Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/4541F37888E911EEB007942FC4F9AE02.roa
File: 4541F37888E911EEB007942FC4F9AE02.roa (raw, json)
Hash identifier: 2ivN2jRu7AZc+9I9G+lKxQgYQTr8/iMaAY0n5hIunDM=
Subject key identifier: AD:52:6F:3F:6E:A4:4C:D6:1D:AC:1A:77:42:CA:4F:79:64:CB:F9:D8
Certificate issuer: /CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Certificate serial: 17EF
Authority key identifier: C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/4541F37888E911EEB007942FC4F9AE02.roa
Signing time: Thu 27 Jun 2024 08:08:12 +0000
ROA not before: Thu 27 Jun 2024 08:08:12 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 4826
IP address blocks: 14.137.106.0/24 maxlen: 24
27.106.200.0/22 maxlen: 22
43.241.188.0/22 maxlen: 22
43.252.252.0/22 maxlen: 22
49.255.0.0/16 maxlen: 16
49.255.233.0/24 maxlen: 24
49.255.249.0/24 maxlen: 24
49.255.255.0/24 maxlen: 24
103.37.120.0/24 maxlen: 24
103.233.148.0/22 maxlen: 22
103.255.16.0/22 maxlen: 22
110.5.116.0/22 maxlen: 22
112.213.192.0/19 maxlen: 19
112.213.224.0/19 maxlen: 19
113.29.240.0/22 maxlen: 22
113.29.243.0/24 maxlen: 24
114.31.192.0/20 maxlen: 20
116.212.192.0/18 maxlen: 18
116.212.204.0/24 maxlen: 24
116.212.230.0/23 maxlen: 24
116.212.253.0/24 maxlen: 24
119.161.64.0/20 maxlen: 20
119.161.80.0/22 maxlen: 22
119.161.83.0/24 maxlen: 24
119.161.84.0/24 maxlen: 24
119.161.85.0/24 maxlen: 24
119.161.86.0/23 maxlen: 23
119.161.88.0/23 maxlen: 23
119.161.90.0/24 maxlen: 24
119.161.91.0/24 maxlen: 24
119.161.92.0/24 maxlen: 24
119.161.93.0/24 maxlen: 24
119.161.94.0/24 maxlen: 24
119.161.95.0/24 maxlen: 24
121.54.128.0/19 maxlen: 19
121.54.128.0/20 maxlen: 20
121.54.136.0/24 maxlen: 24
121.54.145.0/24 maxlen: 24
121.79.0.0/17 maxlen: 17
123.103.192.0/19 maxlen: 19
124.254.64.0/18 maxlen: 18
124.254.64.0/24 maxlen: 24
124.254.95.0/24 maxlen: 24
124.254.96.0/24 maxlen: 24
175.45.64.0/18 maxlen: 18
175.45.78.0/24 maxlen: 24
175.45.82.0/24 maxlen: 24
175.45.83.0/24 maxlen: 24
175.45.85.0/24 maxlen: 24
175.45.92.0/24 maxlen: 24
175.45.94.0/23 maxlen: 23
175.45.99.0/24 maxlen: 24
175.45.100.0/24 maxlen: 24
175.45.101.0/24 maxlen: 24
175.45.105.0/24 maxlen: 24
175.45.111.0/24 maxlen: 24
175.45.125.0/24 maxlen: 24
180.148.64.0/19 maxlen: 19
180.148.76.0/24 maxlen: 24
180.148.77.0/24 maxlen: 24
180.148.83.0/24 maxlen: 24
180.148.84.0/24 maxlen: 24
180.148.95.0/24 maxlen: 24
202.62.138.0/24 maxlen: 24
202.62.139.0/24 maxlen: 24
202.62.141.0/24 maxlen: 24
202.62.142.0/24 maxlen: 24
202.62.147.0/24 maxlen: 24
202.62.152.0/24 maxlen: 24
202.62.153.0/24 maxlen: 24
202.62.154.0/24 maxlen: 24
202.62.155.0/24 maxlen: 24
202.80.176.0/20 maxlen: 20
202.89.160.0/19 maxlen: 19
202.137.96.0/20 maxlen: 20
202.137.192.0/21 maxlen: 21
202.189.64.0/20 maxlen: 20
202.189.72.0/24 maxlen: 24
202.189.73.0/24 maxlen: 24
203.12.251.0/24 maxlen: 24
203.18.212.0/23 maxlen: 23
203.22.206.0/24 maxlen: 24
203.26.237.0/24 maxlen: 24
203.28.186.0/24 maxlen: 24
203.29.177.0/24 maxlen: 24
203.55.11.0/24 maxlen: 24
203.55.250.0/24 maxlen: 24
203.89.64.0/19 maxlen: 19
203.89.80.0/24 maxlen: 24
203.89.92.0/24 maxlen: 24
203.92.28.0/22 maxlen: 22
203.129.128.0/19 maxlen: 19
203.153.224.0/19 maxlen: 19
203.153.226.0/24 maxlen: 24
203.161.64.0/18 maxlen: 18
203.188.128.0/19 maxlen: 19
210.50.198.0/24 maxlen: 24
211.26.193.0/24 maxlen: 24
218.100.80.0/22 maxlen: 22
223.27.96.0/21 maxlen: 21
2402:7800::/32 maxlen: 32
2402:7800:ff00::/40 maxlen: 40
2402:7800:ff00::/48 maxlen: 48
2402:7800:ff01::/48 maxlen: 48
2402:7800:ff20::/48 maxlen: 48
2402:7800:ff40::/44 maxlen: 44
2402:7800:ffe0::/48 maxlen: 48
2403:d600::/32 maxlen: 32
2403:fc00:300::/40 maxlen: 40
2404:b000::/32 maxlen: 32
2404:bc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 04 Jul 2024 08:27:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6127 (0x17ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EAE3D/serialNumber=C7269B124C420C55E29FB51D3C1B0D9D476CBD00
Validity
Not Before: Jun 27 08:08:12 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=667d1dec-61db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1d:9e:c0:17:2f:b5:18:c8:1e:ea:f1:d9:cb:
e0:64:09:8b:88:2a:91:ab:a1:c6:77:5b:84:25:3b:
2c:48:f4:f1:bc:6b:cc:b2:dc:5e:da:df:67:79:dd:
78:e3:91:3d:86:71:ed:5b:be:8c:78:25:21:1d:c1:
86:97:5d:9c:93:fb:b3:18:f1:67:d7:79:8e:43:8a:
0e:94:49:d2:a3:e6:0a:29:e2:b5:04:af:4f:b3:7c:
d8:bc:b2:2b:1f:05:b0:c4:f0:31:b1:6f:90:36:2f:
e5:49:16:02:a4:1c:0e:95:76:8e:c9:5c:87:7e:e4:
82:ba:73:55:62:fe:da:a5:e0:60:90:a1:cc:8a:32:
3a:10:84:eb:88:a6:00:df:9c:9b:56:78:4b:61:99:
c5:b1:95:ff:19:14:12:d1:6f:d6:f7:c0:1b:d7:0d:
d7:2f:b4:3a:1b:f9:b4:34:6c:bd:16:3f:0e:d2:40:
b2:a2:93:15:c7:a6:17:ac:94:9f:ac:fa:c2:85:6d:
c6:c7:e3:74:01:aa:73:27:af:a5:4c:d0:08:f5:01:
b5:20:08:49:b8:db:58:4c:e9:0f:d3:c5:68:84:84:
4f:0d:a4:19:9b:75:24:c5:c0:86:15:ab:61:0c:7e:
fd:14:00:3f:b9:50:36:8b:8d:90:48:d6:ab:06:cb:
6c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:52:6F:3F:6E:A4:4C:D6:1D:AC:1A:77:42:CA:4F:79:64:CB:F9:D8
X509v3 Authority Key Identifier:
keyid:C7:26:9B:12:4C:42:0C:55:E2:9F:B5:1D:3C:1B:0D:9D:47:6C:BD:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/xyabEkxCDFXin7UdPBsNnUdsvQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xyabEkxCDFXin7UdPBsNnUdsvQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/97B6E0CE75DE11E8B704A246C4F9AE02/4541F37888E911EEB007942FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.137.106.0/24
27.106.200.0/22
43.241.188.0/22
43.252.252.0/22
49.255.0.0/16
103.37.120.0/24
103.233.148.0/22
103.255.16.0/22
110.5.116.0/22
112.213.192.0/18
113.29.240.0/22
114.31.192.0/20
116.212.192.0/18
119.161.64.0/19
121.54.128.0/19
121.79.0.0/17
123.103.192.0/19
124.254.64.0/18
175.45.64.0/18
180.148.64.0/19
202.62.138.0/23
202.62.141.0-202.62.142.255
202.62.147.0/24
202.62.152.0/22
202.80.176.0/20
202.89.160.0/19
202.137.96.0/20
202.137.192.0/21
202.189.64.0/20
203.12.251.0/24
203.18.212.0/23
203.22.206.0/24
203.26.237.0/24
203.28.186.0/24
203.29.177.0/24
203.55.11.0/24
203.55.250.0/24
203.89.64.0/19
203.92.28.0/22
203.129.128.0/19
203.153.224.0/19
203.161.64.0/18
203.188.128.0/19
210.50.198.0/24
211.26.193.0/24
218.100.80.0/22
223.27.96.0/21
IPv6:
2402:7800::/32
2403:d600::/32
2403:fc00:300::/40
2404:b000::/32
2404:bc00::/32
Signature Algorithm: sha256WithRSAEncryption
12:84:51:71:95:f2:6e:2f:e1:ef:36:5f:9e:99:8a:82:eb:59:
4b:09:7c:68:5c:95:c7:b1:92:c8:56:83:cb:80:4c:e7:d8:49:
dd:95:f8:76:1e:e3:5a:3e:5a:c7:d8:4e:0a:20:6c:c9:2d:f6:
13:d2:b1:cc:67:2e:b3:c5:23:8a:f8:39:a2:ec:80:49:21:97:
98:70:ba:95:fe:1a:2e:61:ad:14:fe:f6:71:47:47:45:d6:ef:
33:26:30:43:6a:2c:49:b6:54:57:26:7c:19:e1:71:49:dc:94:
64:3b:92:5f:13:24:b5:91:89:c4:ec:c8:0b:f0:ce:a7:57:bf:
74:81:18:fe:b3:fb:63:64:4a:0a:a6:da:ba:9d:be:36:17:7b:
d4:1c:e7:31:cc:57:03:e4:97:4a:86:60:aa:c7:a5:dd:93:cf:
a9:ec:4d:33:6a:7c:7c:31:19:aa:c0:bc:f4:f4:ef:7e:42:fa:
99:0e:4a:1f:28:3e:be:dc:1f:b2:20:fb:67:67:9c:79:76:d6:
72:f7:dd:32:6b:7a:b4:c2:be:ca:66:55:8a:98:2b:ca:18:df:
02:43:53:da:6b:a1:42:bf:8e:d3:44:00:56:dc:bb:38:ba:38:
38:c1:a8:4f:b9:de:0d:c6:f9:11:85:cb:fc:df:80:0f:ac:78:
60:58:88:4f
-----BEGIN CERTIFICATE-----
MIIGwjCCBaqgAwIBAgICF+8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUFFM0QxMTAvBgNVBAUTKEM3MjY5QjEyNEM0MjBDNTVFMjlGQjUxRDNDMUIwRDlE
NDc2Q0JEMDAwHhcNMjQwNjI3MDgwODEyWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdkMWRlYy02MWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoR2ewBcvtRjIHurx2cvgZAmLiCqRq6HGd1uEJTssSPTxvGvMstxe2t9ned14
45E9hnHtW76MeCUhHcGGl12ck/uzGPFn13mOQ4oOlEnSo+YKKeK1BK9Ps3zYvLIr
HwWwxPAxsW+QNi/lSRYCpBwOlXaOyVyHfuSCunNVYv7apeBgkKHMijI6EITriKYA
35ybVnhLYZnFsZX/GRQS0W/W98Ab1w3XL7Q6G/m0NGy9Fj8O0kCyopMVx6YXrJSf
rPrChW3Gx+N0AapzJ6+lTNAI9QG1IAhJuNtYTOkP08VohIRPDaQZm3UkxcCGFath
DH79FAA/uVA2i42QSNarBstsEQIDAQABo4ID5jCCA+IwHQYDVR0OBBYEFK1Sbz9u
pEzWHawad0LKT3lky/nYMB8GA1UdIwQYMBaAFMcmmxJMQgxV4p+1HTwbDZ1HbL0A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC85N0I2RTBDRTc1
REUxMUU4QjcwNEEyNDZDNEY5QUUwMi94eWFiRWt4Q0RGWGluN1VkUEJzTm5VZHN2
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3h5YWJFa3hDREZYaW43VWRQQnNOblVkc3ZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUFFM0QvOTdCNkUwQ0U3NURFMTFFOEI3MDRBMjQ2QzRGOUFFMDIvNDU0MUYzNzg4
OEU5MTFFRUIwMDc5NDJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFuBggrBgEFBQcBBwEB
/wSCAV0wggFZMIIBKQQCAAEwggEhAwQADolqAwQCG2rIAwQCK/G8AwQCK/z8AwMA
Mf8DBABnJXgDBAJn6ZQDBAJn/xADBAJuBXQDBAZw1cADBAJxHfADBARyH8ADBAZ0
1MADBAV3oUADBAV5NoADBAd5TwADBAV7Z8ADBAZ8/kADBAavLUADBAW0lEADBAHK
PoowDAMEAMo+jQMEAMo+jgMEAMo+kwMEAso+mAMEBMpQsAMEBcpZoAMEBMqJYAME
A8qJwAMEBMq9QAMEAMsM+wMEAcsS1AMEAMsWzgMEAMsa7QMEAMscugMEAMsdsQME
AMs3CwMEAMs3+gMEBctZQAMEAstcHAMEBcuBgAMEBcuZ4AMEBsuhQAMEBcu8gAME
ANIyxgMEANMawQMEAtpkUAMEA98bYDAqBAIAAjAkAwUAJAJ4AAMFACQD1gADBgAk
A/wAAwMFACQEsAADBQAkBLwAMA0GCSqGSIb3DQEBCwUAA4IBAQAShFFxlfJuL+Hv
Nl+emYqC61lLCXxoXJXHsZLIVoPLgEzn2Endlfh2HuNaPlrH2E4KIGzJLfYT0rHM
Zy6zxSOK+Dmi7IBJIZeYcLqV/houYa0U/vZxR0dF1u8zJjBDaixJtlRXJnwZ4XFJ
3JRkO5JfEyS1kYnE7MgL8M6nV790gRj+s/tjZEoKptq6nb42F3vUHOcxzFcD5JdK
hmCqx6Xdk8+p7E0zanx8MRmqwLz09O9+QvqZDkofKD6+3B+yIPtnZ5x5dtZy990y
a3q0wr7KZlWKmCvKGN8CQ1Paa6FCv47TRABW3Ls4ujg4wahPud4NxvkRhcv834AP
rHhgWIhP
-----END CERTIFICATE-----
Generated at Sun Jun 30 02:57:23 2024 by rpki-client on console.sobornost.net