Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/7F12211CB57611EF8568F73EC4F9AE02.roa
File: 7F12211CB57611EF8568F73EC4F9AE02.roa (raw, json)
Hash identifier: tE7lbrYSKWHXNwxQkI50sh8OrhEWZzAGOQjYNvq3v5c=
Subject key identifier: B6:EA:0B:73:A1:47:75:15:72:28:09:FD:A0:C1:7C:DC:B5:F8:04:0C
Certificate issuer: /CN=A91AEB42/serialNumber=56237928548B082F5B13C16EDC3E6A7C2F80FCF1
Certificate serial: 01AD
Authority key identifier: 56:23:79:28:54:8B:08:2F:5B:13:C1:6E:DC:3E:6A:7C:2F:80:FC:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/7F12211CB57611EF8568F73EC4F9AE02.roa
Signing time: Sun 08 Dec 2024 15:10:01 +0000
ROA not before: Sun 08 Dec 2024 15:10:01 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 132839
IP address blocks: 43.229.212.0/22 maxlen: 24
43.230.168.0/22 maxlen: 24
43.240.48.0/22 maxlen: 24
43.241.44.0/22 maxlen: 24
43.249.24.0/22 maxlen: 24
43.251.104.0/22 maxlen: 24
45.64.108.0/22 maxlen: 24
45.114.168.0/22 maxlen: 24
45.115.124.0/22 maxlen: 24
45.120.80.0/22 maxlen: 24
45.127.36.0/22 maxlen: 24
45.127.124.0/22 maxlen: 24
45.250.196.0/22 maxlen: 24
103.36.20.0/22 maxlen: 24
103.37.40.0/22 maxlen: 24
103.40.112.0/22 maxlen: 24
103.42.176.0/22 maxlen: 24
103.49.8.0/22 maxlen: 24
103.49.248.0/22 maxlen: 24
103.54.124.0/22 maxlen: 24
103.55.128.0/22 maxlen: 24
103.60.148.0/22 maxlen: 24
103.75.12.0/22 maxlen: 24
103.75.44.0/22 maxlen: 24
103.80.16.0/22 maxlen: 24
103.85.188.0/22 maxlen: 24
103.195.192.0/22 maxlen: 24
103.196.60.0/22 maxlen: 24
103.200.124.0/22 maxlen: 24
103.204.76.0/22 maxlen: 24
103.214.164.0/22 maxlen: 24
103.215.212.0/22 maxlen: 24
103.219.104.0/22 maxlen: 24
103.233.248.0/22 maxlen: 24
116.193.168.0/22 maxlen: 24
117.120.60.0/22 maxlen: 24
120.89.68.0/22 maxlen: 24
121.54.160.0/22 maxlen: 24
144.48.124.0/22 maxlen: 24
157.119.92.0/22 maxlen: 24
182.161.68.0/22 maxlen: 24
202.165.120.0/22 maxlen: 24
2401:f940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.crl
rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 12 Apr 2025 02:30:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 429 (0x1ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEB42
Validity
Not Before: Dec 8 15:10:01 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6755b6c9-ff9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:80:ff:db:a7:3b:73:ea:4c:c7:74:bd:32:c4:
6e:03:00:be:49:03:45:37:d3:cc:64:5c:62:e3:f0:
54:3d:cb:51:c0:bd:bd:59:f1:1d:37:7a:a5:ff:b8:
c6:ba:81:16:4d:17:9e:20:08:a7:5f:90:4a:3c:b3:
e0:ce:60:a2:34:d8:25:a4:4a:ab:ad:31:48:f5:c1:
33:71:b6:1c:03:9d:57:8d:ae:d5:fe:5a:ac:e2:a7:
57:4d:40:3f:f1:a3:f0:2f:f8:35:2c:55:8d:16:d6:
d9:56:ad:b9:ad:6b:ed:14:68:7e:25:1c:ed:9e:a9:
b6:2e:71:3d:6a:11:de:e3:9b:bd:3c:9e:0a:f7:fe:
87:c4:68:59:e0:26:b0:ca:e7:3d:b0:90:a0:de:6d:
ad:a9:d3:8d:c2:65:23:25:f8:04:a6:89:8b:42:5f:
80:9e:e1:eb:97:03:04:ac:f2:c3:34:0e:50:9c:08:
f3:8e:f6:42:ef:39:ef:38:83:e0:90:38:11:40:78:
dd:8f:63:ac:7d:45:c0:62:8e:89:53:17:b2:8c:a9:
05:61:ff:c9:b9:01:11:b7:af:6c:ac:e1:42:9e:5d:
88:eb:d2:b8:3c:8a:c3:c0:b4:98:ee:df:4e:8c:1d:
74:e6:61:dd:5c:1f:1c:29:2f:4a:c1:5b:fa:c3:97:
1f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:EA:0B:73:A1:47:75:15:72:28:09:FD:A0:C1:7C:DC:B5:F8:04:0C
X509v3 Authority Key Identifier:
keyid:56:23:79:28:54:8B:08:2F:5B:13:C1:6E:DC:3E:6A:7C:2F:80:FC:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ViN5KFSLCC9bE8Fu3D5qfC-A_PE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEB42/1AD97B646A6E11EDBB990363C4F9AE02/7F12211CB57611EF8568F73EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.212.0/22
43.230.168.0/22
43.240.48.0/22
43.241.44.0/22
43.249.24.0/22
43.251.104.0/22
45.64.108.0/22
45.114.168.0/22
45.115.124.0/22
45.120.80.0/22
45.127.36.0/22
45.127.124.0/22
45.250.196.0/22
103.36.20.0/22
103.37.40.0/22
103.40.112.0/22
103.42.176.0/22
103.49.8.0/22
103.49.248.0/22
103.54.124.0/22
103.55.128.0/22
103.60.148.0/22
103.75.12.0/22
103.75.44.0/22
103.80.16.0/22
103.85.188.0/22
103.195.192.0/22
103.196.60.0/22
103.200.124.0/22
103.204.76.0/22
103.214.164.0/22
103.215.212.0/22
103.219.104.0/22
103.233.248.0/22
116.193.168.0/22
117.120.60.0/22
120.89.68.0/22
121.54.160.0/22
144.48.124.0/22
157.119.92.0/22
182.161.68.0/22
202.165.120.0/22
IPv6:
2401:f940::/32
Signature Algorithm: sha256WithRSAEncryption
84:b9:7c:3d:f6:a7:63:72:04:26:d1:f1:fd:82:36:01:8a:12:
25:3a:50:24:08:c4:a2:5d:4e:64:94:c0:33:41:bd:e3:bc:50:
46:0f:b4:ea:cd:00:f1:0b:82:e8:fa:48:79:37:db:2d:f3:34:
81:4a:31:8b:c9:74:5e:cc:01:e2:cf:7c:c3:4c:59:5f:95:35:
b5:91:db:d8:4e:e0:99:6a:7c:b2:7f:9b:85:1b:3d:56:a4:1f:
9d:9c:05:2f:02:05:37:4e:02:bb:ed:b9:bd:38:f6:52:4f:25:
d7:d7:da:f6:df:fa:c4:4a:69:e0:1d:40:7b:57:d7:45:91:2f:
13:2f:a1:e3:ae:e2:0e:5c:f8:fb:d8:f6:63:d1:d4:eb:83:f8:
7b:53:51:dd:bd:e5:b0:e5:57:16:19:fc:5f:46:05:ee:71:4e:
41:56:92:42:1e:77:6d:ba:a2:fe:12:8e:66:0e:cc:dd:c3:78:
ef:03:45:92:d1:e8:5d:ea:d6:a7:3c:73:79:6a:72:54:2b:c2:
b1:5d:3c:f9:39:de:bb:86:a6:ae:a0:27:d4:9d:8c:93:66:5d:
ae:fe:76:1b:1d:98:bb:43:55:9f:70:6c:bc:68:20:35:0c:00:
5b:20:b0:47:59:a8:a3:63:c8:04:40:18:07:67:c4:00:e4:51:
0e:cf:50:a6
-----BEGIN CERTIFICATE-----
MIIGfzCCBWegAwIBAgICAa0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUVCNDIxMTAvBgNVBAUTKDU2MjM3OTI4NTQ4QjA4MkY1QjEzQzE2RURDM0U2QTdD
MkY4MEZDRjEwHhcNMjQxMjA4MTUxMDAxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU1YjZjOS1mZjlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA04D/26c7c+pMx3S9MsRuAwC+SQNFN9PMZFxi4/BUPctRwL29WfEdN3ql/7jG
uoEWTReeIAinX5BKPLPgzmCiNNglpEqrrTFI9cEzcbYcA51Xja7V/lqs4qdXTUA/
8aPwL/g1LFWNFtbZVq25rWvtFGh+JRztnqm2LnE9ahHe45u9PJ4K9/6HxGhZ4Caw
yuc9sJCg3m2tqdONwmUjJfgEpomLQl+AnuHrlwMErPLDNA5QnAjzjvZC7znvOIPg
kDgRQHjdj2OsfUXAYo6JUxeyjKkFYf/JuQERt69srOFCnl2I69K4PIrDwLSY7t9O
jB105mHdXB8cKS9KwVv6w5cfzwIDAQABo4IDozCCA58wHQYDVR0OBBYEFLbqC3Oh
R3UVcigJ/aDBfNy1+AQMMB8GA1UdIwQYMBaAFFYjeShUiwgvWxPBbtw+anwvgPzx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUI0Mi8xQUQ5N0I2NDZB
NkUxMUVEQkI5OTAzNjNDNEY5QUUwMi9WaU41S0ZTTENDOWJFOEZ1M0Q1cWZDLUFf
UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZpTjVLRlNMQ0M5YkU4RnUzRDVxZkMtQV9QRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUVCNDIvMUFEOTdCNjQ2QTZFMTFFREJCOTkwMzYzQzRGOUFFMDIvN0YxMjIxMUNC
NTc2MTFFRjg1NjhGNzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggErBggrBgEFBQcBBwEB
/wSCARowggEWMIIBAwQCAAEwgfwDBAIr5dQDBAIr5qgDBAIr8DADBAIr8SwDBAIr
+RgDBAIr+2gDBAItQGwDBAItcqgDBAItc3wDBAIteFADBAItfyQDBAItf3wDBAIt
+sQDBAJnJBQDBAJnJSgDBAJnKHADBAJnKrADBAJnMQgDBAJnMfgDBAJnNnwDBAJn
N4ADBAJnPJQDBAJnSwwDBAJnSywDBAJnUBADBAJnVbwDBAJnw8ADBAJnxDwDBAJn
yHwDBAJnzEwDBAJn1qQDBAJn19QDBAJn22gDBAJn6fgDBAJ0wagDBAJ1eDwDBAJ4
WUQDBAJ5NqADBAKQMHwDBAKdd1wDBAK2oUQDBALKpXgwDQQCAAIwBwMFACQB+UAw
DQYJKoZIhvcNAQELBQADggEBAIS5fD32p2NyBCbR8f2CNgGKEiU6UCQIxKJdTmSU
wDNBveO8UEYPtOrNAPELguj6SHk32y3zNIFKMYvJdF7MAeLPfMNMWV+VNbWR29hO
4JlqfLJ/m4UbPVakH52cBS8CBTdOArvtub049lJPJdfX2vbf+sRKaeAdQHtX10WR
LxMvoeOu4g5c+PvY9mPR1OuD+HtTUd295bDlVxYZ/F9GBe5xTkFWkkIed226ov4S
jmYOzN3DeO8DRZLR6F3q1qc8c3lqclQrwrFdPPk53ruGpq6gJ9SdjJNmXa7+dhsd
mLtDVZ9wbLxoIDUMAFsgsEdZqKNjyARAGAdnxADkUQ7PUKY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:18:54 2025 by rpki-client