Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/D9E23E4A6D4C11EB938EC44DC4F9AE02.roa
File: D9E23E4A6D4C11EB938EC44DC4F9AE02.roa (raw, json)
Hash identifier: twh6qhZSVHLqsqE4ZeRMAhfEc2FEKfo/QNtTa8WFc90=
Subject key identifier: 87:64:2D:8B:E9:60:1E:BE:D3:18:87:6F:6E:AC:0A:D5:76:07:93:61
Certificate issuer: /CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Certificate serial: 35EC
Authority key identifier: 9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/D9E23E4A6D4C11EB938EC44DC4F9AE02.roa
Signing time: Thu 04 Apr 2024 15:21:14 +0000
ROA not before: Thu 04 Apr 2024 15:21:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45595
IP address blocks: 39.32.0.0/11 maxlen: 15
39.32.0.0/16 maxlen: 24
39.33.0.0/16 maxlen: 24
39.34.0.0/16 maxlen: 24
39.35.0.0/16 maxlen: 24
39.36.0.0/16 maxlen: 24
39.37.0.0/16 maxlen: 24
39.38.0.0/16 maxlen: 24
39.39.0.0/16 maxlen: 24
39.40.0.0/16 maxlen: 24
39.41.0.0/16 maxlen: 24
39.42.0.0/16 maxlen: 24
39.43.0.0/16 maxlen: 24
39.44.0.0/16 maxlen: 24
39.45.0.0/16 maxlen: 24
39.46.0.0/16 maxlen: 24
39.47.0.0/16 maxlen: 24
39.48.0.0/16 maxlen: 24
39.49.0.0/16 maxlen: 24
39.50.0.0/16 maxlen: 24
39.51.0.0/16 maxlen: 24
39.52.0.0/16 maxlen: 24
39.53.0.0/16 maxlen: 24
39.54.0.0/16 maxlen: 24
39.55.0.0/16 maxlen: 24
39.56.0.0/16 maxlen: 24
39.57.0.0/16 maxlen: 24
39.58.0.0/16 maxlen: 24
39.59.0.0/16 maxlen: 24
39.60.0.0/16 maxlen: 24
39.61.0.0/16 maxlen: 24
39.62.0.0/16 maxlen: 24
39.63.0.0/16 maxlen: 24
58.181.96.0/20 maxlen: 24
58.181.112.0/20 maxlen: 24
59.103.0.0/16 maxlen: 24
103.28.152.0/22 maxlen: 24
116.71.0.0/16 maxlen: 24
119.152.0.0/13 maxlen: 15
119.152.0.0/16 maxlen: 24
119.153.0.0/16 maxlen: 24
119.154.0.0/16 maxlen: 24
119.155.0.0/16 maxlen: 24
119.156.0.0/16 maxlen: 24
119.157.0.0/16 maxlen: 24
119.158.0.0/16 maxlen: 24
119.159.0.0/16 maxlen: 24
182.176.0.0/12 maxlen: 15
182.176.0.0/16 maxlen: 24
182.177.0.0/16 maxlen: 24
182.178.0.0/16 maxlen: 24
182.179.0.0/16 maxlen: 24
182.180.0.0/16 maxlen: 24
182.181.0.0/16 maxlen: 24
182.182.0.0/16 maxlen: 24
182.183.0.0/16 maxlen: 24
182.184.0.0/16 maxlen: 24
182.185.0.0/16 maxlen: 24
182.186.0.0/16 maxlen: 24
182.187.0.0/16 maxlen: 24
182.188.0.0/16 maxlen: 24
182.189.0.0/16 maxlen: 24
182.190.0.0/16 maxlen: 24
182.191.0.0/16 maxlen: 24
203.99.160.0/19 maxlen: 24
203.135.0.0/18 maxlen: 24
2404:7000::/32 maxlen: 48
2404:7000:0:3::/64 maxlen: 64
2404:7000:0:12::/64 maxlen: 64
2404:7000:0:302::/64 maxlen: 64
2404:7000:1000::/64 maxlen: 64
2404:7000:1010::/64 maxlen: 64
2404:7000:6000::/64 maxlen: 64
2404:7000:6100::/64 maxlen: 64
2404:7000:b100::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 May 2024 14:50:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13804 (0x35ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
Validity
Not Before: Apr 4 15:21:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=660ec56a-0b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:c3:11:d7:aa:56:66:8b:29:77:92:2b:c4:82:
2a:94:10:5b:d4:7e:56:d7:c9:b1:74:02:13:89:7e:
c7:f9:87:1e:a8:0a:ad:b9:da:a1:27:c0:50:f8:7b:
89:c4:c7:89:b8:47:ba:59:b6:13:ce:d9:22:82:83:
dd:a8:43:32:08:3d:a0:f6:a5:6d:ba:9f:3c:cd:e3:
05:f3:2e:ed:3e:38:5b:be:e8:84:95:25:6e:7c:64:
c6:c3:71:6a:85:ac:55:f9:e8:70:9e:04:6c:dc:e6:
34:13:ae:ae:8f:c6:bb:99:a5:82:93:6f:15:c5:ad:
4a:7d:eb:af:71:2e:40:e3:bf:38:44:12:9c:5d:3e:
3a:84:fd:54:32:38:81:d0:d3:2d:fe:ec:51:03:3f:
0f:93:ab:7c:da:ce:3d:79:e6:bd:66:04:25:07:12:
e2:51:aa:09:a0:3c:a8:e3:03:7c:27:5e:4f:f0:80:
df:2f:96:22:5c:9d:a3:cd:87:e2:16:b6:2b:49:68:
1d:23:ef:cf:c6:fc:71:57:a3:f0:00:94:8f:78:d6:
3f:7e:64:11:a0:de:73:c8:0c:72:e1:c5:6d:7a:72:
bb:80:b2:d2:25:74:3d:94:91:f8:fd:c4:d1:46:af:
70:d7:ef:37:75:c4:99:53:d8:4e:01:11:b0:e3:94:
70:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:64:2D:8B:E9:60:1E:BE:D3:18:87:6F:6E:AC:0A:D5:76:07:93:61
X509v3 Authority Key Identifier:
keyid:9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/D9E23E4A6D4C11EB938EC44DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
39.32.0.0/11
58.181.96.0/19
59.103.0.0/16
103.28.152.0/22
116.71.0.0/16
119.152.0.0/13
182.176.0.0/12
203.99.160.0/19
203.135.0.0/18
IPv6:
2404:7000::/32
Signature Algorithm: sha256WithRSAEncryption
1d:d4:b3:45:57:f5:f6:86:81:c3:35:da:4d:cc:70:5e:1a:3a:
c4:85:2a:33:0c:b3:90:a3:36:7f:da:35:72:40:34:c4:08:97:
f3:37:6c:0a:4d:26:80:55:49:8d:6a:6f:f1:8b:79:a9:30:fb:
78:13:ca:e8:35:d1:8b:0e:7d:67:aa:08:4e:e6:25:32:00:1a:
c0:30:08:70:57:b9:e9:fb:af:b4:02:f2:af:5c:66:0d:e9:2c:
6e:d2:39:72:d7:1a:75:69:c8:ca:df:0d:82:35:00:00:bf:25:
c1:c4:f0:d0:e6:df:08:c3:60:8f:95:85:aa:ea:17:63:93:bb:
81:92:34:6f:dd:89:4b:7b:0a:e2:10:6c:61:36:4e:4b:0c:b6:
c0:4f:e8:22:cf:14:c0:9f:e3:b2:6e:95:e2:fd:a9:24:12:97:
53:6f:a8:8f:97:60:fd:c2:24:c4:0a:f2:3a:2d:d3:c6:38:17:
40:e3:6c:81:47:18:48:c8:0c:0f:0c:3e:66:cd:45:1a:53:5d:
4d:46:60:19:fa:c0:af:fc:43:5f:b7:42:cb:8c:5a:33:f9:bc:
bf:ba:27:b7:fd:d5:08:22:61:49:b8:51:1a:4d:35:03:45:bc:
a2:17:66:f3:08:84:b0:ae:4c:3b:bb:c2:ff:35:e2:fd:32:1e:
5a:72:68:bf
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICNewwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThEQTAyNzBCNUNB
NzYwQUVCNTQwHhcNMjQwNDA0MTUyMTE0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBlYzU2YS0wYjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA68MR16pWZospd5IrxIIqlBBb1H5W18mxdAITiX7H+YceqAqtudqhJ8BQ+HuJ
xMeJuEe6WbYTztkigoPdqEMyCD2g9qVtup88zeMF8y7tPjhbvuiElSVufGTGw3Fq
haxV+ehwngRs3OY0E66uj8a7maWCk28Vxa1KfeuvcS5A4784RBKcXT46hP1UMjiB
0NMt/uxRAz8Pk6t82s49eea9ZgQlBxLiUaoJoDyo4wN8J15P8IDfL5YiXJ2jzYfi
FrYrSWgdI+/PxvxxV6PwAJSPeNY/fmQRoN5zyAxy4cVtenK7gLLSJXQ9lJH4/cTR
Rq9w1+83dcSZU9hOARGw45RwEQIDAQABo4ICzzCCAsswHQYDVR0OBBYEFIdkLYvp
YB6+0xiHb26sCtV2B5NhMB8GA1UdIwQYMBaAFJ7ZBVEHxw+Fu5Go2gJwtcp2CutU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDgzMi85REFGNzgwRTFE
OTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFmSEQ0VzdrYWphQW5DMXluWUs2
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250a0ZVUWZIRDRXN2thamFBbkMxeW5ZSzYxUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA4MzIvOURBRjc4MEUxRDk0MTFFMjk5MDFGM0Y4MDhCMDJDRDIvRDlFMjNFNEE2
RDRDMTFFQjkzOEVDNDREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMDcEAgABMDEDAwUnIAMEBTq1YAMDADtnAwQCZxyYAwMAdEcDAwN3mAMDBLaw
AwQFy2OgAwQGy4cAMA0EAgACMAcDBQAkBHAAMA0GCSqGSIb3DQEBCwUAA4IBAQAd
1LNFV/X2hoHDNdpNzHBeGjrEhSozDLOQozZ/2jVyQDTECJfzN2wKTSaAVUmNam/x
i3mpMPt4E8roNdGLDn1nqghO5iUyABrAMAhwV7np+6+0AvKvXGYN6Sxu0jly1xp1
acjK3w2CNQAAvyXBxPDQ5t8Iw2CPlYWq6hdjk7uBkjRv3YlLewriEGxhNk5LDLbA
T+gizxTAn+OybpXi/akkEpdTb6iPl2D9wiTECvI6LdPGOBdA42yBRxhIyAwPDD5m
zUUaU11NRmAZ+sCv/ENft0LLjFoz+by/uie3/dUIImFJuFEaTTUDRbyiF2bzCISw
rkw7u8L/NeL9Mh5acmi/
-----END CERTIFICATE-----
Generated at Sat May 4 15:45:47 2024 by rpki-client on console-fra.rpki-client.org