Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/01571CFC878511EE8A9D2C3FC4F9AE02.roa
File: 01571CFC878511EE8A9D2C3FC4F9AE02.roa (raw, json)
Hash identifier: wkqTt67qIBbtBAnE877GCC//CF8Nz6yxX7J9pv5qK9M=
Subject key identifier: 2B:6E:A9:5B:11:F0:A7:22:43:46:9C:15:41:22:FD:72:10:E8:15:0C
Certificate issuer: /CN=A917E678/serialNumber=FF3341972DD8A1F6871EDE869A3A1DD92528AEB6
Certificate serial: 0B6A
Authority key identifier: FF:33:41:97:2D:D8:A1:F6:87:1E:DE:86:9A:3A:1D:D9:25:28:AE:B6
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_zNBly3YofaHHt6Gmjod2SUorrY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/01571CFC878511EE8A9D2C3FC4F9AE02.roa
Signing time: Thu 18 Apr 2024 08:38:46 +0000
ROA not before: Thu 18 Apr 2024 08:38:46 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 136907
IP address blocks: 46.250.160.0/19 maxlen: 19
46.250.160.0/20 maxlen: 20
46.250.176.0/20 maxlen: 20
62.245.0.0/20 maxlen: 20
62.245.16.0/20 maxlen: 20
80.238.128.0/17 maxlen: 17
80.238.128.0/22 maxlen: 22
80.238.128.0/24 maxlen: 24
80.238.129.0/24 maxlen: 24
80.238.132.0/22 maxlen: 22
80.238.136.0/22 maxlen: 22
80.238.140.0/22 maxlen: 22
80.238.144.0/22 maxlen: 22
80.238.148.0/22 maxlen: 22
80.238.152.0/22 maxlen: 22
80.238.156.0/22 maxlen: 22
80.238.160.0/22 maxlen: 22
80.238.164.0/22 maxlen: 22
80.238.168.0/22 maxlen: 22
80.238.172.0/22 maxlen: 22
80.238.176.0/22 maxlen: 22
80.238.180.0/24 maxlen: 24
80.238.181.0/24 maxlen: 24
80.238.182.0/24 maxlen: 24
80.238.183.0/24 maxlen: 24
80.238.184.0/24 maxlen: 24
80.238.185.0/24 maxlen: 24
80.238.186.0/24 maxlen: 24
80.238.187.0/24 maxlen: 24
80.238.188.0/24 maxlen: 24
80.238.189.0/24 maxlen: 24
80.238.190.0/24 maxlen: 24
80.238.191.0/24 maxlen: 24
80.238.192.0/20 maxlen: 20
80.238.208.0/20 maxlen: 20
80.238.224.0/20 maxlen: 20
80.238.240.0/20 maxlen: 20
83.101.0.0/17 maxlen: 17
83.101.0.0/21 maxlen: 21
83.101.8.0/21 maxlen: 21
83.101.16.0/21 maxlen: 21
83.101.24.0/21 maxlen: 21
83.101.32.0/21 maxlen: 21
83.101.40.0/21 maxlen: 21
83.101.48.0/21 maxlen: 21
83.101.56.0/21 maxlen: 21
83.101.64.0/21 maxlen: 21
83.101.72.0/21 maxlen: 21
83.101.80.0/21 maxlen: 21
83.101.88.0/21 maxlen: 21
83.101.96.0/21 maxlen: 21
83.101.104.0/21 maxlen: 21
83.101.112.0/21 maxlen: 21
83.101.120.0/21 maxlen: 21
89.150.192.0/20 maxlen: 20
89.150.208.0/20 maxlen: 20
89.150.224.0/20 maxlen: 20
89.150.240.0/20 maxlen: 20
94.45.160.0/19 maxlen: 19
94.45.160.0/24 maxlen: 24
94.45.161.0/24 maxlen: 24
94.45.163.0/24 maxlen: 24
94.45.191.0/24 maxlen: 24
94.74.64.0/20 maxlen: 20
94.244.128.0/20 maxlen: 20
94.244.144.0/20 maxlen: 20
94.244.160.0/20 maxlen: 20
94.244.176.0/20 maxlen: 20
176.52.128.0/19 maxlen: 19
176.52.128.0/20 maxlen: 20
176.52.144.0/20 maxlen: 20
188.119.192.0/20 maxlen: 20
188.119.208.0/20 maxlen: 20
188.119.224.0/20 maxlen: 20
188.119.240.0/20 maxlen: 20
188.239.0.0/18 maxlen: 18
188.239.0.0/20 maxlen: 20
188.239.16.0/20 maxlen: 20
188.239.32.0/20 maxlen: 20
188.239.48.0/20 maxlen: 20
212.34.192.0/19 maxlen: 19
212.34.192.0/20 maxlen: 20
212.34.208.0/20 maxlen: 20
213.250.128.0/19 maxlen: 19
213.250.128.0/20 maxlen: 20
213.250.144.0/20 maxlen: 20
213.250.160.0/20 maxlen: 20
213.250.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/_zNBly3YofaHHt6Gmjod2SUorrY.crl
rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/_zNBly3YofaHHt6Gmjod2SUorrY.mft
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_zNBly3YofaHHt6Gmjod2SUorrY.cer
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 03 May 2024 17:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2922 (0xb6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E678/serialNumber=FF3341972DD8A1F6871EDE869A3A1DD92528AEB6
Validity
Not Before: Apr 18 08:38:46 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=6620dc16-c3bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b9:c9:14:26:ef:ed:3e:e0:2c:a3:80:01:67:
38:19:10:73:43:8d:45:4e:f3:61:fa:ff:52:77:b7:
e4:55:7f:ff:34:c9:dd:6a:26:88:55:85:b9:a0:ca:
bb:71:ef:60:42:a5:17:f2:01:39:09:fe:dc:60:a6:
09:8f:84:03:ac:85:18:db:17:d9:cd:8f:f7:5c:36:
79:b6:31:60:2f:85:1a:a0:11:f7:a4:f2:d6:09:a0:
fd:0b:99:73:b8:b6:d0:ff:84:3d:18:ae:4c:85:b7:
28:11:96:1a:ea:34:bc:a5:4e:15:e5:4d:f0:87:64:
7d:78:48:c6:41:34:6f:77:3c:8e:da:2b:2b:12:ca:
82:c3:af:63:e4:23:82:60:1f:d2:e7:ea:3c:22:f5:
4e:20:f6:80:66:7d:65:58:51:61:73:ae:7e:8e:41:
13:66:1c:d4:39:87:be:e5:d7:a3:e9:7f:30:73:79:
f4:20:65:ea:56:01:6d:03:d5:4e:74:0c:dc:2c:f4:
64:cc:32:b7:7b:cc:c6:0f:a0:1d:6d:46:24:b9:44:
67:7f:e8:50:99:45:d6:4f:b6:83:70:b1:ae:26:70:
ad:78:ba:33:f5:48:21:fe:00:40:ea:e1:39:68:54:
2b:9b:c1:f4:12:91:6b:af:d4:3f:bc:2f:d7:7d:ac:
98:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:6E:A9:5B:11:F0:A7:22:43:46:9C:15:41:22:FD:72:10:E8:15:0C
X509v3 Authority Key Identifier:
keyid:FF:33:41:97:2D:D8:A1:F6:87:1E:DE:86:9A:3A:1D:D9:25:28:AE:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/_zNBly3YofaHHt6Gmjod2SUorrY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/_zNBly3YofaHHt6Gmjod2SUorrY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/BEB333FA225111EAB2CB8469C4F9AE02/01571CFC878511EE8A9D2C3FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
46.250.160.0/19
62.245.0.0/19
80.238.128.0/17
83.101.0.0/17
89.150.192.0/18
94.45.160.0/19
94.74.64.0/20
94.244.128.0/18
176.52.128.0/19
188.119.192.0/18
188.239.0.0/18
212.34.192.0/19
213.250.128.0/18
Signature Algorithm: sha256WithRSAEncryption
36:30:77:75:0b:79:94:94:1d:6d:12:bc:cb:c2:0b:3b:3e:5b:
67:14:14:98:4d:68:be:4c:0f:6f:20:da:03:10:85:ea:b4:ba:
7f:aa:03:03:bf:18:49:03:bd:c6:dd:e5:91:40:e2:9c:38:ec:
50:09:4a:b8:c5:16:56:e7:e7:c8:0c:24:14:75:dc:1f:9b:2f:
8a:ca:27:d9:d5:f8:4f:ea:3f:7e:b7:73:44:12:ee:d5:39:0d:
50:20:17:df:ac:9a:f3:69:55:5c:03:f2:9d:9b:ca:ce:7b:53:
cd:23:4a:c6:1f:0e:b6:c0:30:c1:af:bf:45:16:78:7e:3d:85:
7b:6f:fe:89:30:09:46:74:22:a6:54:98:68:cc:57:e4:a2:c8:
8f:50:25:25:9e:f1:da:df:97:af:01:3a:0c:53:2e:3e:2f:55:
5c:39:35:bd:fb:9a:21:9c:b8:74:d4:0f:76:55:b2:a3:a8:b1:
6e:5c:49:7f:7d:99:01:97:c7:59:f2:f4:e6:e6:dd:9a:40:9a:
bc:bc:85:c1:28:56:ed:c6:58:91:7f:38:a8:d4:c6:2a:87:81:
d6:cc:3a:f5:77:17:7a:e3:1b:04:4a:fb:eb:fe:1f:34:f3:d1:
23:2e:7e:af:70:82:9a:7f:59:73:75:d5:74:3f:f7:82:5d:57:
1c:a6:86:06
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgICC2owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U2NzgxMTAvBgNVBAUTKEZGMzM0MTk3MkREOEExRjY4NzFFREU4NjlBM0ExREQ5
MjUyOEFFQjYwHhcNMjQwNDE4MDgzODQ2WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjIwZGMxNi1jM2JiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtrnJFCbv7T7gLKOAAWc4GRBzQ41FTvNh+v9Sd7fkVX//NMndaiaIVYW5oMq7
ce9gQqUX8gE5Cf7cYKYJj4QDrIUY2xfZzY/3XDZ5tjFgL4UaoBH3pPLWCaD9C5lz
uLbQ/4Q9GK5MhbcoEZYa6jS8pU4V5U3wh2R9eEjGQTRvdzyO2isrEsqCw69j5COC
YB/S5+o8IvVOIPaAZn1lWFFhc65+jkETZhzUOYe+5dej6X8wc3n0IGXqVgFtA9VO
dAzcLPRkzDK3e8zGD6AdbUYkuURnf+hQmUXWT7aDcLGuJnCteLoz9Ugh/gBA6uE5
aFQrm8H0EpFrr9Q/vC/XfayY0QIDAQABo4IC3TCCAtkwHQYDVR0OBBYEFCtuqVsR
8KciQ0acFUEi/XIQ6BUMMB8GA1UdIwQYMBaAFP8zQZct2KH2hx7ehpo6HdklKK62
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC9CRUIzMzNGQTIy
NTExMUVBQjJDQjg0NjlDNEY5QUUwMi9fek5CbHkzWW9mYUhIdDZHbWpvZDJTVW9y
clkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL196TkJseTNZb2ZhSEh0Nkdtam9kMlNVb3JyWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U2NzgvQkVCMzMzRkEyMjUxMTFFQUIyQ0I4NDY5QzRGOUFFMDIvMDE1NzFDRkM4
Nzg1MTFFRThBOUQyQzNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZwYIKwYBBQUHAQcBAf8E
WDBWMFQEAgABME4DBAUu+qADBAU+9QADBAdQ7oADBAdTZQADBAZZlsADBAVeLaAD
BAReSkADBAZe9IADBAWwNIADBAa8d8ADBAa87wADBAXUIsADBAbV+oAwDQYJKoZI
hvcNAQELBQADggEBADYwd3ULeZSUHW0SvMvCCzs+W2cUFJhNaL5MD28g2gMQheq0
un+qAwO/GEkDvcbd5ZFA4pw47FAJSrjFFlbn58gMJBR13B+bL4rKJ9nV+E/qP363
c0QS7tU5DVAgF9+smvNpVVwD8p2bys57U80jSsYfDrbAMMGvv0UWeH49hXtv/okw
CUZ0IqZUmGjMV+SiyI9QJSWe8drfl68BOgxTLj4vVVw5Nb37miGcuHTUD3ZVsqOo
sW5cSX99mQGXx1ny9Obm3ZpAmry8hcEoVu3GWJF/OKjUxiqHgdbMOvV3F3rjGwRK
++v+HzTz0SMufq9wgpp/WXN11XQ/94JdVxymhgY=
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:19:16 2024 by rpki-client on console-ams.rpki-client.org