Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/D18121922DF811EF926CC469C4F9AE02.roa
File: D18121922DF811EF926CC469C4F9AE02.roa (raw, json)
Hash identifier: 6/tFS9IPZizdItq2KkHpIreFCYfgIPvPBzrtlqlbjjc=
Subject key identifier: 7C:DC:93:7E:6A:5E:2A:13:00:4C:B3:5F:DC:EA:4D:66:3B:79:85:EA
Certificate issuer: /CN=A912176D/serialNumber=96F42E19F69D596A0318921590A17DD53233E595
Certificate serial: 0762
Authority key identifier: 96:F4:2E:19:F6:9D:59:6A:03:18:92:15:90:A1:7D:D5:32:33:E5:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/D18121922DF811EF926CC469C4F9AE02.roa
Signing time: Wed 02 Oct 2024 22:00:35 +0000
ROA not before: Wed 02 Oct 2024 22:00:35 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 55720
IP address blocks: 14.192.67.0/24 maxlen: 24
14.192.68.0/24 maxlen: 24
14.192.69.0/24 maxlen: 24
43.225.36.0/24 maxlen: 24
43.225.37.0/24 maxlen: 24
43.225.38.0/24 maxlen: 24
43.225.39.0/24 maxlen: 24
43.231.5.0/24 maxlen: 24
43.231.6.0/24 maxlen: 24
43.231.7.0/24 maxlen: 24
45.116.160.0/24 maxlen: 24
45.116.161.0/24 maxlen: 24
45.116.162.0/24 maxlen: 24
45.116.163.0/24 maxlen: 24
45.120.52.0/24 maxlen: 24
45.120.53.0/24 maxlen: 24
45.120.54.0/24 maxlen: 24
45.120.55.0/24 maxlen: 24
61.4.96.0/24 maxlen: 24
61.4.97.0/24 maxlen: 24
61.4.98.0/24 maxlen: 24
61.4.99.0/24 maxlen: 24
61.4.100.0/22 maxlen: 24
61.4.104.0/22 maxlen: 24
61.4.108.0/24 maxlen: 24
61.4.109.0/24 maxlen: 24
61.4.110.0/24 maxlen: 24
61.4.111.0/24 maxlen: 24
103.4.28.0/24 maxlen: 24
103.4.29.0/24 maxlen: 24
103.4.30.0/24 maxlen: 24
103.4.31.0/24 maxlen: 24
103.15.104.0/24 maxlen: 24
103.15.105.0/24 maxlen: 24
103.15.106.0/24 maxlen: 24
103.15.107.0/24 maxlen: 24
103.21.88.0/24 maxlen: 24
103.21.89.0/24 maxlen: 24
103.21.90.0/24 maxlen: 24
103.21.91.0/24 maxlen: 24
103.23.46.0/24 maxlen: 24
103.23.47.0/24 maxlen: 24
103.71.176.0/24 maxlen: 24
103.71.177.0/24 maxlen: 24
103.71.178.0/24 maxlen: 24
103.71.179.0/24 maxlen: 24
103.243.212.0/24 maxlen: 24
103.243.213.0/24 maxlen: 24
103.243.214.0/24 maxlen: 24
103.243.215.0/24 maxlen: 24
103.246.112.0/24 maxlen: 24
103.246.113.0/24 maxlen: 24
103.246.114.0/24 maxlen: 24
103.246.115.0/24 maxlen: 24
118.107.212.0/24 maxlen: 24
118.107.213.0/24 maxlen: 24
118.107.214.0/24 maxlen: 24
118.107.215.0/24 maxlen: 24
118.107.216.0/24 maxlen: 24
118.107.217.0/24 maxlen: 24
118.107.218.0/24 maxlen: 24
118.107.219.0/24 maxlen: 24
118.107.220.0/24 maxlen: 24
118.107.221.0/24 maxlen: 24
118.107.222.0/24 maxlen: 24
118.107.223.0/24 maxlen: 24
150.107.76.0/24 maxlen: 24
150.107.77.0/24 maxlen: 24
150.107.78.0/24 maxlen: 24
150.107.79.0/24 maxlen: 24
202.9.36.0/24 maxlen: 24
202.9.37.0/24 maxlen: 24
202.9.38.0/24 maxlen: 24
202.9.39.0/24 maxlen: 24
202.73.12.0/24 maxlen: 24
202.73.13.0/24 maxlen: 24
202.73.14.0/24 maxlen: 24
202.73.15.0/24 maxlen: 24
202.87.220.0/24 maxlen: 24
202.87.221.0/24 maxlen: 24
202.87.222.0/24 maxlen: 24
202.87.223.0/24 maxlen: 24
223.25.240.0/24 maxlen: 24
223.25.241.0/24 maxlen: 24
223.25.242.0/24 maxlen: 24
223.25.243.0/24 maxlen: 24
223.25.244.0/24 maxlen: 24
223.25.245.0/24 maxlen: 24
223.25.246.0/24 maxlen: 24
223.25.247.0/24 maxlen: 24
2402:9500::/32 maxlen: 32
2402:9500::/48 maxlen: 48
2402:9500:a00::/48 maxlen: 48
2402:9500:b00::/48 maxlen: 48
2402:9500:c00::/48 maxlen: 48
2402:9500:d00::/48 maxlen: 48
2402:9500:1000::/48 maxlen: 48
2402:9500:2000::/48 maxlen: 48
2402:9500:3000::/48 maxlen: 48
2402:9500:4000::/48 maxlen: 48
2402:9500:5000::/48 maxlen: 48
2402:9500:6000::/48 maxlen: 48
2402:9500:7000::/48 maxlen: 48
2402:9500:8000::/48 maxlen: 48
2402:9500:9000::/48 maxlen: 48
2402:9500:e000::/48 maxlen: 48
2402:9500:f000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.crl
rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 17:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1890 (0x762)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912176D/serialNumber=96F42E19F69D596A0318921590A17DD53233E595
Validity
Not Before: Oct 2 22:00:35 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66fdc283-fdcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:dd:00:e8:47:c6:9c:95:08:97:29:a6:cd:93:
20:46:8a:c7:0f:45:84:d4:0c:78:52:bf:20:47:90:
bc:c6:24:84:8e:0f:30:5e:53:8a:0f:3c:e9:1a:ac:
d8:81:bb:b4:06:3e:6e:93:87:34:5a:b3:24:a0:93:
9c:37:57:2b:a5:ba:97:4c:b6:86:e2:33:3c:25:e1:
59:5d:a8:60:ab:66:26:c5:71:7a:19:5d:43:1a:bf:
d8:58:83:ae:88:38:d1:3f:71:14:76:a4:40:28:ca:
5b:dd:b4:5e:35:96:7f:c3:44:97:9a:5e:41:97:42:
d2:b8:09:10:51:a6:89:a9:72:aa:e2:fa:ce:a0:c0:
df:ff:07:66:4c:df:12:8e:f2:57:31:2e:4a:70:66:
8a:94:4e:e1:f5:25:36:5b:0b:bb:e3:b3:e9:c8:59:
6e:c3:eb:64:92:15:1b:94:12:ff:fe:95:85:bd:c0:
d4:b3:3a:61:68:ae:9d:d2:ac:1c:ee:63:f1:94:6b:
6f:89:9a:8a:b2:46:c0:a6:43:94:b9:89:3d:88:89:
9a:b8:79:db:0e:3f:39:02:51:02:37:5a:d8:4b:46:
60:8d:c0:98:5b:98:e2:9f:2e:36:4a:f8:11:51:fb:
5c:63:80:64:c9:51:ce:91:bd:41:7f:98:da:27:80:
4e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:DC:93:7E:6A:5E:2A:13:00:4C:B3:5F:DC:EA:4D:66:3B:79:85:EA
X509v3 Authority Key Identifier:
keyid:96:F4:2E:19:F6:9D:59:6A:03:18:92:15:90:A1:7D:D5:32:33:E5:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/D18121922DF811EF926CC469C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.67.0-14.192.69.255
43.225.36.0/22
43.231.5.0-43.231.7.255
45.116.160.0/22
45.120.52.0/22
61.4.96.0/20
103.4.28.0/22
103.15.104.0/22
103.21.88.0/22
103.23.46.0/23
103.71.176.0/22
103.243.212.0/22
103.246.112.0/22
118.107.212.0-118.107.223.255
150.107.76.0/22
202.9.36.0/22
202.73.12.0/22
202.87.220.0/22
223.25.240.0/21
IPv6:
2402:9500::/32
Signature Algorithm: sha256WithRSAEncryption
3b:05:1c:1e:66:bf:20:d2:25:a8:21:4d:b1:90:2f:1b:a6:e8:
0a:cf:27:86:36:8b:c3:5a:e8:e9:ce:5a:be:6a:66:11:ed:3c:
7f:15:b3:18:42:1b:9b:bc:e5:6d:47:84:d3:89:e6:09:15:f5:
d5:6c:10:75:2c:dc:91:60:03:0f:46:75:d1:da:e2:13:82:b3:
fa:a5:94:4b:b5:1c:e6:a0:8d:e4:ec:f3:2e:7d:c8:91:ff:82:
8f:49:ed:be:f9:ee:cf:84:1b:ca:b2:66:22:c5:5b:0c:ae:6f:
18:f8:10:d6:0b:f9:97:d8:41:bd:4e:d3:3e:61:b0:e3:ad:3f:
cf:b0:43:79:1b:67:79:6b:c4:b0:0c:79:95:0d:97:ab:39:2b:
01:31:03:25:42:74:69:e1:4e:45:1f:88:ff:68:ec:29:bc:6b:
3a:4e:02:60:b5:31:68:5c:36:a6:e0:5c:89:e3:71:7b:ad:64:
5f:1f:18:58:ee:91:6d:f3:ed:ea:88:2e:4a:e8:a1:58:b6:4e:
9f:b2:e2:c0:75:e4:b9:da:fb:3c:58:1e:24:2f:97:4e:c3:3d:
ba:9d:21:e2:43:57:3a:c3:42:18:1e:20:db:98:c4:18:5c:1a:
0c:19:ae:e5:96:b2:e3:0c:f9:40:84:86:56:f2:e4:63:0e:42:
fc:f7:9f:bc
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICB2IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjE3NkQxMTAvBgNVBAUTKDk2RjQyRTE5RjY5RDU5NkEwMzE4OTIxNTkwQTE3REQ1
MzIzM0U1OTUwHhcNMjQxMDAyMjIwMDM1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZkYzI4My1mZGNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwd0A6EfGnJUIlymmzZMgRorHD0WE1Ax4Ur8gR5C8xiSEjg8wXlOKDzzpGqzY
gbu0Bj5uk4c0WrMkoJOcN1crpbqXTLaG4jM8JeFZXahgq2YmxXF6GV1DGr/YWIOu
iDjRP3EUdqRAKMpb3bReNZZ/w0SXml5Bl0LSuAkQUaaJqXKq4vrOoMDf/wdmTN8S
jvJXMS5KcGaKlE7h9SU2Wwu747PpyFluw+tkkhUblBL//pWFvcDUszphaK6d0qwc
7mPxlGtviZqKskbApkOUuYk9iImauHnbDj85AlECN1rYS0ZgjcCYW5jiny42SvgR
UftcY4BkyVHOkb1Bf5jaJ4BOwQIDAQABo4IDLTCCAykwHQYDVR0OBBYEFHzck35q
XioTAEyzX9zqTWY7eYXqMB8GA1UdIwQYMBaAFJb0Lhn2nVlqAxiSFZChfdUyM+WV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMTc2RC85M0QxN0NEMDA2
QTAxMUVCQjQwOTA4NTlDNEY5QUUwMi9sdlF1R2ZhZFdXb0RHSklWa0tGOTFUSXo1
WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2x2UXVHZmFkV1dvREdKSVZrS0Y5MVRJejVaVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjE3NkQvOTNEMTdDRDAwNkEwMTFFQkI0MDkwODU5QzRGOUFFMDIvRDE4MTIxOTIy
REY4MTFFRjkyNkNDNDY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgbYGCCsGAQUFBwEHAQH/
BIGmMIGjMIGRBAIAATCBijAMAwQADsBDAwQBDsBEAwQCK+EkMAwDBAAr5wUDBAMr
5wADBAItdKADBAIteDQDBAQ9BGADBAJnBBwDBAJnD2gDBAJnFVgDBAFnFy4DBAJn
R7ADBAJn89QDBAJn9nAwDAMEAnZr1AMEBXZrwAMEApZrTAMEAsoJJAMEAspJDAME
AspX3AMEA98Z8DANBAIAAjAHAwUAJAKVADANBgkqhkiG9w0BAQsFAAOCAQEAOwUc
Hma/INIlqCFNsZAvG6boCs8nhjaLw1ro6c5avmpmEe08fxWzGEIbm7zlbUeE04nm
CRX11WwQdSzckWADD0Z10driE4Kz+qWUS7Uc5qCN5OzzLn3Ikf+Cj0ntvvnuz4Qb
yrJmIsVbDK5vGPgQ1gv5l9hBvU7TPmGw460/z7BDeRtneWvEsAx5lQ2XqzkrATED
JUJ0aeFORR+I/2jsKbxrOk4CYLUxaFw2puBcieNxe61kXx8YWO6RbfPt6oguSuih
WLZOn7LiwHXkudr7PFgeJC+XTsM9up0h4kNXOsNCGB4g25jEGFwaDBmu5Zay4wz5
QISGVvLkYw5C/PefvA==
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:07:47 2024 by rpki-client on console-ams.rpki-client.org