Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/93AC2C18CF5811ED9DBB075DC4F9AE02.roa
File: 93AC2C18CF5811ED9DBB075DC4F9AE02.roa (raw, json)
Hash identifier: IYRSYMirnI/4f15g7vC8gFyBZd1d5hcclcg3AieMEi8=
Subject key identifier: 06:56:D2:0A:54:70:01:96:14:C4:47:9C:13:B6:87:E4:93:24:A2:24
Certificate issuer: /CN=A9173CE6/serialNumber=33195F96C46D4D285D5BDE4B0B030E38314E8FCB
Certificate serial: 052F
Authority key identifier: 33:19:5F:96:C4:6D:4D:28:5D:5B:DE:4B:0B:03:0E:38:31:4E:8F:CB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/93AC2C18CF5811ED9DBB075DC4F9AE02.roa
Signing time: Tue 04 Jul 2023 23:30:15 +0000
ROA not before: Tue 04 Jul 2023 23:30:15 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 17766
IP address blocks: 43.251.108.0/22 maxlen: 24
103.1.228.0/24 maxlen: 24
103.1.229.0/24 maxlen: 24
103.1.230.0/23 maxlen: 23
103.16.148.0/22 maxlen: 22
103.16.148.0/24 maxlen: 24
103.16.149.0/24 maxlen: 24
116.213.0.0/23 maxlen: 23
116.213.3.0/24 maxlen: 24
116.213.4.0/24 maxlen: 24
116.213.6.0/23 maxlen: 23
116.213.7.0/24 maxlen: 24
116.213.8.0/22 maxlen: 22
116.213.12.0/22 maxlen: 22
116.213.16.0/22 maxlen: 22
124.109.64.0/19 maxlen: 19
150.129.84.0/22 maxlen: 22
150.129.84.0/24 maxlen: 24
202.125.164.0/23 maxlen: 23
202.125.168.0/21 maxlen: 21
202.155.160.0/20 maxlen: 20
203.1.248.0/22 maxlen: 22
203.9.152.0/22 maxlen: 22
203.9.152.0/23 maxlen: 23
203.9.246.0/23 maxlen: 23
203.9.248.0/23 maxlen: 23
203.12.234.0/24 maxlen: 24
203.17.76.0/22 maxlen: 22
203.19.214.0/23 maxlen: 23
203.19.244.0/22 maxlen: 22
203.25.126.0/23 maxlen: 23
203.26.138.0/24 maxlen: 24
203.26.139.0/24 maxlen: 24
203.28.121.0/24 maxlen: 24
203.30.164.0/23 maxlen: 23
203.30.199.0/24 maxlen: 24
203.31.116.0/22 maxlen: 22
203.31.116.0/24 maxlen: 24
203.32.160.0/20 maxlen: 20
203.32.161.0/24 maxlen: 24
203.33.150.0/24 maxlen: 24
203.55.1.0/24 maxlen: 24
203.56.26.0/24 maxlen: 24
203.76.0.0/18 maxlen: 18
203.149.64.0/20 maxlen: 20
203.149.64.0/22 maxlen: 22
203.149.64.0/24 maxlen: 24
203.149.65.0/24 maxlen: 24
203.149.66.0/24 maxlen: 24
203.149.67.0/24 maxlen: 24
203.149.68.0/22 maxlen: 22
203.149.68.0/24 maxlen: 24
203.149.69.0/24 maxlen: 24
203.149.70.0/24 maxlen: 24
203.149.71.0/24 maxlen: 24
203.149.72.0/22 maxlen: 22
203.149.72.0/24 maxlen: 24
203.149.73.0/24 maxlen: 24
203.149.74.0/24 maxlen: 24
203.149.75.0/24 maxlen: 24
203.149.76.0/22 maxlen: 22
203.149.76.0/24 maxlen: 24
203.149.77.0/24 maxlen: 24
203.149.78.0/24 maxlen: 24
203.149.79.0/24 maxlen: 24
203.149.80.0/21 maxlen: 22
203.149.80.0/24 maxlen: 24
203.149.81.0/24 maxlen: 24
203.149.82.0/24 maxlen: 24
203.149.83.0/24 maxlen: 24
203.149.84.0/24 maxlen: 24
203.149.85.0/24 maxlen: 24
203.149.86.0/24 maxlen: 24
203.149.87.0/24 maxlen: 24
210.215.0.0/16 maxlen: 16
210.215.5.0/24 maxlen: 24
210.215.6.0/24 maxlen: 24
210.215.48.0/24 maxlen: 24
210.215.72.0/24 maxlen: 24
210.215.75.0/24 maxlen: 24
210.215.77.0/24 maxlen: 24
210.215.83.0/24 maxlen: 24
210.215.84.0/24 maxlen: 24
210.215.85.0/24 maxlen: 24
210.215.87.0/24 maxlen: 24
210.215.90.0/24 maxlen: 24
210.215.101.0/24 maxlen: 24
210.215.102.0/24 maxlen: 24
210.215.130.0/24 maxlen: 24
210.215.131.0/24 maxlen: 24
210.215.136.0/24 maxlen: 24
210.215.151.0/24 maxlen: 24
2001:db0::/32 maxlen: 32
2001:db0::/36 maxlen: 36
2001:db0:1000::/36 maxlen: 36
2001:db0:2000::/36 maxlen: 36
2001:db0:3000::/36 maxlen: 36
2001:db0:4000::/36 maxlen: 36
2001:db0:5000::/36 maxlen: 36
2001:db0:6000::/36 maxlen: 36
2001:db0:7000::/36 maxlen: 36
2001:db0:8000::/36 maxlen: 36
2001:db0:9000::/36 maxlen: 36
2001:db0:a000::/36 maxlen: 36
2001:db0:b000::/36 maxlen: 36
2001:db0:c000::/36 maxlen: 36
2001:db0:d000::/36 maxlen: 36
2001:db0:e000::/36 maxlen: 36
2001:db0:f000::/36 maxlen: 36
2404:d200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.crl
rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 08 Jun 2024 01:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1327 (0x52f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9173CE6/serialNumber=33195F96C46D4D285D5BDE4B0B030E38314E8FCB
Validity
Not Before: Jul 4 23:30:15 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64a4ab87-8b80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a8:85:2a:8b:82:14:dc:ca:b9:0f:be:ab:ad:
50:c7:94:64:fc:af:55:64:8c:5f:fb:c1:49:cd:0c:
a0:90:94:19:60:bc:f6:a1:1a:3b:e2:82:35:f6:cc:
65:95:4a:5f:da:8a:88:59:35:1d:18:a0:5e:25:59:
93:80:7c:8f:dd:0d:da:82:79:01:f1:9e:88:cf:33:
76:15:40:46:4c:bd:98:8b:ff:e3:1e:ea:45:67:e4:
6f:c1:05:ca:5b:6f:c3:60:25:30:59:c8:61:e3:fd:
2f:81:24:65:23:13:e9:b1:29:31:9b:bc:32:a6:7c:
03:ac:59:11:ec:83:c3:44:bf:53:61:5c:d5:f0:53:
34:c2:c5:c8:35:fe:b7:d9:b8:94:be:8b:bd:b9:1c:
b9:1a:98:5a:a0:bf:50:0c:ba:b3:30:e2:29:f5:b0:
67:4d:b4:e1:32:ad:54:78:6e:3f:00:19:67:e4:10:
1d:03:ed:ba:8d:49:d1:a2:88:97:a0:72:24:01:4b:
b4:14:34:e7:a2:4c:11:38:59:cf:70:a3:50:fa:18:
28:6e:af:2d:fa:13:eb:b4:35:20:c4:91:4a:a2:5b:
db:fd:b2:34:3b:9c:fa:f6:1c:d8:0d:61:8e:6d:35:
3d:c5:7a:ef:3e:d2:84:4b:c0:de:37:75:6e:80:4b:
f6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:56:D2:0A:54:70:01:96:14:C4:47:9C:13:B6:87:E4:93:24:A2:24
X509v3 Authority Key Identifier:
keyid:33:19:5F:96:C4:6D:4D:28:5D:5B:DE:4B:0B:03:0E:38:31:4E:8F:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/MxlflsRtTShdW95LCwMOODFOj8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MxlflsRtTShdW95LCwMOODFOj8s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173CE6/0E8E27807BD011EB85A66980C4F9AE02/93AC2C18CF5811ED9DBB075DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.251.108.0/22
103.1.228.0/22
103.16.148.0/22
116.213.0.0/23
116.213.3.0-116.213.4.255
116.213.6.0-116.213.19.255
124.109.64.0/19
150.129.84.0/22
202.125.164.0/23
202.125.168.0/21
202.155.160.0/20
203.1.248.0/22
203.9.152.0/22
203.9.246.0-203.9.249.255
203.12.234.0/24
203.17.76.0/22
203.19.214.0/23
203.19.244.0/22
203.25.126.0/23
203.26.138.0/23
203.28.121.0/24
203.30.164.0/23
203.30.199.0/24
203.31.116.0/22
203.32.160.0/20
203.33.150.0/24
203.55.1.0/24
203.56.26.0/24
203.76.0.0/18
203.149.64.0-203.149.87.255
210.215.0.0/16
IPv6:
2001:db0::/32
2404:d200::/32
Signature Algorithm: sha256WithRSAEncryption
7c:4d:e9:6c:39:0b:e3:84:ef:9a:d2:a4:89:c9:fa:ba:ba:d6:
15:9d:33:95:7f:b7:8c:bd:6c:74:e3:b0:e9:fc:66:90:7e:87:
96:fe:12:17:be:f6:44:cf:50:e9:35:53:24:1a:f7:e8:36:e3:
73:ab:df:f5:c8:16:ac:36:25:ca:33:a5:b5:c6:a3:87:73:64:
f8:86:96:03:64:08:9f:c5:95:34:50:f1:99:eb:ae:e0:c1:ba:
f7:cf:d9:40:47:0c:34:f2:bf:e1:6e:ba:ea:7a:29:5d:64:85:
69:f9:bd:ca:ea:d6:e0:a5:e4:7a:71:1e:1a:81:50:95:19:f5:
c3:6f:99:82:d1:c8:28:eb:6d:4f:dc:db:18:f1:2e:70:88:b3:
20:1b:55:ee:39:b7:af:69:3b:03:4d:2b:30:95:17:c1:70:97:
9e:cc:b6:48:5a:9c:26:71:f1:07:15:e4:b5:ad:8f:16:7f:ae:
24:1b:19:91:9d:e5:02:7c:af:44:0f:a6:8e:0e:c0:2f:30:23:
c0:7c:5b:54:dd:a9:91:41:cb:76:53:cf:6d:7b:26:35:ba:5e:
4a:ff:46:8e:9c:f3:0b:00:2b:f1:f2:85:ac:54:ce:37:95:90:
cd:28:b7:8e:ca:ac:d6:e8:6a:a1:c6:58:42:ac:ad:21:f5:96:
1c:87:a1:15
-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgICBS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzNDRTYxMTAvBgNVBAUTKDMzMTk1Rjk2QzQ2RDREMjg1RDVCREU0QjBCMDMwRTM4
MzE0RThGQ0IwHhcNMjMwNzA0MjMzMDE1WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE0YWI4Ny04YjgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0KiFKouCFNzKuQ++q61Qx5Rk/K9VZIxf+8FJzQygkJQZYLz2oRo74oI19sxl
lUpf2oqIWTUdGKBeJVmTgHyP3Q3agnkB8Z6IzzN2FUBGTL2Yi//jHupFZ+RvwQXK
W2/DYCUwWchh4/0vgSRlIxPpsSkxm7wypnwDrFkR7IPDRL9TYVzV8FM0wsXINf63
2biUvou9uRy5GphaoL9QDLqzMOIp9bBnTbThMq1UeG4/ABln5BAdA+26jUnRooiX
oHIkAUu0FDTnokwROFnPcKNQ+hgobq8t+hPrtDUgxJFKolvb/bI0O5z69hzYDWGO
bTU9xXrvPtKES8DeN3VugEv26QIDAQABo4IDhDCCA4AwHQYDVR0OBBYEFAZW0gpU
cAGWFMRHnBO2h+STJKIkMB8GA1UdIwQYMBaAFDMZX5bEbU0oXVveSwsDDjgxTo/L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0NFNi8wRThFMjc4MDdC
RDAxMUVCODVBNjY5ODBDNEY5QUUwMi9NeGxmbHNSdFRTaGRXOTVMQ3dNT09ERk9q
OHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL014bGZsc1J0VFNoZFc5NUxDd01PT0RGT2o4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzNDRTYvMEU4RTI3ODA3QkQwMTFFQjg1QTY2OTgwQzRGOUFFMDIvOTNBQzJDMThD
RjU4MTFFRDlEQkIwNzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEMBggrBgEFBQcBBwEB
/wSB/DCB+TCB4AQCAAEwgdkDBAIr+2wDBAJnAeQDBAJnEJQDBAF01QAwDAMEAHTV
AwMEAHTVBDAMAwQBdNUGAwQCdNUQAwQFfG1AAwQCloFUAwQByn2kAwQDyn2oAwQE
ypugAwQCywH4AwQCywmYMAwDBAHLCfYDBAHLCfgDBADLDOoDBALLEUwDBAHLE9YD
BALLE/QDBAHLGX4DBAHLGooDBADLHHkDBAHLHqQDBADLHscDBALLH3QDBATLIKAD
BADLIZYDBADLNwEDBADLOBoDBAbLTAAwDAMEBsuVQAMEA8uVUAMDANLXMBQEAgAC
MA4DBQAgAQ2wAwUAJATSADANBgkqhkiG9w0BAQsFAAOCAQEAfE3pbDkL44TvmtKk
icn6urrWFZ0zlX+3jL1sdOOw6fxmkH6Hlv4SF772RM9Q6TVTJBr36Dbjc6vf9cgW
rDYlyjOltcajh3Nk+IaWA2QIn8WVNFDxmeuu4MG698/ZQEcMNPK/4W666nopXWSF
afm9yurW4KXkenEeGoFQlRn1w2+ZgtHIKOttT9zbGPEucIizIBtV7jm3r2k7A00r
MJUXwXCXnsy2SFqcJnHxBxXkta2PFn+uJBsZkZ3lAnyvRA+mjg7ALzAjwHxbVN2p
kUHLdlPPbXsmNbpeSv9GjpzzCwAr8fKFrFTON5WQzSi3jsqs1uhqocZYQqytIfWW
HIehFQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 02:01:15 2024 by rpki-client on console-ams.rpki-client.org