Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa
File: C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa (raw, json)
Hash identifier: oYydxPk4UhXwzQt6ATEzMXRyl5GNnPSrO9reRguBtdM=
Subject key identifier: 71:68:54:1B:E2:73:AD:C7:3E:9C:90:F5:BE:AC:56:BB:21:5F:AC:5C
Certificate issuer: /CN=A919E1AE/serialNumber=53BDE26D825F677F9AC4286F9A67661F5C49B569
Certificate serial: 0885
Authority key identifier: 53:BD:E2:6D:82:5F:67:7F:9A:C4:28:6F:9A:67:66:1F:5C:49:B5:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa
Signing time: Wed 31 Jul 2024 21:49:06 +0000
ROA not before: Wed 31 Jul 2024 21:49:06 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 17924
IP address blocks: 45.64.240.0/22 maxlen: 24
49.130.0.0/15 maxlen: 15
49.130.0.0/17 maxlen: 18
49.130.128.0/24 maxlen: 24
49.130.129.0/24 maxlen: 24
49.130.130.0/24 maxlen: 24
49.130.131.0/24 maxlen: 24
49.130.132.0/23 maxlen: 24
49.130.134.0/23 maxlen: 24
49.130.136.0/21 maxlen: 21
49.130.144.0/20 maxlen: 20
49.130.160.0/19 maxlen: 19
49.130.192.0/18 maxlen: 18
49.131.0.0/17 maxlen: 18
49.131.128.0/17 maxlen: 17
103.1.16.0/22 maxlen: 22
121.202.0.0/15 maxlen: 15
121.202.0.0/18 maxlen: 18
121.202.64.0/19 maxlen: 19
121.202.96.0/20 maxlen: 20
121.202.124.0/24 maxlen: 24
121.202.126.0/24 maxlen: 24
121.202.127.0/24 maxlen: 24
121.202.128.0/17 maxlen: 17
121.202.131.0/24 maxlen: 24
121.202.132.0/24 maxlen: 24
121.202.137.0/24 maxlen: 24
121.202.142.0/24 maxlen: 24
121.202.150.0/24 maxlen: 24
121.202.160.0/19 maxlen: 19
121.202.206.0/24 maxlen: 24
121.202.232.0/22 maxlen: 22
121.202.236.0/22 maxlen: 22
121.202.251.0/24 maxlen: 24
121.202.252.0/24 maxlen: 24
121.202.253.0/24 maxlen: 24
121.202.254.0/24 maxlen: 24
121.203.0.0/20 maxlen: 20
121.203.16.0/20 maxlen: 20
121.203.32.0/20 maxlen: 20
121.203.48.0/20 maxlen: 20
121.203.64.0/18 maxlen: 18
121.203.64.0/21 maxlen: 21
121.203.72.0/21 maxlen: 21
121.203.80.0/21 maxlen: 21
121.203.88.0/21 maxlen: 21
121.203.96.0/21 maxlen: 21
121.203.104.0/21 maxlen: 21
121.203.112.0/21 maxlen: 21
121.203.120.0/21 maxlen: 21
121.203.128.0/18 maxlen: 18
121.203.192.0/19 maxlen: 19
121.203.224.0/20 maxlen: 20
121.203.240.0/21 maxlen: 21
121.203.248.0/21 maxlen: 21
180.219.0.0/16 maxlen: 16
180.219.0.0/20 maxlen: 24
180.219.16.0/20 maxlen: 24
180.219.32.0/20 maxlen: 24
180.219.48.0/20 maxlen: 24
180.219.64.0/20 maxlen: 24
180.219.80.0/20 maxlen: 24
180.219.96.0/20 maxlen: 24
180.219.112.0/20 maxlen: 24
180.219.128.0/20 maxlen: 24
180.219.144.0/20 maxlen: 24
180.219.160.0/20 maxlen: 24
180.219.176.0/20 maxlen: 24
180.219.192.0/19 maxlen: 19
180.219.192.0/20 maxlen: 24
180.219.208.0/21 maxlen: 24
180.219.216.0/21 maxlen: 24
180.219.224.0/19 maxlen: 19
180.219.224.0/21 maxlen: 24
180.219.232.0/21 maxlen: 24
180.219.240.0/21 maxlen: 24
180.219.248.0/21 maxlen: 24
182.152.0.0/15 maxlen: 15
182.152.0.0/17 maxlen: 17
182.152.128.0/17 maxlen: 17
182.152.128.0/21 maxlen: 21
182.152.136.0/21 maxlen: 21
182.152.144.0/21 maxlen: 21
182.152.152.0/21 maxlen: 21
182.152.160.0/21 maxlen: 21
182.152.168.0/21 maxlen: 21
182.152.176.0/21 maxlen: 21
182.152.184.0/21 maxlen: 21
182.152.192.0/21 maxlen: 21
182.152.200.0/21 maxlen: 21
182.152.208.0/21 maxlen: 21
182.152.216.0/21 maxlen: 21
182.152.224.0/21 maxlen: 21
182.152.232.0/21 maxlen: 21
182.152.240.0/21 maxlen: 21
182.152.248.0/21 maxlen: 21
182.153.0.0/18 maxlen: 19
182.153.64.0/19 maxlen: 19
182.153.128.0/19 maxlen: 19
182.153.160.0/19 maxlen: 19
182.153.192.0/19 maxlen: 19
182.153.224.0/19 maxlen: 19
182.153.248.0/21 maxlen: 21
203.78.32.0/21 maxlen: 21
203.78.32.0/24 maxlen: 24
203.78.36.0/24 maxlen: 24
203.78.37.0/24 maxlen: 24
203.78.40.0/22 maxlen: 22
203.78.40.0/24 maxlen: 24
203.78.41.0/24 maxlen: 24
203.78.42.0/24 maxlen: 24
2407:b400::/32 maxlen: 32
2407:b400:31:11::/64 maxlen: 64
2407:b400:51:3::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.crl
rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:23:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2181 (0x885)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919E1AE/serialNumber=53BDE26D825F677F9AC4286F9A67661F5C49B569
Validity
Not Before: Jul 31 21:49:06 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66aab152-0aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:9f:c6:10:0f:c7:d7:b4:71:ef:61:ba:2d:27:
6d:63:10:9a:2e:19:cd:7d:b9:8d:22:3c:aa:9a:5e:
9b:b0:ac:62:39:1c:b6:4c:4a:d1:65:7f:75:b2:d2:
f4:40:34:43:51:6f:41:7e:87:c6:9c:07:dc:91:ff:
ec:d8:26:29:d1:48:70:be:da:c5:e2:43:1f:29:0e:
54:35:13:6a:19:ce:48:eb:23:48:13:4d:fa:97:51:
ff:9f:28:50:58:53:fa:9c:37:8c:a3:c0:10:83:ef:
5e:bb:a3:0c:17:c1:33:fc:3f:d2:60:83:44:fb:2e:
4c:b9:ce:24:cd:98:4f:01:95:de:db:4b:cf:48:7d:
31:d6:46:11:6b:82:77:88:9a:43:a7:cf:05:9a:c0:
a4:04:12:4f:fc:78:01:fc:55:cd:5b:da:8b:3c:d7:
4b:c2:52:84:79:24:33:3d:4e:4b:56:61:9c:b3:3f:
c1:6b:7b:d3:41:e3:b1:e0:be:02:18:f0:ac:6a:0c:
4d:6c:25:d5:38:53:76:1a:9a:72:32:99:84:27:38:
15:ad:db:86:6c:bd:97:39:c2:44:59:40:73:1e:8f:
80:2a:0d:03:46:82:13:73:8e:20:08:87:e4:28:c1:
ec:cb:60:33:62:82:b9:21:78:cc:28:cd:42:a4:02:
59:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:68:54:1B:E2:73:AD:C7:3E:9C:90:F5:BE:AC:56:BB:21:5F:AC:5C
X509v3 Authority Key Identifier:
keyid:53:BD:E2:6D:82:5F:67:7F:9A:C4:28:6F:9A:67:66:1F:5C:49:B5:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/U73ibYJfZ3-axChvmmdmH1xJtWk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U73ibYJfZ3-axChvmmdmH1xJtWk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E1AE/B40BB1B8B12E11EA9A95B56AC4F9AE02/C8DC6BD8EBF311EEAD0C015FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.240.0/22
49.130.0.0/15
103.1.16.0/22
121.202.0.0/15
180.219.0.0/16
182.152.0.0/15
203.78.32.0-203.78.43.255
IPv6:
2407:b400::/32
Signature Algorithm: sha256WithRSAEncryption
30:ca:e8:f3:7c:d0:ed:e6:25:ef:c3:96:72:4d:38:6b:cf:7d:
de:42:cd:72:a8:c4:f5:23:51:33:37:97:5c:8b:2b:d2:b1:ba:
bb:c5:90:da:35:a7:59:7d:de:c9:fd:48:09:2a:62:d6:42:ba:
95:35:ae:a0:18:df:4c:aa:04:67:d4:48:1f:0e:80:7a:10:fe:
c4:c8:7e:b1:0e:94:8f:7a:94:34:51:22:7d:08:33:c7:c6:39:
32:6b:3d:53:8b:45:d5:a4:0c:a1:fe:ff:c1:8a:90:1f:7b:11:
6b:19:43:19:1e:6a:23:f1:d9:d3:4e:42:dc:be:b5:2a:b4:7e:
84:4c:e7:5a:53:5d:30:54:69:20:5b:f1:2f:d4:31:b0:77:62:
58:49:c5:08:df:52:63:bc:8c:33:f0:87:a9:de:64:19:3f:b5:
98:5c:91:5e:9b:c2:70:ba:42:8c:76:98:e3:ce:5a:81:bc:47:
f8:fd:4c:21:2a:cf:fa:32:72:02:7e:05:a0:08:82:e6:44:d7:
b9:31:43:b9:f1:e7:50:b8:19:e7:e6:02:19:fc:bc:4e:5c:5a:
46:70:e8:b7:45:6d:f1:ca:de:6c:1d:0c:b4:c7:22:80:a7:02:
8d:37:0d:db:6f:57:a3:d6:62:e2:ce:93:0f:5e:92:f7:b8:cc:
53:37:7b:14
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgICCIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUUxQUUxMTAvBgNVBAUTKDUzQkRFMjZEODI1RjY3N0Y5QUM0Mjg2RjlBNjc2NjFG
NUM0OUI1NjkwHhcNMjQwNzMxMjE0OTA2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFhYjE1Mi0wYWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3Z/GEA/H17Rx72G6LSdtYxCaLhnNfbmNIjyqml6bsKxiORy2TErRZX91stL0
QDRDUW9BfofGnAfckf/s2CYp0UhwvtrF4kMfKQ5UNRNqGc5I6yNIE036l1H/nyhQ
WFP6nDeMo8AQg+9eu6MMF8Ez/D/SYINE+y5Muc4kzZhPAZXe20vPSH0x1kYRa4J3
iJpDp88FmsCkBBJP/HgB/FXNW9qLPNdLwlKEeSQzPU5LVmGcsz/Ba3vTQeOx4L4C
GPCsagxNbCXVOFN2GppyMpmEJzgVrduGbL2XOcJEWUBzHo+AKg0DRoITc44gCIfk
KMHsy2AzYoK5IXjMKM1CpAJZVwIDAQABo4ICzDCCAsgwHQYDVR0OBBYEFHFoVBvi
c63HPpyQ9b6sVrshX6xcMB8GA1UdIwQYMBaAFFO94m2CX2d/msQob5pnZh9cSbVp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RTFBRS9CNDBCQjFCOEIx
MkUxMUVBOUE5NUI1NkFDNEY5QUUwMi9VNzNpYllKZlozLWF4Q2h2bW1kbUgxeEp0
V2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1U3M2liWUpmWjMtYXhDaHZtbWRtSDF4SnRXay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUUxQUUvQjQwQkIxQjhCMTJFMTFFQTlBOTVCNTZBQzRGOUFFMDIvQzhEQzZCRDhF
QkYzMTFFRUFEMEMwMTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVgYIKwYBBQUHAQcBAf8E
RzBFMDQEAgABMC4DBAItQPADAwExggMEAmcBEAMDAXnKAwMAtNsDAwG2mDAMAwQF
y04gAwQCy04oMA0EAgACMAcDBQAkB7QAMA0GCSqGSIb3DQEBCwUAA4IBAQAwyujz
fNDt5iXvw5ZyTThrz33eQs1yqMT1I1EzN5dciyvSsbq7xZDaNadZfd7J/UgJKmLW
QrqVNa6gGN9MqgRn1EgfDoB6EP7EyH6xDpSPepQ0USJ9CDPHxjkyaz1Ti0XVpAyh
/v/BipAfexFrGUMZHmoj8dnTTkLcvrUqtH6ETOdaU10wVGkgW/Ev1DGwd2JYScUI
31JjvIwz8Iep3mQZP7WYXJFem8JwukKMdpjjzlqBvEf4/UwhKs/6MnICfgWgCILm
RNe5MUO58edQuBnn5gIZ/LxOXFpGcOi3RW3xyt5sHQy0xyKApwKNNw3bb1ej1mLi
zpMPXpL3uMxTN3sU
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:36 2024 by rpki-client on console-ams.rpki-client.org