Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/AE5C97A8AFB711E79FACFF11C4F9AE02.roa
File: AE5C97A8AFB711E79FACFF11C4F9AE02.roa (raw, json)
Hash identifier: oZxIGF3tZxpF5yy16W7DfVBV9Qm+nbX1ntFwqXaNbaw=
Subject key identifier: 59:F3:62:36:79:41:8E:04:F0:1A:6A:B2:C3:F3:BB:09:25:AA:6F:ED
Certificate issuer: /CN=A912FAB9/serialNumber=349C09E99CA806E335915735CF972A1BF864A6C3
Certificate serial: 1D1A
Authority key identifier: 34:9C:09:E9:9C:A8:06:E3:35:91:57:35:CF:97:2A:1B:F8:64:A6:C3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/AE5C97A8AFB711E79FACFF11C4F9AE02.roa
Signing time: Thu 06 Jun 2024 16:56:38 +0000
ROA not before: Thu 06 Jun 2024 16:56:38 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 10226
IP address blocks: 43.252.244.0/22 maxlen: 24
101.78.8.0/21 maxlen: 21
101.78.8.0/21 maxlen: 24
101.78.8.0/24 maxlen: 24
101.78.9.0/24 maxlen: 24
101.78.10.0/24 maxlen: 24
101.78.11.0/24 maxlen: 24
101.78.12.0/24 maxlen: 24
101.78.13.0/24 maxlen: 24
101.78.14.0/24 maxlen: 24
101.78.15.0/24 maxlen: 24
103.13.88.0/22 maxlen: 22
103.13.88.0/22 maxlen: 24
103.13.88.0/24 maxlen: 24
103.13.89.0/24 maxlen: 24
103.13.90.0/24 maxlen: 24
103.13.91.0/24 maxlen: 24
114.129.24.0/21 maxlen: 21
114.129.24.0/21 maxlen: 24
114.129.24.0/24 maxlen: 24
114.129.25.0/24 maxlen: 24
114.129.26.0/24 maxlen: 24
114.129.27.0/24 maxlen: 24
114.129.28.0/22 maxlen: 22
114.129.28.0/24 maxlen: 24
114.129.29.0/24 maxlen: 24
114.129.30.0/24 maxlen: 24
114.129.31.0/24 maxlen: 24
202.62.96.0/20 maxlen: 24
202.62.96.0/24 maxlen: 24
202.62.97.0/24 maxlen: 24
202.62.98.0/24 maxlen: 24
202.62.99.0/24 maxlen: 24
202.62.100.0/24 maxlen: 24
202.62.101.0/24 maxlen: 24
202.62.102.0/24 maxlen: 24
202.62.103.0/24 maxlen: 24
202.62.104.0/24 maxlen: 24
202.62.105.0/24 maxlen: 24
202.62.106.0/24 maxlen: 24
202.62.107.0/24 maxlen: 24
202.62.108.0/24 maxlen: 24
202.62.109.0/24 maxlen: 24
202.62.110.0/24 maxlen: 24
202.62.111.0/24 maxlen: 24
2404:2e00::/32 maxlen: 32
2404:2e00::/48 maxlen: 48
2404:2e00:1::/48 maxlen: 48
2404:2e00:2::/48 maxlen: 48
2404:2e00:3::/48 maxlen: 48
2404:2e00:4::/48 maxlen: 48
2404:2e00:5::/48 maxlen: 48
2404:2e00:6::/48 maxlen: 48
2404:2e00:7::/48 maxlen: 48
2404:2e00:8::/48 maxlen: 48
2404:2e00:9::/48 maxlen: 48
2404:2e00:a::/48 maxlen: 48
2404:2e00:b::/48 maxlen: 48
2404:2e00:c::/48 maxlen: 48
2404:2e00:d::/48 maxlen: 48
2404:2e00:e::/48 maxlen: 48
2404:2e00:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.crl
rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 16:08:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7450 (0x1d1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FAB9/serialNumber=349C09E99CA806E335915735CF972A1BF864A6C3
Validity
Not Before: Jun 6 16:56:38 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6661ea46-1e09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:9f:21:cc:e2:06:db:a3:ab:d0:f3:fb:ca:e9:
49:78:c4:37:52:59:6c:d0:ad:f9:d5:5e:59:e7:57:
93:69:4c:62:a9:e3:f4:fa:c7:ae:4e:58:3c:1c:ff:
ca:2c:99:44:0e:20:02:83:29:94:19:08:8f:26:66:
42:b3:61:fd:9d:4a:d4:1a:72:b5:71:13:99:79:b6:
b6:4c:4a:6b:07:cb:11:0d:32:79:4a:d4:b4:67:47:
9a:bd:3c:5c:78:1e:d0:71:14:1d:33:d0:08:93:5b:
c6:7e:5c:c8:aa:63:94:e9:af:79:8d:90:af:55:73:
22:41:c1:11:30:e3:fd:05:91:dc:02:83:95:36:e4:
32:7e:b1:4d:84:27:f7:85:7e:4f:e1:11:1b:9a:83:
91:16:cf:2a:4d:99:b1:89:6c:42:b8:be:f1:b0:ef:
67:0d:17:da:bd:69:f1:47:d0:d8:4a:ef:eb:91:63:
98:a5:12:ea:98:cd:a5:b3:11:b3:91:4d:37:69:16:
c0:89:2a:05:50:e1:dd:08:28:50:8d:61:78:34:43:
df:52:e4:7a:99:95:72:00:87:f5:6d:d0:50:b0:f0:
46:9e:36:88:1c:bb:9e:e4:12:25:91:8e:fe:f7:3a:
d4:b2:a0:05:97:d6:31:e5:90:9a:ba:12:e5:98:da:
c4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F3:62:36:79:41:8E:04:F0:1A:6A:B2:C3:F3:BB:09:25:AA:6F:ED
X509v3 Authority Key Identifier:
keyid:34:9C:09:E9:9C:A8:06:E3:35:91:57:35:CF:97:2A:1B:F8:64:A6:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/AE5C97A8AFB711E79FACFF11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.244.0/22
101.78.8.0/21
103.13.88.0/22
114.129.24.0/21
202.62.96.0/20
IPv6:
2404:2e00::/32
Signature Algorithm: sha256WithRSAEncryption
c6:ab:48:9b:c3:a1:05:66:8d:e4:04:2e:02:ca:c4:26:46:97:
c8:40:d1:2b:cf:aa:76:93:2d:71:12:16:a1:0c:1e:30:0c:87:
af:bc:35:bd:39:36:11:a6:5d:f3:be:fe:ec:ef:4c:90:41:19:
bd:f9:40:e7:74:9a:6c:7f:fb:55:a2:39:1d:26:ec:69:b0:c0:
e5:07:ea:e2:50:79:7a:d7:94:c4:fc:b9:f1:72:c8:f9:c7:44:
83:3d:a2:2c:d4:b5:16:2e:36:5f:ae:f8:27:4d:a8:8d:90:e8:
e6:ad:ca:bd:38:09:1b:2d:bf:8b:d9:f9:ed:d3:ba:57:14:0d:
65:ce:91:2e:f6:69:4c:2b:07:1e:ee:2e:6f:60:df:c6:18:4c:
8e:3c:a3:77:6b:e5:73:d8:75:03:7c:a3:89:41:d6:9c:c4:76:
60:c4:de:61:c8:f8:b1:98:02:9d:6a:3e:ed:8f:80:82:f3:51:
d5:8a:3f:fe:4b:97:c9:d0:00:56:37:dd:f1:14:61:32:91:ce:
fa:d6:1c:92:55:04:af:30:bf:a5:eb:79:dc:a4:a0:0c:71:6a:
04:33:6e:a5:12:7c:ab:63:aa:5c:87:fe:39:d3:21:29:d2:b8:
86:55:c0:cc:e9:09:42:bd:b1:55:05:13:79:15:8a:19:38:35:
60:f6:90:6c
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICHRowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZBQjkxMTAvBgNVBAUTKDM0OUMwOUU5OUNBODA2RTMzNTkxNTczNUNGOTcyQTFC
Rjg2NEE2QzMwHhcNMjQwNjA2MTY1NjM4WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjYxZWE0Ni0xZTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA058hzOIG26Or0PP7yulJeMQ3Ulls0K351V5Z51eTaUxiqeP0+seuTlg8HP/K
LJlEDiACgymUGQiPJmZCs2H9nUrUGnK1cROZeba2TEprB8sRDTJ5StS0Z0eavTxc
eB7QcRQdM9AIk1vGflzIqmOU6a95jZCvVXMiQcERMOP9BZHcAoOVNuQyfrFNhCf3
hX5P4REbmoORFs8qTZmxiWxCuL7xsO9nDRfavWnxR9DYSu/rkWOYpRLqmM2lsxGz
kU03aRbAiSoFUOHdCChQjWF4NEPfUuR6mZVyAIf1bdBQsPBGnjaIHLue5BIlkY7+
9zrUsqAFl9Yx5ZCauhLlmNrEOQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFFnzYjZ5
QY4E8BpqssPzuwklqm/tMB8GA1UdIwQYMBaAFDScCemcqAbjNZFXNc+XKhv4ZKbD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkFCOS85MzhBNzBFNDk1
Q0QxMUU2QkY0QTgyMzJDNEY5QUUwMi9OSndKNlp5b0J1TTFrVmMxejVjcUdfaGtw
c00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Kd0o2WnlvQnVNMWtWYzF6NWNxR19oa3BzTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZBQjkvOTM4QTcwRTQ5NUNEMTFFNkJGNEE4MjMyQzRGOUFFMDIvQUU1Qzk3QThB
RkI3MTFFNzlGQUNGRjExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAIr/PQDBANlTggDBAJnDVgDBANygRgDBATKPmAwDQQCAAIw
BwMFACQELgAwDQYJKoZIhvcNAQELBQADggEBAMarSJvDoQVmjeQELgLKxCZGl8hA
0SvPqnaTLXESFqEMHjAMh6+8Nb05NhGmXfO+/uzvTJBBGb35QOd0mmx/+1WiOR0m
7GmwwOUH6uJQeXrXlMT8ufFyyPnHRIM9oizUtRYuNl+u+CdNqI2Q6Oatyr04CRst
v4vZ+e3TulcUDWXOkS72aUwrBx7uLm9g38YYTI48o3dr5XPYdQN8o4lB1pzEdmDE
3mHI+LGYAp1qPu2PgILzUdWKP/5Ll8nQAFY33fEUYTKRzvrWHJJVBK8wv6Xredyk
oAxxagQzbqUSfKtjqlyH/jnTISnSuIZVwMzpCUK9sVUFE3kVihk4NWD2kGw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:49:58 2024 by rpki-client on console-ams.rpki-client.org