Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3C30815CABB611ED8370AB5DC4F9AE02.roa
File: 3C30815CABB611ED8370AB5DC4F9AE02.roa (raw, json)
Hash identifier: qq/fMXcHrHsqRHUWfwbPUQF5ubEbzLSLfM/l1HWL7W8=
Subject key identifier: 5B:59:30:C1:29:1B:DA:97:1E:94:87:99:B4:66:A6:FB:70:C1:5C:27
Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Certificate serial: 066E
Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3C30815CABB611ED8370AB5DC4F9AE02.roa
Signing time: Sun 26 May 2024 19:40:23 +0000
ROA not before: Sun 26 May 2024 19:40:23 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 140220
IP address blocks: 60.234.11.0/24 maxlen: 24
60.234.12.0/24 maxlen: 24
60.234.13.0/24 maxlen: 24
60.234.14.0/24 maxlen: 24
60.234.15.0/24 maxlen: 24
60.234.50.0/24 maxlen: 24
60.234.51.0/24 maxlen: 24
60.234.52.0/24 maxlen: 24
60.234.53.0/24 maxlen: 24
60.234.63.0/24 maxlen: 24
60.234.68.0/24 maxlen: 24
60.234.88.0/24 maxlen: 24
60.234.90.0/23 maxlen: 24
60.234.92.0/23 maxlen: 24
60.234.94.0/24 maxlen: 24
60.234.95.0/24 maxlen: 24
60.234.96.0/24 maxlen: 24
60.234.98.0/24 maxlen: 24
60.234.99.0/24 maxlen: 24
60.234.108.0/24 maxlen: 24
60.234.109.0/24 maxlen: 24
60.234.110.0/24 maxlen: 24
60.234.111.0/24 maxlen: 24
60.234.112.0/24 maxlen: 24
60.234.113.0/24 maxlen: 24
60.234.114.0/24 maxlen: 24
60.234.115.0/24 maxlen: 24
60.234.124.0/24 maxlen: 24
60.234.125.0/24 maxlen: 24
60.234.126.0/24 maxlen: 24
60.234.127.0/24 maxlen: 24
60.234.128.0/24 maxlen: 24
60.234.129.0/24 maxlen: 24
60.234.130.0/24 maxlen: 24
60.234.131.0/24 maxlen: 24
60.234.132.0/24 maxlen: 24
60.234.133.0/24 maxlen: 24
60.234.134.0/24 maxlen: 24
60.234.135.0/24 maxlen: 24
60.234.136.0/24 maxlen: 24
60.234.137.0/24 maxlen: 24
60.234.138.0/24 maxlen: 24
60.234.139.0/24 maxlen: 24
60.234.140.0/24 maxlen: 24
60.234.141.0/24 maxlen: 24
60.234.142.0/24 maxlen: 24
60.234.143.0/24 maxlen: 24
60.234.144.0/23 maxlen: 24
60.234.149.0/24 maxlen: 24
60.234.150.0/23 maxlen: 24
60.234.152.0/21 maxlen: 24
60.234.161.0/24 maxlen: 24
60.234.162.0/23 maxlen: 24
60.234.164.0/24 maxlen: 24
60.234.165.0/24 maxlen: 24
60.234.166.0/24 maxlen: 24
60.234.167.0/24 maxlen: 24
60.234.168.0/24 maxlen: 24
60.234.169.0/24 maxlen: 24
60.234.171.0/24 maxlen: 24
60.234.172.0/24 maxlen: 24
60.234.173.0/24 maxlen: 24
60.234.174.0/24 maxlen: 24
60.234.175.0/24 maxlen: 24
60.234.176.0/24 maxlen: 24
60.234.178.0/24 maxlen: 24
60.234.181.0/24 maxlen: 24
60.234.182.0/23 maxlen: 24
60.234.184.0/23 maxlen: 24
60.234.186.0/24 maxlen: 24
60.234.187.0/24 maxlen: 24
60.234.188.0/24 maxlen: 24
60.234.189.0/24 maxlen: 24
60.234.190.0/24 maxlen: 24
60.234.192.0/24 maxlen: 24
60.234.193.0/24 maxlen: 24
60.234.194.0/23 maxlen: 24
60.234.196.0/23 maxlen: 24
60.234.198.0/23 maxlen: 24
60.234.201.0/24 maxlen: 24
60.234.202.0/23 maxlen: 24
60.234.204.0/24 maxlen: 24
60.234.207.0/24 maxlen: 24
60.234.208.0/20 maxlen: 24
60.234.224.0/19 maxlen: 24
202.127.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 08 Jun 2024 01:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1646 (0x66e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Validity
Not Before: May 26 19:40:23 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=66539027-e487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:50:dc:aa:08:da:e5:cb:d3:b3:61:d8:56:8a:
6f:59:31:5c:5a:0e:b2:dd:bd:ab:a9:55:af:3a:8e:
c3:88:b5:83:d6:90:66:28:12:cb:4a:f7:38:e8:82:
6e:f9:9a:00:e1:55:3f:92:c1:39:4d:ce:ca:68:c8:
f4:64:5f:b9:d2:6e:e0:e0:15:0d:dd:6f:9a:22:6b:
f8:08:c6:f1:53:6a:90:85:d7:de:36:56:9d:fa:cc:
7f:43:08:d2:3b:ab:0c:f3:cc:e2:a2:1d:2b:d4:b5:
b6:ab:36:b1:73:21:39:be:94:8b:87:1c:05:cb:74:
64:e8:58:01:3e:26:85:e4:9f:bc:be:28:e3:96:8d:
3b:b8:cc:18:a7:03:0d:be:a4:8c:19:b5:eb:8a:42:
b4:5a:c2:77:8f:f7:a0:57:3c:5b:49:f6:69:21:ef:
3f:fe:e5:7f:a7:fd:46:41:b1:00:c2:bd:eb:c8:75:
0d:eb:31:b1:10:71:bb:53:50:42:60:2a:46:4d:c5:
f8:4d:84:51:ae:8e:90:fe:ed:3b:f7:11:d3:76:a1:
3e:ae:1c:76:8e:e2:42:b8:a9:26:16:f9:58:1c:70:
3a:58:24:60:e0:6e:4b:8f:3a:de:f6:67:92:bd:7d:
ee:02:17:ae:0c:d1:97:a9:eb:2a:84:f8:83:98:b0:
c1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:59:30:C1:29:1B:DA:97:1E:94:87:99:B4:66:A6:FB:70:C1:5C:27
X509v3 Authority Key Identifier:
keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/3C30815CABB611ED8370AB5DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
60.234.11.0-60.234.15.255
60.234.50.0-60.234.53.255
60.234.63.0/24
60.234.68.0/24
60.234.88.0/24
60.234.90.0-60.234.96.255
60.234.98.0/23
60.234.108.0-60.234.115.255
60.234.124.0-60.234.145.255
60.234.149.0-60.234.159.255
60.234.161.0-60.234.169.255
60.234.171.0-60.234.176.255
60.234.178.0/24
60.234.181.0-60.234.190.255
60.234.192.0/21
60.234.201.0-60.234.204.255
60.234.207.0-60.234.255.255
202.127.8.0/22
Signature Algorithm: sha256WithRSAEncryption
57:ac:8f:dc:14:1a:45:11:02:06:db:b8:dd:b9:3b:40:03:48:
3f:c0:7b:d0:b9:6a:64:33:d4:ae:d0:03:fd:29:5a:67:16:0c:
76:9c:53:57:df:f3:bd:65:6c:c9:63:27:4e:de:9b:51:15:ed:
1a:a8:ca:6e:a6:fe:fe:94:af:60:54:05:bd:e3:d9:72:7d:3b:
d8:9c:8a:6b:47:e9:de:8b:29:b8:fb:24:2b:ad:70:3b:01:ec:
4b:71:21:b6:b5:d7:40:30:70:46:22:0d:af:4b:ac:34:4b:34:
be:c2:fc:83:d0:28:20:46:c2:20:c2:d5:e0:f5:07:e8:b9:06:
24:60:ac:4c:c2:69:0e:34:14:cc:2d:bc:72:7d:b7:cf:cd:36:
11:da:f9:af:50:92:b8:09:d7:9a:65:8d:74:da:1d:c0:b5:48:
01:3e:bd:0d:a9:ee:e0:9d:79:df:bf:b7:de:e4:ee:d8:41:a6:
27:7a:17:f1:b9:b2:00:5c:cc:28:12:9f:15:d6:04:07:4c:53:
17:27:03:03:d0:0f:81:20:d0:55:83:af:d2:6d:be:7c:db:71:
96:5b:87:08:8f:72:c9:f3:80:75:51:0b:8d:20:c5:f4:50:51:
83:79:26:c7:ac:84:e2:9f:30:10:9c:0e:eb:d8:fe:6b:0f:a4:
95:17:f3:0b
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgICBm4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC
NjBEQjFCMkMwHhcNMjQwNTI2MTk0MDIzWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjUzOTAyNy1lNDg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwFDcqgja5cvTs2HYVopvWTFcWg6y3b2rqVWvOo7DiLWD1pBmKBLLSvc46IJu
+ZoA4VU/ksE5Tc7KaMj0ZF+50m7g4BUN3W+aImv4CMbxU2qQhdfeNlad+sx/QwjS
O6sM88zioh0r1LW2qzaxcyE5vpSLhxwFy3Rk6FgBPiaF5J+8vijjlo07uMwYpwMN
vqSMGbXrikK0WsJ3j/egVzxbSfZpIe8//uV/p/1GQbEAwr3ryHUN6zGxEHG7U1BC
YCpGTcX4TYRRro6Q/u079xHTdqE+rhx2juJCuKkmFvlYHHA6WCRg4G5Ljzre9meS
vX3uAheuDNGXqesqhPiDmLDBqwIDAQABo4IDVzCCA1MwHQYDVR0OBBYEFFtZMMEp
G9qXHpSHmbRmpvtwwVwnMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvM0MzMDgxNUNB
QkI2MTFFRDgzNzBBQjVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeAGCCsGAQUFBwEHAQH/
BIHQMIHNMIHKBAIAATCBwzAMAwQAPOoLAwQEPOoAMAwDBAE86jIDBAE86jQDBAA8
6j8DBAA86kQDBAA86lgwDAMEATzqWgMEADzqYAMEATzqYjAMAwQCPOpsAwQCPOpw
MAwDBAI86nwDBAE86pAwDAMEADzqlQMEBTzqgDAMAwQAPOqhAwQBPOqoMAwDBAA8
6qsDBAA86rADBAA86rIwDAMEADzqtQMEADzqvgMEAzzqwDAMAwQAPOrJAwQAPOrM
MAsDBAA86s8DAwA86gMEAsp/CDANBgkqhkiG9w0BAQsFAAOCAQEAV6yP3BQaRREC
Btu43bk7QANIP8B70LlqZDPUrtAD/SlaZxYMdpxTV9/zvWVsyWMnTt6bURXtGqjK
bqb+/pSvYFQFvePZcn072JyKa0fp3ospuPskK61wOwHsS3EhtrXXQDBwRiINr0us
NEs0vsL8g9AoIEbCIMLV4PUH6LkGJGCsTMJpDjQUzC28cn23z802Edr5r1CSuAnX
mmWNdNodwLVIAT69Danu4J1537+33uTu2EGmJ3oX8bmyAFzMKBKfFdYEB0xTFycD
A9APgSDQVYOv0m2+fNtxlluHCI9yyfOAdVELjSDF9FBRg3kmx6yE4p8wEJwO69j+
aw+klRfzCw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 02:01:12 2024 by rpki-client on console-ams.rpki-client.org