Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/4541F37888E911EEB007942FC4F9AE02.roa
File: 4541F37888E911EEB007942FC4F9AE02.roa (raw, json)
Hash identifier: Ka8SlP6B1dTpsHfyohju7nfGn1pFutWCXxb81re3CLM=
Subject key identifier: 46:3C:90:A5:AF:89:BA:20:FC:58:C9:72:50:D4:6D:3B:BA:6D:18:80
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 17A1
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/4541F37888E911EEB007942FC4F9AE02.roa
Signing time: Tue 20 Feb 2024 17:55:39 +0000
ROA not before: Tue 20 Feb 2024 17:55:39 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 4826
IP address blocks: 14.137.106.0/24 maxlen: 24
27.106.200.0/22 maxlen: 22
43.241.188.0/22 maxlen: 22
43.252.252.0/22 maxlen: 22
49.255.0.0/16 maxlen: 16
49.255.233.0/24 maxlen: 24
49.255.249.0/24 maxlen: 24
49.255.255.0/24 maxlen: 24
103.37.120.0/24 maxlen: 24
103.233.148.0/22 maxlen: 22
103.255.16.0/22 maxlen: 22
110.5.116.0/22 maxlen: 22
112.213.192.0/19 maxlen: 19
112.213.224.0/19 maxlen: 19
113.29.240.0/22 maxlen: 22
113.29.243.0/24 maxlen: 24
114.31.192.0/20 maxlen: 20
116.212.192.0/18 maxlen: 18
116.212.204.0/24 maxlen: 24
116.212.230.0/23 maxlen: 24
116.212.253.0/24 maxlen: 24
119.161.83.0/24 maxlen: 24
119.161.84.0/24 maxlen: 24
119.161.85.0/24 maxlen: 24
119.161.86.0/23 maxlen: 23
119.161.88.0/23 maxlen: 23
119.161.90.0/24 maxlen: 24
119.161.91.0/24 maxlen: 24
119.161.92.0/24 maxlen: 24
119.161.93.0/24 maxlen: 24
119.161.94.0/24 maxlen: 24
119.161.95.0/24 maxlen: 24
121.54.128.0/19 maxlen: 19
121.54.128.0/20 maxlen: 20
121.54.136.0/24 maxlen: 24
121.54.145.0/24 maxlen: 24
121.79.0.0/17 maxlen: 17
123.103.192.0/19 maxlen: 19
124.254.64.0/18 maxlen: 18
124.254.64.0/24 maxlen: 24
124.254.95.0/24 maxlen: 24
124.254.96.0/24 maxlen: 24
175.45.64.0/18 maxlen: 18
175.45.78.0/24 maxlen: 24
175.45.82.0/24 maxlen: 24
175.45.83.0/24 maxlen: 24
175.45.85.0/24 maxlen: 24
175.45.92.0/24 maxlen: 24
175.45.94.0/23 maxlen: 23
175.45.99.0/24 maxlen: 24
175.45.100.0/24 maxlen: 24
175.45.101.0/24 maxlen: 24
175.45.105.0/24 maxlen: 24
175.45.111.0/24 maxlen: 24
175.45.125.0/24 maxlen: 24
180.148.64.0/19 maxlen: 19
180.148.76.0/24 maxlen: 24
180.148.77.0/24 maxlen: 24
180.148.83.0/24 maxlen: 24
180.148.84.0/24 maxlen: 24
180.148.95.0/24 maxlen: 24
202.62.138.0/24 maxlen: 24
202.62.139.0/24 maxlen: 24
202.62.141.0/24 maxlen: 24
202.62.142.0/24 maxlen: 24
202.62.147.0/24 maxlen: 24
202.62.152.0/24 maxlen: 24
202.62.153.0/24 maxlen: 24
202.62.154.0/24 maxlen: 24
202.62.155.0/24 maxlen: 24
202.80.176.0/20 maxlen: 20
202.89.160.0/19 maxlen: 19
202.137.96.0/20 maxlen: 20
202.137.192.0/21 maxlen: 21
202.189.64.0/20 maxlen: 20
202.189.72.0/24 maxlen: 24
202.189.73.0/24 maxlen: 24
203.12.251.0/24 maxlen: 24
203.18.212.0/23 maxlen: 23
203.22.206.0/24 maxlen: 24
203.26.237.0/24 maxlen: 24
203.28.186.0/24 maxlen: 24
203.29.177.0/24 maxlen: 24
203.55.11.0/24 maxlen: 24
203.55.250.0/24 maxlen: 24
203.89.64.0/19 maxlen: 19
203.89.80.0/24 maxlen: 24
203.89.92.0/24 maxlen: 24
203.92.28.0/22 maxlen: 22
203.129.128.0/19 maxlen: 19
203.153.224.0/19 maxlen: 19
203.153.226.0/24 maxlen: 24
203.161.64.0/18 maxlen: 18
203.188.128.0/19 maxlen: 19
210.50.198.0/24 maxlen: 24
211.26.193.0/24 maxlen: 24
218.100.80.0/22 maxlen: 22
223.27.96.0/21 maxlen: 21
2402:7800::/32 maxlen: 32
2402:7800:ff00::/40 maxlen: 40
2402:7800:ff00::/48 maxlen: 48
2402:7800:ff01::/48 maxlen: 48
2402:7800:ff20::/48 maxlen: 48
2402:7800:ff40::/44 maxlen: 44
2402:7800:ffe0::/48 maxlen: 48
2403:d600::/32 maxlen: 32
2403:fc00:300::/40 maxlen: 40
2404:b000::/32 maxlen: 32
2404:bc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 17:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6049 (0x17a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Feb 20 17:55:39 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65d4e79b-65a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:04:71:b5:0a:33:0e:cb:33:12:5f:af:d9:79:
79:c3:7d:57:39:30:ef:d0:8d:27:42:63:53:f9:a4:
f3:8f:8d:93:f2:f2:69:64:fb:60:d3:2e:5f:1e:d8:
df:ce:42:4d:d7:f3:42:fa:86:be:be:00:71:5d:74:
ab:dc:1e:7f:30:11:e6:68:56:55:0f:81:c7:1e:e1:
de:4a:0e:74:d0:dc:bd:d3:bf:19:22:05:94:03:30:
e1:b8:1e:e8:aa:d8:bd:b7:0d:d0:f4:fa:f2:62:99:
0e:9b:b3:22:80:9c:87:28:34:ad:a3:27:8d:0b:3e:
94:f2:22:50:1c:4d:ee:91:a5:f7:96:77:59:f0:a8:
a0:00:18:a2:24:8f:3f:cd:34:fd:58:05:b1:a3:b0:
eb:71:af:79:89:03:08:55:29:33:5c:46:07:11:d6:
ef:fd:cc:07:44:2c:2a:55:bf:29:0f:9f:ab:64:b2:
34:b6:39:53:34:81:91:1a:db:dc:de:ab:9a:a7:53:
a9:cd:26:be:97:29:4d:a6:93:3a:2d:88:7f:c5:46:
dd:0c:10:f0:6c:67:01:f7:51:ac:9c:6d:81:3a:a7:
1f:d1:03:78:b6:02:65:9a:3e:25:14:17:da:8b:00:
77:8b:cb:13:f4:10:1f:d9:5f:56:91:2b:17:ea:17:
e3:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:3C:90:A5:AF:89:BA:20:FC:58:C9:72:50:D4:6D:3B:BA:6D:18:80
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/4541F37888E911EEB007942FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.137.106.0/24
27.106.200.0/22
43.241.188.0/22
43.252.252.0/22
49.255.0.0/16
103.37.120.0/24
103.233.148.0/22
103.255.16.0/22
110.5.116.0/22
112.213.192.0/18
113.29.240.0/22
114.31.192.0/20
116.212.192.0/18
119.161.83.0-119.161.95.255
121.54.128.0/19
121.79.0.0/17
123.103.192.0/19
124.254.64.0/18
175.45.64.0/18
180.148.64.0/19
202.62.138.0/23
202.62.141.0-202.62.142.255
202.62.147.0/24
202.62.152.0/22
202.80.176.0/20
202.89.160.0/19
202.137.96.0/20
202.137.192.0/21
202.189.64.0/20
203.12.251.0/24
203.18.212.0/23
203.22.206.0/24
203.26.237.0/24
203.28.186.0/24
203.29.177.0/24
203.55.11.0/24
203.55.250.0/24
203.89.64.0/19
203.92.28.0/22
203.129.128.0/19
203.153.224.0/19
203.161.64.0/18
203.188.128.0/19
210.50.198.0/24
211.26.193.0/24
218.100.80.0/22
223.27.96.0/21
IPv6:
2402:7800::/32
2403:d600::/32
2403:fc00:300::/40
2404:b000::/32
2404:bc00::/32
Signature Algorithm: sha256WithRSAEncryption
87:ca:8a:27:e3:1b:15:dc:ca:07:b4:fa:1f:98:28:30:d9:6e:
9b:f9:c6:e3:15:eb:b3:16:17:0d:4a:21:e1:4f:71:fc:38:45:
21:73:43:75:77:41:57:85:85:16:8b:e1:5a:78:03:52:4e:63:
b5:c9:58:aa:f2:7a:be:42:50:e4:68:5e:71:cd:27:47:48:a9:
07:97:e2:e8:eb:cb:4f:a3:3c:cc:dd:70:8d:aa:68:95:5f:ef:
e7:7e:1e:2a:3a:af:b9:40:c8:e2:9a:2f:a5:d0:33:2b:37:bc:
18:b8:5b:3c:91:08:f9:1e:2a:da:cc:ee:8d:7c:d1:35:0b:8f:
18:4b:c1:8a:4a:ce:60:60:f8:12:31:1f:d4:e4:54:47:fa:b4:
91:94:09:dc:2f:7d:65:76:a4:c8:e8:06:ce:dd:7d:71:81:0c:
80:7b:88:d8:a5:42:16:72:0a:28:90:4e:7e:91:04:7f:26:43:
57:90:6a:fa:9f:2b:b1:7a:17:f8:02:48:7f:1b:c6:20:4d:04:
5e:68:ba:88:98:61:f9:e4:59:78:7f:4c:87:0a:4d:8e:4b:3b:
1b:6b:15:fe:e8:6b:21:88:34:ff:d8:50:58:83:df:5f:bd:44:
ce:f2:1e:31:59:8f:43:b6:dc:12:e2:6b:22:9c:c2:64:08:8f:
5a:1d:a4:4b
-----BEGIN CERTIFICATE-----
MIIGyjCCBbKgAwIBAgICF6EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjQwMjIwMTc1NTM5WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWQ0ZTc5Yi02NWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwQRxtQozDsszEl+v2Xl5w31XOTDv0I0nQmNT+aTzj42T8vJpZPtg0y5fHtjf
zkJN1/NC+oa+vgBxXXSr3B5/MBHmaFZVD4HHHuHeSg500Ny9078ZIgWUAzDhuB7o
qti9tw3Q9PryYpkOm7MigJyHKDStoyeNCz6U8iJQHE3ukaX3lndZ8KigABiiJI8/
zTT9WAWxo7Drca95iQMIVSkzXEYHEdbv/cwHRCwqVb8pD5+rZLI0tjlTNIGRGtvc
3quap1OpzSa+lylNppM6LYh/xUbdDBDwbGcB91GsnG2BOqcf0QN4tgJlmj4lFBfa
iwB3i8sT9BAf2V9WkSsX6hfjYwIDAQABo4ID7jCCA+owHQYDVR0OBBYEFEY8kKWv
ibog/FjJclDUbTu6bRiAMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvNDU0MUYzNzg4
OEU5MTFFRUIwMDc5NDJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggF2BggrBgEFBQcBBwEB
/wSCAWUwggFhMIIBMQQCAAEwggEpAwQADolqAwQCG2rIAwQCK/G8AwQCK/z8AwMA
Mf8DBABnJXgDBAJn6ZQDBAJn/xADBAJuBXQDBAZw1cADBAJxHfADBARyH8ADBAZ0
1MAwDAMEAHehUwMEBXehQAMEBXk2gAMEB3lPAAMEBXtnwAMEBnz+QAMEBq8tQAME
BbSUQAMEAco+ijAMAwQAyj6NAwQAyj6OAwQAyj6TAwQCyj6YAwQEylCwAwQFylmg
AwQEyolgAwQDyonAAwQEyr1AAwQAywz7AwQByxLUAwQAyxbOAwQAyxrtAwQAyxy6
AwQAyx2xAwQAyzcLAwQAyzf6AwQFy1lAAwQCy1wcAwQFy4GAAwQFy5ngAwQGy6FA
AwQFy7yAAwQA0jLGAwQA0xrBAwQC2mRQAwQD3xtgMCoEAgACMCQDBQAkAngAAwUA
JAPWAAMGACQD/AADAwUAJASwAAMFACQEvAAwDQYJKoZIhvcNAQELBQADggEBAIfK
iifjGxXcyge0+h+YKDDZbpv5xuMV67MWFw1KIeFPcfw4RSFzQ3V3QVeFhRaL4Vp4
A1JOY7XJWKryer5CUORoXnHNJ0dIqQeX4ujry0+jPMzdcI2qaJVf7+d+Hio6r7lA
yOKaL6XQMys3vBi4WzyRCPkeKtrM7o180TULjxhLwYpKzmBg+BIxH9TkVEf6tJGU
CdwvfWV2pMjoBs7dfXGBDIB7iNilQhZyCiiQTn6RBH8mQ1eQavqfK7F6F/gCSH8b
xiBNBF5ouoiYYfnkWXh/TIcKTY5LOxtrFf7oayGINP/YUFiD31+9RM7yHjFZj0O2
3BLiayKcwmQIj1odpEs=
-----END CERTIFICATE-----
Generated at Fri May 31 19:47:54 2024 by rpki-client on console-fra.rpki-client.org