Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/6E274D16DDD611ECA03EBA36C4F9AE02.roa
File: 6E274D16DDD611ECA03EBA36C4F9AE02.roa (raw, json)
Hash identifier: NWM/DMcwc5T9w+55RL9abbSGmFJxQj0Ovuc4PJFZgHM=
Subject key identifier: 98:E0:AD:F7:E6:B7:BB:44:6F:6F:60:FF:A9:33:B7:10:1A:59:E2:63
Certificate issuer: /CN=A91262CA/serialNumber=77A201C58EB3B4208C91BA7ECED936E595E61A19
Certificate serial: 03A2
Authority key identifier: 77:A2:01:C5:8E:B3:B4:20:8C:91:BA:7E:CE:D9:36:E5:95:E6:1A:19
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d6IBxY6ztCCMkbp-ztk25ZXmGhk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/6E274D16DDD611ECA03EBA36C4F9AE02.roa
Signing time: Thu 27 Jul 2023 02:04:35 +0000
ROA not before: Thu 27 Jul 2023 02:04:35 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 9891
IP address blocks: 27.254.26.0/24 maxlen: 24
27.254.32.0/21 maxlen: 21
27.254.35.0/24 maxlen: 24
27.254.40.0/21 maxlen: 21
27.254.43.0/24 maxlen: 24
27.254.48.0/22 maxlen: 22
27.254.48.0/23 maxlen: 23
27.254.52.0/22 maxlen: 22
27.254.56.0/22 maxlen: 22
27.254.60.0/22 maxlen: 22
27.254.60.0/24 maxlen: 24
27.254.61.0/24 maxlen: 24
27.254.62.0/23 maxlen: 23
27.254.63.0/24 maxlen: 24
27.254.64.0/22 maxlen: 22
27.254.64.0/23 maxlen: 23
27.254.64.0/24 maxlen: 24
27.254.68.0/22 maxlen: 22
27.254.80.0/22 maxlen: 22
27.254.82.0/24 maxlen: 24
27.254.84.0/22 maxlen: 22
27.254.92.0/22 maxlen: 22
27.254.96.0/22 maxlen: 22
27.254.108.0/22 maxlen: 22
27.254.128.0/19 maxlen: 19
27.254.160.0/22 maxlen: 22
27.254.168.0/22 maxlen: 22
27.254.172.0/22 maxlen: 22
27.254.208.0/22 maxlen: 22
27.254.210.0/24 maxlen: 24
27.254.211.0/24 maxlen: 24
27.254.212.0/23 maxlen: 23
27.254.216.0/22 maxlen: 22
202.183.164.0/22 maxlen: 22
202.183.192.0/23 maxlen: 23
202.183.198.0/24 maxlen: 24
202.183.247.0/24 maxlen: 24
203.146.21.0/24 maxlen: 24
203.146.26.0/24 maxlen: 24
203.146.43.0/24 maxlen: 24
203.146.61.0/24 maxlen: 24
203.146.101.0/24 maxlen: 24
203.146.102.0/24 maxlen: 24
203.146.111.0/24 maxlen: 24
203.146.117.0/24 maxlen: 24
203.146.127.0/24 maxlen: 24
203.146.129.0/24 maxlen: 24
203.146.140.0/24 maxlen: 24
203.146.151.0/24 maxlen: 24
203.146.161.0/24 maxlen: 24
203.146.170.0/24 maxlen: 24
203.146.180.0/24 maxlen: 24
203.146.215.0/24 maxlen: 24
203.146.248.0/22 maxlen: 22
203.146.253.0/24 maxlen: 24
203.170.129.0/24 maxlen: 24
203.170.145.0/24 maxlen: 24
203.170.160.0/23 maxlen: 23
203.170.190.0/24 maxlen: 24
203.170.192.0/23 maxlen: 23
203.170.203.0/24 maxlen: 24
203.170.204.0/24 maxlen: 24
203.172.40.0/22 maxlen: 22
210.1.11.0/24 maxlen: 24
210.1.31.0/24 maxlen: 24
210.1.51.0/24 maxlen: 24
210.1.52.0/24 maxlen: 24
210.1.58.0/24 maxlen: 24
210.1.59.0/24 maxlen: 24
210.1.60.0/23 maxlen: 23
2404:b0:2000::/48 maxlen: 48
2404:b0:2001::/48 maxlen: 48
2404:b1::/32 maxlen: 32
2404:b1::/36 maxlen: 36
2404:b1:1000::/36 maxlen: 36
2404:b1:4000::/36 maxlen: 36
2404:b1:8000::/36 maxlen: 36
2404:b1:a000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/d6IBxY6ztCCMkbp-ztk25ZXmGhk.crl
rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/d6IBxY6ztCCMkbp-ztk25ZXmGhk.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d6IBxY6ztCCMkbp-ztk25ZXmGhk.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 08 Jun 2024 04:17:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 930 (0x3a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91262CA/serialNumber=77A201C58EB3B4208C91BA7ECED936E595E61A19
Validity
Not Before: Jul 27 02:04:35 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64c1d0b2-3d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bb:01:77:d0:8d:81:ce:a7:41:17:75:d9:fa:
c0:fa:b4:d7:b9:c3:11:21:49:88:c6:1c:56:f6:66:
19:c3:3a:32:b8:46:a4:a6:9f:da:c1:76:72:3b:70:
7d:79:9d:64:b1:fa:2b:fe:fd:3e:4a:f2:13:ea:42:
af:d1:46:98:2a:ca:61:31:47:46:f6:4e:c3:57:91:
f6:87:0d:c7:1a:eb:24:90:86:8d:e9:a9:64:ed:78:
20:6b:2f:bd:28:42:d4:33:77:12:8d:3d:69:c8:d0:
eb:db:87:a3:90:d8:2a:11:a9:a2:50:14:f8:41:0b:
02:42:02:9e:92:51:6b:0f:d3:7d:41:70:a1:8d:e0:
cd:dd:31:1a:88:52:5f:c9:4d:0c:fa:91:5b:65:64:
a0:25:0c:f4:39:65:7e:46:db:59:17:a3:13:21:7b:
04:f5:57:3e:c1:2c:08:a5:7e:d9:65:8b:99:f9:32:
90:f1:0c:8f:31:3f:4d:a8:14:c4:e6:e8:d6:04:9c:
c6:30:c0:52:de:30:72:00:56:65:6e:a9:e9:a8:db:
92:b1:44:7f:03:f6:c7:15:11:fe:67:0b:66:d2:ff:
22:b3:4c:ea:f5:fe:0e:b2:ea:12:9f:35:3a:44:21:
4c:7e:a1:79:7b:bb:a3:b4:22:42:ff:9d:ac:3b:ad:
fb:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E0:AD:F7:E6:B7:BB:44:6F:6F:60:FF:A9:33:B7:10:1A:59:E2:63
X509v3 Authority Key Identifier:
keyid:77:A2:01:C5:8E:B3:B4:20:8C:91:BA:7E:CE:D9:36:E5:95:E6:1A:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/d6IBxY6ztCCMkbp-ztk25ZXmGhk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d6IBxY6ztCCMkbp-ztk25ZXmGhk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262CA/F5EDC7FC8A5711EC96EBC014C4F9AE02/6E274D16DDD611ECA03EBA36C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.254.26.0/24
27.254.32.0-27.254.71.255
27.254.80.0/21
27.254.92.0-27.254.99.255
27.254.108.0/22
27.254.128.0-27.254.163.255
27.254.168.0/21
27.254.208.0-27.254.213.255
27.254.216.0/22
202.183.164.0/22
202.183.192.0/23
202.183.198.0/24
202.183.247.0/24
203.146.21.0/24
203.146.26.0/24
203.146.43.0/24
203.146.61.0/24
203.146.101.0-203.146.102.255
203.146.111.0/24
203.146.117.0/24
203.146.127.0/24
203.146.129.0/24
203.146.140.0/24
203.146.151.0/24
203.146.161.0/24
203.146.170.0/24
203.146.180.0/24
203.146.215.0/24
203.146.248.0/22
203.146.253.0/24
203.170.129.0/24
203.170.145.0/24
203.170.160.0/23
203.170.190.0/24
203.170.192.0/23
203.170.203.0-203.170.204.255
203.172.40.0/22
210.1.11.0/24
210.1.31.0/24
210.1.51.0-210.1.52.255
210.1.58.0-210.1.61.255
IPv6:
2404:b0:2000::/47
2404:b1::/32
Signature Algorithm: sha256WithRSAEncryption
6a:ae:e2:62:06:f3:a5:fa:57:24:dc:ce:74:f1:6b:bb:98:97:
d2:8f:b5:84:52:a0:06:3c:76:bc:64:af:00:71:5a:5f:60:41:
9f:35:ff:94:36:42:74:6d:ff:67:7c:14:98:cc:61:03:f6:52:
cc:0b:37:64:cb:39:cc:3d:97:7d:f2:66:af:bc:bb:51:b8:c1:
f0:3f:93:7f:e4:0e:6a:94:10:0c:32:8b:dd:91:1d:da:4e:94:
97:cc:48:e3:87:f7:b0:c4:78:b1:7f:40:ef:22:c3:ae:33:33:
84:1e:fa:78:0c:ba:a5:06:22:68:c1:ba:d3:dd:f3:1d:3c:af:
3e:07:55:08:ea:64:5e:f7:45:95:e5:de:27:2c:98:cd:37:e2:
6c:3d:70:6a:67:47:27:7f:fc:4c:5e:ee:8c:76:21:ac:2d:fe:
42:a2:77:6b:0e:a8:ee:d0:82:f7:77:77:8b:ad:2e:9a:92:81:
2d:ca:1a:73:ba:de:ba:13:57:65:68:86:fa:ab:89:a7:a3:52:
63:ee:d3:f4:07:4d:7a:10:58:fb:e2:08:46:94:1d:74:e1:17:
65:e2:ce:54:bf:73:2c:3c:8f:79:30:0e:fe:af:f7:ba:39:39:
24:f6:be:0e:42:b9:e2:74:8b:3a:e5:40:a2:f3:2a:5b:78:98:
70:f5:51:20
-----BEGIN CERTIFICATE-----
MIIGwzCCBaugAwIBAgICA6IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyQ0ExMTAvBgNVBAUTKDc3QTIwMUM1OEVCM0I0MjA4QzkxQkE3RUNFRDkzNkU1
OTVFNjFBMTkwHhcNMjMwNzI3MDIwNDM1WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGMxZDBiMi0zZDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp7sBd9CNgc6nQRd12frA+rTXucMRIUmIxhxW9mYZwzoyuEakpp/awXZyO3B9
eZ1ksfor/v0+SvIT6kKv0UaYKsphMUdG9k7DV5H2hw3HGuskkIaN6alk7Xggay+9
KELUM3cSjT1pyNDr24ejkNgqEamiUBT4QQsCQgKeklFrD9N9QXChjeDN3TEaiFJf
yU0M+pFbZWSgJQz0OWV+RttZF6MTIXsE9Vc+wSwIpX7ZZYuZ+TKQ8QyPMT9NqBTE
5ujWBJzGMMBS3jByAFZlbqnpqNuSsUR/A/bHFRH+Zwtm0v8is0zq9f4OsuoSnzU6
RCFMfqF5e7ujtCJC/52sO637+QIDAQABo4ID5zCCA+MwHQYDVR0OBBYEFJjgrffm
t7tEb29g/6kztxAaWeJjMB8GA1UdIwQYMBaAFHeiAcWOs7QgjJG6fs7ZNuWV5hoZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJDQS9GNUVEQzdGQzhB
NTcxMUVDOTZFQkMwMTRDNEY5QUUwMi9kNklCeFk2enRDQ01rYnAtenRrMjVaWG1H
aGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Q2SUJ4WTZ6dENDTWticC16dGsyNVpYbUdoay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyQ0EvRjVFREM3RkM4QTU3MTFFQzk2RUJDMDE0QzRGOUFFMDIvNkUyNzREMTZE
REQ2MTFFQ0EwM0VCQTM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFvBggrBgEFBQcBBwEB
/wSCAV4wggFaMIIBPgQCAAEwggE2AwQAG/4aMAwDBAUb/iADBAMb/kADBAMb/lAw
DAMEAhv+XAMEAhv+YAMEAhv+bDAMAwQHG/6AAwQCG/6gAwQDG/6oMAwDBAQb/tAD
BAEb/tQDBAIb/tgDBALKt6QDBAHKt8ADBADKt8YDBADKt/cDBADLkhUDBADLkhoD
BADLkisDBADLkj0wDAMEAMuSZQMEAMuSZgMEAMuSbwMEAMuSdQMEAMuSfwMEAMuS
gQMEAMuSjAMEAMuSlwMEAMuSoQMEAMuSqgMEAMuStAMEAMuS1wMEAsuS+AMEAMuS
/QMEAMuqgQMEAMuqkQMEAcuqoAMEAMuqvgMEAcuqwDAMAwQAy6rLAwQAy6rMAwQC
y6woAwQA0gELAwQA0gEfMAwDBADSATMDBADSATQwDAMEAdIBOgMEAdIBPDAWBAIA
AjAQAwcBJAQAsCAAAwUAJAQAsTANBgkqhkiG9w0BAQsFAAOCAQEAaq7iYgbzpfpX
JNzOdPFru5iX0o+1hFKgBjx2vGSvAHFaX2BBnzX/lDZCdG3/Z3wUmMxhA/ZSzAs3
ZMs5zD2XffJmr7y7UbjB8D+Tf+QOapQQDDKL3ZEd2k6Ul8xI44f3sMR4sX9A7yLD
rjMzhB76eAy6pQYiaMG6093zHTyvPgdVCOpkXvdFleXeJyyYzTfibD1wamdHJ3/8
TF7ujHYhrC3+QqJ3aw6o7tCC93d3i60umpKBLcoac7reuhNXZWiG+quJp6NSY+7T
9AdNehBY++IIRpQddOEXZeLOVL9zLDyPeTAO/q/3ujk5JPa+DkK54nSLOuVAovMq
W3iYcPVRIA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 07:08:12 2024 by rpki-client on console-ams.rpki-client.org