Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/72D237AEEBA011EC87608210C4F9AE02.roa
File: 72D237AEEBA011EC87608210C4F9AE02.roa (raw, json)
Hash identifier: /6/vPtizZYxr5v7ORtDfd8JRwZk7T9USDbBUeYwxyPg=
Subject key identifier: 9F:51:FC:98:04:17:AA:E2:07:01:57:08:CB:CE:C9:D6:DC:92:01:EE
Certificate issuer: /CN=A912442A/serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570
Certificate serial: 02EC
Authority key identifier: 84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/72D237AEEBA011EC87608210C4F9AE02.roa
Signing time: Wed 27 Nov 2024 01:35:08 +0000
ROA not before: Wed 27 Nov 2024 01:35:08 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 38794
IP address blocks: 43.240.112.0/22 maxlen: 24
43.249.56.0/22 maxlen: 24
43.249.60.0/22 maxlen: 24
43.249.64.0/22 maxlen: 24
43.249.68.0/22 maxlen: 24
43.249.104.0/22 maxlen: 24
43.249.108.0/22 maxlen: 24
43.249.112.0/22 maxlen: 24
43.251.204.0/22 maxlen: 24
43.252.180.0/22 maxlen: 24
45.64.88.0/22 maxlen: 24
45.117.208.0/22 maxlen: 24
45.122.48.0/22 maxlen: 24
45.127.60.0/22 maxlen: 24
103.4.228.0/22 maxlen: 24
103.28.240.0/23 maxlen: 24
103.40.132.0/22 maxlen: 24
103.40.136.0/22 maxlen: 24
103.40.140.0/22 maxlen: 24
103.40.144.0/22 maxlen: 24
103.40.148.0/22 maxlen: 24
103.40.180.0/22 maxlen: 24
103.40.184.0/22 maxlen: 24
103.40.188.0/22 maxlen: 24
103.225.24.0/22 maxlen: 24
103.240.60.0/22 maxlen: 24
103.245.112.0/22 maxlen: 24
115.31.128.0/18 maxlen: 24
116.193.144.0/22 maxlen: 24
116.193.148.0/22 maxlen: 24
117.121.208.0/20 maxlen: 24
119.13.24.0/21 maxlen: 24
119.63.64.0/19 maxlen: 24
125.254.52.0/22 maxlen: 24
150.107.220.0/22 maxlen: 24
202.27.110.0/24 maxlen: 24
202.94.240.0/20 maxlen: 24
202.148.176.0/20 maxlen: 24
203.114.68.0/22 maxlen: 24
223.27.192.0/18 maxlen: 24
2001:df0:1e::/48 maxlen: 48
2400:cd00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.crl
rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 12 Apr 2025 01:35:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 748 (0x2ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912442A
Validity
Not Before: Nov 27 01:35:08 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6746774b-03c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:07:7e:c5:d1:a5:af:13:a4:fe:b2:de:89:09:
21:27:7b:73:50:56:f9:cb:44:39:dd:10:fe:b1:a8:
8e:3f:81:6d:b6:c0:12:0e:90:bf:cd:d9:a4:75:47:
29:36:9c:e7:ab:ea:47:5e:53:82:d7:c7:9a:e3:c9:
35:79:ed:42:26:64:df:cf:41:18:34:9c:18:2b:ff:
f1:39:51:b5:ee:55:d4:4e:c4:4e:94:ec:37:7a:0e:
ba:b9:7d:59:ee:c0:db:ea:01:0f:39:aa:64:19:af:
c3:f8:fa:39:01:81:08:ae:43:80:cb:9b:be:9c:0d:
63:2b:8c:58:43:4a:59:1d:59:43:9a:3d:8d:c9:cb:
f5:4d:71:dc:9f:9f:ec:76:c9:14:34:da:7f:75:e3:
d7:5f:f9:77:4b:83:e2:61:e3:f7:57:20:ea:f9:52:
13:b5:4c:8f:a0:02:43:92:50:c2:e4:6e:13:d5:fb:
69:a2:89:57:5b:69:a1:b3:28:be:92:7a:99:93:37:
e1:c0:bb:8e:2a:ab:ed:b7:bb:f0:61:92:da:94:f6:
da:2f:9f:3a:33:fa:1a:77:00:83:1f:8c:c9:ef:98:
f9:60:60:6a:17:ad:3f:2f:e1:26:16:77:46:de:0b:
0c:90:ce:37:87:40:62:82:ad:6d:05:ab:3e:a2:29:
b5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:51:FC:98:04:17:AA:E2:07:01:57:08:CB:CE:C9:D6:DC:92:01:EE
X509v3 Authority Key Identifier:
keyid:84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/72D237AEEBA011EC87608210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.112.0/22
43.249.56.0-43.249.71.255
43.249.104.0-43.249.115.255
43.251.204.0/22
43.252.180.0/22
45.64.88.0/22
45.117.208.0/22
45.122.48.0/22
45.127.60.0/22
103.4.228.0/22
103.28.240.0/23
103.40.132.0-103.40.151.255
103.40.180.0-103.40.191.255
103.225.24.0/22
103.240.60.0/22
103.245.112.0/22
115.31.128.0/18
116.193.144.0/21
117.121.208.0/20
119.13.24.0/21
119.63.64.0/19
125.254.52.0/22
150.107.220.0/22
202.27.110.0/24
202.94.240.0/20
202.148.176.0/20
203.114.68.0/22
223.27.192.0/18
IPv6:
2001:df0:1e::/48
2400:cd00::/32
Signature Algorithm: sha256WithRSAEncryption
62:8e:c8:0e:66:6e:da:7c:f2:d1:08:3b:4e:29:76:eb:cf:fb:
97:31:7e:43:6a:02:36:0c:04:7d:e0:0d:ce:61:2f:6d:0e:4f:
5e:94:43:32:aa:a5:12:13:12:97:2f:36:5a:e1:28:48:db:7f:
5e:10:05:c3:18:8e:a7:20:28:d9:0e:77:93:7e:2e:32:99:25:
52:3f:65:5c:21:5d:4e:f0:9e:c2:1c:3e:a3:ef:58:a7:54:c6:
16:a9:22:ad:03:e3:da:6e:bb:b1:1c:bf:06:3a:8d:bb:53:ee:
c1:28:03:b3:ed:f3:a5:96:bf:b6:f2:7b:f3:ae:c3:f6:c9:7e:
b6:b7:54:fe:a5:d8:dd:16:28:3d:b1:fe:c6:0e:ce:31:35:f1:
37:09:b9:c7:c8:35:6b:25:6f:ee:47:40:40:23:fc:80:2f:95:
e4:4b:07:48:b3:2d:79:b4:8a:21:69:84:81:3c:9c:98:77:18:
35:ab:ed:d7:a7:45:aa:22:05:ba:6c:d9:56:d9:e4:90:d9:f0:
ea:24:7c:02:20:7e:a0:56:e0:2e:91:b7:fb:64:d3:1a:20:09:
44:33:40:37:18:2f:f1:1c:9f:3b:05:51:9a:fe:12:1f:ef:64:
2b:0c:fa:ee:6a:25:36:ad:5b:e6:f2:a6:df:26:3b:dd:34:6c:
72:3c:d2:42
-----BEGIN CERTIFICATE-----
MIIGUDCCBTigAwIBAgICAuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQ0MkExMTAvBgNVBAUTKDg0ODVBMzlFRDZCNjIxMjhFREY0Rjk5QjJDMkE4MTFG
NUMyMDE1NzAwHhcNMjQxMTI3MDEzNTA4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ2Nzc0Yi0wM2MyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxAd+xdGlrxOk/rLeiQkhJ3tzUFb5y0Q53RD+saiOP4FttsASDpC/zdmkdUcp
Npznq+pHXlOC18ea48k1ee1CJmTfz0EYNJwYK//xOVG17lXUTsROlOw3eg66uX1Z
7sDb6gEPOapkGa/D+Po5AYEIrkOAy5u+nA1jK4xYQ0pZHVlDmj2Nycv1TXHcn5/s
dskUNNp/dePXX/l3S4PiYeP3VyDq+VITtUyPoAJDklDC5G4T1ftpoolXW2mhsyi+
knqZkzfhwLuOKqvtt7vwYZLalPbaL586M/oadwCDH4zJ75j5YGBqF60/L+EmFndG
3gsMkM43h0Bigq1tBas+oim1EQIDAQABo4IDdDCCA3AwHQYDVR0OBBYEFJ9R/JgE
F6riBwFXCMvOydbckgHuMB8GA1UdIwQYMBaAFISFo57WtiEo7fT5mywqgR9cIBVw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDQyQS8yMEYyQ0IwMEVC
OUMxMUVDQTY4MjEyMENDNEY5QUUwMi9oSVdqbnRhMklTanQ5UG1iTENxQkgxd2dG
WEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hJV2pudGEySVNqdDlQbWJMQ3FCSDF3Z0ZYQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ0MkEvMjBGMkNCMDBFQjlDMTFFQ0E2ODIxMjBDQzRGOUFFMDIvNzJEMjM3QUVF
QkEwMTFFQzg3NjA4MjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgf0GCCsGAQUFBwEHAQH/
BIHtMIHqMIHPBAIAATCByAMEAivwcDAMAwQDK/k4AwQDK/lAMAwDBAMr+WgDBAIr
+XADBAIr+8wDBAIr/LQDBAItQFgDBAItddADBAItejADBAItfzwDBAJnBOQDBAFn
HPAwDAMEAmcohAMEA2cokDAMAwQCZyi0AwQGZyiAAwQCZ+EYAwQCZ/A8AwQCZ/Vw
AwQGcx+AAwQDdMGQAwQEdXnQAwQDdw0YAwQFdz9AAwQCff40AwQClmvcAwQAyhtu
AwQEyl7wAwQEypSwAwQCy3JEAwQG3xvAMBYEAgACMBADBwAgAQ3wAB4DBQAkAM0A
MA0GCSqGSIb3DQEBCwUAA4IBAQBijsgOZm7afPLRCDtOKXbrz/uXMX5DagI2DAR9
4A3OYS9tDk9elEMyqqUSExKXLzZa4ShI239eEAXDGI6nICjZDneTfi4ymSVSP2Vc
IV1O8J7CHD6j71inVMYWqSKtA+PabruxHL8GOo27U+7BKAOz7fOllr+28nvzrsP2
yX62t1T+pdjdFig9sf7GDs4xNfE3CbnHyDVrJW/uR0BAI/yAL5XkSwdIsy15tIoh
aYSBPJyYdxg1q+3Xp0WqIgW6bNlW2eSQ2fDqJHwCIH6gVuAukbf7ZNMaIAlEM0A3
GC/xHJ87BVGa/hIf72QrDPruaiU2rVvm8qbfJjvdNGxyPNJC
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:26:09 2025 by rpki-client