Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/EBD5A3CA6B8711EFB0476280C4F9AE02.roa
File: EBD5A3CA6B8711EFB0476280C4F9AE02.roa (raw, json)
Hash identifier: fA+kqaKk3JYJ5L1SCxggXVF38dEFRQWvBBK35ZGIubk=
Subject key identifier: B3:C4:70:AC:2D:A5:4F:FE:A9:3A:D9:9B:9F:33:2C:20:84:01:7D:75
Certificate issuer: /CN=A91697FA/serialNumber=9F82DBC9466312C5BA2E921279302400956A982A
Certificate serial: 3514
Authority key identifier: 9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/EBD5A3CA6B8711EFB0476280C4F9AE02.roa
Signing time: Thu 05 Sep 2024 13:17:17 +0000
ROA not before: Thu 05 Sep 2024 13:17:17 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 7693
IP address blocks: 58.181.128.0/17 maxlen: 17
58.181.128.0/20 maxlen: 20
58.181.144.0/20 maxlen: 20
58.181.146.0/23 maxlen: 23
58.181.160.0/20 maxlen: 20
58.181.176.0/20 maxlen: 20
58.181.192.0/20 maxlen: 20
58.181.200.0/24 maxlen: 24
58.181.208.0/20 maxlen: 20
58.181.212.0/24 maxlen: 24
58.181.224.0/20 maxlen: 20
58.181.225.0/24 maxlen: 24
58.181.240.0/20 maxlen: 20
58.181.248.0/23 maxlen: 23
58.181.252.0/22 maxlen: 22
103.19.104.0/22 maxlen: 22
202.44.144.0/24 maxlen: 24
202.149.96.0/19 maxlen: 19
202.149.96.0/20 maxlen: 20
202.149.112.0/20 maxlen: 20
203.107.128.0/17 maxlen: 17
203.107.128.0/20 maxlen: 20
203.107.129.0/24 maxlen: 24
203.107.130.0/24 maxlen: 24
203.107.144.0/20 maxlen: 20
203.107.160.0/20 maxlen: 20
203.107.176.0/20 maxlen: 20
203.107.192.0/20 maxlen: 20
203.107.192.0/24 maxlen: 24
203.107.208.0/20 maxlen: 20
203.107.224.0/20 maxlen: 20
203.107.231.0/24 maxlen: 24
203.107.240.0/20 maxlen: 20
203.107.255.0/24 maxlen: 24
203.155.0.0/16 maxlen: 16
203.155.0.0/20 maxlen: 20
203.155.0.0/23 maxlen: 23
203.155.16.0/20 maxlen: 20
203.155.32.0/20 maxlen: 20
203.155.42.0/24 maxlen: 24
203.155.48.0/20 maxlen: 20
203.155.54.0/23 maxlen: 23
203.155.64.0/20 maxlen: 20
203.155.66.0/24 maxlen: 24
203.155.80.0/20 maxlen: 20
203.155.96.0/20 maxlen: 20
203.155.112.0/20 maxlen: 20
203.155.128.0/20 maxlen: 20
203.155.144.0/20 maxlen: 20
203.155.160.0/20 maxlen: 20
203.155.176.0/20 maxlen: 20
203.155.192.0/20 maxlen: 20
203.155.208.0/20 maxlen: 20
203.155.219.0/24 maxlen: 24
203.155.224.0/20 maxlen: 20
203.155.240.0/20 maxlen: 20
203.155.253.0/24 maxlen: 24
203.155.255.0/24 maxlen: 24
203.188.0.0/18 maxlen: 18
203.188.0.0/20 maxlen: 24
203.188.32.0/20 maxlen: 24
203.195.96.0/20 maxlen: 20
203.195.105.0/24 maxlen: 24
203.209.0.0/18 maxlen: 18
203.209.0.0/20 maxlen: 20
203.209.16.0/20 maxlen: 20
203.209.32.0/20 maxlen: 20
203.209.48.0/20 maxlen: 20
203.209.64.0/18 maxlen: 18
203.209.64.0/20 maxlen: 20
203.209.75.0/24 maxlen: 24
203.209.80.0/20 maxlen: 20
203.209.93.0/24 maxlen: 24
203.209.96.0/20 maxlen: 20
203.209.112.0/20 maxlen: 20
203.209.122.0/24 maxlen: 24
203.209.123.0/24 maxlen: 24
203.209.125.0/24 maxlen: 24
2405:a000::/32 maxlen: 32
2405:a000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.crl
rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13588 (0x3514)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91697FA
Validity
Not Before: Sep 5 13:17:17 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d9af5d-28ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:82:6b:29:76:fd:79:c4:91:ad:e2:54:0e:09:
70:09:85:32:c7:39:6a:46:89:46:d4:c1:22:28:82:
3f:a1:84:bd:36:30:17:64:55:68:28:44:d7:02:0c:
b5:d1:ff:20:a4:36:44:1d:a1:a1:4b:10:db:1e:99:
e8:51:36:ca:1f:95:2e:b7:e1:e5:33:f3:fa:01:7b:
a5:a5:4b:b4:9c:10:79:c8:1e:29:bb:b5:e7:9d:53:
23:bc:84:56:8f:26:9d:96:01:3c:e6:6c:1b:25:80:
2d:f4:0c:0f:27:c5:9f:04:b2:be:c7:ec:b2:79:3b:
65:97:34:7b:37:ac:2b:53:1b:3c:f5:1f:56:6e:1f:
63:37:3d:59:e5:20:22:87:4a:a8:68:80:19:69:f8:
1f:e3:d5:d3:68:24:16:20:22:4a:07:d3:cc:d3:97:
be:8f:c4:c0:ea:3b:ff:f7:7a:3b:88:cc:df:2b:1b:
0c:12:dd:09:0a:aa:99:44:a3:23:d3:84:89:e3:b2:
77:a2:e9:38:e9:3f:e8:d3:bf:e0:4d:b8:b9:36:93:
07:52:b9:01:52:67:82:e0:e4:e0:2c:02:b7:f4:71:
e1:80:54:02:10:83:74:07:44:5c:61:27:3e:9e:2a:
a6:f2:de:16:66:ca:57:fd:4e:20:21:ad:07:2a:82:
fb:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C4:70:AC:2D:A5:4F:FE:A9:3A:D9:9B:9F:33:2C:20:84:01:7D:75
X509v3 Authority Key Identifier:
keyid:9F:82:DB:C9:46:63:12:C5:BA:2E:92:12:79:30:24:00:95:6A:98:2A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/n4LbyUZjEsW6LpISeTAkAJVqmCo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n4LbyUZjEsW6LpISeTAkAJVqmCo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91697FA/27F83B701D8311E2932921D808B02CD2/EBD5A3CA6B8711EFB0476280C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
58.181.128.0/17
103.19.104.0/22
202.44.144.0/24
202.149.96.0/19
203.107.128.0/17
203.155.0.0/16
203.188.0.0/18
203.195.96.0/20
203.209.0.0/17
IPv6:
2405:a000::/32
Signature Algorithm: sha256WithRSAEncryption
1d:d2:3e:2d:52:c6:df:38:c0:78:eb:c9:01:06:c8:b7:de:3d:
8f:ba:7a:9c:df:3a:89:d6:e5:eb:d6:88:7f:73:49:c1:c5:28:
ab:0e:e4:37:9f:6f:0a:fd:d9:c6:1f:51:d8:11:e6:88:07:2b:
dd:cd:9c:c2:40:55:5a:04:26:79:03:0a:0c:74:93:1d:ad:39:
9b:be:27:a1:87:12:31:61:0e:6f:d5:d4:98:f2:d3:e8:f5:2f:
29:d2:22:cd:c9:f1:3d:ad:5d:80:2c:e5:8c:24:cd:ce:b2:f4:
44:cd:d0:a9:7a:e1:69:f0:b7:eb:f7:a8:6d:11:07:8e:34:a2:
4e:f9:1a:d2:a0:45:6e:8c:84:52:87:b1:a6:20:3b:dd:94:80:
61:0c:55:e3:fb:e5:b0:9d:1f:48:23:10:b0:88:5f:7b:ce:42:
12:38:7a:a6:aa:2f:8d:5d:04:c1:00:bb:a7:f1:cd:b2:39:51:
13:49:f7:22:df:34:af:a5:11:8f:f2:51:a7:f4:24:2e:3b:e4:
2f:e3:a8:34:bb:50:35:8c:d6:fd:7a:ec:17:36:47:d2:f9:c5:
5e:57:10:3d:d7:45:95:3c:82:c9:77:39:ca:4c:11:a1:ab:5b:
3c:33:91:f9:da:b4:71:41:7b:d0:c7:4e:3c:ae:ad:f8:0b:fc:
c1:11:11:db
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICNRQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Njk3RkExMTAvBgNVBAUTKDlGODJEQkM5NDY2MzEyQzVCQTJFOTIxMjc5MzAyNDAw
OTU2QTk4MkEwHhcNMjQwOTA1MTMxNzE3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5YWY1ZC0yOGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu4JrKXb9ecSRreJUDglwCYUyxzlqRolG1MEiKII/oYS9NjAXZFVoKETXAgy1
0f8gpDZEHaGhSxDbHpnoUTbKH5Uut+HlM/P6AXulpUu0nBB5yB4pu7XnnVMjvIRW
jyadlgE85mwbJYAt9AwPJ8WfBLK+x+yyeTtllzR7N6wrUxs89R9Wbh9jNz1Z5SAi
h0qoaIAZafgf49XTaCQWICJKB9PM05e+j8TA6jv/93o7iMzfKxsMEt0JCqqZRKMj
04SJ47J3ouk46T/o07/gTbi5NpMHUrkBUmeC4OTgLAK39HHhgFQCEIN0B0RcYSc+
niqm8t4WZspX/U4gIa0HKoL7PQIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFLPEcKwt
pU/+qTrZm58zLCCEAX11MB8GA1UdIwQYMBaAFJ+C28lGYxLFui6SEnkwJACVapgq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OTdGQS8yN0Y4M0I3MDFE
ODMxMUUyOTMyOTIxRDgwOEIwMkNEMi9uNExieVVaakVzVzZMcElTZVRBa0FKVnFt
Q28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL240TGJ5VVpqRXNXNkxwSVNlVEFrQUpWcW1Dby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Njk3RkEvMjdGODNCNzAxRDgzMTFFMjkzMjkyMUQ4MDhCMDJDRDIvRUJENUEzQ0E2
Qjg3MTFFRkIwNDc2MjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMDsEAgABMDUDBAc6tYADBAJnE2gDBADKLJADBAXKlWADBAfLa4ADAwDLmwME
Bsu8AAMEBMvDYAMEB8vRADANBAIAAjAHAwUAJAWgADANBgkqhkiG9w0BAQsFAAOC
AQEAHdI+LVLG3zjAeOvJAQbIt949j7p6nN86idbl69aIf3NJwcUoqw7kN59vCv3Z
xh9R2BHmiAcr3c2cwkBVWgQmeQMKDHSTHa05m74noYcSMWEOb9XUmPLT6PUvKdIi
zcnxPa1dgCzljCTNzrL0RM3QqXrhafC36/eobREHjjSiTvka0qBFboyEUoexpiA7
3ZSAYQxV4/vlsJ0fSCMQsIhfe85CEjh6pqovjV0EwQC7p/HNsjlRE0n3It80r6UR
j/JRp/QkLjvkL+OoNLtQNYzW/XrsFzZH0vnFXlcQPddFlTyCyXc5ykwRoatbPDOR
+dq0cUF70MdOPK6t+Av8wRER2w==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:26:04 2025 by rpki-client