Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/F42B1508CA5111EBBAD2D42AC4F9AE02.roa
File: F42B1508CA5111EBBAD2D42AC4F9AE02.roa (raw, json)
Hash identifier: F0MncTmtBu3OcPv/6ENIy6dSWfPgWq9Jnkmi3ma24sY=
Subject key identifier: A2:97:D5:AD:CC:1A:E8:BF:40:5D:99:A7:EB:B1:FB:1F:C2:38:CE:6C
Certificate issuer: /CN=A912176D/serialNumber=96F42E19F69D596A0318921590A17DD53233E595
Certificate serial: 06D2
Authority key identifier: 96:F4:2E:19:F6:9D:59:6A:03:18:92:15:90:A1:7D:D5:32:33:E5:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/F42B1508CA5111EBBAD2D42AC4F9AE02.roa
Signing time: Wed 24 Jan 2024 01:08:27 +0000
ROA not before: Wed 24 Jan 2024 01:08:27 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 55720
IP address blocks: 14.192.67.0/24 maxlen: 24
14.192.68.0/24 maxlen: 24
14.192.69.0/24 maxlen: 24
43.225.36.0/24 maxlen: 24
43.225.37.0/24 maxlen: 24
43.225.38.0/24 maxlen: 24
43.225.39.0/24 maxlen: 24
45.116.160.0/24 maxlen: 24
45.116.161.0/24 maxlen: 24
45.116.162.0/24 maxlen: 24
45.116.163.0/24 maxlen: 24
45.120.52.0/24 maxlen: 24
45.120.53.0/24 maxlen: 24
45.120.54.0/24 maxlen: 24
45.120.55.0/24 maxlen: 24
61.4.96.0/24 maxlen: 24
61.4.97.0/24 maxlen: 24
61.4.98.0/24 maxlen: 24
61.4.99.0/24 maxlen: 24
61.4.100.0/22 maxlen: 24
61.4.104.0/22 maxlen: 24
61.4.108.0/24 maxlen: 24
61.4.109.0/24 maxlen: 24
61.4.110.0/24 maxlen: 24
61.4.111.0/24 maxlen: 24
103.4.28.0/24 maxlen: 24
103.4.29.0/24 maxlen: 24
103.4.30.0/24 maxlen: 24
103.4.31.0/24 maxlen: 24
103.21.88.0/24 maxlen: 24
103.21.89.0/24 maxlen: 24
103.21.90.0/24 maxlen: 24
103.21.91.0/24 maxlen: 24
103.23.46.0/24 maxlen: 24
103.23.47.0/24 maxlen: 24
103.71.176.0/24 maxlen: 24
103.71.177.0/24 maxlen: 24
103.71.178.0/24 maxlen: 24
103.71.179.0/24 maxlen: 24
103.243.212.0/24 maxlen: 24
103.243.213.0/24 maxlen: 24
103.243.214.0/24 maxlen: 24
103.243.215.0/24 maxlen: 24
103.246.112.0/24 maxlen: 24
103.246.113.0/24 maxlen: 24
103.246.114.0/24 maxlen: 24
103.246.115.0/24 maxlen: 24
118.107.212.0/24 maxlen: 24
118.107.213.0/24 maxlen: 24
118.107.214.0/24 maxlen: 24
118.107.215.0/24 maxlen: 24
118.107.216.0/24 maxlen: 24
118.107.217.0/24 maxlen: 24
118.107.218.0/24 maxlen: 24
118.107.219.0/24 maxlen: 24
118.107.220.0/24 maxlen: 24
118.107.221.0/24 maxlen: 24
118.107.222.0/24 maxlen: 24
118.107.223.0/24 maxlen: 24
150.107.76.0/24 maxlen: 24
150.107.77.0/24 maxlen: 24
150.107.78.0/24 maxlen: 24
150.107.79.0/24 maxlen: 24
202.9.36.0/24 maxlen: 24
202.9.37.0/24 maxlen: 24
202.9.38.0/24 maxlen: 24
202.9.39.0/24 maxlen: 24
202.73.12.0/24 maxlen: 24
202.73.13.0/24 maxlen: 24
202.73.14.0/24 maxlen: 24
202.73.15.0/24 maxlen: 24
202.87.220.0/24 maxlen: 24
202.87.221.0/24 maxlen: 24
202.87.222.0/24 maxlen: 24
202.87.223.0/24 maxlen: 24
223.25.240.0/24 maxlen: 24
223.25.241.0/24 maxlen: 24
223.25.242.0/24 maxlen: 24
223.25.243.0/24 maxlen: 24
223.25.244.0/24 maxlen: 24
223.25.245.0/24 maxlen: 24
223.25.246.0/24 maxlen: 24
223.25.247.0/24 maxlen: 24
2402:9500::/32 maxlen: 32
2402:9500::/48 maxlen: 48
2402:9500:a00::/48 maxlen: 48
2402:9500:b00::/48 maxlen: 48
2402:9500:c00::/48 maxlen: 48
2402:9500:d00::/48 maxlen: 48
2402:9500:1000::/48 maxlen: 48
2402:9500:2000::/48 maxlen: 48
2402:9500:3000::/48 maxlen: 48
2402:9500:4000::/48 maxlen: 48
2402:9500:5000::/48 maxlen: 48
2402:9500:6000::/48 maxlen: 48
2402:9500:7000::/48 maxlen: 48
2402:9500:8000::/48 maxlen: 48
2402:9500:9000::/48 maxlen: 48
2402:9500:e000::/48 maxlen: 48
2402:9500:f000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.crl
rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 04 Apr 2024 22:49:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1746 (0x6d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912176D/serialNumber=96F42E19F69D596A0318921590A17DD53233E595
Validity
Not Before: Jan 24 01:08:27 2024 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=65b0630b-4f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:13:a0:be:69:69:69:ff:0f:90:25:a7:fb:9b:
16:17:ff:17:95:d4:78:92:ee:58:6c:7d:da:8a:54:
a8:72:ec:1e:ab:7a:01:e6:80:30:42:7f:9a:74:8d:
6a:24:ed:4b:6d:c6:a7:51:2a:a5:a6:15:d2:4e:c6:
6e:53:7d:eb:6e:c3:07:d6:d6:22:54:81:a0:18:f7:
80:b7:75:db:05:7f:f8:36:95:a6:3b:d6:71:5c:af:
22:88:66:3f:4c:5b:47:f3:eb:39:0c:ae:c3:1e:c2:
8b:6a:c3:16:a6:68:e7:77:ec:3a:72:3e:23:d4:f4:
d9:b4:2b:9d:32:c3:39:b9:7c:cc:40:1c:d7:ad:28:
1a:f6:86:b8:f1:02:cc:dc:af:a2:09:8a:01:30:bd:
06:1b:02:49:09:61:7a:0b:ae:db:e1:52:56:79:f1:
0a:f2:c7:74:46:51:cb:17:b9:70:c4:b4:a7:1e:ea:
fa:25:99:f8:34:c4:3a:e9:aa:0a:55:1b:49:15:6d:
b7:a9:4e:14:2f:b2:22:d2:29:dd:71:67:ff:ab:a5:
44:41:66:34:08:83:21:6c:7e:2c:f8:c6:b3:2c:1c:
41:f0:63:80:94:4c:a8:1b:83:46:0e:12:d0:9b:42:
8f:05:02:b4:7e:cb:62:f3:88:ae:15:c1:62:fe:c2:
a0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:97:D5:AD:CC:1A:E8:BF:40:5D:99:A7:EB:B1:FB:1F:C2:38:CE:6C
X509v3 Authority Key Identifier:
keyid:96:F4:2E:19:F6:9D:59:6A:03:18:92:15:90:A1:7D:D5:32:33:E5:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/lvQuGfadWWoDGJIVkKF91TIz5ZU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lvQuGfadWWoDGJIVkKF91TIz5ZU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912176D/93D17CD006A011EBB4090859C4F9AE02/F42B1508CA5111EBBAD2D42AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.67.0-14.192.69.255
43.225.36.0/22
45.116.160.0/22
45.120.52.0/22
61.4.96.0/20
103.4.28.0/22
103.21.88.0/22
103.23.46.0/23
103.71.176.0/22
103.243.212.0/22
103.246.112.0/22
118.107.212.0-118.107.223.255
150.107.76.0/22
202.9.36.0/22
202.73.12.0/22
202.87.220.0/22
223.25.240.0/21
IPv6:
2402:9500::/32
Signature Algorithm: sha256WithRSAEncryption
83:8e:c4:87:fc:ee:ac:22:03:14:4c:c4:78:d8:40:6e:e4:96:
6a:c7:3d:f8:aa:dc:0b:10:4d:0f:96:5e:1b:08:ce:6a:14:17:
f4:1e:7f:41:e2:f9:94:2c:39:9b:11:d2:2b:99:01:cf:e6:81:
f7:33:24:6e:76:fb:9b:a3:05:4d:3a:78:53:39:ce:22:04:1d:
a1:f2:a4:2b:1b:a4:0c:a6:c3:b9:41:45:6f:07:2c:88:89:bb:
85:25:f7:8e:b4:93:cc:e8:10:7d:23:31:db:62:d5:fd:95:44:
77:36:8d:7f:1b:9d:69:42:a7:30:cb:32:e3:47:6c:f3:f0:9a:
b5:0f:8c:a1:b0:fb:da:d8:6b:9d:41:9c:ea:b8:ee:fa:51:63:
50:25:ba:0e:72:86:98:af:6b:9d:e1:57:f8:30:02:14:09:bd:
e4:4f:69:6c:98:d7:49:7c:4c:d8:27:3a:ca:7c:72:f9:1a:1c:
76:c3:23:35:7d:21:59:74:24:90:64:ea:06:de:ab:96:bb:89:
c0:34:77:5c:3c:4c:44:bb:b4:a3:a4:5b:cd:48:d0:e7:20:46:
85:05:4f:44:0a:36:a1:9e:3a:f1:9a:95:ab:16:28:34:be:14:
29:32:21:25:51:05:9b:b1:fb:b9:c6:74:4b:b4:3b:e6:a1:08:
d3:07:32:4b
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgICBtIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjE3NkQxMTAvBgNVBAUTKDk2RjQyRTE5RjY5RDU5NkEwMzE4OTIxNTkwQTE3REQ1
MzIzM0U1OTUwHhcNMjQwMTI0MDEwODI3WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWIwNjMwYi00ZjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxhOgvmlpaf8PkCWn+5sWF/8XldR4ku5YbH3ailSocuweq3oB5oAwQn+adI1q
JO1LbcanUSqlphXSTsZuU33rbsMH1tYiVIGgGPeAt3XbBX/4NpWmO9ZxXK8iiGY/
TFtH8+s5DK7DHsKLasMWpmjnd+w6cj4j1PTZtCudMsM5uXzMQBzXrSga9oa48QLM
3K+iCYoBML0GGwJJCWF6C67b4VJWefEK8sd0RlHLF7lwxLSnHur6JZn4NMQ66aoK
VRtJFW23qU4UL7Ii0indcWf/q6VEQWY0CIMhbH4s+MazLBxB8GOAlEyoG4NGDhLQ
m0KPBQK0fsti84iuFcFi/sKg8wIDAQABo4IDFzCCAxMwHQYDVR0OBBYEFKKX1a3M
Gui/QF2Zp+ux+x/COM5sMB8GA1UdIwQYMBaAFJb0Lhn2nVlqAxiSFZChfdUyM+WV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMTc2RC85M0QxN0NEMDA2
QTAxMUVCQjQwOTA4NTlDNEY5QUUwMi9sdlF1R2ZhZFdXb0RHSklWa0tGOTFUSXo1
WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2x2UXVHZmFkV1dvREdKSVZrS0Y5MVRJejVaVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjE3NkQvOTNEMTdDRDAwNkEwMTFFQkI0MDkwODU5QzRGOUFFMDIvRjQyQjE1MDhD
QTUxMTFFQkJBRDJENDJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaAGCCsGAQUFBwEHAQH/
BIGQMIGNMHwEAgABMHYwDAMEAA7AQwMEAQ7ARAMEAivhJAMEAi10oAMEAi14NAME
BD0EYAMEAmcEHAMEAmcVWAMEAWcXLgMEAmdHsAMEAmfz1AMEAmf2cDAMAwQCdmvU
AwQFdmvAAwQClmtMAwQCygkkAwQCykkMAwQCylfcAwQD3xnwMA0EAgACMAcDBQAk
ApUAMA0GCSqGSIb3DQEBCwUAA4IBAQCDjsSH/O6sIgMUTMR42EBu5JZqxz34qtwL
EE0Pll4bCM5qFBf0Hn9B4vmULDmbEdIrmQHP5oH3MyRudvubowVNOnhTOc4iBB2h
8qQrG6QMpsO5QUVvByyIibuFJfeOtJPM6BB9IzHbYtX9lUR3No1/G51pQqcwyzLj
R2zz8Jq1D4yhsPva2GudQZzquO76UWNQJboOcoaYr2ud4Vf4MAIUCb3kT2lsmNdJ
fEzYJzrKfHL5Ghx2wyM1fSFZdCSQZOoG3quWu4nANHdcPExEu7SjpFvNSNDnIEaF
BU9ECjahnjrxmpWrFig0vhQpMiElUQWbsfu5xnRLtDvmoQjTBzJL
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:49:56 2024 by rpki-client on console-ams.rpki-client.org