Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/F39D90EE561B11EFB51A9149C4F9AE02.roa
File: F39D90EE561B11EFB51A9149C4F9AE02.roa (raw, json)
Hash identifier: EijUWJlocJ1+GHXxh5XIDZa+yD2/CG2e199ekLmtdEY=
Subject key identifier: A9:4D:3A:80:E2:67:C9:53:50:62:0E:82:50:81:DB:47:C2:9A:AB:72
Certificate issuer: /CN=A91D462A/serialNumber=CF712CB389EE84DA19CA981DE630F509FF44CD45
Certificate serial: 19DE
Authority key identifier: CF:71:2C:B3:89:EE:84:DA:19:CA:98:1D:E6:30:F5:09:FF:44:CD:45
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/F39D90EE561B11EFB51A9149C4F9AE02.roa
Signing time: Wed 04 Dec 2024 16:24:08 +0000
ROA not before: Wed 04 Dec 2024 16:24:08 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 1299
IP address blocks: 45.117.32.0/24 maxlen: 24
45.117.33.0/24 maxlen: 24
45.117.34.0/24 maxlen: 24
45.117.35.0/24 maxlen: 24
202.21.96.0/24 maxlen: 24
202.21.97.0/24 maxlen: 24
202.21.98.0/24 maxlen: 24
202.21.99.0/24 maxlen: 24
202.21.100.0/24 maxlen: 24
202.21.101.0/24 maxlen: 24
202.21.102.0/24 maxlen: 24
202.21.103.0/24 maxlen: 24
202.21.104.0/24 maxlen: 24
202.21.105.0/24 maxlen: 24
202.21.106.0/24 maxlen: 24
202.21.107.0/24 maxlen: 24
202.21.108.0/24 maxlen: 24
202.21.109.0/24 maxlen: 24
202.21.110.0/24 maxlen: 24
202.21.111.0/24 maxlen: 24
202.21.112.0/24 maxlen: 24
202.21.113.0/24 maxlen: 24
202.21.114.0/24 maxlen: 24
202.21.115.0/24 maxlen: 24
202.21.116.0/24 maxlen: 24
202.21.117.0/24 maxlen: 24
202.21.118.0/24 maxlen: 24
202.21.119.0/24 maxlen: 24
202.21.120.0/24 maxlen: 24
202.21.121.0/24 maxlen: 24
202.21.122.0/24 maxlen: 24
202.21.123.0/24 maxlen: 24
202.21.124.0/24 maxlen: 24
202.21.125.0/24 maxlen: 24
202.21.126.0/24 maxlen: 24
202.21.127.0/24 maxlen: 24
202.126.92.0/22 maxlen: 24
202.131.224.0/24 maxlen: 24
202.131.225.0/24 maxlen: 24
202.131.226.0/24 maxlen: 24
202.131.227.0/24 maxlen: 24
202.131.228.0/24 maxlen: 24
202.131.229.0/24 maxlen: 24
202.131.230.0/24 maxlen: 24
202.131.231.0/24 maxlen: 24
202.131.232.0/24 maxlen: 24
202.131.233.0/24 maxlen: 24
202.131.234.0/24 maxlen: 24
202.131.235.0/24 maxlen: 24
202.131.236.0/24 maxlen: 24
202.131.237.0/24 maxlen: 24
202.131.238.0/24 maxlen: 24
202.131.239.0/24 maxlen: 24
202.131.240.0/24 maxlen: 24
202.131.241.0/24 maxlen: 24
202.131.242.0/24 maxlen: 24
202.131.243.0/24 maxlen: 24
202.131.244.0/24 maxlen: 24
202.131.245.0/24 maxlen: 24
202.131.246.0/24 maxlen: 24
202.131.247.0/24 maxlen: 24
202.131.248.0/24 maxlen: 24
202.131.249.0/24 maxlen: 24
202.131.250.0/24 maxlen: 24
202.131.251.0/24 maxlen: 24
202.131.252.0/24 maxlen: 24
202.131.253.0/24 maxlen: 24
202.131.254.0/24 maxlen: 24
202.131.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.crl
rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6622 (0x19de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D462A
Validity
Not Before: Dec 4 16:24:08 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67508228-182f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:09:b6:37:92:0c:64:da:36:b1:be:b0:c6:1a:
d7:ba:35:1b:72:f8:81:31:50:23:b8:78:28:b2:f8:
71:0a:da:97:83:6c:75:5a:82:c1:70:8f:17:30:87:
69:b6:6b:cb:3f:3b:4a:bb:35:5e:83:71:32:3b:b1:
bf:b5:89:43:88:86:f7:8d:e4:56:ac:e6:79:e2:3c:
66:31:87:1d:04:53:17:b1:d9:b0:9b:7d:4a:84:43:
ee:c9:3a:54:50:de:32:da:42:cf:eb:28:14:3a:12:
a1:c2:b7:8a:b5:a1:ad:04:85:61:75:47:25:04:e7:
08:dd:f8:e7:4c:a8:73:67:00:bf:73:08:49:36:77:
62:6d:76:17:75:7d:bd:e3:67:ab:42:a9:a0:0a:f7:
ad:e3:ec:e7:20:6e:a3:18:08:92:71:52:28:22:ce:
2a:13:a4:be:68:95:3d:10:76:34:cd:7c:76:ed:bd:
b3:7c:af:98:14:3b:f3:6f:ca:25:21:78:ec:97:80:
80:b3:71:c3:8d:76:8b:e9:d9:a1:12:de:8e:24:1c:
c4:d2:10:c5:0a:d8:2f:bf:24:9e:a1:39:d1:b0:98:
9f:31:1d:fb:99:4e:67:03:38:64:da:c3:b3:ca:0b:
cb:cc:d5:2c:43:e1:e9:6a:40:38:48:23:19:57:5b:
18:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4D:3A:80:E2:67:C9:53:50:62:0E:82:50:81:DB:47:C2:9A:AB:72
X509v3 Authority Key Identifier:
keyid:CF:71:2C:B3:89:EE:84:DA:19:CA:98:1D:E6:30:F5:09:FF:44:CD:45
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/z3Ess4nuhNoZypgd5jD1Cf9EzUU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3Ess4nuhNoZypgd5jD1Cf9EzUU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D462A/4CBD3F8450D511E79313AE12C4F9AE02/F39D90EE561B11EFB51A9149C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.32.0/22
202.21.96.0/19
202.126.92.0/22
202.131.224.0/19
Signature Algorithm: sha256WithRSAEncryption
1a:59:12:89:d6:e6:59:8d:17:14:9d:53:5e:ab:b1:a7:f2:e2:
a8:d9:8a:c2:d3:46:0b:0e:91:43:c7:bd:54:0f:40:70:ec:2a:
d8:e7:a1:e0:46:51:c5:22:3b:7f:03:a0:dd:01:ff:d7:fa:44:
d2:9e:46:4c:a0:21:38:b7:13:89:26:b8:a6:1b:a0:e7:05:5a:
98:8a:24:14:30:4f:c4:d8:0c:c5:15:b9:5e:98:34:27:fb:3e:
d9:a9:36:a9:0c:01:4b:d4:41:f8:31:fe:38:59:b3:02:e2:cf:
02:da:52:d2:8d:7b:9b:bd:d1:c5:57:83:4d:36:bb:98:0c:14:
d8:ac:43:a3:5f:83:d7:de:7c:d4:cb:47:59:5f:1d:2b:96:f4:
e8:9c:ee:c2:01:69:4c:02:56:28:e7:43:a8:af:e2:51:16:b7:
75:6e:8f:55:c0:55:89:37:3e:eb:a0:af:06:e2:86:c2:5d:9e:
56:63:5c:e4:c8:60:7f:a1:44:0e:d3:bb:79:52:23:d3:cc:d8:
ca:a0:61:82:25:d8:17:a1:34:b1:51:24:d5:d4:b6:b9:4a:23:
f1:24:b4:a7:55:94:25:54:6d:a4:f6:65:2f:a7:cf:75:b8:27:
5b:50:5a:4a:da:18:a0:a0:44:35:24:03:bf:dc:15:cf:35:60:
33:0a:9d:d3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICGd4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQ2MkExMTAvBgNVBAUTKENGNzEyQ0IzODlFRTg0REExOUNBOTgxREU2MzBGNTA5
RkY0NENENDUwHhcNMjQxMjA0MTYyNDA4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUwODIyOC0xODJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2Qm2N5IMZNo2sb6wxhrXujUbcviBMVAjuHgosvhxCtqXg2x1WoLBcI8XMIdp
tmvLPztKuzVeg3EyO7G/tYlDiIb3jeRWrOZ54jxmMYcdBFMXsdmwm31KhEPuyTpU
UN4y2kLP6ygUOhKhwreKtaGtBIVhdUclBOcI3fjnTKhzZwC/cwhJNndibXYXdX29
42erQqmgCvet4+znIG6jGAiScVIoIs4qE6S+aJU9EHY0zXx27b2zfK+YFDvzb8ol
IXjsl4CAs3HDjXaL6dmhEt6OJBzE0hDFCtgvvySeoTnRsJifMR37mU5nAzhk2sOz
ygvLzNUsQ+HpakA4SCMZV1sY2QIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFKlNOoDi
Z8lTUGIOglCB20fCmqtyMB8GA1UdIwQYMBaAFM9xLLOJ7oTaGcqYHeYw9Qn/RM1F
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDYyQS80Q0JEM0Y4NDUw
RDUxMUU3OTMxM0FFMTJDNEY5QUUwMi96M0VzczRudWhOb1p5cGdkNWpEMUNmOUV6
VVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ozRXNzNG51aE5vWnlwZ2Q1akQxQ2Y5RXpVVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQ2MkEvNENCRDNGODQ1MEQ1MTFFNzkzMTNBRTEyQzRGOUFFMDIvRjM5RDkwRUU1
NjFCMTFFRkI1MUE5MTQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAItdSADBAXKFWADBALKflwDBAXKg+AwDQYJKoZIhvcNAQEL
BQADggEBABpZEonW5lmNFxSdU16rsafy4qjZisLTRgsOkUPHvVQPQHDsKtjnoeBG
UcUiO38DoN0B/9f6RNKeRkygITi3E4kmuKYboOcFWpiKJBQwT8TYDMUVuV6YNCf7
PtmpNqkMAUvUQfgx/jhZswLizwLaUtKNe5u90cVXg002u5gMFNisQ6Nfg9fefNTL
R1lfHSuW9Oic7sIBaUwCVijnQ6iv4lEWt3Vuj1XAVYk3PuugrwbihsJdnlZjXOTI
YH+hRA7Tu3lSI9PM2MqgYYIl2BehNLFRJNXUtrlKI/EktKdVlCVUbaT2ZS+nz3W4
J1tQWkraGKCgRDUkA7/cFc81YDMKndM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:17 2025 by rpki-client