Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/3AA9ABDAA6C711E9933CF621C4F9AE02.roa
File: 3AA9ABDAA6C711E9933CF621C4F9AE02.roa (raw, json)
Hash identifier: vX/4yZE912/s2GuoQPXplPBoigawhbTtUVYeRq0wrOs=
Subject key identifier: 69:D6:DF:B7:69:4D:73:19:E8:DB:55:9C:CC:B7:C1:B6:17:AC:2B:06
Certificate issuer: /CN=A91619BE/serialNumber=C316319585EE2CF247B5350371467DC269DC9CE5
Certificate serial: 3404
Authority key identifier: C3:16:31:95:85:EE:2C:F2:47:B5:35:03:71:46:7D:C2:69:DC:9C:E5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/3AA9ABDAA6C711E9933CF621C4F9AE02.roa
Signing time: Sun 02 Jun 2024 14:40:36 +0000
ROA not before: Sun 02 Jun 2024 14:40:36 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 9927
IP address blocks: 45.64.120.0/24 maxlen: 24
45.64.121.0/24 maxlen: 24
45.64.122.0/24 maxlen: 24
45.64.123.0/24 maxlen: 24
58.97.160.0/24 maxlen: 24
58.97.161.0/24 maxlen: 24
58.97.163.0/24 maxlen: 24
58.97.164.0/24 maxlen: 24
58.97.165.0/24 maxlen: 24
58.97.166.0/24 maxlen: 24
58.97.167.0/24 maxlen: 24
58.97.168.0/24 maxlen: 24
58.97.169.0/24 maxlen: 24
58.97.170.0/24 maxlen: 24
58.97.171.0/24 maxlen: 24
58.97.172.0/24 maxlen: 24
58.97.173.0/24 maxlen: 24
58.97.174.0/24 maxlen: 24
58.97.175.0/24 maxlen: 24
58.97.176.0/24 maxlen: 24
58.97.177.0/24 maxlen: 24
58.97.178.0/24 maxlen: 24
58.97.179.0/24 maxlen: 24
58.97.180.0/24 maxlen: 24
58.97.181.0/24 maxlen: 24
58.97.182.0/24 maxlen: 24
58.97.183.0/24 maxlen: 24
58.97.184.0/24 maxlen: 24
58.97.185.0/24 maxlen: 24
58.97.186.0/24 maxlen: 24
58.97.187.0/24 maxlen: 24
58.97.188.0/24 maxlen: 24
58.97.189.0/24 maxlen: 24
58.97.190.0/24 maxlen: 24
58.97.191.0/24 maxlen: 24
103.21.12.0/24 maxlen: 24
103.21.13.0/24 maxlen: 24
103.21.14.0/24 maxlen: 24
103.21.15.0/24 maxlen: 24
202.57.32.0/24 maxlen: 24
202.57.33.0/24 maxlen: 24
202.57.34.0/24 maxlen: 24
202.57.35.0/24 maxlen: 24
202.57.36.0/24 maxlen: 24
202.57.37.0/24 maxlen: 24
202.57.38.0/24 maxlen: 24
202.57.39.0/24 maxlen: 24
202.57.40.0/24 maxlen: 24
202.57.41.0/24 maxlen: 24
202.57.42.0/24 maxlen: 24
202.57.43.0/24 maxlen: 24
202.57.44.0/24 maxlen: 24
202.57.45.0/24 maxlen: 24
202.57.46.0/24 maxlen: 24
202.57.47.0/24 maxlen: 24
202.57.48.0/24 maxlen: 24
202.57.49.0/24 maxlen: 24
202.57.50.0/24 maxlen: 24
202.57.51.0/24 maxlen: 24
202.57.52.0/24 maxlen: 24
202.57.53.0/24 maxlen: 24
202.57.54.0/24 maxlen: 24
202.57.55.0/24 maxlen: 24
202.57.57.0/24 maxlen: 24
202.57.58.0/24 maxlen: 24
202.57.61.0/24 maxlen: 24
202.57.62.0/24 maxlen: 24
202.57.63.0/24 maxlen: 24
2405:d400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.crl
rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:25:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13316 (0x3404)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91619BE/serialNumber=C316319585EE2CF247B5350371467DC269DC9CE5
Validity
Not Before: Jun 2 14:40:36 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=665c8464-2964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:18:43:01:ef:a7:e3:e5:06:f9:bc:14:24:f8:
8c:9e:1f:49:db:24:b3:70:b3:f2:d0:11:12:17:91:
cf:e6:d9:e6:cc:c6:54:22:4b:5b:39:99:51:12:f7:
86:f6:70:0e:b8:d1:ba:68:da:f0:43:6f:16:d8:52:
b5:c1:cd:0e:75:c8:15:f9:6f:8c:82:eb:c8:dd:ad:
61:16:af:b3:47:22:64:84:05:c2:6c:04:9e:b5:aa:
0c:b7:05:02:4c:9e:17:14:c6:02:99:17:fa:a5:6f:
e8:58:01:29:d9:32:a5:b1:4c:a4:79:ed:64:a9:2b:
f0:5f:a1:ec:bd:82:84:17:66:cc:b1:3d:07:77:7b:
12:67:7a:6c:75:c7:38:92:f1:4f:c2:9a:1e:87:79:
05:ac:aa:cb:74:60:73:16:e3:5e:30:fc:33:f1:16:
aa:65:cd:d2:33:35:60:9c:3a:a0:31:ef:9d:12:35:
e1:20:24:55:48:ce:d3:55:97:4e:cd:a5:b7:a3:ec:
b8:a1:35:15:30:10:38:49:62:d2:9d:1d:9e:61:cd:
87:21:ee:74:0f:77:be:0a:35:d2:6f:b3:59:a4:92:
3a:ed:d0:59:af:c8:a4:87:be:7a:4e:c7:8d:c3:77:
f6:e9:d0:43:4a:f3:2d:76:d5:82:c4:c7:8f:27:88:
64:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:D6:DF:B7:69:4D:73:19:E8:DB:55:9C:CC:B7:C1:B6:17:AC:2B:06
X509v3 Authority Key Identifier:
keyid:C3:16:31:95:85:EE:2C:F2:47:B5:35:03:71:46:7D:C2:69:DC:9C:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/3AA9ABDAA6C711E9933CF621C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.120.0/22
58.97.160.0/23
58.97.163.0-58.97.191.255
103.21.12.0/22
202.57.32.0-202.57.55.255
202.57.57.0-202.57.58.255
202.57.61.0-202.57.63.255
IPv6:
2405:d400::/32
Signature Algorithm: sha256WithRSAEncryption
5b:17:f2:06:b0:39:19:02:16:2d:74:13:77:dd:23:cd:b1:22:
6d:1e:f4:a0:4c:dc:2c:bb:bc:f2:7d:7e:eb:88:c3:7f:27:7d:
e8:23:f0:21:34:12:e7:17:98:ca:31:d5:7b:a8:89:b1:4f:86:
43:c6:15:9c:7d:d7:b4:02:58:20:a1:c7:37:3b:71:8d:38:1c:
14:93:40:15:be:ba:62:d5:28:b2:9f:fc:fb:78:a9:e5:46:d7:
6e:c0:57:c8:07:ae:6c:00:1b:3c:d4:6b:c6:9c:d1:08:47:08:
96:a5:3c:16:3e:e7:d7:7c:c4:80:8a:c8:68:44:c7:db:0d:57:
73:62:f4:7d:65:99:0e:b1:d0:b1:27:37:53:bf:ac:aa:c4:aa:
27:a8:d2:09:1e:f2:af:59:a8:f5:d2:30:44:ef:42:ee:b1:9d:
a0:16:08:ea:62:20:e3:f0:66:72:c6:74:8e:2f:10:e8:49:82:
77:a6:6e:d1:f3:be:37:33:9e:4e:95:62:c0:cb:05:0d:69:34:
c4:c8:52:a1:d8:d0:0c:6d:76:77:79:06:72:e4:60:ca:e8:f2:
01:b9:88:5f:0d:6c:c9:f0:51:0d:7c:0b:e9:69:d1:09:bd:37:
f2:46:4f:a9:b6:d6:82:27:57:ef:dc:f1:9d:ea:46:7c:e9:ee:
41:4b:98:2f
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgICNAQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjE5QkUxMTAvBgNVBAUTKEMzMTYzMTk1ODVFRTJDRjI0N0I1MzUwMzcxNDY3REMy
NjlEQzlDRTUwHhcNMjQwNjAyMTQ0MDM2WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVjODQ2NC0yOTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2xhDAe+n4+UG+bwUJPiMnh9J2ySzcLPy0BESF5HP5tnmzMZUIktbOZlREveG
9nAOuNG6aNrwQ28W2FK1wc0OdcgV+W+MguvI3a1hFq+zRyJkhAXCbASetaoMtwUC
TJ4XFMYCmRf6pW/oWAEp2TKlsUykee1kqSvwX6HsvYKEF2bMsT0Hd3sSZ3psdcc4
kvFPwpoeh3kFrKrLdGBzFuNeMPwz8RaqZc3SMzVgnDqgMe+dEjXhICRVSM7TVZdO
zaW3o+y4oTUVMBA4SWLSnR2eYc2HIe50D3e+CjXSb7NZpJI67dBZr8ikh756TseN
w3f26dBDSvMtdtWCxMePJ4hkYQIDAQABo4IC6DCCAuQwHQYDVR0OBBYEFGnW37dp
TXMZ6NtVnMy3wbYXrCsGMB8GA1UdIwQYMBaAFMMWMZWF7izyR7U1A3FGfcJp3Jzl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MTlCRS83NTI5OTFDNjFE
ODUxMUUyOTM4NjFCREMwOEIwMkNEMi93eFl4bFlYdUxQSkh0VFVEY1VaOXdtbmNu
T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3d4WXhsWVh1TFBKSHRUVURjVVo5d21uY25PVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjE5QkUvNzUyOTkxQzYxRDg1MTFFMjkzODYxQkRDMDhCMDJDRDIvM0FBOUFCREFB
NkM3MTFFOTkzM0NGNjIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcgYIKwYBBQUHAQcBAf8E
YzBhMFAEAgABMEoDBAItQHgDBAE6YaAwDAMEADphowMEBjphgAMEAmcVDDAMAwQF
yjkgAwQDyjkwMAwDBADKOTkDBADKOTowDAMEAMo5PQMEBso5ADANBAIAAjAHAwUA
JAXUADANBgkqhkiG9w0BAQsFAAOCAQEAWxfyBrA5GQIWLXQTd90jzbEibR70oEzc
LLu88n1+64jDfyd96CPwITQS5xeYyjHVe6iJsU+GQ8YVnH3XtAJYIKHHNztxjTgc
FJNAFb66YtUosp/8+3ip5UbXbsBXyAeubAAbPNRrxpzRCEcIlqU8Fj7n13zEgIrI
aETH2w1Xc2L0fWWZDrHQsSc3U7+sqsSqJ6jSCR7yr1mo9dIwRO9C7rGdoBYI6mIg
4/BmcsZ0ji8Q6EmCd6Zu0fO+NzOeTpViwMsFDWk0xMhSodjQDG12d3kGcuRgyujy
AbmIXw1syfBRDXwL6WnRCb038kZPqbbWgidX79zxnepGfOnuQUuYLw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:49:20 2024 by rpki-client on console-ams.rpki-client.org