Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/CEA83BC8B55911EC9256FE19C4F9AE02.roa
File: CEA83BC8B55911EC9256FE19C4F9AE02.roa (raw, json)
Hash identifier: hQPvhUpeTrx9DNSv8Rwc826gKGrUqScdpfX6E65BZRA=
Subject key identifier: FE:46:93:D5:50:45:3A:84:0E:14:0B:00:A7:76:9A:9E:09:25:73:CC
Certificate issuer: /CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420
Certificate serial: 07FE
Authority key identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/CEA83BC8B55911EC9256FE19C4F9AE02.roa
Signing time: Thu 04 Jan 2024 21:59:25 +0000
ROA not before: Thu 04 Jan 2024 21:59:25 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 45577
IP address blocks: 101.234.132.0/23 maxlen: 24
101.234.134.0/24 maxlen: 24
101.234.135.0/24 maxlen: 24
101.234.136.0/24 maxlen: 24
101.234.140.0/23 maxlen: 24
101.234.144.0/23 maxlen: 24
101.234.146.0/23 maxlen: 24
101.234.148.0/24 maxlen: 24
101.234.149.0/24 maxlen: 24
101.234.150.0/24 maxlen: 24
101.234.151.0/24 maxlen: 24
101.234.152.0/24 maxlen: 24
101.234.154.0/24 maxlen: 24
101.234.155.0/24 maxlen: 24
101.234.156.0/24 maxlen: 24
101.234.157.0/24 maxlen: 24
101.234.158.0/24 maxlen: 24
101.234.159.0/24 maxlen: 24
101.234.160.0/24 maxlen: 24
101.234.170.0/24 maxlen: 24
101.234.171.0/24 maxlen: 24
111.125.160.0/24 maxlen: 24
111.125.161.0/24 maxlen: 24
111.125.162.0/23 maxlen: 23
111.125.162.0/24 maxlen: 24
111.125.164.0/23 maxlen: 23
111.125.164.0/23 maxlen: 24
111.125.168.0/23 maxlen: 23
111.125.168.0/23 maxlen: 24
111.125.170.0/23 maxlen: 23
111.125.170.0/23 maxlen: 24
111.125.172.0/23 maxlen: 23
111.125.172.0/23 maxlen: 24
111.125.174.0/23 maxlen: 23
111.125.174.0/23 maxlen: 24
114.111.128.0/24 maxlen: 24
114.111.129.0/24 maxlen: 24
114.111.130.0/23 maxlen: 23
114.111.130.0/23 maxlen: 24
114.111.132.0/24 maxlen: 24
114.111.133.0/24 maxlen: 24
114.111.134.0/23 maxlen: 23
114.111.135.0/24 maxlen: 24
114.111.136.0/23 maxlen: 23
114.111.137.0/24 maxlen: 24
114.111.138.0/23 maxlen: 24
114.111.140.0/24 maxlen: 24
114.111.141.0/24 maxlen: 24
114.111.142.0/24 maxlen: 24
114.111.143.0/24 maxlen: 24
114.111.144.0/23 maxlen: 23
114.111.144.0/23 maxlen: 24
114.111.146.0/23 maxlen: 24
114.111.148.0/23 maxlen: 24
114.111.150.0/23 maxlen: 24
114.111.156.0/23 maxlen: 24
114.111.158.0/23 maxlen: 24
122.100.0.0/24 maxlen: 24
122.100.1.0/24 maxlen: 24
122.100.2.0/24 maxlen: 24
122.100.3.0/24 maxlen: 24
122.100.4.0/24 maxlen: 24
122.100.6.0/24 maxlen: 24
122.100.7.0/24 maxlen: 24
122.100.8.0/24 maxlen: 24
122.100.9.0/24 maxlen: 24
122.100.10.0/23 maxlen: 24
122.100.14.0/24 maxlen: 24
122.100.15.0/24 maxlen: 24
2406:5800:800::/38 maxlen: 38
2406:5800:c00::/38 maxlen: 56
2406:5800:ff00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl
rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 20:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2046 (0x7fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420
Validity
Not Before: Jan 4 21:59:25 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=65972a3d-4d57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:02:74:83:a1:d1:ce:54:8a:1c:fd:0d:44:e3:
64:8d:47:5f:32:77:d9:ab:4c:76:25:c3:50:5a:c9:
af:f0:f2:36:78:3b:07:51:18:57:c0:29:40:62:76:
0a:8b:a7:af:47:71:b1:a3:ff:45:74:66:eb:db:93:
35:d3:67:6f:bc:89:be:14:4b:0b:d5:0e:0d:73:cd:
9a:6d:a0:0a:a0:ee:62:3b:44:fc:16:09:bb:b4:fe:
73:38:1a:ab:4d:42:4d:01:fa:84:83:95:b6:1f:ed:
8b:fa:36:9c:6e:dc:59:3c:c3:d0:36:de:38:fe:76:
20:a9:1d:09:9f:ff:1f:79:59:0a:9a:0e:b0:35:c2:
33:eb:18:04:4c:20:6d:1e:2a:d4:02:74:1d:c8:f1:
18:4e:86:c3:96:62:d2:25:fc:5d:e3:85:29:4b:3e:
5b:69:8b:f2:e5:b5:a6:43:c9:a8:53:65:70:86:2c:
9c:28:e4:04:71:b5:7a:92:3c:03:07:48:cf:31:73:
7f:ac:cb:70:f6:62:41:91:f3:07:d5:c2:81:98:59:
03:83:37:5d:21:df:99:8d:7d:ce:64:e7:50:3d:e4:
0b:3f:ec:fc:5f:75:b5:d9:b2:3b:76:eb:c3:9b:d5:
84:a4:ea:a2:ce:11:bb:40:77:0f:d4:b3:ba:e8:dd:
1f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:46:93:D5:50:45:3A:84:0E:14:0B:00:A7:76:9A:9E:09:25:73:CC
X509v3 Authority Key Identifier:
keyid:6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/CEA83BC8B55911EC9256FE19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.234.132.0-101.234.136.255
101.234.140.0/23
101.234.144.0-101.234.152.255
101.234.154.0-101.234.160.255
101.234.170.0/23
111.125.160.0-111.125.165.255
111.125.168.0/21
114.111.128.0-114.111.151.255
114.111.156.0/22
122.100.0.0-122.100.4.255
122.100.6.0-122.100.11.255
122.100.14.0/23
IPv6:
2406:5800:800::/37
2406:5800:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
08:a8:6a:3c:be:39:d0:6e:d9:89:d3:f6:fa:80:b7:68:d2:5f:
d4:29:d5:b1:5f:04:eb:8a:07:d2:10:72:2f:96:b1:33:78:1f:
2a:e2:39:80:6c:62:ad:e1:30:77:86:e1:d1:19:c1:39:e1:cf:
f5:ce:01:f9:88:56:95:1d:fa:16:35:90:24:5e:a6:fd:c5:25:
37:12:85:23:d2:0c:df:80:f8:5b:91:54:b7:e3:a6:fe:8f:c4:
74:f8:6b:cd:20:f8:87:bc:5d:0d:35:e5:22:78:38:a7:a7:bc:
bf:6f:e2:14:38:43:72:4f:b3:27:6c:13:02:57:cf:44:97:3c:
a8:5d:f5:d3:3f:22:87:b2:39:51:77:19:1a:27:60:08:df:1a:
4d:a1:d9:84:18:9a:b5:f1:bf:d2:b9:96:84:56:05:a3:92:3a:
5b:9d:f5:ed:ec:7d:a7:66:7a:00:d1:1f:ce:e5:e6:e6:3c:94:
cf:c4:d7:d2:58:82:9f:ab:c2:f0:5c:e1:6e:15:56:c9:05:3f:
aa:68:1e:77:1b:b4:eb:a3:f5:ec:43:d9:d4:77:07:38:42:3a:
42:3a:01:11:53:0c:81:b7:e8:86:ce:86:65:e0:1c:5a:0b:e6:
80:1f:d0:ff:cc:77:d0:6d:56:7b:22:a4:9d:5b:ae:26:56:26:
95:8a:b6:8c
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgICB/4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU0NkUxMTAvBgNVBAUTKDZDNUE1ODlGOTI0Q0U5QkVEMUZEODlGNUFGRjYzMEM5
Mjc1NzQ0MjAwHhcNMjQwMTA0MjE1OTI1WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk3MmEzZC00ZDU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnQJ0g6HRzlSKHP0NRONkjUdfMnfZq0x2JcNQWsmv8PI2eDsHURhXwClAYnYK
i6evR3Gxo/9FdGbr25M102dvvIm+FEsL1Q4Nc82abaAKoO5iO0T8Fgm7tP5zOBqr
TUJNAfqEg5W2H+2L+jacbtxZPMPQNt44/nYgqR0Jn/8feVkKmg6wNcIz6xgETCBt
HirUAnQdyPEYTobDlmLSJfxd44UpSz5baYvy5bWmQ8moU2VwhiycKOQEcbV6kjwD
B0jPMXN/rMtw9mJBkfMH1cKBmFkDgzddId+ZjX3OZOdQPeQLP+z8X3W12bI7duvD
m9WEpOqizhG7QHcP1LO66N0fcwIDAQABo4IDKzCCAycwHQYDVR0OBBYEFP5Gk9VQ
RTqEDhQLAKd2mp4JJXPMMB8GA1UdIwQYMBaAFGxaWJ+STOm+0f2J9a/2MMknV0Qg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTQ2RS8wQ0Q0MURBOEI3
NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZiN1JfWW4xcl9Zd3lTZFhS
Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JGcFluNUpNNmI3Ul9ZbjFyX1l3eVNkWFJDQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU0NkUvMENENDFEQThCNzZBMTFFQTgxNEY1MDg0QzRGOUFFMDIvQ0VBODNCQzhC
NTU5MTFFQzkyNTZGRTE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbQGCCsGAQUFBwEHAQH/
BIGkMIGhMIGFBAIAATB/MAwDBAJl6oQDBABl6ogDBAFl6owwDAMEBGXqkAMEAGXq
mDAMAwQBZeqaAwQAZeqgAwQBZeqqMAwDBAVvfaADBAFvfaQDBANvfagwDAMEB3Jv
gAMEA3JvkAMEAnJvnDALAwMCemQDBAB6ZAQwDAMEAXpkBgMEAnpkCAMEAXpkDjAX
BAIAAjARAwYDJAZYAAgDBwAkBlgA/wAwDQYJKoZIhvcNAQELBQADggEBAAioajy+
OdBu2YnT9vqAt2jSX9Qp1bFfBOuKB9IQci+WsTN4HyriOYBsYq3hMHeG4dEZwTnh
z/XOAfmIVpUd+hY1kCRepv3FJTcShSPSDN+A+FuRVLfjpv6PxHT4a80g+Ie8XQ01
5SJ4OKenvL9v4hQ4Q3JPsydsEwJXz0SXPKhd9dM/IoeyOVF3GRonYAjfGk2h2YQY
mrXxv9K5loRWBaOSOlud9e3sfadmegDRH87l5uY8lM/E19JYgp+rwvBc4W4VVskF
P6poHncbtOuj9exD2dR3BzhCOkI6ARFTDIG36IbOhmXgHFoL5oAf0P/Md9BtVnsi
pJ1briZWJpWKtow=
-----END CERTIFICATE-----
Generated at Thu May 16 22:58:18 2024 by rpki-client on console-fra.rpki-client.org