Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/3AA9ABDAA6C711E9933CF621C4F9AE02.roa
File: 3AA9ABDAA6C711E9933CF621C4F9AE02.roa (raw, json)
Hash identifier: 9dZk4AqZ3yhKLx2e91xr9Zfdx74z+WImEKy7mrwNOq0=
Subject key identifier: F6:DC:5A:D2:A5:46:9D:A7:61:7B:62:21:8B:DB:30:A6:24:CB:6B:C2
Certificate issuer: /CN=A91619BE/serialNumber=C316319585EE2CF247B5350371467DC269DC9CE5
Certificate serial: 3346
Authority key identifier: C3:16:31:95:85:EE:2C:F2:47:B5:35:03:71:46:7D:C2:69:DC:9C:E5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/3AA9ABDAA6C711E9933CF621C4F9AE02.roa
Signing time: Mon 12 Jun 2023 14:30:30 +0000
ROA not before: Mon 12 Jun 2023 14:30:30 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 9927
IP address blocks: 45.64.120.0/24 maxlen: 24
45.64.121.0/24 maxlen: 24
45.64.122.0/24 maxlen: 24
45.64.123.0/24 maxlen: 24
58.97.160.0/24 maxlen: 24
58.97.161.0/24 maxlen: 24
58.97.163.0/24 maxlen: 24
58.97.164.0/24 maxlen: 24
58.97.165.0/24 maxlen: 24
58.97.166.0/24 maxlen: 24
58.97.167.0/24 maxlen: 24
58.97.168.0/24 maxlen: 24
58.97.169.0/24 maxlen: 24
58.97.170.0/24 maxlen: 24
58.97.171.0/24 maxlen: 24
58.97.172.0/24 maxlen: 24
58.97.173.0/24 maxlen: 24
58.97.174.0/24 maxlen: 24
58.97.175.0/24 maxlen: 24
58.97.176.0/24 maxlen: 24
58.97.177.0/24 maxlen: 24
58.97.178.0/24 maxlen: 24
58.97.179.0/24 maxlen: 24
58.97.180.0/24 maxlen: 24
58.97.181.0/24 maxlen: 24
58.97.182.0/24 maxlen: 24
58.97.183.0/24 maxlen: 24
58.97.184.0/24 maxlen: 24
58.97.185.0/24 maxlen: 24
58.97.186.0/24 maxlen: 24
58.97.187.0/24 maxlen: 24
58.97.188.0/24 maxlen: 24
58.97.189.0/24 maxlen: 24
58.97.190.0/24 maxlen: 24
58.97.191.0/24 maxlen: 24
103.21.12.0/24 maxlen: 24
103.21.13.0/24 maxlen: 24
103.21.14.0/24 maxlen: 24
103.21.15.0/24 maxlen: 24
202.57.32.0/24 maxlen: 24
202.57.33.0/24 maxlen: 24
202.57.34.0/24 maxlen: 24
202.57.35.0/24 maxlen: 24
202.57.36.0/24 maxlen: 24
202.57.37.0/24 maxlen: 24
202.57.38.0/24 maxlen: 24
202.57.39.0/24 maxlen: 24
202.57.40.0/24 maxlen: 24
202.57.41.0/24 maxlen: 24
202.57.42.0/24 maxlen: 24
202.57.43.0/24 maxlen: 24
202.57.44.0/24 maxlen: 24
202.57.45.0/24 maxlen: 24
202.57.46.0/24 maxlen: 24
202.57.47.0/24 maxlen: 24
202.57.48.0/24 maxlen: 24
202.57.49.0/24 maxlen: 24
202.57.50.0/24 maxlen: 24
202.57.51.0/24 maxlen: 24
202.57.52.0/24 maxlen: 24
202.57.53.0/24 maxlen: 24
202.57.54.0/24 maxlen: 24
202.57.55.0/24 maxlen: 24
202.57.57.0/24 maxlen: 24
202.57.58.0/24 maxlen: 24
202.57.61.0/24 maxlen: 24
202.57.62.0/24 maxlen: 24
202.57.63.0/24 maxlen: 24
2405:d400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.crl
rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 31 May 2024 14:27:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13126 (0x3346)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91619BE/serialNumber=C316319585EE2CF247B5350371467DC269DC9CE5
Validity
Not Before: Jun 12 14:30:30 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64872c05-e71e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3e:1b:b5:de:dc:c4:f8:a7:8f:07:28:28:16:
78:ec:cb:36:bb:e3:af:b7:77:24:0f:59:01:43:96:
78:34:4c:7f:29:33:1f:79:ae:a4:48:a1:0e:46:a4:
9c:0e:38:9f:3b:cb:4e:12:57:54:cb:95:42:89:b7:
fd:92:8e:50:9a:c2:5f:6b:15:6e:e0:85:71:2e:75:
34:a1:35:56:34:45:8f:ff:5e:e4:ec:61:32:f7:f9:
13:3c:fc:5e:32:47:dd:4f:93:df:c0:18:70:96:0e:
e8:76:e1:ea:44:ca:bc:f2:bb:44:aa:d9:78:3d:94:
e6:59:14:9a:72:d5:48:08:02:2e:2b:32:f3:b3:ab:
37:86:f2:65:f5:c7:32:24:0f:6b:7f:11:31:64:aa:
d7:3a:40:76:1f:76:7e:a8:28:af:89:48:bf:df:26:
0a:7b:48:fd:4a:39:10:c6:1a:5d:d4:1e:46:08:98:
81:6a:34:0c:8a:0d:9b:e7:3c:99:5a:02:65:9e:09:
e8:6f:f2:19:4b:67:28:68:f4:04:2d:dc:2d:24:16:
a2:ad:30:fd:27:44:d2:fa:0f:aa:af:d4:9f:1d:2b:
e8:01:39:3a:ee:ee:ee:11:e8:7a:ce:6c:d6:f6:5c:
74:40:96:ef:27:0b:6c:8d:7a:95:0e:f3:b8:b0:68:
cb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:DC:5A:D2:A5:46:9D:A7:61:7B:62:21:8B:DB:30:A6:24:CB:6B:C2
X509v3 Authority Key Identifier:
keyid:C3:16:31:95:85:EE:2C:F2:47:B5:35:03:71:46:7D:C2:69:DC:9C:E5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wxYxlYXuLPJHtTUDcUZ9wmncnOU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91619BE/752991C61D8511E293861BDC08B02CD2/3AA9ABDAA6C711E9933CF621C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.120.0/22
58.97.160.0/23
58.97.163.0-58.97.191.255
103.21.12.0/22
202.57.32.0-202.57.55.255
202.57.57.0-202.57.58.255
202.57.61.0-202.57.63.255
IPv6:
2405:d400::/32
Signature Algorithm: sha256WithRSAEncryption
b5:11:51:d1:7f:e9:7b:d3:2f:75:9e:95:b3:0e:24:35:42:27:
47:5c:0c:9a:56:83:9f:a4:51:ab:28:1b:8e:f7:d8:d8:bb:5f:
7b:88:02:2e:0f:56:4b:bc:ab:43:d4:fe:03:87:77:7e:51:3d:
a8:5a:52:5a:04:09:70:72:55:26:e9:22:b6:01:70:b9:4b:33:
9e:1e:ce:e5:72:24:37:4a:f8:ca:22:a9:a5:b9:42:f4:14:44:
21:57:25:dc:bd:9f:f3:a4:c6:08:ef:93:d1:fb:97:81:a8:61:
4f:d8:32:5f:69:eb:eb:bd:16:ff:54:6d:f9:a9:8a:ab:e1:63:
8d:fd:8a:86:3d:e6:21:b1:16:f2:c7:f4:66:ff:ab:7b:cd:e7:
21:23:e6:da:ad:82:79:87:49:06:ed:98:11:16:7e:5c:33:7d:
9b:d1:b9:27:cf:97:cb:01:bd:43:ee:21:7f:a2:f6:6f:93:2b:
44:80:d0:57:56:f1:2b:ca:7e:18:8a:d1:48:3d:b4:c9:2f:22:
8c:0a:16:f4:ed:86:cd:bd:c3:c7:c2:fd:3b:40:1e:ec:d3:63:
39:eb:42:74:6b:a1:d4:29:24:0e:40:8c:6c:ca:e1:81:14:44:
44:36:b4:c5:70:ac:cd:09:ad:4d:0c:0c:b2:ec:d1:12:bc:47:
f9:19:28:71
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgICM0YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjE5QkUxMTAvBgNVBAUTKEMzMTYzMTk1ODVFRTJDRjI0N0I1MzUwMzcxNDY3REMy
NjlEQzlDRTUwHhcNMjMwNjEyMTQzMDMwWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDg3MmMwNS1lNzFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5T4btd7cxPinjwcoKBZ47Ms2u+Ovt3ckD1kBQ5Z4NEx/KTMfea6kSKEORqSc
DjifO8tOEldUy5VCibf9ko5QmsJfaxVu4IVxLnU0oTVWNEWP/17k7GEy9/kTPPxe
MkfdT5PfwBhwlg7oduHqRMq88rtEqtl4PZTmWRSactVICAIuKzLzs6s3hvJl9ccy
JA9rfxExZKrXOkB2H3Z+qCiviUi/3yYKe0j9SjkQxhpd1B5GCJiBajQMig2b5zyZ
WgJlngnob/IZS2coaPQELdwtJBairTD9J0TS+g+qr9SfHSvoATk67u7uEeh6zmzW
9lx0QJbvJwtsjXqVDvO4sGjL6QIDAQABo4IC6DCCAuQwHQYDVR0OBBYEFPbcWtKl
Rp2nYXtiIYvbMKYky2vCMB8GA1UdIwQYMBaAFMMWMZWF7izyR7U1A3FGfcJp3Jzl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MTlCRS83NTI5OTFDNjFE
ODUxMUUyOTM4NjFCREMwOEIwMkNEMi93eFl4bFlYdUxQSkh0VFVEY1VaOXdtbmNu
T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3d4WXhsWVh1TFBKSHRUVURjVVo5d21uY25PVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjE5QkUvNzUyOTkxQzYxRDg1MTFFMjkzODYxQkRDMDhCMDJDRDIvM0FBOUFCREFB
NkM3MTFFOTkzM0NGNjIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwcgYIKwYBBQUHAQcBAf8E
YzBhMFAEAgABMEoDBAItQHgDBAE6YaAwDAMEADphowMEBjphgAMEAmcVDDAMAwQF
yjkgAwQDyjkwMAwDBADKOTkDBADKOTowDAMEAMo5PQMEBso5ADANBAIAAjAHAwUA
JAXUADANBgkqhkiG9w0BAQsFAAOCAQEAtRFR0X/pe9MvdZ6Vsw4kNUInR1wMmlaD
n6RRqygbjvfY2Ltfe4gCLg9WS7yrQ9T+A4d3flE9qFpSWgQJcHJVJukitgFwuUsz
nh7O5XIkN0r4yiKppblC9BREIVcl3L2f86TGCO+T0fuXgahhT9gyX2nr670W/1Rt
+amKq+Fjjf2Khj3mIbEW8sf0Zv+re83nISPm2q2CeYdJBu2YERZ+XDN9m9G5J8+X
ywG9Q+4hf6L2b5MrRIDQV1bxK8p+GIrRSD20yS8ijAoW9O2Gzb3Dx8L9O0Ae7NNj
OetCdGuh1CkkDkCMbMrhgRRERDa0xXCszQmtTQwMsuzRErxH+RkocQ==
-----END CERTIFICATE-----
Generated at Fri May 24 18:22:57 2024 by rpki-client on console-ams.rpki-client.org