Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BFE6A/1D64328ED38711E8BD70755CC4F9AE02/CEBECC28D38811E8A763B462C4F9AE02.roa
File: CEBECC28D38811E8A763B462C4F9AE02.roa (raw, json)
Hash identifier: CyPCkB+xF7/7LV5tDeHmCsATVCTbsm9N+YA32mChPrU=
Subject key identifier: CD:10:87:97:2E:79:4B:22:66:3C:93:46:0B:6B:0E:34:27:A3:15:41
Certificate issuer: /CN=A91BFE6A/serialNumber=EF62F155C1971D504941F571EEDFAC0AFCC52859
Certificate serial: 11C6
Authority key identifier: EF:62:F1:55:C1:97:1D:50:49:41:F5:71:EE:DF:AC:0A:FC:C5:28:59
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72LxVcGXHVBJQfVx7t-sCvzFKFk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BFE6A/1D64328ED38711E8BD70755CC4F9AE02/CEBECC28D38811E8A763B462C4F9AE02.roa
Signing time: Mon 20 May 2024 17:56:02 +0000
ROA not before: Mon 20 May 2024 17:56:02 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 38001
IP address blocks: 43.245.60.0/24 maxlen: 24
43.245.61.0/24 maxlen: 24
43.245.62.0/24 maxlen: 24
43.245.63.0/24 maxlen: 24
45.119.200.0/24 maxlen: 24
45.119.201.0/24 maxlen: 24
45.119.202.0/24 maxlen: 24
103.14.76.0/24 maxlen: 24
103.14.77.0/24 maxlen: 24
103.14.79.0/24 maxlen: 24
103.25.52.0/24 maxlen: 24
103.60.8.0/24 maxlen: 24
103.200.216.0/24 maxlen: 24
103.200.217.0/24 maxlen: 24
103.200.218.0/24 maxlen: 24
103.200.219.0/24 maxlen: 24
119.161.101.0/24 maxlen: 24
119.161.102.0/24 maxlen: 24
119.161.103.0/24 maxlen: 24
202.150.208.0/20 maxlen: 20
202.150.208.0/24 maxlen: 24
202.150.209.0/24 maxlen: 24
202.150.210.0/24 maxlen: 24
202.150.211.0/24 maxlen: 24
202.150.212.0/24 maxlen: 24
202.150.213.0/24 maxlen: 24
202.150.214.0/24 maxlen: 24
202.150.215.0/24 maxlen: 24
202.150.216.0/24 maxlen: 24
202.150.217.0/24 maxlen: 24
202.150.218.0/24 maxlen: 24
202.150.219.0/24 maxlen: 24
202.150.220.0/24 maxlen: 24
202.150.221.0/24 maxlen: 24
202.150.222.0/24 maxlen: 24
202.150.223.0/24 maxlen: 24
203.174.80.0/21 maxlen: 21
203.174.80.0/24 maxlen: 24
203.174.81.0/24 maxlen: 24
203.174.82.0/24 maxlen: 24
203.174.83.0/24 maxlen: 24
203.174.84.0/24 maxlen: 24
203.174.85.0/24 maxlen: 24
203.174.86.0/24 maxlen: 24
203.174.87.0/24 maxlen: 24
2406:f400::/32 maxlen: 32
2406:f400::/44 maxlen: 44
2406:f400:20::/44 maxlen: 44
2406:f400:40::/44 maxlen: 44
2406:f400:80::/44 maxlen: 44
2406:f400:b0::/44 maxlen: 44
2406:f400:100::/44 maxlen: 44
2406:f400:130::/44 maxlen: 44
2406:f400:160::/44 maxlen: 44
2406:f400:161::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91BFE6A/1D64328ED38711E8BD70755CC4F9AE02/72LxVcGXHVBJQfVx7t-sCvzFKFk.crl
rsync://rpki.apnic.net/member_repository/A91BFE6A/1D64328ED38711E8BD70755CC4F9AE02/72LxVcGXHVBJQfVx7t-sCvzFKFk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72LxVcGXHVBJQfVx7t-sCvzFKFk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 17:06:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4550 (0x11c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BFE6A/serialNumber=EF62F155C1971D504941F571EEDFAC0AFCC52859
Validity
Not Before: May 20 17:56:02 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=664b8eb1-7999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:17:fd:6b:8b:fd:e7:b6:ee:f2:92:a7:b8:30:
d2:98:2b:50:06:1f:c5:b4:fa:f5:5c:83:0c:43:7e:
cd:01:a8:e3:9d:26:91:6c:eb:9a:83:08:82:c3:ac:
88:5c:44:cc:e7:3e:65:a6:3a:d0:a0:28:93:28:61:
ae:28:86:64:ee:2e:79:e5:cd:60:27:97:32:c5:33:
09:be:66:e2:1a:92:2c:ae:94:0a:87:1e:90:7d:e4:
fc:87:26:25:c8:c2:50:6b:22:ae:39:13:04:dd:e4:
6a:cf:5a:30:55:b3:0a:01:1a:f6:d2:46:48:47:d8:
25:2d:e1:22:90:35:ba:d3:92:75:35:76:ff:ba:b5:
78:f8:0a:15:5b:42:ff:a2:74:5e:be:b3:21:78:b7:
fd:03:49:ff:b8:fd:13:af:90:88:aa:02:07:bf:0e:
3f:66:e2:83:60:a9:d1:1b:5b:35:3f:10:0a:48:47:
ce:2d:26:e9:a4:72:7d:33:f1:b9:66:4f:97:20:95:
e1:07:ce:1b:79:7b:45:dd:fc:c0:be:63:f8:d9:f8:
24:cc:9f:0e:f1:39:ad:9d:fd:d7:ee:d3:93:b0:b9:
e7:6b:72:54:22:84:35:b3:8b:06:8a:80:b1:04:42:
61:01:9e:60:bd:43:74:29:a0:2d:de:c9:b4:a6:7b:
49:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:10:87:97:2E:79:4B:22:66:3C:93:46:0B:6B:0E:34:27:A3:15:41
X509v3 Authority Key Identifier:
keyid:EF:62:F1:55:C1:97:1D:50:49:41:F5:71:EE:DF:AC:0A:FC:C5:28:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BFE6A/1D64328ED38711E8BD70755CC4F9AE02/72LxVcGXHVBJQfVx7t-sCvzFKFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/72LxVcGXHVBJQfVx7t-sCvzFKFk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BFE6A/1D64328ED38711E8BD70755CC4F9AE02/CEBECC28D38811E8A763B462C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.60.0/22
45.119.200.0-45.119.202.255
103.14.76.0/23
103.14.79.0/24
103.25.52.0/24
103.60.8.0/24
103.200.216.0/22
119.161.101.0-119.161.103.255
202.150.208.0/20
203.174.80.0/21
IPv6:
2406:f400::/32
Signature Algorithm: sha256WithRSAEncryption
59:ca:c1:b4:68:5c:5a:2b:15:e5:c2:a8:b0:49:36:f2:b2:f6:
8e:b2:24:9b:e1:11:3f:f3:33:74:9c:aa:13:c5:94:aa:41:ca:
c0:f0:40:54:3d:39:54:4f:6d:70:ed:6b:bd:b8:ca:9f:40:d9:
17:29:e1:7d:4e:3f:fc:88:f7:0d:52:b0:81:3d:cd:05:73:05:
0a:4a:4c:06:e7:a1:3b:73:e0:de:57:46:87:35:cb:25:4d:c4:
e1:b6:1b:d9:36:36:37:99:ab:68:a1:f9:58:42:c0:74:ab:5d:
c0:39:0e:46:03:3d:dc:e1:db:bd:38:23:87:7e:9d:fd:90:85:
ea:8e:db:bc:da:ba:2a:7f:56:37:b2:b5:db:3f:59:74:46:9a:
e4:1d:a6:41:fa:2e:01:9f:18:77:5a:e0:5c:06:e4:c7:32:e8:
f4:db:9c:72:74:8a:2d:cf:0f:28:ac:b0:ac:e7:2a:aa:80:a1:
37:39:61:60:1a:f2:86:2a:ce:ee:0e:31:ae:5c:f9:1e:74:26:
7e:64:c5:ee:b7:21:c6:5c:1c:08:08:6b:a5:92:59:12:85:73:
1f:71:ec:b0:ac:3d:47:50:97:49:2a:29:f1:0b:f4:3f:1f:88:
6c:fd:17:f5:61:83:48:6e:f2:85:68:ea:9b:fe:23:d1:90:a6:
c7:0c:15:d1
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgICEcYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkZFNkExMTAvBgNVBAUTKEVGNjJGMTU1QzE5NzFENTA0OTQxRjU3MUVFREZBQzBB
RkNDNTI4NTkwHhcNMjQwNTIwMTc1NjAyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRiOGViMS03OTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyxf9a4v957bu8pKnuDDSmCtQBh/FtPr1XIMMQ37NAajjnSaRbOuagwiCw6yI
XETM5z5lpjrQoCiTKGGuKIZk7i555c1gJ5cyxTMJvmbiGpIsrpQKhx6QfeT8hyYl
yMJQayKuORME3eRqz1owVbMKARr20kZIR9glLeEikDW605J1NXb/urV4+AoVW0L/
onRevrMheLf9A0n/uP0Tr5CIqgIHvw4/ZuKDYKnRG1s1PxAKSEfOLSbppHJ9M/G5
Zk+XIJXhB84beXtF3fzAvmP42fgkzJ8O8Tmtnf3X7tOTsLnna3JUIoQ1s4sGioCx
BEJhAZ5gvUN0KaAt3sm0pntJfQIDAQABo4IC6jCCAuYwHQYDVR0OBBYEFM0Qh5cu
eUsiZjyTRgtrDjQnoxVBMB8GA1UdIwQYMBaAFO9i8VXBlx1QSUH1ce7frAr8xShZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRkU2QS8xRDY0MzI4RUQz
ODcxMUU4QkQ3MDc1NUNDNEY5QUUwMi83Mkx4VmNHWEhWQkpRZlZ4N3Qtc0N2ekZL
RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcyTHhWY0dYSFZCSlFmVng3dC1zQ3Z6RktGay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkZFNkEvMUQ2NDMyOEVEMzg3MTFFOEJENzA3NTVDQzRGOUFFMDIvQ0VCRUNDMjhE
Mzg4MTFFOEE3NjNCNDYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdAYIKwYBBQUHAQcBAf8E
ZTBjMFIEAgABMEwDBAIr9TwwDAMEAy13yAMEAC13ygMEAWcOTAMEAGcOTwMEAGcZ
NAMEAGc8CAMEAmfI2DAMAwQAd6FlAwQDd6FgAwQEypbQAwQDy65QMA0EAgACMAcD
BQAkBvQAMA0GCSqGSIb3DQEBCwUAA4IBAQBZysG0aFxaKxXlwqiwSTbysvaOsiSb
4RE/8zN0nKoTxZSqQcrA8EBUPTlUT21w7Wu9uMqfQNkXKeF9Tj/8iPcNUrCBPc0F
cwUKSkwG56E7c+DeV0aHNcslTcThthvZNjY3matooflYQsB0q13AOQ5GAz3c4du9
OCOHfp39kIXqjtu82roqf1Y3srXbP1l0RprkHaZB+i4Bnxh3WuBcBuTHMuj025xy
dIotzw8orLCs5yqqgKE3OWFgGvKGKs7uDjGuXPkedCZ+ZMXutyHGXBwICGulklkS
hXMfceywrD1HUJdJKinxC/Q/H4hs/Rf1YYNIbvKFaOqb/iPRkKbHDBXR
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:45:04 2024 by rpki-client on console-fra.rpki-client.org