Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/3C7D34E6F36511EE833F807DC4F9AE02.roa
File: 3C7D34E6F36511EE833F807DC4F9AE02.roa (raw, json)
Hash identifier: 1YkNohos10QlcvxYjKqUS/S7xlnpNHY3xkI2VV6G6yE=
Subject key identifier: 1C:31:90:B7:57:7C:E8:CE:C3:AF:63:68:54:BF:33:C9:0B:C5:4B:1A
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 42D8
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/3C7D34E6F36511EE833F807DC4F9AE02.roa
Signing time: Fri 05 Apr 2024 19:12:47 +0000
ROA not before: Fri 05 Apr 2024 19:12:47 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 7552
IP address blocks: 27.64.0.0/14 maxlen: 24
27.68.0.0/15 maxlen: 24
27.70.0.0/16 maxlen: 24
27.72.0.0/13 maxlen: 24
103.84.76.0/24 maxlen: 24
115.72.0.0/13 maxlen: 24
116.96.0.0/16 maxlen: 24
116.97.0.0/17 maxlen: 24
116.97.128.0/19 maxlen: 24
116.97.160.0/20 maxlen: 24
116.97.176.0/21 maxlen: 24
116.97.192.0/18 maxlen: 24
116.98.0.0/16 maxlen: 24
116.99.0.0/16 maxlen: 24
116.100.0.0/16 maxlen: 24
116.101.0.0/16 maxlen: 24
116.102.0.0/16 maxlen: 24
116.103.0.0/18 maxlen: 24
116.103.64.0/19 maxlen: 24
116.103.96.0/21 maxlen: 24
116.103.112.0/20 maxlen: 24
116.103.128.0/17 maxlen: 24
116.104.0.0/16 maxlen: 24
116.105.0.0/16 maxlen: 24
116.106.0.0/16 maxlen: 24
116.107.0.0/16 maxlen: 24
116.108.0.0/16 maxlen: 24
116.109.0.0/16 maxlen: 24
116.110.0.0/16 maxlen: 24
116.111.0.0/17 maxlen: 24
116.111.128.0/19 maxlen: 24
116.111.160.0/20 maxlen: 24
116.111.184.0/21 maxlen: 24
117.0.0.0/16 maxlen: 24
117.1.0.0/17 maxlen: 24
117.1.128.0/20 maxlen: 24
117.1.144.0/22 maxlen: 24
117.1.152.0/21 maxlen: 24
117.1.160.0/19 maxlen: 24
117.1.192.0/18 maxlen: 24
117.2.0.0/15 maxlen: 24
117.4.0.0/14 maxlen: 24
125.212.128.0/20 maxlen: 24
125.212.144.0/23 maxlen: 24
125.212.148.0/23 maxlen: 24
125.212.150.0/23 maxlen: 24
125.212.152.0/23 maxlen: 24
125.212.154.0/23 maxlen: 24
125.212.156.0/23 maxlen: 24
125.212.158.0/23 maxlen: 24
125.212.160.0/20 maxlen: 24
125.212.176.0/20 maxlen: 24
125.214.0.0/20 maxlen: 24
125.234.0.0/17 maxlen: 24
125.234.128.0/19 maxlen: 24
125.234.176.0/20 maxlen: 24
125.234.192.0/18 maxlen: 24
125.235.0.0/20 maxlen: 24
125.235.16.0/21 maxlen: 24
125.235.24.0/22 maxlen: 24
125.235.29.0/24 maxlen: 24
125.235.30.0/23 maxlen: 24
125.235.32.0/22 maxlen: 24
125.235.36.0/23 maxlen: 24
125.235.40.0/21 maxlen: 24
125.235.48.0/20 maxlen: 24
125.235.64.0/18 maxlen: 24
125.235.128.0/17 maxlen: 24
171.224.0.0/16 maxlen: 24
171.225.0.0/16 maxlen: 24
171.226.0.0/21 maxlen: 24
171.226.16.0/20 maxlen: 24
171.226.32.0/19 maxlen: 24
171.226.64.0/18 maxlen: 24
171.226.128.0/17 maxlen: 24
171.227.0.0/16 maxlen: 24
171.228.0.0/16 maxlen: 24
171.229.0.0/16 maxlen: 24
171.230.0.0/16 maxlen: 24
171.231.0.0/16 maxlen: 24
171.232.0.0/16 maxlen: 24
171.233.0.0/16 maxlen: 24
171.234.0.0/16 maxlen: 24
171.235.0.0/16 maxlen: 24
171.236.0.0/16 maxlen: 24
171.237.0.0/22 maxlen: 24
171.237.4.0/22 maxlen: 24
171.237.8.0/22 maxlen: 24
171.237.12.0/22 maxlen: 24
171.237.16.0/22 maxlen: 24
171.237.20.0/22 maxlen: 24
171.237.24.0/22 maxlen: 24
171.237.28.0/22 maxlen: 24
171.237.32.0/22 maxlen: 24
171.237.36.0/22 maxlen: 24
171.237.40.0/22 maxlen: 24
171.237.44.0/22 maxlen: 24
171.237.48.0/22 maxlen: 24
171.237.52.0/22 maxlen: 24
171.237.56.0/22 maxlen: 24
171.237.60.0/22 maxlen: 24
171.237.64.0/22 maxlen: 24
171.237.68.0/22 maxlen: 24
171.237.72.0/22 maxlen: 24
171.237.76.0/22 maxlen: 24
171.237.80.0/22 maxlen: 24
171.237.84.0/22 maxlen: 24
171.237.88.0/22 maxlen: 24
171.237.92.0/22 maxlen: 24
171.237.96.0/22 maxlen: 24
171.237.100.0/22 maxlen: 24
171.237.104.0/22 maxlen: 24
171.237.108.0/22 maxlen: 24
171.237.112.0/22 maxlen: 24
171.237.116.0/22 maxlen: 24
171.237.120.0/22 maxlen: 24
171.237.124.0/22 maxlen: 24
171.237.132.0/22 maxlen: 24
171.237.136.0/22 maxlen: 24
171.237.140.0/22 maxlen: 24
171.237.144.0/22 maxlen: 24
171.237.148.0/22 maxlen: 24
171.237.152.0/22 maxlen: 24
171.237.156.0/22 maxlen: 24
171.237.160.0/22 maxlen: 24
171.237.164.0/22 maxlen: 24
171.237.168.0/22 maxlen: 24
171.237.172.0/22 maxlen: 24
171.237.180.0/22 maxlen: 24
171.237.184.0/22 maxlen: 24
171.237.188.0/22 maxlen: 24
171.237.192.0/22 maxlen: 24
171.237.196.0/22 maxlen: 24
171.237.200.0/22 maxlen: 24
171.237.204.0/22 maxlen: 24
171.237.208.0/22 maxlen: 24
171.237.212.0/22 maxlen: 24
171.237.216.0/22 maxlen: 24
171.237.220.0/22 maxlen: 24
171.237.224.0/22 maxlen: 24
171.237.228.0/22 maxlen: 24
171.237.232.0/22 maxlen: 24
171.237.236.0/22 maxlen: 24
171.237.240.0/22 maxlen: 24
171.237.244.0/22 maxlen: 24
171.237.248.0/22 maxlen: 24
171.237.252.0/22 maxlen: 24
171.238.0.0/16 maxlen: 24
171.239.0.0/16 maxlen: 24
171.240.0.0/16 maxlen: 24
171.241.0.0/16 maxlen: 24
171.242.0.0/16 maxlen: 24
171.243.0.0/16 maxlen: 24
171.244.208.0/20 maxlen: 24
171.245.0.0/16 maxlen: 24
171.246.0.0/16 maxlen: 24
171.247.0.0/16 maxlen: 24
171.248.0.0/16 maxlen: 24
171.249.0.0/16 maxlen: 24
171.250.0.0/16 maxlen: 24
171.251.0.0/16 maxlen: 24
171.252.0.0/16 maxlen: 24
171.253.0.0/16 maxlen: 24
171.254.0.0/16 maxlen: 24
171.255.0.0/16 maxlen: 24
203.113.128.0/19 maxlen: 24
203.113.160.0/21 maxlen: 24
203.113.168.0/22 maxlen: 24
203.113.176.0/20 maxlen: 24
203.190.160.0/23 maxlen: 24
203.190.162.0/23 maxlen: 24
203.190.164.0/23 maxlen: 24
203.190.170.0/23 maxlen: 24
203.190.172.0/23 maxlen: 24
203.190.175.0/24 maxlen: 24
220.231.64.0/24 maxlen: 24
220.231.66.0/23 maxlen: 24
220.231.68.0/22 maxlen: 24
220.231.72.0/21 maxlen: 24
220.231.80.0/20 maxlen: 24
220.231.96.0/20 maxlen: 24
220.231.112.0/21 maxlen: 24
220.231.120.0/22 maxlen: 24
2401:d800::/32 maxlen: 48
2402:800::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 14:37:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17112 (0x42d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Apr 5 19:12:47 2024 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=66104d2f-94b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c4:14:f8:a2:2d:06:07:f0:54:5a:21:47:0c:
b4:5f:89:c1:d1:13:2a:0a:ab:2d:f6:99:ac:31:f6:
7e:97:4a:c5:1f:3b:6c:e6:3c:25:79:a9:9a:be:d2:
3d:a8:a3:a9:a9:0a:c5:64:28:ed:d7:e3:58:a1:d3:
ac:ea:e4:aa:7b:9a:83:8b:ac:24:4e:0d:b0:c1:2e:
9c:7c:3e:ef:01:f1:18:39:af:ee:d7:47:55:bc:c7:
a9:1a:04:8d:e6:72:e1:1e:20:9c:72:30:df:30:8f:
ac:8d:c1:60:c1:10:77:41:54:2c:64:d1:6b:d9:51:
e9:f0:2b:52:ee:e6:13:91:d0:ac:c4:12:82:e4:26:
c8:f0:83:ca:b6:61:b3:5e:41:20:0c:fc:54:2a:9e:
0f:7d:aa:a5:fa:fa:e9:21:cb:3e:82:36:84:81:51:
31:ee:64:15:79:20:7e:a8:db:0c:ed:d9:5f:3e:ea:
77:98:96:41:4a:a4:41:6e:04:d0:a1:53:61:24:b9:
03:a6:7f:bb:d7:8b:5b:ba:9a:e9:35:96:e5:83:e2:
21:8a:c8:a9:80:b3:f3:c8:d0:bd:df:f4:67:f8:38:
dd:97:1c:b3:ef:f2:4e:ba:5b:07:13:0c:f6:82:27:
8d:3d:40:18:6a:2f:85:6a:1e:4b:b6:98:56:6c:d2:
40:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:31:90:B7:57:7C:E8:CE:C3:AF:63:68:54:BF:33:C9:0B:C5:4B:1A
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/3C7D34E6F36511EE833F807DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.64.0.0-27.70.255.255
27.72.0.0/13
103.84.76.0/24
115.72.0.0/13
116.96.0.0-116.97.183.255
116.97.192.0-116.103.103.255
116.103.112.0-116.111.175.255
116.111.184.0/21
117.0.0.0-117.1.147.255
117.1.152.0-117.7.255.255
125.212.128.0-125.212.145.255
125.212.148.0-125.212.191.255
125.214.0.0/20
125.234.0.0-125.234.159.255
125.234.176.0-125.235.27.255
125.235.29.0-125.235.37.255
125.235.40.0-125.235.255.255
171.224.0.0-171.226.7.255
171.226.16.0-171.237.127.255
171.237.132.0-171.237.175.255
171.237.180.0-171.243.255.255
171.244.208.0/20
171.245.0.0-171.255.255.255
203.113.128.0-203.113.171.255
203.113.176.0/20
203.190.160.0-203.190.165.255
203.190.170.0-203.190.173.255
203.190.175.0/24
220.231.64.0/24
220.231.66.0-220.231.123.255
IPv6:
2401:d800::/32
2402:800::/32
Signature Algorithm: sha256WithRSAEncryption
20:01:36:86:10:e0:52:f6:0a:9a:3c:91:a8:3e:86:10:4f:48:
d4:7c:6c:db:08:d0:22:9d:4b:62:aa:e7:49:6e:4d:7c:f1:34:
7b:19:60:14:ba:53:f4:20:da:ce:81:00:7f:fa:7c:c4:5b:3b:
c5:ec:f9:70:5a:73:4f:da:97:df:03:77:a7:77:e3:db:f8:76:
1f:0d:92:9e:cc:0c:86:f6:d4:7c:4c:d6:7f:7e:fe:61:40:14:
a3:ac:4d:cf:c0:97:ff:59:e6:ab:af:0a:69:b4:62:d0:67:66:
6e:99:c8:02:2b:f8:e8:89:0c:83:f6:bb:a4:c9:9b:3a:8f:78:
af:c4:e2:53:25:a3:ef:9b:f4:11:25:71:4a:08:c9:fc:94:09:
da:a7:d5:f7:f5:10:41:6c:d9:91:f8:3e:4f:95:93:4c:99:bb:
05:b0:cc:09:0e:b7:5b:95:96:0f:8c:04:f6:bb:cf:11:e6:75:
2d:93:48:0b:fd:bd:b6:c7:51:ea:16:c0:e8:0a:ad:c4:29:d5:
9f:ed:9f:d1:81:77:1f:3f:c1:a3:c1:73:8a:60:83:c6:f1:df:
e3:03:e8:13:a5:4d:43:68:2b:31:f8:80:7b:d9:0a:f2:55:1a:
45:88:01:dd:3a:d1:1b:9b:b9:bf:11:4a:9c:48:1b:fb:65:a0:
2a:dc:8f:f0
-----BEGIN CERTIFICATE-----
MIIG2DCCBcCgAwIBAgICQtgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwNDA1MTkxMjQ3WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjEwNGQyZi05NGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs8QU+KItBgfwVFohRwy0X4nB0RMqCqst9pmsMfZ+l0rFHzts5jwleamavtI9
qKOpqQrFZCjt1+NYodOs6uSqe5qDi6wkTg2wwS6cfD7vAfEYOa/u10dVvMepGgSN
5nLhHiCccjDfMI+sjcFgwRB3QVQsZNFr2VHp8CtS7uYTkdCsxBKC5CbI8IPKtmGz
XkEgDPxUKp4Pfaql+vrpIcs+gjaEgVEx7mQVeSB+qNsM7dlfPup3mJZBSqRBbgTQ
oVNhJLkDpn+714tbuprpNZblg+IhisipgLPzyNC93/Rn+Djdlxyz7/JOulsHEwz2
gieNPUAYai+Fah5LtphWbNJA5wIDAQABo4ID/DCCA/gwHQYDVR0OBBYEFBwxkLdX
fOjOw69jaFS/M8kLxUsaMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvM0M3RDM0RTZG
MzY1MTFFRTgzM0Y4MDdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggGEBggrBgEFBQcBBwEB
/wSCAXMwggFvMIIBVQQCAAEwggFNMAoDAwYbQAMDABtGAwMDG0gDBABnVEwDAwNz
SDALAwMFdGADBAN0YbAwDAMEBnRhwAMEA3RnYDAMAwQEdGdwAwQEdG+gAwQDdG+4
MAoDAgB1AwQCdQGQMAsDBAN1AZgDAwN1ADAMAwQHfdSAAwQBfdSQMAwDBAJ91JQD
BAZ91IADBAR91gAwCwMDAX3qAwQFfeqAMAwDBAR96rADBAJ96xgwDAMEAH3rHQME
AX3rJDALAwQDfesoAwMCfegwCwMDBavgAwQDq+IAMAwDBASr4hADBAer7QAwDAME
AqvthAMEBKvtoDALAwQCq+20AwMCq/ADBASr9NAwCQMDAKv1AwICqDAMAwQHy3GA
AwQCy3GoAwQEy3GwMAwDBAXLvqADBAHLvqQwDAMEAcu+qgMEAcu+rAMEAMu+rwME
ANznQDAMAwQB3OdCAwQC3Od4MBQEAgACMA4DBQAkAdgAAwUAJAIIADANBgkqhkiG
9w0BAQsFAAOCAQEAIAE2hhDgUvYKmjyRqD6GEE9I1Hxs2wjQIp1LYqrnSW5NfPE0
exlgFLpT9CDazoEAf/p8xFs7xez5cFpzT9qX3wN3p3fj2/h2Hw2SnswMhvbUfEzW
f37+YUAUo6xNz8CX/1nmq68KabRi0GdmbpnIAiv46IkMg/a7pMmbOo94r8TiUyWj
75v0ESVxSgjJ/JQJ2qfV9/UQQWzZkfg+T5WTTJm7BbDMCQ63W5WWD4wE9rvPEeZ1
LZNIC/29tsdR6hbA6AqtxCnVn+2f0YF3Hz/Bo8FzimCDxvHf4wPoE6VNQ2grMfiA
e9kK8lUaRYgB3TrRG5u5vxFKnEgb+2WgKtyP8A==
-----END CERTIFICATE-----
Generated at Fri May 31 16:41:40 2024 by rpki-client on console-ams.rpki-client.org