F9AE02.roa
File: CBCB218CD86F11E9A6AF7518C4F9AE02.roa (raw, json)
Hash identifier: WVohVyvw2E4AK7O1Wwq2KYMAQT38Mu+u1YSlIgQx2Cc=
Subject key identifier: 91:D7:50:18:EA:22:8E:C5:D0:3E:D3:67:DD:C0:98:20:8C:C1:66:62
Certificate issuer: /CN=A914781A/serialNumber=4D723955243AE88D552439AF8E4E0A09C8F6590D
Certificate serial: 3442
Authority key identifier: 4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/CBCB218CD86F11E9A6AF7518C4F9AE02.roa
Signing time: Tue 06 Aug 2024 06:41:04 +0000
ROA not before: Tue 06 Aug 2024 06:41:04 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 55423
IP address blocks: 58.82.128.0/18 maxlen: 18
58.82.128.0/21 maxlen: 24
58.82.136.0/21 maxlen: 24
58.82.144.0/21 maxlen: 24
58.82.152.0/21 maxlen: 24
58.82.160.0/20 maxlen: 20
58.82.160.0/21 maxlen: 24
58.82.168.0/21 maxlen: 24
58.82.176.0/20 maxlen: 20
58.82.176.0/21 maxlen: 24
58.82.184.0/21 maxlen: 21
58.82.184.0/24 maxlen: 24
103.247.60.0/22 maxlen: 24
182.50.80.0/22 maxlen: 22
182.50.80.0/24 maxlen: 24
182.50.83.0/24 maxlen: 24
182.50.86.0/24 maxlen: 24
182.50.88.0/22 maxlen: 22
182.50.88.0/24 maxlen: 24
203.130.152.0/24 maxlen: 24
203.156.119.0/24 maxlen: 24
203.156.120.0/21 maxlen: 21
2404:4a00:1::/64 maxlen: 64
2404:4a00:2::/64 maxlen: 64
2404:4a00:3::/64 maxlen: 64
2404:4a00:4::/64 maxlen: 64
2404:4a00:1000::/48 maxlen: 48
2404:4a00:2094::/48 maxlen: 48
2404:4a00:5542::/48 maxlen: 48
2404:4a00:5542:3::/64 maxlen: 64
2404:4a00:5542:3a1::/64 maxlen: 64
2404:4a00:5542:3001::/64 maxlen: 64
2404:4a00:5542:3002::/64 maxlen: 64
2404:4a00:5542:3003::/64 maxlen: 64
2404:4a00:6000::/64 maxlen: 64
2404:4a00:6500::/64 maxlen: 64
2404:4a00:6501::/64 maxlen: 64
2404:4a00:6a00::/64 maxlen: 64
2404:4a00:7000::/64 maxlen: 64
2404:4a00:7500::/64 maxlen: 64
2404:4a00:7a00::/64 maxlen: 64
2404:4a00:8000::/64 maxlen: 64
2404:4a00:8500::/64 maxlen: 64
2404:4a00:8a00::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.crl
rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:58:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13378 (0x3442)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914781A/serialNumber=4D723955243AE88D552439AF8E4E0A09C8F6590D
Validity
Not Before: Aug 6 06:41:04 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=66b1c580-82eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ef:d0:5c:3b:53:fa:21:04:de:b0:2f:40:cf:
34:c4:18:5f:7d:42:e2:18:42:29:e4:a4:ad:6e:8f:
85:8b:ce:cc:aa:7f:fa:4f:8a:6b:fa:7b:0f:a3:fd:
9c:ee:cd:34:98:53:b9:e2:35:8d:84:4e:07:e2:09:
38:1d:1a:63:1f:b3:55:5f:c7:2f:d5:1e:74:a7:a8:
f7:ab:9d:dd:35:e5:8d:29:38:0f:75:e3:37:76:ab:
75:06:41:e2:83:c8:82:4d:e1:f8:f0:79:e6:79:17:
d7:44:75:db:f5:18:bb:8c:39:32:d3:32:d2:a4:93:
81:ed:5c:b2:47:d1:29:91:52:75:5d:96:08:95:60:
3a:76:b9:f8:fe:75:c6:71:6a:8b:9c:9c:10:46:2f:
cf:1a:0d:e1:ad:83:fc:47:3d:5d:bd:7b:66:0b:a9:
09:13:20:81:b9:f3:3e:43:b5:2e:a8:0c:c9:39:54:
63:c6:28:05:60:6e:52:bd:55:93:cf:38:88:df:cc:
ce:92:54:72:77:a1:21:c4:52:04:b4:c2:51:9f:88:
64:2a:be:02:1d:31:b4:75:d6:56:d9:ad:05:8c:a9:
ed:43:fb:70:3a:66:a7:5a:bc:e9:a3:0a:09:3d:35:
aa:6a:8c:7d:d4:c3:2e:41:40:6d:91:81:0c:6e:30:
ed:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D7:50:18:EA:22:8E:C5:D0:3E:D3:67:DD:C0:98:20:8C:C1:66:62
X509v3 Authority Key Identifier:
keyid:4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/CBCB218CD86F11E9A6AF7518C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.82.128.0/18
103.247.60.0/22
182.50.80.0/22
182.50.86.0/24
182.50.88.0/22
203.130.152.0/24
203.156.119.0-203.156.127.255
IPv6:
2404:4a00:1::/64
2404:4a00:2::/64
2404:4a00:3::/64
2404:4a00:4::/64
2404:4a00:1000::/48
2404:4a00:2094::/48
2404:4a00:5542::/48
2404:4a00:6000::/64
2404:4a00:6500::/64
2404:4a00:6501::/64
2404:4a00:6a00::/64
2404:4a00:7000::/64
2404:4a00:7500::/64
2404:4a00:7a00::/64
2404:4a00:8000::/64
2404:4a00:8500::/64
2404:4a00:8a00::/64
Signature Algorithm: sha256WithRSAEncryption
26:62:d1:75:52:13:b0:b7:d6:65:41:b3:99:88:61:d0:b2:0e:
43:b1:48:e0:fe:e3:7f:d3:ab:ce:22:66:fa:a8:8b:fb:5f:39:
93:23:ac:12:f0:7b:f0:57:0a:61:97:90:38:39:56:a9:99:f2:
b9:1e:24:47:77:f7:5b:81:f7:59:e3:3f:d2:15:3c:1f:05:8b:
2e:d3:39:13:a4:f0:24:31:07:3a:58:d2:84:30:62:ab:75:ec:
0d:ba:f5:62:c9:4c:9d:a6:6e:9b:c8:ed:e8:aa:3f:0a:5b:31:
19:dc:26:15:b4:cb:c7:69:28:05:fa:89:b7:d9:4e:de:6b:a4:
06:96:17:5a:73:46:9e:62:6d:01:0d:fc:ec:2f:27:d9:91:36:
de:a0:96:eb:79:cc:48:d8:44:44:ad:c7:0e:d8:42:3a:fd:5f:
f5:77:c9:cc:37:7d:ae:f8:d7:18:3a:a4:31:01:72:4b:57:97:
ac:0e:78:1e:ee:2d:67:4a:bf:e9:6d:f6:6c:ae:90:ee:f9:25:
f1:f6:f9:34:3c:a2:a1:21:ca:f0:ad:54:48:70:21:65:57:37:
11:03:e3:ae:3f:ba:1a:53:a6:0a:67:19:a0:b2:37:0c:24:cb:
e1:d2:83:90:3b:3b:09:33:ad:9f:4f:e0:3c:da:b1:c4:b6:99:
75:f2:f2:3f
-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgICNEIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc4MUExMTAvBgNVBAUTKDRENzIzOTU1MjQzQUU4OEQ1NTI0MzlBRjhFNEUwQTA5
QzhGNjU5MEQwHhcNMjQwODA2MDY0MTA0WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIxYzU4MC04MmViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAre/QXDtT+iEE3rAvQM80xBhffULiGEIp5KStbo+Fi87Mqn/6T4pr+nsPo/2c
7s00mFO54jWNhE4H4gk4HRpjH7NVX8cv1R50p6j3q53dNeWNKTgPdeM3dqt1BkHi
g8iCTeH48HnmeRfXRHXb9Ri7jDky0zLSpJOB7VyyR9EpkVJ1XZYIlWA6drn4/nXG
cWqLnJwQRi/PGg3hrYP8Rz1dvXtmC6kJEyCBufM+Q7UuqAzJOVRjxigFYG5SvVWT
zziI38zOklRyd6EhxFIEtMJRn4hkKr4CHTG0ddZW2a0FjKntQ/twOmanWrzpowoJ
PTWqaox91MMuQUBtkYEMbjDtKwIDAQABo4IDhDCCA4AwHQYDVR0OBBYEFJHXUBjq
Io7F0D7TZ93AmCCMwWZiMB8GA1UdIwQYMBaAFE1yOVUkOuiNVSQ5r45OCgnI9lkN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzgxQS9ENTIxNDI3MDFE
OUIxMUUyQjgyMUZEODkwOEIwMkNEMi9UWEk1VlNRNjZJMVZKRG12ams0S0NjajJX
UTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RYSTVWU1E2NkkxVkpEbXZqazRLQ2NqMldRMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc4MUEvRDUyMTQyNzAxRDlCMTFFMkI4MjFGRDg5MDhCMDJDRDIvQ0JDQjIxOENE
ODZGMTFFOUE2QUY3NTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEMBggrBgEFBQcBBwEB
/wSB/DCB+TA4BAIAATAyAwQGOlKAAwQCZ/c8AwQCtjJQAwQAtjJWAwQCtjJYAwQA
y4KYMAwDBADLnHcDBAfLnAAwgbwEAgACMIG1AwkAJARKAAABAAADCQAkBEoAAAIA
AAMJACQESgAAAwAAAwkAJARKAAAEAAADBwAkBEoAEAADBwAkBEoAIJQDBwAkBEoA
VUIDCQAkBEoAYAAAAAMJACQESgBlAAAAAwkAJARKAGUBAAADCQAkBEoAagAAAAMJ
ACQESgBwAAAAAwkAJARKAHUAAAADCQAkBEoAegAAAAMJACQESgCAAAAAAwkAJARK
AIUAAAADCQAkBEoAigAAADANBgkqhkiG9w0BAQsFAAOCAQEAJmLRdVITsLfWZUGz
mYhh0LIOQ7FI4P7jf9OrziJm+qiL+185kyOsEvB78FcKYZeQODlWqZnyuR4kR3f3
W4H3WeM/0hU8HwWLLtM5E6TwJDEHOljShDBiq3XsDbr1YslMnaZum8jt6Ko/Clsx
GdwmFbTLx2koBfqJt9lO3mukBpYXWnNGnmJtAQ387C8n2ZE23qCW63nMSNhERK3H
DthCOv1f9XfJzDd9rvjXGDqkMQFyS1eXrA54Hu4tZ0q/6W32bK6Q7vkl8fb5NDyi
oSHK8K1USHAhZVc3EQPjrj+6GlOmCmcZoLI3DCTL4dKDkDs7CTOtn0/gPNqxxLaZ
dfLyPw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:55:43 2024 by rpki-client on console-fra.rpki-client.org