Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/BD4BA67012A011EFA668480EC4F9AE02.roa
File: BD4BA67012A011EFA668480EC4F9AE02.roa (raw, json)
Hash identifier: C1Ly9m9e0jgqLzVfzEzSEYHkgreoX6iuQMHbXRWqejE=
Subject key identifier: E1:8C:3F:2B:B3:92:49:1A:64:E3:24:5D:12:D7:BE:2B:28:80:9B:C1
Certificate issuer: /CN=A91298DA/serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Certificate serial: 0B15
Authority key identifier: FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/BD4BA67012A011EFA668480EC4F9AE02.roa
Signing time: Thu 16 May 2024 20:29:24 +0000
ROA not before: Thu 16 May 2024 20:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58895
IP address blocks: 36.255.100.0/22 maxlen: 22
36.255.100.0/24 maxlen: 24
36.255.101.0/24 maxlen: 24
36.255.102.0/24 maxlen: 24
36.255.103.0/24 maxlen: 24
43.229.164.0/22 maxlen: 22
43.229.164.0/24 maxlen: 24
43.229.165.0/24 maxlen: 24
43.229.166.0/24 maxlen: 24
43.229.167.0/24 maxlen: 24
43.230.92.0/22 maxlen: 22
43.230.92.0/24 maxlen: 24
43.230.93.0/24 maxlen: 24
43.230.94.0/24 maxlen: 24
43.230.95.0/24 maxlen: 24
43.231.60.0/22 maxlen: 22
43.231.60.0/24 maxlen: 24
43.231.61.0/24 maxlen: 24
43.231.62.0/24 maxlen: 24
43.231.63.0/24 maxlen: 24
43.248.12.0/22 maxlen: 22
43.248.12.0/24 maxlen: 24
43.248.13.0/24 maxlen: 24
43.248.14.0/24 maxlen: 24
43.248.15.0/24 maxlen: 24
45.113.124.0/22 maxlen: 22
45.113.124.0/24 maxlen: 24
45.113.125.0/24 maxlen: 24
45.113.126.0/24 maxlen: 24
45.113.127.0/24 maxlen: 24
45.117.105.0/24 maxlen: 24
45.117.106.0/24 maxlen: 24
45.117.107.0/24 maxlen: 24
103.24.96.0/22 maxlen: 24
103.35.212.0/22 maxlen: 22
103.35.212.0/24 maxlen: 24
103.35.213.0/24 maxlen: 24
103.35.214.0/24 maxlen: 24
103.35.215.0/24 maxlen: 24
103.39.80.0/22 maxlen: 22
103.39.80.0/24 maxlen: 24
103.39.81.0/24 maxlen: 24
103.39.82.0/24 maxlen: 24
103.39.83.0/24 maxlen: 24
103.49.136.0/24 maxlen: 24
103.49.137.0/24 maxlen: 24
103.49.138.0/24 maxlen: 24
103.49.139.0/24 maxlen: 24
103.50.156.0/22 maxlen: 22
103.50.156.0/24 maxlen: 24
103.50.157.0/24 maxlen: 24
103.50.158.0/24 maxlen: 24
103.50.159.0/24 maxlen: 24
103.53.44.0/22 maxlen: 22
103.53.44.0/24 maxlen: 24
103.53.45.0/24 maxlen: 24
103.53.46.0/24 maxlen: 24
103.53.47.0/24 maxlen: 24
103.57.168.0/22 maxlen: 22
103.57.168.0/24 maxlen: 24
103.57.169.0/24 maxlen: 24
103.57.170.0/24 maxlen: 24
103.57.171.0/24 maxlen: 24
103.70.84.0/22 maxlen: 22
103.70.84.0/24 maxlen: 24
103.70.85.0/24 maxlen: 24
103.70.86.0/24 maxlen: 24
103.70.87.0/24 maxlen: 24
103.200.197.0/24 maxlen: 24
103.200.198.0/24 maxlen: 24
103.200.199.0/24 maxlen: 24
103.209.84.0/22 maxlen: 22
103.209.84.0/24 maxlen: 24
103.209.85.0/24 maxlen: 24
103.209.86.0/24 maxlen: 24
103.209.87.0/24 maxlen: 24
117.53.40.0/22 maxlen: 22
117.53.40.0/24 maxlen: 24
117.53.41.0/24 maxlen: 24
117.53.42.0/24 maxlen: 24
117.53.43.0/24 maxlen: 24
150.129.4.0/22 maxlen: 22
150.129.4.0/24 maxlen: 24
150.129.5.0/24 maxlen: 24
150.129.6.0/24 maxlen: 24
150.129.7.0/24 maxlen: 24
2400:1680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 13 Jun 2024 19:59:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2837 (0xb15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91298DA/serialNumber=FCAA086226DF02AF8394FAB22D1FB96E0B7D65DD
Validity
Not Before: May 16 20:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66466ca4-a319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1c:6b:49:9e:95:64:86:74:16:b4:d6:7a:36:
fa:99:e5:21:1e:d1:06:05:da:47:b4:b3:9d:38:80:
12:25:1c:6d:76:2c:74:c2:dd:7c:b1:09:a2:d4:ee:
98:2d:11:58:7b:c6:06:47:3a:9c:e8:66:d7:e5:96:
e2:c4:de:84:b2:9c:01:3a:75:cb:db:eb:09:94:ee:
47:30:88:3b:ad:6d:76:e1:d3:bc:ab:a8:78:69:32:
d9:36:85:00:68:2d:54:2f:b2:b8:30:4a:6f:5a:4b:
a9:0a:ce:1b:ef:c9:34:48:18:12:d2:83:47:0d:38:
9f:a6:9d:83:97:f6:58:f5:a5:25:1d:20:14:ac:ad:
70:53:bb:6c:c7:d8:53:39:af:0e:5e:72:db:38:4a:
5e:86:52:08:41:c0:62:71:40:ee:83:4b:be:77:86:
f4:fc:e9:f8:e8:3c:f0:40:7f:28:5e:87:e7:89:7b:
0a:ff:9f:05:d7:65:71:8c:aa:be:45:51:95:ac:64:
4f:d5:cc:8d:2b:12:9d:77:b5:17:36:8b:09:89:37:
40:c2:f6:30:0d:27:e6:22:86:01:25:ef:a3:ce:6e:
20:64:9e:19:e2:16:b5:ab:09:10:53:b2:87:42:aa:
3a:ce:15:92:11:ca:ee:9e:64:f0:c9:99:01:85:0c:
73:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8C:3F:2B:B3:92:49:1A:64:E3:24:5D:12:D7:BE:2B:28:80:9B:C1
X509v3 Authority Key Identifier:
keyid:FC:AA:08:62:26:DF:02:AF:83:94:FA:B2:2D:1F:B9:6E:0B:7D:65:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/_KoIYibfAq-DlPqyLR-5bgt9Zd0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_KoIYibfAq-DlPqyLR-5bgt9Zd0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91298DA/34F3612E268111EA903D7058C4F9AE02/BD4BA67012A011EFA668480EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.100.0/22
43.229.164.0/22
43.230.92.0/22
43.231.60.0/22
43.248.12.0/22
45.113.124.0/22
45.117.105.0-45.117.107.255
103.24.96.0/22
103.35.212.0/22
103.39.80.0/22
103.49.136.0/22
103.50.156.0/22
103.53.44.0/22
103.57.168.0/22
103.70.84.0/22
103.200.197.0-103.200.199.255
103.209.84.0/22
117.53.40.0/22
150.129.4.0/22
IPv6:
2400:1680::/32
Signature Algorithm: sha256WithRSAEncryption
50:b3:37:57:39:d0:74:d4:7b:e5:ca:bc:cc:ee:0d:c8:d5:1a:
53:94:04:1b:59:e4:51:06:c6:1e:ef:bf:90:ec:e3:39:33:ca:
fe:c7:ff:2d:a2:7d:0e:e6:86:81:88:3a:26:0f:e6:07:b2:f9:
a2:55:a2:c2:f5:35:10:25:69:34:53:0f:12:86:ec:92:dd:d6:
01:68:8b:76:f3:6a:ab:62:71:d5:af:2d:74:c0:ba:84:88:6c:
1b:6c:e3:5d:fd:e1:8f:d9:c1:4a:b8:52:c8:84:05:c1:08:7d:
a1:31:68:83:67:dd:ed:71:c3:af:7f:2d:68:ad:8e:2f:7c:91:
8a:bd:fc:92:34:13:dc:3d:1e:ef:16:cb:6c:26:42:6b:1b:5a:
33:e2:b0:94:2c:7f:7d:ad:5a:d2:a1:31:ce:44:2c:f5:5f:0b:
c8:5a:fd:b4:91:14:e4:8f:d8:e9:77:9f:b0:e2:97:70:cc:d9:
69:ac:e5:ab:a1:88:0f:8c:f1:2b:17:3c:b5:15:98:aa:3d:be:
04:bd:13:f0:23:3a:64:58:6f:ac:b0:9d:5f:d8:7c:e2:8f:ba:
4b:8b:b3:2c:af:c4:9f:37:ee:89:26:98:08:15:b6:25:1f:bf:
d4:23:3c:04:c2:69:fc:28:d1:da:a4:bd:61:d9:ef:01:77:70:
cd:e2:ca:6a
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgICCxUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjk4REExMTAvBgNVBAUTKEZDQUEwODYyMjZERjAyQUY4Mzk0RkFCMjJEMUZCOTZF
MEI3RDY1REQwHhcNMjQwNTE2MjAyOTI0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQ2NmNhNC1hMzE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0RxrSZ6VZIZ0FrTWejb6meUhHtEGBdpHtLOdOIASJRxtdix0wt18sQmi1O6Y
LRFYe8YGRzqc6GbX5ZbixN6EspwBOnXL2+sJlO5HMIg7rW124dO8q6h4aTLZNoUA
aC1UL7K4MEpvWkupCs4b78k0SBgS0oNHDTifpp2Dl/ZY9aUlHSAUrK1wU7tsx9hT
Oa8OXnLbOEpehlIIQcBicUDug0u+d4b0/On46DzwQH8oXofniXsK/58F12VxjKq+
RVGVrGRP1cyNKxKdd7UXNosJiTdAwvYwDSfmIoYBJe+jzm4gZJ4Z4ha1qwkQU7KH
Qqo6zhWSEcrunmTwyZkBhQxzJwIDAQABo4IDJTCCAyEwHQYDVR0OBBYEFOGMPyuz
kkkaZOMkXRLXvisogJvBMB8GA1UdIwQYMBaAFPyqCGIm3wKvg5T6si0fuW4LfWXd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOThEQS8zNEYzNjEyRTI2
ODExMUVBOTAzRDcwNThDNEY5QUUwMi9fS29JWWliZkFxLURsUHF5TFItNWJndDla
ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19Lb0lZaWJmQXEtRGxQcXlMUi01Ymd0OVpkMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjk4REEvMzRGMzYxMkUyNjgxMTFFQTkwM0Q3MDU4QzRGOUFFMDIvQkQ0QkE2NzAx
MkEwMTFFRkE2Njg0ODBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga4GCCsGAQUFBwEHAQH/
BIGeMIGbMIGJBAIAATCBggMEAiT/ZAMEAivlpAMEAivmXAMEAivnPAMEAiv4DAME
Ai1xfDAMAwQALXVpAwQCLXVoAwQCZxhgAwQCZyPUAwQCZydQAwQCZzGIAwQCZzKc
AwQCZzUsAwQCZzmoAwQCZ0ZUMAwDBABnyMUDBANnyMADBAJn0VQDBAJ1NSgDBAKW
gQQwDQQCAAIwBwMFACQAFoAwDQYJKoZIhvcNAQELBQADggEBAFCzN1c50HTUe+XK
vMzuDcjVGlOUBBtZ5FEGxh7vv5Ds4zkzyv7H/y2ifQ7mhoGIOiYP5gey+aJVosL1
NRAlaTRTDxKG7JLd1gFoi3bzaqticdWvLXTAuoSIbBts41394Y/ZwUq4UsiEBcEI
faExaINn3e1xw69/LWitji98kYq9/JI0E9w9Hu8Wy2wmQmsbWjPisJQsf32tWtKh
Mc5ELPVfC8ha/bSRFOSP2Ol3n7Dil3DM2Wms5auhiA+M8SsXPLUVmKo9vgS9E/Aj
OmRYb6ywnV/YfOKPukuLsyyvxJ837okmmAgVtiUfv9QjPATCafwo0dqkvWHZ7wF3
cM3iymo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 21:06:49 2024 by rpki-client on console-fra.rpki-client.org