Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/1E4EDD1A038411EF9EA1DE1DC4F9AE02.roa
File: 1E4EDD1A038411EF9EA1DE1DC4F9AE02.roa (raw, json)
Hash identifier: kuBnPcdiRio8yetCCkhSBY/OQLDS0maenZbYKmkkEGA=
Subject key identifier: 52:7B:B6:51:E6:BF:4A:A1:E2:53:82:D5:85:E4:2F:34:74:2B:34:F4
Certificate issuer: /CN=A91CD39D/serialNumber=56B983E46BCBA115FF2265FE491909C7D74147F3
Certificate serial: 0461
Authority key identifier: 56:B9:83:E4:6B:CB:A1:15:FF:22:65:FE:49:19:09:C7:D7:41:47:F3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/1E4EDD1A038411EF9EA1DE1DC4F9AE02.roa
Signing time: Fri 26 Apr 2024 04:19:05 +0000
ROA not before: Fri 26 Apr 2024 04:19:05 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 55410
IP address blocks: 42.104.64.0/21 maxlen: 24
42.104.72.0/21 maxlen: 24
42.104.80.0/21 maxlen: 24
42.104.88.0/21 maxlen: 24
42.104.96.0/21 maxlen: 24
42.104.104.0/21 maxlen: 24
42.104.112.0/21 maxlen: 24
42.104.120.0/21 maxlen: 24
43.245.88.0/22 maxlen: 24
103.29.44.0/22 maxlen: 24
118.185.0.0/16 maxlen: 16
118.185.0.0/21 maxlen: 24
118.185.8.0/21 maxlen: 24
118.185.16.0/21 maxlen: 24
118.185.24.0/21 maxlen: 21
118.185.24.0/24 maxlen: 24
118.185.25.0/24 maxlen: 24
118.185.26.0/24 maxlen: 24
118.185.27.0/24 maxlen: 24
118.185.28.0/24 maxlen: 24
118.185.29.0/24 maxlen: 24
118.185.30.0/24 maxlen: 24
118.185.31.0/24 maxlen: 24
118.185.32.0/21 maxlen: 24
118.185.40.0/21 maxlen: 24
118.185.48.0/21 maxlen: 24
118.185.56.0/21 maxlen: 24
118.185.64.0/21 maxlen: 24
118.185.72.0/21 maxlen: 24
118.185.80.0/21 maxlen: 24
118.185.88.0/21 maxlen: 24
118.185.96.0/21 maxlen: 21
118.185.97.0/24 maxlen: 24
118.185.98.0/24 maxlen: 24
118.185.99.0/24 maxlen: 24
118.185.100.0/24 maxlen: 24
118.185.101.0/24 maxlen: 24
118.185.102.0/24 maxlen: 24
118.185.103.0/24 maxlen: 24
118.185.104.0/21 maxlen: 24
118.185.112.0/21 maxlen: 24
118.185.120.0/21 maxlen: 24
118.185.128.0/20 maxlen: 21
118.185.128.0/24 maxlen: 24
118.185.129.0/24 maxlen: 24
118.185.130.0/24 maxlen: 24
118.185.131.0/24 maxlen: 24
118.185.132.0/24 maxlen: 24
118.185.133.0/24 maxlen: 24
118.185.134.0/24 maxlen: 24
118.185.135.0/24 maxlen: 24
118.185.136.0/24 maxlen: 24
118.185.137.0/24 maxlen: 24
118.185.138.0/24 maxlen: 24
118.185.139.0/24 maxlen: 24
118.185.140.0/24 maxlen: 24
118.185.141.0/24 maxlen: 24
118.185.142.0/24 maxlen: 24
118.185.143.0/24 maxlen: 24
118.185.144.0/21 maxlen: 24
118.185.152.0/21 maxlen: 24
118.185.160.0/21 maxlen: 24
118.185.168.0/21 maxlen: 24
118.185.176.0/21 maxlen: 24
118.185.184.0/21 maxlen: 24
118.185.192.0/21 maxlen: 24
118.185.200.0/21 maxlen: 24
118.185.208.0/21 maxlen: 24
118.185.216.0/21 maxlen: 24
118.185.224.0/21 maxlen: 24
118.185.232.0/21 maxlen: 24
118.185.240.0/21 maxlen: 24
118.185.248.0/21 maxlen: 24
122.15.0.0/16 maxlen: 16
122.15.0.0/21 maxlen: 24
122.15.8.0/21 maxlen: 24
122.15.16.0/21 maxlen: 24
122.15.24.0/21 maxlen: 24
122.15.32.0/21 maxlen: 24
122.15.40.0/21 maxlen: 24
122.15.48.0/21 maxlen: 24
122.15.56.0/21 maxlen: 24
122.15.64.0/21 maxlen: 24
122.15.72.0/21 maxlen: 24
122.15.80.0/21 maxlen: 24
122.15.88.0/21 maxlen: 24
122.15.96.0/21 maxlen: 24
122.15.104.0/21 maxlen: 24
122.15.112.0/21 maxlen: 24
122.15.120.0/21 maxlen: 24
122.15.128.0/21 maxlen: 24
122.15.136.0/21 maxlen: 24
122.15.144.0/21 maxlen: 24
122.15.152.0/21 maxlen: 24
122.15.160.0/21 maxlen: 24
122.15.168.0/21 maxlen: 24
122.15.176.0/21 maxlen: 24
122.15.184.0/21 maxlen: 24
122.15.192.0/21 maxlen: 24
122.15.200.0/21 maxlen: 24
122.15.208.0/21 maxlen: 24
122.15.216.0/21 maxlen: 24
122.15.224.0/21 maxlen: 24
122.15.232.0/21 maxlen: 24
122.15.240.0/21 maxlen: 24
122.15.248.0/21 maxlen: 24
123.63.0.0/16 maxlen: 16
123.63.0.0/21 maxlen: 24
123.63.8.0/21 maxlen: 24
123.63.16.0/21 maxlen: 24
123.63.24.0/21 maxlen: 24
123.63.32.0/21 maxlen: 24
123.63.40.0/21 maxlen: 24
123.63.48.0/21 maxlen: 24
123.63.56.0/21 maxlen: 24
123.63.64.0/21 maxlen: 24
123.63.72.0/21 maxlen: 24
123.63.80.0/21 maxlen: 24
123.63.88.0/21 maxlen: 24
123.63.96.0/21 maxlen: 24
123.63.104.0/21 maxlen: 24
123.63.112.0/21 maxlen: 24
123.63.120.0/21 maxlen: 24
123.63.128.0/18 maxlen: 18
123.63.128.0/20 maxlen: 24
123.63.144.0/21 maxlen: 24
123.63.152.0/21 maxlen: 24
123.63.160.0/19 maxlen: 19
123.63.160.0/21 maxlen: 24
123.63.168.0/21 maxlen: 24
123.63.176.0/21 maxlen: 24
123.63.184.0/21 maxlen: 24
123.63.192.0/18 maxlen: 18
123.63.192.0/21 maxlen: 24
123.63.200.0/21 maxlen: 24
123.63.208.0/21 maxlen: 24
123.63.216.0/21 maxlen: 24
123.63.224.0/19 maxlen: 19
123.63.224.0/21 maxlen: 24
123.63.232.0/21 maxlen: 24
123.63.240.0/21 maxlen: 24
123.63.248.0/21 maxlen: 24
124.247.192.0/24 maxlen: 24
124.247.194.0/24 maxlen: 24
124.247.198.0/24 maxlen: 24
124.247.199.0/24 maxlen: 24
124.247.201.0/24 maxlen: 24
124.247.203.0/24 maxlen: 24
124.247.204.0/24 maxlen: 24
124.247.205.0/24 maxlen: 24
182.19.0.0/19 maxlen: 19
182.19.0.0/20 maxlen: 24
182.19.16.0/20 maxlen: 24
182.19.32.0/19 maxlen: 19
182.19.32.0/20 maxlen: 24
182.19.48.0/20 maxlen: 24
182.19.64.0/20 maxlen: 24
182.19.80.0/21 maxlen: 24
182.19.88.0/21 maxlen: 24
182.19.96.0/19 maxlen: 24
2400:5200:401::/48 maxlen: 48
2400:5200:402::/48 maxlen: 48
2400:5200:403::/48 maxlen: 48
2400:5200:404::/48 maxlen: 48
2400:5200:c00::/40 maxlen: 48
2400:5200:1000::/40 maxlen: 48
2400:5200:1400::/40 maxlen: 48
2400:5200:1800::/40 maxlen: 48
2400:5200:1c00::/40 maxlen: 48
2400:5200:2000::/36 maxlen: 48
2400:5200:3000::/36 maxlen: 48
2400:5200:4000::/36 maxlen: 48
2400:5200:5000::/36 maxlen: 48
2400:5200:6000::/36 maxlen: 48
2400:5200:7000::/36 maxlen: 48
2400:5200:8000::/36 maxlen: 48
2400:5200:9000::/36 maxlen: 48
2400:5200:a000::/36 maxlen: 48
2400:5200:b000::/36 maxlen: 48
2400:5200:c000::/36 maxlen: 48
2400:5200:d000::/36 maxlen: 48
2400:5200:e000::/36 maxlen: 48
2400:5200:f000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/VrmD5GvLoRX_ImX-SRkJx9dBR_M.crl
rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/VrmD5GvLoRX_ImX-SRkJx9dBR_M.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 28 May 2024 02:34:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1121 (0x461)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD39D/serialNumber=56B983E46BCBA115FF2265FE491909C7D74147F3
Validity
Not Before: Apr 26 04:19:05 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=662b2b39-133e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ab:25:bf:0a:f2:7d:c6:a7:1a:85:c8:b4:8c:
9d:b8:21:53:2d:7f:41:a3:32:9b:65:de:06:73:93:
7d:39:0e:97:68:27:11:d4:03:b8:e1:c3:93:91:a6:
0a:bc:19:88:48:14:c2:65:16:d5:ef:04:24:97:52:
9a:bb:8a:7c:de:c9:d0:01:2a:e9:32:1e:f5:cf:bc:
02:f7:2b:31:16:7c:71:8e:0a:6f:2d:f7:82:f3:35:
63:72:c6:ba:64:87:d8:1b:16:96:8d:93:24:0e:ef:
65:be:ac:fe:c2:dd:32:63:b9:b3:cf:7a:71:9c:01:
b0:a5:be:cb:d8:1b:1c:03:b6:49:c5:d7:c3:78:fb:
0b:c1:06:58:fa:dd:65:12:f5:fc:2e:00:d4:66:72:
f6:44:d3:90:7b:b4:f6:7f:1e:fd:b9:4e:67:54:1a:
3f:4a:e8:e3:53:86:f7:b0:9b:42:47:e6:96:13:be:
a3:38:0c:b8:b7:98:a9:f1:41:b1:9d:04:b4:b9:57:
d8:e4:77:6e:af:57:47:a5:26:ec:69:7d:0e:a6:1a:
0e:cf:19:6e:f6:be:71:a7:3a:b3:8c:1e:1f:89:fe:
93:61:06:ca:a4:17:19:45:79:08:f1:80:12:6e:dd:
e3:c7:17:73:bd:ce:de:26:76:ac:1c:c3:43:cf:08:
af:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:7B:B6:51:E6:BF:4A:A1:E2:53:82:D5:85:E4:2F:34:74:2B:34:F4
X509v3 Authority Key Identifier:
keyid:56:B9:83:E4:6B:CB:A1:15:FF:22:65:FE:49:19:09:C7:D7:41:47:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/VrmD5GvLoRX_ImX-SRkJx9dBR_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VrmD5GvLoRX_ImX-SRkJx9dBR_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD39D/DE7D2F944E7611ECA5720B79C4F9AE02/1E4EDD1A038411EF9EA1DE1DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
42.104.64.0/18
43.245.88.0/22
103.29.44.0/22
118.185.0.0/16
122.15.0.0/16
123.63.0.0/16
124.247.192.0/24
124.247.194.0/24
124.247.198.0/23
124.247.201.0/24
124.247.203.0-124.247.205.255
182.19.0.0/17
IPv6:
2400:5200:401::-2400:5200:404:ffff:ffff:ffff:ffff:ffff
2400:5200:c00::/40
2400:5200:1000::/40
2400:5200:1400::/40
2400:5200:1800::/40
2400:5200:1c00::/40
2400:5200:2000::-2400:5200:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2a:a4:7c:5a:f3:7e:32:4e:5a:58:30:d5:0b:49:04:78:75:c1:
d3:38:d6:fd:30:bf:09:2b:01:0e:34:6b:13:9f:92:32:40:12:
82:40:66:21:40:cd:6b:2f:b4:5d:48:4c:5c:8e:bd:a2:c5:de:
c0:16:6c:c3:d7:6b:16:68:59:b3:54:67:e1:00:b6:53:d1:9b:
b0:55:66:fa:16:fe:8f:1a:db:04:e9:52:b1:2b:96:44:db:2d:
0d:34:41:c7:84:ff:b3:90:b3:de:32:8a:9f:d0:51:bd:0f:6e:
7d:dc:17:ce:88:5e:45:5a:32:2b:d6:f2:d3:7f:13:e3:3e:ba:
fa:fa:51:61:e1:78:68:8e:76:da:57:9c:fc:55:93:fb:8e:e1:
c4:e8:eb:c5:ce:60:75:90:4e:f8:b9:5d:97:50:e9:87:9a:50:
a5:e8:53:d0:a0:4e:8e:db:05:84:60:78:e8:a0:4b:8a:d8:95:
8f:2d:26:79:f0:77:c2:59:92:5e:d4:f5:5d:a2:cf:6d:2e:62:
e5:71:4c:d1:85:92:c0:5d:78:f1:07:5f:2f:a8:71:85:9e:f3:
cd:68:ec:f5:b7:49:5c:24:f7:d5:cc:6a:f9:68:9d:62:0d:25:
54:e6:50:ea:d4:23:b3:23:85:1e:5f:89:a3:ec:4e:e1:c8:84:
7e:6f:31:fe
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgICBGEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0QzOUQxMTAvBgNVBAUTKDU2Qjk4M0U0NkJDQkExMTVGRjIyNjVGRTQ5MTkwOUM3
RDc0MTQ3RjMwHhcNMjQwNDI2MDQxOTA1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjJiMmIzOS0xMzNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA16slvwryfcanGoXItIyduCFTLX9BozKbZd4Gc5N9OQ6XaCcR1AO44cOTkaYK
vBmISBTCZRbV7wQkl1Kau4p83snQASrpMh71z7wC9ysxFnxxjgpvLfeC8zVjcsa6
ZIfYGxaWjZMkDu9lvqz+wt0yY7mzz3pxnAGwpb7L2BscA7ZJxdfDePsLwQZY+t1l
EvX8LgDUZnL2RNOQe7T2fx79uU5nVBo/SujjU4b3sJtCR+aWE76jOAy4t5ip8UGx
nQS0uVfY5Hdur1dHpSbsaX0OphoOzxlu9r5xpzqzjB4fif6TYQbKpBcZRXkI8YAS
bt3jxxdzvc7eJnasHMNDzwivtwIDAQABo4IDNDCCAzAwHQYDVR0OBBYEFFJ7tlHm
v0qh4lOC1YXkLzR0KzT0MB8GA1UdIwQYMBaAFFa5g+Rry6EV/yJl/kkZCcfXQUfz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDM5RC9ERTdEMkY5NDRF
NzYxMUVDQTU3MjBCNzlDNEY5QUUwMi9Wcm1ENUd2TG9SWF9JbVgtU1JrSng5ZEJS
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZybUQ1R3ZMb1JYX0ltWC1TUmtKeDlkQlJfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0QzOUQvREU3RDJGOTQ0RTc2MTFFQ0E1NzIwQjc5QzRGOUFFMDIvMUU0RUREMUEw
Mzg0MTFFRjlFQTFERTFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgb0GCCsGAQUFBwEHAQH/
BIGtMIGqMFMEAgABME0DBAYqaEADBAIr9VgDBAJnHSwDAwB2uQMDAHoPAwMAez8D
BAB898ADBAB898IDBAF898YDBAB898kwDAMEAHz3ywMEAXz3zAMEB7YTADBTBAIA
AjBNMBIDBwAkAFIABAEDBwAkAFIABAQDBgAkAFIADAMGACQAUgAQAwYAJABSABQD
BgAkAFIAGAMGACQAUgAcMA8DBgUkAFIAIAMFACQAUgAwDQYJKoZIhvcNAQELBQAD
ggEBACqkfFrzfjJOWlgw1QtJBHh1wdM41v0wvwkrAQ40axOfkjJAEoJAZiFAzWsv
tF1ITFyOvaLF3sAWbMPXaxZoWbNUZ+EAtlPRm7BVZvoW/o8a2wTpUrErlkTbLQ00
QceE/7OQs94yip/QUb0Pbn3cF86IXkVaMivW8tN/E+M+uvr6UWHheGiOdtpXnPxV
k/uO4cTo68XOYHWQTvi5XZdQ6YeaUKXoU9CgTo7bBYRgeOigS4rYlY8tJnnwd8JZ
kl7U9V2iz20uYuVxTNGFksBdePEHXy+ocYWe881o7PW3SVwk99XMavlonWINJVTm
UOrUI7MjhR5fiaPsTuHIhH5vMf4=
-----END CERTIFICATE-----
Generated at Tue May 21 03:29:52 2024 by rpki-client on console-fra.rpki-client.org