Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/93069024F98111E9BCD2807EC4F9AE02.roa
File: 93069024F98111E9BCD2807EC4F9AE02.roa (raw, json)
Hash identifier: f0KgeqXa4TbBv8PzEEzWgExvP3I3M91EqIxnBawNp3I=
Subject key identifier: F9:18:75:20:B8:D5:24:BB:28:ED:38:A8:89:23:79:69:E1:B3:49:9B
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 3358
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/93069024F98111E9BCD2807EC4F9AE02.roa
Signing time: Tue 30 Jan 2024 16:12:42 +0000
ROA not before: Tue 30 Jan 2024 16:12:42 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 24203
IP address blocks: 112.215.36.0/24 maxlen: 24
112.215.44.0/24 maxlen: 24
112.215.45.0/24 maxlen: 24
112.215.50.0/24 maxlen: 24
112.215.63.0/24 maxlen: 24
112.215.64.0/24 maxlen: 24
112.215.66.0/24 maxlen: 24
112.215.79.0/24 maxlen: 24
112.215.151.0/24 maxlen: 24
112.215.153.0/24 maxlen: 24
112.215.170.0/24 maxlen: 24
112.215.171.0/24 maxlen: 24
112.215.172.0/24 maxlen: 24
112.215.200.0/24 maxlen: 24
112.215.209.0/24 maxlen: 24
112.215.211.0/24 maxlen: 24
112.215.238.0/24 maxlen: 24
112.215.253.0/24 maxlen: 24
121.52.41.0/24 maxlen: 24
202.152.240.0/24 maxlen: 24
202.152.243.0/24 maxlen: 24
2400:9800:3::/48 maxlen: 48
2400:9800:4::/48 maxlen: 48
2400:9800:5::/48 maxlen: 48
2400:9800:6::/48 maxlen: 48
2400:9800:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 11 May 2024 15:54:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13144 (0x3358)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Validity
Not Before: Jan 30 16:12:42 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=65b91ff9-9c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:98:0e:a6:e3:40:61:5a:38:72:3d:4b:e2:c9:
30:a9:f2:0b:54:d1:d0:d0:22:91:aa:b9:5f:19:c6:
7d:14:9f:2d:37:79:b1:b1:75:30:88:36:14:77:ce:
49:55:2a:10:f9:d3:e3:e9:3e:06:32:db:de:6f:03:
6d:30:2f:b4:39:5e:d4:38:a0:93:6c:bf:d8:1e:cd:
42:de:11:5c:45:9e:66:33:4d:e5:d2:d8:e0:19:1a:
a3:69:77:0f:ce:2d:50:b2:5d:24:aa:91:82:b2:c7:
97:fa:0e:7f:47:18:a8:66:31:bb:dd:2d:87:0e:a9:
51:1b:b4:34:ff:64:00:d4:39:4d:12:f7:61:9c:a2:
7f:b4:20:cb:db:56:6c:4a:ae:0f:24:58:dd:c3:bc:
25:5f:64:1c:59:02:f2:d3:3b:54:48:cd:ea:45:19:
cf:98:02:69:48:cc:08:25:26:ea:7d:47:21:f4:3d:
ea:d4:6d:66:84:f5:c7:ef:87:69:77:42:e1:30:c1:
a7:db:a5:ba:a4:38:28:65:1b:6c:73:31:84:31:f8:
e3:4d:76:57:87:93:8e:d7:93:eb:52:e9:65:08:c4:
af:a6:fd:03:b2:dc:47:99:7b:82:c6:a9:7a:f0:cc:
de:21:84:ea:ff:0d:84:a0:a6:1e:1b:1b:20:76:5c:
4e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:18:75:20:B8:D5:24:BB:28:ED:38:A8:89:23:79:69:E1:B3:49:9B
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/93069024F98111E9BCD2807EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
112.215.36.0/24
112.215.44.0/23
112.215.50.0/24
112.215.63.0-112.215.64.255
112.215.66.0/24
112.215.79.0/24
112.215.151.0/24
112.215.153.0/24
112.215.170.0-112.215.172.255
112.215.200.0/24
112.215.209.0/24
112.215.211.0/24
112.215.238.0/24
112.215.253.0/24
121.52.41.0/24
202.152.240.0/24
202.152.243.0/24
IPv6:
2400:9800:3::-2400:9800:7:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
23:2e:25:34:ea:30:93:51:f5:81:25:0c:06:82:da:a3:cb:c4:
8a:bd:5f:4e:9e:d4:28:6e:f9:e3:91:b1:6f:33:b8:d6:87:43:
a4:0b:11:34:26:9f:92:0a:94:b1:bf:98:43:3c:76:78:87:3e:
41:b7:5b:d6:45:6a:d1:7e:d6:55:c3:e0:6e:5a:d0:07:02:14:
1c:2a:86:74:bf:d0:c2:b0:a6:a6:24:2b:19:8e:d6:4d:64:2d:
fe:63:f8:33:e3:81:04:7e:61:68:b6:60:e1:02:22:5b:27:36:
10:f7:a6:bd:e0:02:f5:1b:f6:28:c1:54:8a:63:76:7b:a8:46:
8a:d3:6e:00:a7:88:69:4c:af:c6:44:91:7c:00:b8:1c:7c:c7:
bb:09:bc:89:2b:84:b1:a8:58:92:7e:08:75:c8:3b:d6:5c:47:
fd:3d:5e:46:8f:3c:08:24:4d:d5:20:d8:64:67:bf:86:09:fe:
13:c7:13:23:56:ac:29:77:3f:e6:04:3a:64:27:26:b1:03:0b:
39:1d:0d:8d:9c:27:e0:cc:2e:ac:c9:58:12:e0:b4:42:bf:59:
58:9a:6b:c4:c0:91:d2:8d:4c:89:ed:e8:70:78:97:5c:9e:3c:
4c:e8:04:ca:7a:03:42:5d:66:7c:27:3a:7e:39:98:e0:b4:ca:
d3:d5:02:99
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgICM1gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjQwMTMwMTYxMjQyWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5MWZmOS05YzI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvZgOpuNAYVo4cj1L4skwqfILVNHQ0CKRqrlfGcZ9FJ8tN3mxsXUwiDYUd85J
VSoQ+dPj6T4GMtvebwNtMC+0OV7UOKCTbL/YHs1C3hFcRZ5mM03l0tjgGRqjaXcP
zi1Qsl0kqpGCsseX+g5/RxioZjG73S2HDqlRG7Q0/2QA1DlNEvdhnKJ/tCDL21Zs
Sq4PJFjdw7wlX2QcWQLy0ztUSM3qRRnPmAJpSMwIJSbqfUch9D3q1G1mhPXH74dp
d0LhMMGn26W6pDgoZRtsczGEMfjjTXZXh5OO15PrUullCMSvpv0DstxHmXuCxql6
8MzeIYTq/w2EoKYeGxsgdlxOEQIDAQABo4IDJDCCAyAwHQYDVR0OBBYEFPkYdSC4
1SS7KO04qIkjeWnhs0mbMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvOTMwNjkwMjRG
OTgxMTFFOUJDRDI4MDdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga0GCCsGAQUFBwEHAQH/
BIGdMIGaMHwEAgABMHYDBABw1yQDBAFw1ywDBABw1zIwDAMEAHDXPwMEAHDXQAME
AHDXQgMEAHDXTwMEAHDXlwMEAHDXmTAMAwQBcNeqAwQAcNesAwQAcNfIAwQAcNfR
AwQAcNfTAwQAcNfuAwQAcNf9AwQAeTQpAwQAypjwAwQAypjzMBoEAgACMBQwEgMH
ACQAmAAAAwMHAyQAmAAAADANBgkqhkiG9w0BAQsFAAOCAQEAIy4lNOowk1H1gSUM
BoLao8vEir1fTp7UKG7545GxbzO41odDpAsRNCafkgqUsb+YQzx2eIc+Qbdb1kVq
0X7WVcPgblrQBwIUHCqGdL/QwrCmpiQrGY7WTWQt/mP4M+OBBH5haLZg4QIiWyc2
EPemveAC9Rv2KMFUimN2e6hGitNuAKeIaUyvxkSRfAC4HHzHuwm8iSuEsahYkn4I
dcg71lxH/T1eRo88CCRN1SDYZGe/hgn+E8cTI1asKXc/5gQ6ZCcmsQMLOR0NjZwn
4MwurMlYEuC0Qr9ZWJprxMCR0o1Mie3ocHiXXJ48TOgEynoDQl1mfCc6fjmY4LTK
09UCmQ==
-----END CERTIFICATE-----
Generated at Sat May 4 16:48:40 2024 by rpki-client on console-ams.rpki-client.org