Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/F326C3EA8C1411EFB4E6476CC4F9AE02.roa
File: F326C3EA8C1411EFB4E6476CC4F9AE02.roa (raw, json)
Hash identifier: RCY8Z//IeADlCFFXLlQOUwrqKHaQ15YtmXYK2zgoO1E=
Subject key identifier: D8:17:B8:36:26:1D:CA:4E:5F:7D:93:F6:AD:B8:12:6E:A8:D4:29:47
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 1846
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/F326C3EA8C1411EFB4E6476CC4F9AE02.roa
Signing time: Tue 22 Oct 2024 22:29:51 +0000
ROA not before: Tue 22 Oct 2024 22:29:51 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 4826
IP address blocks: 14.137.106.0/24 maxlen: 24
27.106.200.0/22 maxlen: 22
43.241.188.0/22 maxlen: 22
43.252.252.0/22 maxlen: 22
49.255.0.0/16 maxlen: 16
49.255.233.0/24 maxlen: 24
49.255.255.0/24 maxlen: 24
103.37.120.0/24 maxlen: 24
103.233.148.0/22 maxlen: 22
103.255.16.0/22 maxlen: 22
110.5.116.0/22 maxlen: 22
112.213.192.0/19 maxlen: 19
112.213.224.0/19 maxlen: 19
113.29.240.0/22 maxlen: 22
113.29.243.0/24 maxlen: 24
114.31.192.0/20 maxlen: 20
116.212.192.0/18 maxlen: 18
116.212.204.0/24 maxlen: 24
116.212.230.0/23 maxlen: 24
116.212.253.0/24 maxlen: 24
119.161.64.0/20 maxlen: 20
119.161.80.0/20 maxlen: 20
121.54.128.0/19 maxlen: 19
121.54.128.0/20 maxlen: 20
121.54.136.0/24 maxlen: 24
121.54.145.0/24 maxlen: 24
121.79.0.0/17 maxlen: 17
123.103.192.0/19 maxlen: 19
124.254.64.0/18 maxlen: 18
124.254.64.0/24 maxlen: 24
124.254.95.0/24 maxlen: 24
124.254.96.0/24 maxlen: 24
175.45.64.0/18 maxlen: 18
175.45.78.0/24 maxlen: 24
175.45.82.0/24 maxlen: 24
175.45.83.0/24 maxlen: 24
175.45.85.0/24 maxlen: 24
175.45.92.0/24 maxlen: 24
175.45.94.0/23 maxlen: 23
175.45.99.0/24 maxlen: 24
175.45.100.0/24 maxlen: 24
175.45.101.0/24 maxlen: 24
175.45.105.0/24 maxlen: 24
175.45.111.0/24 maxlen: 24
175.45.125.0/24 maxlen: 24
180.148.64.0/19 maxlen: 19
180.148.76.0/24 maxlen: 24
180.148.77.0/24 maxlen: 24
180.148.83.0/24 maxlen: 24
180.148.84.0/24 maxlen: 24
180.148.95.0/24 maxlen: 24
202.62.138.0/24 maxlen: 24
202.62.139.0/24 maxlen: 24
202.62.141.0/24 maxlen: 24
202.62.142.0/24 maxlen: 24
202.62.147.0/24 maxlen: 24
202.62.152.0/24 maxlen: 24
202.62.153.0/24 maxlen: 24
202.62.154.0/24 maxlen: 24
202.62.155.0/24 maxlen: 24
202.80.176.0/20 maxlen: 20
202.89.160.0/19 maxlen: 19
202.137.96.0/20 maxlen: 20
202.137.192.0/21 maxlen: 21
202.174.224.0/19 maxlen: 19
202.189.64.0/20 maxlen: 20
202.189.72.0/24 maxlen: 24
202.189.73.0/24 maxlen: 24
203.12.251.0/24 maxlen: 24
203.18.212.0/23 maxlen: 23
203.22.206.0/24 maxlen: 24
203.26.237.0/24 maxlen: 24
203.28.186.0/24 maxlen: 24
203.29.177.0/24 maxlen: 24
203.55.11.0/24 maxlen: 24
203.55.250.0/24 maxlen: 24
203.89.64.0/19 maxlen: 19
203.89.80.0/24 maxlen: 24
203.89.92.0/24 maxlen: 24
203.92.28.0/22 maxlen: 22
203.129.128.0/19 maxlen: 19
203.153.224.0/19 maxlen: 19
203.153.226.0/24 maxlen: 24
203.161.64.0/18 maxlen: 18
203.188.128.0/19 maxlen: 19
210.50.198.0/24 maxlen: 24
211.26.193.0/24 maxlen: 24
218.100.80.0/22 maxlen: 22
223.27.96.0/21 maxlen: 21
2402:7800::/32 maxlen: 32
2402:7800:ff00::/40 maxlen: 40
2402:7800:ff00::/48 maxlen: 48
2402:7800:ff01::/48 maxlen: 48
2402:7800:ff20::/48 maxlen: 48
2402:7800:ff40::/44 maxlen: 44
2402:7800:ffe0::/48 maxlen: 48
2403:d600::/32 maxlen: 32
2403:fc00:300::/40 maxlen: 40
2404:b000::/32 maxlen: 32
2404:bc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 16:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6214 (0x1846)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Oct 22 22:29:51 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=6718275e-6bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:51:47:cd:c0:b3:f4:cc:da:4f:83:24:4f:b8:
3b:6a:b7:a7:35:09:6e:3e:6b:95:b8:38:13:65:91:
42:29:f0:e5:63:a8:f9:79:79:d4:bf:e5:7d:82:8c:
3d:71:90:13:73:c6:fe:7f:3d:43:bf:87:f9:2f:fd:
0f:3a:c1:aa:ed:2d:8d:5b:5d:0e:91:0e:51:81:c5:
d7:fb:39:c1:3a:32:02:16:ac:11:c4:47:43:bf:09:
b5:e1:24:e0:72:0d:01:24:1e:80:83:7c:3c:75:70:
cb:02:cf:fb:6f:44:35:2e:3e:00:ff:eb:a6:2d:fb:
48:5e:08:d7:95:fd:bc:c3:75:96:18:6a:24:47:e4:
f5:ae:ef:e2:f2:6f:a5:3d:92:67:ad:83:6a:5a:13:
48:1d:21:c1:8b:8e:c6:a2:a2:94:00:4e:85:24:7c:
e1:7d:1b:0a:5c:fc:a9:48:fa:28:5a:46:3c:44:77:
19:a3:6e:72:fa:9f:16:ad:ba:e6:41:b8:ee:27:a6:
7b:a2:da:80:40:77:5f:fa:33:7d:a2:79:09:ee:a3:
9c:ac:85:d4:cf:ff:d9:ad:b6:96:5d:54:f3:eb:59:
9c:9b:27:14:f2:38:c0:15:58:49:3b:0c:a0:e8:75:
8b:a9:7e:79:86:84:e1:9e:68:24:48:8f:a7:33:80:
63:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:17:B8:36:26:1D:CA:4E:5F:7D:93:F6:AD:B8:12:6E:A8:D4:29:47
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/F326C3EA8C1411EFB4E6476CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.137.106.0/24
27.106.200.0/22
43.241.188.0/22
43.252.252.0/22
49.255.0.0/16
103.37.120.0/24
103.233.148.0/22
103.255.16.0/22
110.5.116.0/22
112.213.192.0/18
113.29.240.0/22
114.31.192.0/20
116.212.192.0/18
119.161.64.0/19
121.54.128.0/19
121.79.0.0/17
123.103.192.0/19
124.254.64.0/18
175.45.64.0/18
180.148.64.0/19
202.62.138.0/23
202.62.141.0-202.62.142.255
202.62.147.0/24
202.62.152.0/22
202.80.176.0/20
202.89.160.0/19
202.137.96.0/20
202.137.192.0/21
202.174.224.0/19
202.189.64.0/20
203.12.251.0/24
203.18.212.0/23
203.22.206.0/24
203.26.237.0/24
203.28.186.0/24
203.29.177.0/24
203.55.11.0/24
203.55.250.0/24
203.89.64.0/19
203.92.28.0/22
203.129.128.0/19
203.153.224.0/19
203.161.64.0/18
203.188.128.0/19
210.50.198.0/24
211.26.193.0/24
218.100.80.0/22
223.27.96.0/21
IPv6:
2402:7800::/32
2403:d600::/32
2403:fc00:300::/40
2404:b000::/32
2404:bc00::/32
Signature Algorithm: sha256WithRSAEncryption
53:dc:59:d9:04:1f:47:52:e4:88:92:d9:8a:ac:3a:5f:c4:ff:
4c:a3:d4:67:fa:d8:20:07:d7:bb:0c:ca:2e:ee:ff:f7:67:02:
32:e1:1c:36:0f:68:38:ff:4a:99:bb:87:25:e7:fa:57:b0:70:
17:a9:0b:20:0f:9e:09:48:8e:51:ca:b4:df:c6:a2:e1:5c:8f:
00:9b:1b:15:0f:8d:af:0b:31:6a:c8:ec:af:93:99:4a:a9:98:
45:b2:c5:71:e8:aa:5f:ca:f0:95:64:93:bb:2a:a0:02:9d:57:
c5:53:a9:23:5d:3e:05:e2:16:02:d1:43:ab:5e:61:ed:af:9b:
a5:7d:6b:3b:ed:b3:28:89:68:b4:75:03:87:d4:db:2c:c1:3c:
dd:5f:a4:22:f4:b1:9c:0f:62:22:89:75:bb:0f:45:9b:92:0a:
52:8c:83:70:b9:41:df:85:d7:2c:83:f2:90:24:3e:23:23:e1:
31:8e:24:65:65:ff:52:43:1b:ff:69:95:09:9d:f8:db:b0:cf:
cc:3a:d5:e7:2b:d6:c8:b5:08:ec:1f:1c:07:e1:1e:bd:18:8e:
14:a2:31:15:38:d4:fe:fa:92:ae:99:46:a4:18:11:75:5e:47:
2d:a1:44:98:2e:74:a0:35:54:70:98:9f:d4:0f:b1:ce:dc:70:
1f:6f:f8:35
-----BEGIN CERTIFICATE-----
MIIGyDCCBbCgAwIBAgICGEYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjQxMDIyMjIyOTUxWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzE4Mjc1ZS02YmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvFFHzcCz9MzaT4MkT7g7arenNQluPmuVuDgTZZFCKfDlY6j5eXnUv+V9gow9
cZATc8b+fz1Dv4f5L/0POsGq7S2NW10OkQ5RgcXX+znBOjICFqwRxEdDvwm14STg
cg0BJB6Ag3w8dXDLAs/7b0Q1Lj4A/+umLftIXgjXlf28w3WWGGokR+T1ru/i8m+l
PZJnrYNqWhNIHSHBi47GoqKUAE6FJHzhfRsKXPypSPooWkY8RHcZo25y+p8Wrbrm
QbjuJ6Z7otqAQHdf+jN9onkJ7qOcrIXUz//ZrbaWXVTz61mcmycU8jjAFVhJOwyg
6HWLqX55hoThnmgkSI+nM4Bj6wIDAQABo4ID7DCCA+gwHQYDVR0OBBYEFNgXuDYm
HcpOX32T9q24Em6o1ClHMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvRjMyNkMzRUE4
QzE0MTFFRkI0RTY0NzZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggF0BggrBgEFBQcBBwEB
/wSCAWMwggFfMIIBLwQCAAEwggEnAwQADolqAwQCG2rIAwQCK/G8AwQCK/z8AwMA
Mf8DBABnJXgDBAJn6ZQDBAJn/xADBAJuBXQDBAZw1cADBAJxHfADBARyH8ADBAZ0
1MADBAV3oUADBAV5NoADBAd5TwADBAV7Z8ADBAZ8/kADBAavLUADBAW0lEADBAHK
PoowDAMEAMo+jQMEAMo+jgMEAMo+kwMEAso+mAMEBMpQsAMEBcpZoAMEBMqJYAME
A8qJwAMEBcqu4AMEBMq9QAMEAMsM+wMEAcsS1AMEAMsWzgMEAMsa7QMEAMscugME
AMsdsQMEAMs3CwMEAMs3+gMEBctZQAMEAstcHAMEBcuBgAMEBcuZ4AMEBsuhQAME
Bcu8gAMEANIyxgMEANMawQMEAtpkUAMEA98bYDAqBAIAAjAkAwUAJAJ4AAMFACQD
1gADBgAkA/wAAwMFACQEsAADBQAkBLwAMA0GCSqGSIb3DQEBCwUAA4IBAQBT3FnZ
BB9HUuSIktmKrDpfxP9Mo9Rn+tggB9e7DMou7v/3ZwIy4Rw2D2g4/0qZu4cl5/pX
sHAXqQsgD54JSI5RyrTfxqLhXI8AmxsVD42vCzFqyOyvk5lKqZhFssVx6KpfyvCV
ZJO7KqACnVfFU6kjXT4F4hYC0UOrXmHtr5ulfWs77bMoiWi0dQOH1NsswTzdX6Qi
9LGcD2IiiXW7D0WbkgpSjINwuUHfhdcsg/KQJD4jI+ExjiRlZf9SQxv/aZUJnfjb
sM/MOtXnK9bItQjsHxwH4R69GI4UojEVONT++pKumUakGBF1XkctoUSYLnSgNVRw
mJ/UD7HO3HAfb/g1
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:56:22 2024 by rpki-client on console-fra.rpki-client.org