Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/CBCB218CD86F11E9A6AF7518C4F9AE02.roa
File: CBCB218CD86F11E9A6AF7518C4F9AE02.roa (raw, json)
Hash identifier: TkAMkz1M0TvWWG1Mez/kx+WPP+q30v8bmh3WBx9Q358=
Subject key identifier: 33:87:5A:E6:6B:A8:FE:72:90:39:36:A6:4D:B1:B1:08:45:CC:38:CE
Certificate issuer: /CN=A914781A/serialNumber=4D723955243AE88D552439AF8E4E0A09C8F6590D
Certificate serial: 33EA
Authority key identifier: 4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/CBCB218CD86F11E9A6AF7518C4F9AE02.roa
Signing time: Sat 02 Mar 2024 15:21:04 +0000
ROA not before: Sat 02 Mar 2024 15:21:04 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 55423
IP address blocks: 58.82.128.0/18 maxlen: 18
58.82.128.0/21 maxlen: 24
58.82.136.0/21 maxlen: 24
58.82.144.0/21 maxlen: 24
58.82.152.0/21 maxlen: 24
58.82.160.0/20 maxlen: 20
58.82.160.0/21 maxlen: 24
58.82.168.0/21 maxlen: 24
58.82.176.0/20 maxlen: 20
58.82.176.0/21 maxlen: 24
58.82.184.0/21 maxlen: 21
58.82.184.0/24 maxlen: 24
103.247.60.0/22 maxlen: 24
182.50.80.0/22 maxlen: 22
182.50.80.0/24 maxlen: 24
182.50.83.0/24 maxlen: 24
182.50.86.0/24 maxlen: 24
182.50.88.0/22 maxlen: 22
182.50.88.0/24 maxlen: 24
203.156.119.0/24 maxlen: 24
203.156.120.0/21 maxlen: 21
2404:4a00:1::/64 maxlen: 64
2404:4a00:2::/64 maxlen: 64
2404:4a00:3::/64 maxlen: 64
2404:4a00:4::/64 maxlen: 64
2404:4a00:1000::/48 maxlen: 48
2404:4a00:2094::/48 maxlen: 48
2404:4a00:5542::/48 maxlen: 48
2404:4a00:5542:3::/64 maxlen: 64
2404:4a00:5542:3a1::/64 maxlen: 64
2404:4a00:5542:3001::/64 maxlen: 64
2404:4a00:5542:3002::/64 maxlen: 64
2404:4a00:5542:3003::/64 maxlen: 64
2404:4a00:6000::/64 maxlen: 64
2404:4a00:6500::/64 maxlen: 64
2404:4a00:6501::/64 maxlen: 64
2404:4a00:6a00::/64 maxlen: 64
2404:4a00:7000::/64 maxlen: 64
2404:4a00:7500::/64 maxlen: 64
2404:4a00:7a00::/64 maxlen: 64
2404:4a00:8000::/64 maxlen: 64
2404:4a00:8500::/64 maxlen: 64
2404:4a00:8a00::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.crl
rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 01 Jul 2024 14:52:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13290 (0x33ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914781A/serialNumber=4D723955243AE88D552439AF8E4E0A09C8F6590D
Validity
Not Before: Mar 2 15:21:04 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65e343df-b844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:a2:c0:0d:97:3c:6f:f0:84:dd:ce:61:a9:c5:
6d:f9:9f:34:0c:ee:8a:5c:d2:65:5f:bc:bf:8a:c1:
cb:c8:68:32:63:c1:82:24:36:06:a8:36:5a:f0:d6:
4a:37:69:74:00:03:48:a9:f2:4d:f0:e3:6b:26:52:
d8:80:32:d3:fb:bb:bb:51:61:df:b3:99:5d:b5:b9:
c7:eb:9a:b6:1b:98:80:ac:2a:3d:f7:51:83:7a:39:
da:71:17:7d:ee:7d:06:88:d3:28:3d:64:03:15:95:
0a:4c:4f:a6:38:27:a2:e0:31:43:d0:b4:81:de:dc:
e7:af:57:4f:87:16:5e:95:1d:6f:82:9d:14:1b:1c:
1a:9b:bb:1e:aa:48:28:bc:53:3b:f4:ab:52:34:88:
22:2a:94:14:d6:76:68:63:d5:86:f6:39:a2:43:25:
a4:d8:62:8b:52:a4:02:34:3f:97:ab:84:15:57:9e:
f7:33:ca:8c:50:59:cb:14:c9:9a:37:12:0d:4b:4d:
19:31:97:e1:88:d0:31:a7:b2:f0:f9:b5:67:1a:94:
57:ea:81:ee:f4:69:cb:dc:21:1e:1c:64:d7:10:1f:
1a:2c:a2:d5:4b:32:04:c3:0b:16:f1:2d:a5:f2:04:
e7:9d:bb:9a:da:3f:5d:fb:be:66:0e:72:73:c9:32:
d5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:87:5A:E6:6B:A8:FE:72:90:39:36:A6:4D:B1:B1:08:45:CC:38:CE
X509v3 Authority Key Identifier:
keyid:4D:72:39:55:24:3A:E8:8D:55:24:39:AF:8E:4E:0A:09:C8:F6:59:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXI5VSQ66I1VJDmvjk4KCcj2WQ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914781A/D52142701D9B11E2B821FD8908B02CD2/CBCB218CD86F11E9A6AF7518C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.82.128.0/18
103.247.60.0/22
182.50.80.0/22
182.50.86.0/24
182.50.88.0/22
203.156.119.0-203.156.127.255
IPv6:
2404:4a00:1::/64
2404:4a00:2::/64
2404:4a00:3::/64
2404:4a00:4::/64
2404:4a00:1000::/48
2404:4a00:2094::/48
2404:4a00:5542::/48
2404:4a00:6000::/64
2404:4a00:6500::/64
2404:4a00:6501::/64
2404:4a00:6a00::/64
2404:4a00:7000::/64
2404:4a00:7500::/64
2404:4a00:7a00::/64
2404:4a00:8000::/64
2404:4a00:8500::/64
2404:4a00:8a00::/64
Signature Algorithm: sha256WithRSAEncryption
4a:fa:3e:7d:28:19:59:12:b6:c1:8b:ea:4d:dc:a7:ac:0d:9e:
bc:9a:38:46:be:e1:ed:dc:57:4a:f0:2c:7e:d6:aa:4a:8e:7f:
87:b3:fa:52:9c:12:9c:82:1a:8d:22:bf:75:73:84:07:42:db:
78:66:b9:1a:d2:dd:75:ac:73:9b:89:d9:f6:48:0c:c5:24:fb:
84:2b:ac:7d:e2:12:d8:f0:db:d5:90:6f:b9:76:9f:2d:1a:a8:
19:47:41:12:be:34:70:0a:dd:bb:82:74:f7:8f:f9:c9:6a:81:
0b:79:6f:dc:5a:a7:e8:7a:d4:7d:17:20:10:bc:e6:6e:1b:f3:
b3:84:41:1f:f6:32:64:9b:3c:d1:84:a6:96:d0:18:4b:c1:31:
3b:73:be:54:ed:69:94:bf:98:4c:6d:46:2d:27:38:2e:83:eb:
c3:b6:e3:92:0d:83:5c:ba:4b:e3:7e:65:4c:ad:49:94:cb:c7:
d9:57:b8:1d:1d:35:03:38:11:33:3b:03:96:21:65:26:0d:a4:
50:1a:39:a1:97:32:54:8f:91:42:1f:5e:fd:7a:f9:c2:b5:69:
07:a5:0e:bc:1d:e4:d1:13:d3:fd:df:84:c4:27:44:c3:a2:68:
6b:31:4c:02:47:06:90:4c:10:4b:c1:22:77:6b:aa:55:82:7f:
ac:e9:25:0c
-----BEGIN CERTIFICATE-----
MIIGWjCCBUKgAwIBAgICM+owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDc4MUExMTAvBgNVBAUTKDRENzIzOTU1MjQzQUU4OEQ1NTI0MzlBRjhFNEUwQTA5
QzhGNjU5MEQwHhcNMjQwMzAyMTUyMTA0WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWUzNDNkZi1iODQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+KLADZc8b/CE3c5hqcVt+Z80DO6KXNJlX7y/isHLyGgyY8GCJDYGqDZa8NZK
N2l0AANIqfJN8ONrJlLYgDLT+7u7UWHfs5ldtbnH65q2G5iArCo991GDejnacRd9
7n0GiNMoPWQDFZUKTE+mOCei4DFD0LSB3tznr1dPhxZelR1vgp0UGxwam7seqkgo
vFM79KtSNIgiKpQU1nZoY9WG9jmiQyWk2GKLUqQCND+Xq4QVV573M8qMUFnLFMma
NxINS00ZMZfhiNAxp7Lw+bVnGpRX6oHu9GnL3CEeHGTXEB8aLKLVSzIEwwsW8S2l
8gTnnbua2j9d+75mDnJzyTLVjwIDAQABo4IDfjCCA3owHQYDVR0OBBYEFDOHWuZr
qP5ykDk2pk2xsQhFzDjOMB8GA1UdIwQYMBaAFE1yOVUkOuiNVSQ5r45OCgnI9lkN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzgxQS9ENTIxNDI3MDFE
OUIxMUUyQjgyMUZEODkwOEIwMkNEMi9UWEk1VlNRNjZJMVZKRG12ams0S0NjajJX
UTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RYSTVWU1E2NkkxVkpEbXZqazRLQ2NqMldRMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDc4MUEvRDUyMTQyNzAxRDlCMTFFMkI4MjFGRDg5MDhCMDJDRDIvQ0JDQjIxOENE
ODZGMTFFOUE2QUY3NTE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEGBggrBgEFBQcBBwEB
/wSB9jCB8zAyBAIAATAsAwQGOlKAAwQCZ/c8AwQCtjJQAwQAtjJWAwQCtjJYMAwD
BADLnHcDBAfLnAAwgbwEAgACMIG1AwkAJARKAAABAAADCQAkBEoAAAIAAAMJACQE
SgAAAwAAAwkAJARKAAAEAAADBwAkBEoAEAADBwAkBEoAIJQDBwAkBEoAVUIDCQAk
BEoAYAAAAAMJACQESgBlAAAAAwkAJARKAGUBAAADCQAkBEoAagAAAAMJACQESgBw
AAAAAwkAJARKAHUAAAADCQAkBEoAegAAAAMJACQESgCAAAAAAwkAJARKAIUAAAAD
CQAkBEoAigAAADANBgkqhkiG9w0BAQsFAAOCAQEASvo+fSgZWRK2wYvqTdynrA2e
vJo4Rr7h7dxXSvAsftaqSo5/h7P6UpwSnIIajSK/dXOEB0LbeGa5GtLddaxzm4nZ
9kgMxST7hCusfeIS2PDb1ZBvuXafLRqoGUdBEr40cArdu4J094/5yWqBC3lv3Fqn
6HrUfRcgELzmbhvzs4RBH/YyZJs80YSmltAYS8ExO3O+VO1plL+YTG1GLSc4LoPr
w7bjkg2DXLpL435lTK1JlMvH2Ve4HR01AzgRMzsDliFlJg2kUBo5oZcyVI+RQh9e
/Xr5wrVpB6UOvB3k0RPT/d+ExCdEw6JoazFMAkcGkEwQS8Eid2uqVYJ/rOklDA==
-----END CERTIFICATE-----
Generated at Mon Jun 24 16:02:20 2024 by rpki-client on console-fra.rpki-client.org