Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/3CF0117A7DED11EEBBF0314EC4F9AE02.roa
File: 3CF0117A7DED11EEBBF0314EC4F9AE02.roa (raw, json)
Hash identifier: VLfUBA7o7hs3EcME5XCMbtr+2tY5sibGhD3aasdwGMY=
Subject key identifier: 55:75:00:3F:B3:12:0A:EF:CE:7C:2D:68:F8:EF:8E:D7:48:AB:93:ED
Certificate issuer: /CN=A9199197/serialNumber=6835DDFB8438D24BB6C5979316E54891066090A7
Certificate serial: 07CF
Authority key identifier: 68:35:DD:FB:84:38:D2:4B:B6:C5:97:93:16:E5:48:91:06:60:90:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/3CF0117A7DED11EEBBF0314EC4F9AE02.roa
Signing time: Fri 14 Jun 2024 23:12:26 +0000
ROA not before: Fri 14 Jun 2024 23:12:26 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 24560
IP address blocks: 27.56.128.0/20 maxlen: 24
27.56.144.0/20 maxlen: 24
27.56.160.0/19 maxlen: 24
27.57.0.0/16 maxlen: 24
27.58.0.0/16 maxlen: 24
27.62.116.0/24 maxlen: 24
27.62.117.0/24 maxlen: 24
27.63.176.0/20 maxlen: 24
106.200.192.0/18 maxlen: 24
106.201.0.0/16 maxlen: 24
106.202.128.0/17 maxlen: 24
106.203.192.0/18 maxlen: 24
106.205.0.0/18 maxlen: 24
106.205.64.0/18 maxlen: 24
106.212.0.0/17 maxlen: 24
106.212.128.0/17 maxlen: 24
106.213.0.0/17 maxlen: 24
106.214.0.0/16 maxlen: 24
106.215.0.0/17 maxlen: 24
106.219.64.0/19 maxlen: 24
106.219.96.0/20 maxlen: 24
106.219.120.0/22 maxlen: 24
106.219.124.0/22 maxlen: 24
106.219.128.0/21 maxlen: 24
106.219.136.0/22 maxlen: 24
106.219.144.0/20 maxlen: 24
106.219.160.0/20 maxlen: 24
106.219.176.0/21 maxlen: 24
106.222.192.0/18 maxlen: 24
110.224.128.0/17 maxlen: 24
110.225.0.0/16 maxlen: 24
110.226.0.0/16 maxlen: 24
110.227.0.0/16 maxlen: 24
117.96.0.0/16 maxlen: 24
117.97.128.0/18 maxlen: 24
117.98.192.0/20 maxlen: 24
117.98.208.0/21 maxlen: 21
223.177.0.0/16 maxlen: 24
223.178.0.0/17 maxlen: 24
223.178.192.0/18 maxlen: 24
223.179.128.0/19 maxlen: 24
223.181.128.0/18 maxlen: 24
223.182.64.0/18 maxlen: 24
223.182.164.0/22 maxlen: 24
223.182.172.0/22 maxlen: 24
223.182.180.0/22 maxlen: 24
223.182.248.0/21 maxlen: 24
223.184.0.0/17 maxlen: 24
223.185.12.0/22 maxlen: 24
223.185.16.0/20 maxlen: 24
223.185.32.0/19 maxlen: 24
223.185.128.0/21 maxlen: 24
223.185.136.0/21 maxlen: 24
223.185.144.0/20 maxlen: 24
223.185.160.0/20 maxlen: 24
223.185.176.0/20 maxlen: 24
223.190.0.0/17 maxlen: 24
223.190.192.0/18 maxlen: 24
223.224.172.0/23 maxlen: 24
223.226.0.0/16 maxlen: 24
223.229.128.0/17 maxlen: 24
223.230.0.0/16 maxlen: 24
223.233.64.0/18 maxlen: 24
223.235.0.0/16 maxlen: 24
223.236.0.0/16 maxlen: 24
223.239.0.0/16 maxlen: 24
2401:4900:1c00::/41 maxlen: 48
2401:4900:1c80::/41 maxlen: 48
2401:4900:1f20::/44 maxlen: 48
2401:4900:1f30::/44 maxlen: 48
2401:4900:8800::/46 maxlen: 48
2401:4900:8804::/46 maxlen: 48
2401:4900:8808::/46 maxlen: 48
2401:4900:880c::/46 maxlen: 48
2401:4900:8814::/46 maxlen: 48
2401:4900:8818::/46 maxlen: 48
2401:4900:881c::/46 maxlen: 48
2401:4900:8820::/46 maxlen: 48
2401:4900:8824::/46 maxlen: 48
2401:4900:8828::/46 maxlen: 48
2401:4900:882c::/46 maxlen: 48
2401:4900:8830::/46 maxlen: 48
2401:4900:8834::/46 maxlen: 48
2401:4900:8838::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.crl
rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 23 Jun 2024 20:06:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1999 (0x7cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9199197/serialNumber=6835DDFB8438D24BB6C5979316E54891066090A7
Validity
Not Before: Jun 14 23:12:26 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=666cce5a-9675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d2:ac:a2:0a:32:62:36:7c:6a:95:25:fe:4e:
17:2e:a4:b2:71:e9:00:02:e4:78:5f:99:2f:d4:e4:
ee:98:48:49:f1:8b:53:12:c2:ca:b3:f4:3b:f0:02:
19:6e:85:89:72:85:a5:64:79:5d:d2:d7:7f:25:05:
dc:d5:80:8b:38:ac:ed:90:fc:8e:2c:5c:d1:2d:fc:
e6:05:c5:82:97:ab:cc:99:38:9c:8f:8b:2d:b5:bb:
d1:7a:21:dc:0c:b7:b3:5c:14:0f:3e:99:d7:9f:30:
c3:15:ae:8c:5a:88:6f:5f:2b:31:58:1e:20:03:14:
5a:c8:36:ff:57:a1:f4:a6:25:b8:c9:44:43:83:99:
4c:7e:c1:29:0b:b0:eb:0b:8f:f3:61:35:9b:97:52:
b4:05:36:17:93:3e:83:2e:28:f0:78:69:ef:49:44:
8d:00:3b:4b:0d:f2:d6:0c:27:a4:9f:94:90:84:23:
1c:ef:50:a1:e4:4b:53:17:56:40:c2:d1:7e:73:c4:
f5:90:b3:9f:3c:54:0b:10:34:cd:d0:fd:da:e1:6f:
cd:15:d4:19:0e:db:22:a2:cb:96:1e:ab:a9:09:e3:
ec:18:20:ff:f8:77:49:95:29:f5:4e:28:88:73:b5:
27:c6:b0:f9:ae:5d:e4:4f:af:e3:51:41:4f:04:b6:
4e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:75:00:3F:B3:12:0A:EF:CE:7C:2D:68:F8:EF:8E:D7:48:AB:93:ED
X509v3 Authority Key Identifier:
keyid:68:35:DD:FB:84:38:D2:4B:B6:C5:97:93:16:E5:48:91:06:60:90:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/aDXd-4Q40ku2xZeTFuVIkQZgkKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aDXd-4Q40ku2xZeTFuVIkQZgkKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199197/84B2EC98F27D11EA9456EE60C4F9AE02/3CF0117A7DED11EEBBF0314EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.56.128.0/18
27.57.0.0-27.58.255.255
27.62.116.0/23
27.63.176.0/20
106.200.192.0-106.201.255.255
106.202.128.0/17
106.203.192.0/18
106.205.0.0/17
106.212.0.0-106.213.127.255
106.214.0.0-106.215.127.255
106.219.64.0-106.219.111.255
106.219.120.0-106.219.139.255
106.219.144.0-106.219.183.255
106.222.192.0/18
110.224.128.0-110.227.255.255
117.96.0.0/16
117.97.128.0/18
117.98.192.0-117.98.215.255
223.177.0.0-223.178.127.255
223.178.192.0/18
223.179.128.0/19
223.181.128.0/18
223.182.64.0/18
223.182.164.0/22
223.182.172.0/22
223.182.180.0/22
223.182.248.0/21
223.184.0.0/17
223.185.12.0-223.185.63.255
223.185.128.0/18
223.190.0.0/17
223.190.192.0/18
223.224.172.0/23
223.226.0.0/16
223.229.128.0-223.230.255.255
223.233.64.0/18
223.235.0.0-223.236.255.255
223.239.0.0/16
IPv6:
2401:4900:1c00::/40
2401:4900:1f20::/43
2401:4900:8800::/44
2401:4900:8814::-2401:4900:883b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
38:2b:8f:1b:68:f5:cf:b8:51:86:12:d4:e8:fc:74:19:83:99:
11:7c:ad:db:29:13:35:9b:a9:6c:c0:4f:9e:63:69:ef:e9:ce:
aa:33:4b:d8:ab:99:6f:e7:e1:d1:04:fe:27:d2:72:b4:04:6e:
53:61:b2:83:6f:1e:9e:65:d9:6e:3b:b9:db:d0:19:14:b4:73:
d8:60:4d:1d:73:42:0d:c8:c2:90:97:40:88:a4:e5:9b:42:a3:
c4:2b:b6:41:6a:f8:fe:ef:0d:79:61:c1:89:0b:49:4c:eb:c3:
a3:82:86:30:8a:73:72:8a:65:f2:46:69:65:5e:17:d8:f2:de:
36:a3:b2:5e:50:b9:d4:7a:e4:71:df:c7:23:2e:f4:74:9d:d3:
10:88:bf:dd:b8:07:a9:de:8d:cc:7a:34:3a:5d:13:0e:75:dc:
b8:e7:b9:75:d8:39:ef:b2:90:a1:f7:f9:ae:7e:0f:c6:2e:60:
a4:3f:14:f3:d8:0f:f1:f8:42:bd:92:1a:e2:27:f9:38:d3:ca:
c9:b1:66:a7:19:9d:c7:a2:7e:ac:a3:b9:50:cd:fb:da:d9:04:
1d:78:ce:47:fd:86:87:2e:0d:28:3c:4c:c8:ca:6e:da:b3:5b:
3b:bf:f0:49:55:e9:04:84:9f:aa:03:66:fb:af:d7:d9:ba:1b:
b8:2c:ca:c8
-----BEGIN CERTIFICATE-----
MIIG6jCCBdKgAwIBAgICB88wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTkxOTcxMTAvBgNVBAUTKDY4MzVEREZCODQzOEQyNEJCNkM1OTc5MzE2RTU0ODkx
MDY2MDkwQTcwHhcNMjQwNjE0MjMxMjI2WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZjY2U1YS05Njc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5dKsogoyYjZ8apUl/k4XLqSycekAAuR4X5kv1OTumEhJ8YtTEsLKs/Q78AIZ
boWJcoWlZHld0td/JQXc1YCLOKztkPyOLFzRLfzmBcWCl6vMmTicj4sttbvReiHc
DLezXBQPPpnXnzDDFa6MWohvXysxWB4gAxRayDb/V6H0piW4yURDg5lMfsEpC7Dr
C4/zYTWbl1K0BTYXkz6DLijweGnvSUSNADtLDfLWDCekn5SQhCMc71Ch5EtTF1ZA
wtF+c8T1kLOfPFQLEDTN0P3a4W/NFdQZDtsiosuWHqupCePsGCD/+HdJlSn1TiiI
c7UnxrD5rl3kT6/jUUFPBLZO7QIDAQABo4IEDjCCBAowHQYDVR0OBBYEFFV1AD+z
EgrvznwtaPjvjtdIq5PtMB8GA1UdIwQYMBaAFGg13fuEONJLtsWXkxblSJEGYJCn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTE5Ny84NEIyRUM5OEYy
N0QxMUVBOTQ1NkVFNjBDNEY5QUUwMi9hRFhkLTRRNDBrdTJ4WmVURnVWSWtRWmdr
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FEWGQtNFE0MGt1MnhaZVRGdVZJa1FaZ2tLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTkxOTcvODRCMkVDOThGMjdEMTFFQTk0NTZFRTYwQzRGOUFFMDIvM0NGMDExN0E3
REVEMTFFRUJCRjAzMTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggGWBggrBgEFBQcBBwEB
/wSCAYUwggGBMIIBRwQCAAEwggE/AwQGGziAMAoDAwAbOQMDABs6AwQBGz50AwQE
Gz+wMAsDBAZqyMADAwFqyAMEB2rKgAMEBmrLwAMEB2rNADALAwMCatQDBAdq1QAw
CwMDAWrWAwQHatcAMAwDBAZq20ADBARq22AwDAMEA2rbeAMEAmrbiDAMAwQEatuQ
AwQDatuwAwQGat7AMAsDBAdu4IADAwJu4AMDAHVgAwQGdWGAMAwDBAZ1YsADBAN1
YtAwCwMDAN+xAwQH37IAAwQG37LAAwQF37OAAwQG37WAAwQG37ZAAwQC37akAwQC
37asAwQC37a0AwQD37b4AwQH37gAMAwDBALfuQwDBAbfuQADBAbfuYADBAffvgAD
BAbfvsADBAHf4KwDAwDf4jALAwQH3+WAAwMA3+YDBAbf6UAwCgMDAN/rAwMA3+wD
AwDf7zA0BAIAAjAuAwYAJAFJABwDBwUkAUkAHyADBwQkAUkAiAAwEgMHAiQBSQCI
FAMHAiQBSQCIODANBgkqhkiG9w0BAQsFAAOCAQEAOCuPG2j1z7hRhhLU6Px0GYOZ
EXyt2ykTNZupbMBPnmNp7+nOqjNL2KuZb+fh0QT+J9JytARuU2Gyg28enmXZbju5
29AZFLRz2GBNHXNCDcjCkJdAiKTlm0KjxCu2QWr4/u8NeWHBiQtJTOvDo4KGMIpz
copl8kZpZV4X2PLeNqOyXlC51Hrkcd/HIy70dJ3TEIi/3bgHqd6NzHo0Ol0TDnXc
uOe5ddg577KQoff5rn4Pxi5gpD8U89gP8fhCvZIa4if5ONPKybFmpxmdx6J+rKO5
UM372tkEHXjOR/2Ghy4NKDxMyMpu2rNbO7/wSVXpBISfqgNm+6/X2bobuCzKyA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:33:56 2024 by rpki-client on console-fra.rpki-client.org