Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/283A4D20174911EC896AD61BC4F9AE02.roa
File: 283A4D20174911EC896AD61BC4F9AE02.roa (raw, json)
Hash identifier: FPSQ8p1kwZ3vXAQbffUHxGVHKyRBni/t9uDlhC1ac7I=
Subject key identifier: AD:84:8E:80:0F:C6:EF:57:0F:2B:9A:F4:6C:22:5B:70:AA:8B:47:48
Certificate issuer: /CN=A91514B1/serialNumber=6171432D5594CB3F608D3BE0F52600BBEC46E5FB
Certificate serial: 053D
Authority key identifier: 61:71:43:2D:55:94:CB:3F:60:8D:3B:E0:F5:26:00:BB:EC:46:E5:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/283A4D20174911EC896AD61BC4F9AE02.roa
Signing time: Tue 03 Sep 2024 01:15:01 +0000
ROA not before: Tue 03 Sep 2024 01:15:01 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 7474
IP address blocks: 1.44.0.0/16 maxlen: 16
59.154.0.0/16 maxlen: 16
59.154.122.0/23 maxlen: 23
59.154.173.0/24 maxlen: 24
59.154.180.0/24 maxlen: 24
59.154.235.0/24 maxlen: 24
59.154.236.0/22 maxlen: 22
59.154.241.0/24 maxlen: 24
59.154.242.0/23 maxlen: 23
59.154.252.0/23 maxlen: 23
59.154.254.0/24 maxlen: 24
61.88.0.0/17 maxlen: 17
61.88.14.0/24 maxlen: 24
61.88.46.0/24 maxlen: 24
61.88.47.0/24 maxlen: 24
61.88.52.0/24 maxlen: 24
61.88.53.0/24 maxlen: 24
61.88.55.0/24 maxlen: 24
61.88.57.0/24 maxlen: 24
61.88.60.0/24 maxlen: 24
61.88.62.0/24 maxlen: 24
61.88.65.0/24 maxlen: 24
61.88.116.0/24 maxlen: 24
61.88.128.0/18 maxlen: 18
61.88.157.0/24 maxlen: 24
61.88.192.0/20 maxlen: 20
61.88.208.0/21 maxlen: 21
61.88.216.0/22 maxlen: 22
61.88.228.0/24 maxlen: 24
61.88.229.0/24 maxlen: 24
61.88.230.0/24 maxlen: 24
61.88.232.0/24 maxlen: 24
61.88.233.0/24 maxlen: 24
61.88.234.0/24 maxlen: 24
61.88.235.0/24 maxlen: 24
61.88.253.0/24 maxlen: 24
61.88.254.0/23 maxlen: 23
119.225.0.0/16 maxlen: 16
124.19.0.0/17 maxlen: 17
124.19.72.0/24 maxlen: 24
124.19.76.0/22 maxlen: 22
124.19.84.0/22 maxlen: 22
124.19.88.0/21 maxlen: 21
124.19.96.0/24 maxlen: 24
124.19.97.0/24 maxlen: 24
125.63.128.0/17 maxlen: 17
202.139.0.0/17 maxlen: 17
202.139.4.0/24 maxlen: 24
202.139.5.0/24 maxlen: 24
202.139.8.0/22 maxlen: 22
202.139.12.0/22 maxlen: 22
202.139.24.0/24 maxlen: 24
202.139.25.0/24 maxlen: 24
202.139.28.0/24 maxlen: 24
202.139.29.0/24 maxlen: 24
202.139.30.0/24 maxlen: 24
202.139.31.0/24 maxlen: 24
202.139.34.0/24 maxlen: 24
202.139.35.0/24 maxlen: 24
202.139.36.0/24 maxlen: 24
202.139.37.0/24 maxlen: 24
202.139.38.0/24 maxlen: 24
202.139.44.0/24 maxlen: 24
202.139.45.0/24 maxlen: 24
202.139.60.0/24 maxlen: 24
202.139.61.0/24 maxlen: 24
202.139.62.0/24 maxlen: 24
202.139.64.0/24 maxlen: 24
202.139.82.0/24 maxlen: 24
202.139.102.0/24 maxlen: 24
202.139.113.0/24 maxlen: 24
202.139.128.0/18 maxlen: 18
202.139.142.0/24 maxlen: 24
202.139.143.0/24 maxlen: 24
202.139.148.0/24 maxlen: 24
202.139.154.0/24 maxlen: 24
202.139.155.0/24 maxlen: 24
202.139.156.0/24 maxlen: 24
202.139.157.0/24 maxlen: 24
202.139.159.0/24 maxlen: 24
202.139.160.0/24 maxlen: 24
202.139.164.0/24 maxlen: 24
202.139.175.0/24 maxlen: 24
202.139.176.0/24 maxlen: 24
202.139.180.0/24 maxlen: 24
202.139.183.0/24 maxlen: 24
202.139.184.0/24 maxlen: 24
202.139.185.0/24 maxlen: 24
202.139.188.0/24 maxlen: 24
202.139.189.0/24 maxlen: 24
203.13.96.0/24 maxlen: 24
203.13.98.0/24 maxlen: 24
203.13.123.0/24 maxlen: 24
203.13.125.0/24 maxlen: 24
203.13.126.0/24 maxlen: 24
203.13.127.0/24 maxlen: 24
203.13.128.0/24 maxlen: 24
203.13.129.0/24 maxlen: 24
203.13.133.0/24 maxlen: 24
203.13.134.0/24 maxlen: 24
203.202.0.0/17 maxlen: 17
203.202.60.0/24 maxlen: 24
203.202.61.0/24 maxlen: 24
203.202.62.0/24 maxlen: 24
203.202.63.0/24 maxlen: 24
203.202.66.0/24 maxlen: 24
203.202.67.0/24 maxlen: 24
203.202.104.0/24 maxlen: 24
203.202.105.0/24 maxlen: 24
203.202.110.0/24 maxlen: 24
203.202.111.0/24 maxlen: 24
203.202.112.0/24 maxlen: 24
203.202.113.0/24 maxlen: 24
203.202.114.0/24 maxlen: 24
203.202.117.0/24 maxlen: 24
203.202.118.0/24 maxlen: 24
203.202.121.0/24 maxlen: 24
203.202.122.0/24 maxlen: 24
203.202.128.0/18 maxlen: 18
203.202.128.0/24 maxlen: 24
203.202.157.0/24 maxlen: 24
203.202.164.0/24 maxlen: 24
203.202.165.0/24 maxlen: 24
203.202.166.0/24 maxlen: 24
203.202.167.0/24 maxlen: 24
203.202.174.0/24 maxlen: 24
203.202.175.0/24 maxlen: 24
203.202.176.0/22 maxlen: 22
203.202.183.0/24 maxlen: 24
203.202.190.0/24 maxlen: 24
203.202.191.0/24 maxlen: 24
210.0.0.0/24 maxlen: 24
220.101.0.0/17 maxlen: 17
2405:9000::/32 maxlen: 32
2405:9000:a::/48 maxlen: 48
2405:9000:203::/48 maxlen: 48
2405:9000:207::/48 maxlen: 48
2405:9000:3440::/48 maxlen: 48
2405:9000:4900::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.crl
rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 20:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1341 (0x53d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91514B1/serialNumber=6171432D5594CB3F608D3BE0F52600BBEC46E5FB
Validity
Not Before: Sep 3 01:15:01 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d66315-b66a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1f:65:cb:6d:cb:89:38:1f:3e:93:55:8e:6a:
e8:38:d5:65:1e:ad:b2:fe:d6:e2:60:29:c1:b8:d1:
81:62:33:5f:67:0e:51:4d:a9:21:93:02:07:01:3c:
93:4e:78:25:0e:0c:22:88:16:d1:c1:93:6a:c5:f7:
9a:35:2e:28:8b:34:12:bf:a8:b4:9a:e8:86:67:04:
46:dd:64:9d:b5:17:08:b1:10:54:7b:06:d8:e4:89:
c4:46:38:a8:7f:bf:c7:b7:3c:d9:6c:e9:9b:7e:86:
25:49:64:41:cc:b5:b0:14:7a:27:a6:33:19:ab:bf:
a7:9d:14:df:5a:7b:d6:df:50:b6:ac:ca:01:44:df:
97:85:b8:21:3a:fe:3b:f2:4e:63:4b:a4:7d:64:f7:
63:20:47:0c:04:ee:dd:54:a7:02:ea:a8:0a:42:b9:
d5:3d:64:ea:02:97:c3:a1:e2:94:a1:c8:b0:27:ec:
e5:ae:cc:01:75:aa:15:82:b9:84:47:25:42:c2:2d:
8e:60:60:54:45:5d:29:88:f1:c9:68:c6:bf:70:5f:
5e:f8:14:40:db:5d:c7:d8:38:da:dd:97:67:40:dd:
73:3d:49:c6:e8:5f:a4:64:f9:f1:1c:c7:b0:94:01:
53:34:e4:4c:41:4e:cd:46:c6:f3:ca:f7:de:2d:db:
c4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:84:8E:80:0F:C6:EF:57:0F:2B:9A:F4:6C:22:5B:70:AA:8B:47:48
X509v3 Authority Key Identifier:
keyid:61:71:43:2D:55:94:CB:3F:60:8D:3B:E0:F5:26:00:BB:EC:46:E5:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/YXFDLVWUyz9gjTvg9SYAu-xG5fs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YXFDLVWUyz9gjTvg9SYAu-xG5fs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91514B1/84189226FBE411EB82B6264FC4F9AE02/283A4D20174911EC896AD61BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.44.0.0/16
59.154.0.0/16
61.88.0.0-61.88.219.255
61.88.228.0-61.88.230.255
61.88.232.0/22
61.88.253.0-61.88.255.255
119.225.0.0/16
124.19.0.0/17
125.63.128.0/17
202.139.0.0-202.139.191.255
203.13.96.0/24
203.13.98.0/24
203.13.123.0/24
203.13.125.0-203.13.129.255
203.13.133.0-203.13.134.255
203.202.0.0-203.202.191.255
210.0.0.0/24
220.101.0.0/17
IPv6:
2405:9000::/32
Signature Algorithm: sha256WithRSAEncryption
55:05:7b:d8:bf:38:4d:ca:8a:90:64:7d:41:e5:4c:bc:c4:a8:
58:ef:c1:35:7e:06:ea:b0:86:4b:2a:6b:2a:d2:62:9e:0c:17:
a5:e1:98:9f:df:59:0a:ca:2d:63:e1:18:56:a3:8c:39:7e:ca:
19:26:c4:eb:bf:8d:46:f2:95:6e:b6:19:57:52:ce:f7:90:58:
b9:b2:59:e0:73:a8:13:66:a7:f4:e4:85:6c:5f:89:31:14:5b:
8b:32:18:6b:46:80:42:23:ba:b3:4c:f6:4f:14:a7:39:13:5b:
37:87:ca:22:72:c2:b2:94:c5:fc:74:19:89:08:9a:54:a7:e9:
45:c0:a5:65:91:45:54:a4:c5:0d:a7:80:d7:10:2e:4e:4e:bc:
17:52:37:8f:f4:83:57:95:23:37:95:bc:86:5d:da:58:e7:92:
d5:b1:01:a8:d0:26:5d:01:16:ec:9c:cc:f5:8a:09:d9:95:d2:
72:df:bd:cf:0d:76:4f:c0:c7:4d:70:52:9f:9b:10:d3:fe:d7:
24:11:71:ae:82:49:e3:3f:cc:14:d3:81:28:2e:12:af:6f:b5:
70:ba:ee:34:50:d2:db:cd:7b:c6:7f:79:7e:87:c0:ff:2b:e5:
9d:09:a2:65:28:b3:31:e4:05:db:94:1c:54:5e:f6:e5:a3:26:
21:82:22:32
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgICBT0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTE0QjExMTAvBgNVBAUTKDYxNzE0MzJENTU5NENCM0Y2MDhEM0JFMEY1MjYwMEJC
RUM0NkU1RkIwHhcNMjQwOTAzMDExNTAxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ2NjMxNS1iNjZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzB9ly23LiTgfPpNVjmroONVlHq2y/tbiYCnBuNGBYjNfZw5RTakhkwIHATyT
TnglDgwiiBbRwZNqxfeaNS4oizQSv6i0muiGZwRG3WSdtRcIsRBUewbY5InERjio
f7/HtzzZbOmbfoYlSWRBzLWwFHonpjMZq7+nnRTfWnvW31C2rMoBRN+XhbghOv47
8k5jS6R9ZPdjIEcMBO7dVKcC6qgKQrnVPWTqApfDoeKUociwJ+zlrswBdaoVgrmE
RyVCwi2OYGBURV0piPHJaMa/cF9e+BRA213H2Dja3ZdnQN1zPUnG6F+kZPnxHMew
lAFTNORMQU7NRsbzyvfeLdvEZQIDAQABo4IDQDCCAzwwHQYDVR0OBBYEFK2EjoAP
xu9XDyua9GwiW3Cqi0dIMB8GA1UdIwQYMBaAFGFxQy1VlMs/YI074PUmALvsRuX7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTRCMS84NDE4OTIyNkZC
RTQxMUVCODJCNjI2NEZDNEY5QUUwMi9ZWEZETFZXVXl6OWdqVHZnOVNZQXUteEc1
ZnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lYRkRMVldVeXo5Z2pUdmc5U1lBdS14RzVmcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTE0QjEvODQxODkyMjZGQkU0MTFFQjgyQjYyNjRGQzRGOUFFMDIvMjgzQTREMjAx
NzQ5MTFFQzg5NkFENjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgckGCCsGAQUFBwEHAQH/
BIG5MIG2MIGkBAIAATCBnQMDAAEsAwMAO5owCwMDAz1YAwQCPVjYMAwDBAI9WOQD
BAA9WOYDBAI9WOgwCwMEAD1Y/QMDAD1YAwMAd+EDBAd8EwADBAd9P4AwCwMDAMqL
AwQGyouAAwQAyw1gAwQAyw1iAwQAyw17MAwDBADLDX0DBAHLDYAwDAMEAMsNhQME
AMsNhjALAwMBy8oDBAbLyoADBADSAAADBAfcZQAwDQQCAAIwBwMFACQFkAAwDQYJ
KoZIhvcNAQELBQADggEBAFUFe9i/OE3KipBkfUHlTLzEqFjvwTV+BuqwhksqayrS
Yp4MF6XhmJ/fWQrKLWPhGFajjDl+yhkmxOu/jUbylW62GVdSzveQWLmyWeBzqBNm
p/TkhWxfiTEUW4syGGtGgEIjurNM9k8UpzkTWzeHyiJywrKUxfx0GYkImlSn6UXA
pWWRRVSkxQ2ngNcQLk5OvBdSN4/0g1eVIzeVvIZd2ljnktWxAajQJl0BFuyczPWK
CdmV0nLfvc8Ndk/Ax01wUp+bENP+1yQRca6CSeM/zBTTgSguEq9vtXC67jRQ0tvN
e8Z/eX6HwP8r5Z0JomUoszHkBduUHFRe9uWjJiGCIjI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:25:58 2024 by rpki-client on console-ams.rpki-client.org