Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/72D237AEEBA011EC87608210C4F9AE02.roa
File: 72D237AEEBA011EC87608210C4F9AE02.roa (raw, json)
Hash identifier: WUTcAygCDffAr9iKMcmKnoP2d7WKFtnQwjenMar3g40=
Subject key identifier: A0:E4:91:28:E9:41:8D:4A:EA:BF:5C:C6:F2:CB:98:FE:7B:6C:C1:2C
Certificate issuer: /CN=A912442A/serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570
Certificate serial: 02A2
Authority key identifier: 84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/72D237AEEBA011EC87608210C4F9AE02.roa
Signing time: Tue 03 Sep 2024 05:20:25 +0000
ROA not before: Tue 03 Sep 2024 05:20:25 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 38794
IP address blocks: 43.240.112.0/22 maxlen: 24
43.249.56.0/22 maxlen: 24
43.249.60.0/22 maxlen: 24
43.249.64.0/22 maxlen: 24
43.249.68.0/22 maxlen: 24
43.249.104.0/22 maxlen: 24
43.249.108.0/22 maxlen: 24
43.249.112.0/22 maxlen: 24
43.251.204.0/22 maxlen: 24
43.252.180.0/22 maxlen: 24
45.64.88.0/22 maxlen: 24
45.117.208.0/22 maxlen: 24
45.122.48.0/22 maxlen: 24
45.127.60.0/22 maxlen: 24
103.4.228.0/22 maxlen: 24
103.28.240.0/23 maxlen: 24
103.40.132.0/22 maxlen: 24
103.40.136.0/22 maxlen: 24
103.40.140.0/22 maxlen: 24
103.40.144.0/22 maxlen: 24
103.40.148.0/22 maxlen: 24
103.40.180.0/22 maxlen: 24
103.40.184.0/22 maxlen: 24
103.40.188.0/22 maxlen: 24
103.225.24.0/22 maxlen: 24
103.240.60.0/22 maxlen: 24
103.245.112.0/22 maxlen: 24
115.31.128.0/18 maxlen: 24
116.193.144.0/22 maxlen: 24
116.193.148.0/22 maxlen: 24
117.121.208.0/20 maxlen: 24
119.13.24.0/21 maxlen: 24
119.63.64.0/19 maxlen: 24
125.254.52.0/22 maxlen: 24
150.107.220.0/22 maxlen: 24
202.27.110.0/24 maxlen: 24
202.94.240.0/20 maxlen: 24
202.148.176.0/20 maxlen: 24
203.114.68.0/22 maxlen: 24
223.27.192.0/18 maxlen: 24
2001:df0:1e::/48 maxlen: 48
2400:cd00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.crl
rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 30 Nov 2024 01:12:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 674 (0x2a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912442A/serialNumber=8485A39ED6B62128EDF4F99B2C2A811F5C201570
Validity
Not Before: Sep 3 05:20:25 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66d69c99-4579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:97:da:06:1a:47:cc:c6:ae:e6:dd:21:94:89:
ac:69:87:68:a6:02:0e:70:c6:ba:9b:90:a0:aa:bb:
93:92:7f:05:99:fd:84:70:9a:79:84:bb:c3:f6:2a:
fc:b4:55:f2:dc:b9:7c:82:32:c2:fe:70:76:00:5b:
ca:34:21:90:d2:7d:47:ed:37:8c:85:a6:26:43:5d:
0a:b6:8e:84:5e:d6:be:a5:70:13:1c:9f:cd:bf:47:
b9:28:01:84:17:e9:56:79:91:36:c4:60:2a:c7:6c:
3b:cb:14:49:15:fe:7e:2b:53:52:ec:89:b3:58:c7:
7e:3c:80:d6:28:50:90:bd:61:d4:90:28:e4:59:aa:
4f:f0:c5:63:5f:11:af:ac:3f:49:1f:24:7f:fd:67:
c8:3b:3d:e3:06:64:ec:42:54:25:42:97:24:50:2d:
92:4b:da:fd:28:51:27:93:bb:df:1a:79:61:8e:b1:
05:85:0e:08:22:71:c8:21:ee:57:e7:c4:6a:f3:86:
f9:13:39:62:7b:54:a5:b0:fd:8a:d7:7b:63:db:6e:
b5:5b:b1:2e:d6:66:da:e1:4b:3a:ce:07:a8:ef:67:
35:68:19:87:ac:1d:1b:a1:63:82:71:e5:3d:50:45:
da:41:8f:41:b5:dc:6b:b2:40:97:7c:1f:55:28:f7:
70:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:E4:91:28:E9:41:8D:4A:EA:BF:5C:C6:F2:CB:98:FE:7B:6C:C1:2C
X509v3 Authority Key Identifier:
keyid:84:85:A3:9E:D6:B6:21:28:ED:F4:F9:9B:2C:2A:81:1F:5C:20:15:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/hIWjnta2ISjt9PmbLCqBH1wgFXA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIWjnta2ISjt9PmbLCqBH1wgFXA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912442A/20F2CB00EB9C11ECA682120CC4F9AE02/72D237AEEBA011EC87608210C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.112.0/22
43.249.56.0-43.249.71.255
43.249.104.0-43.249.115.255
43.251.204.0/22
43.252.180.0/22
45.64.88.0/22
45.117.208.0/22
45.122.48.0/22
45.127.60.0/22
103.4.228.0/22
103.28.240.0/23
103.40.132.0-103.40.151.255
103.40.180.0-103.40.191.255
103.225.24.0/22
103.240.60.0/22
103.245.112.0/22
115.31.128.0/18
116.193.144.0/21
117.121.208.0/20
119.13.24.0/21
119.63.64.0/19
125.254.52.0/22
150.107.220.0/22
202.27.110.0/24
202.94.240.0/20
202.148.176.0/20
203.114.68.0/22
223.27.192.0/18
IPv6:
2001:df0:1e::/48
2400:cd00::/32
Signature Algorithm: sha256WithRSAEncryption
02:89:3a:54:95:b0:83:dc:f5:0a:6f:da:6f:1e:42:3e:01:bb:
71:c9:a8:1c:5a:ee:09:4e:ca:16:f4:c6:cb:2f:bb:68:f3:4d:
60:b5:59:67:69:af:88:68:ec:97:28:d4:ae:18:a7:6c:83:a3:
73:ce:1c:3e:43:45:54:64:a7:6d:26:e7:c9:95:34:bd:72:f2:
ff:61:3b:10:7d:4c:96:52:c5:38:7c:cb:13:c8:cb:f1:ed:34:
66:31:0a:09:17:f7:ff:47:5c:78:02:02:52:b8:21:53:25:a5:
2c:2f:79:17:36:f1:80:0d:a2:28:3a:c9:ac:e9:75:b8:1d:a3:
09:d2:e3:6b:ec:d5:eb:70:60:fb:1a:bb:9d:1b:7f:63:7d:48:
dd:f6:ef:c1:ce:a2:be:44:7d:9c:dc:99:19:2c:7d:e1:b6:3d:
a4:e1:f9:6c:8e:51:6c:6a:38:ed:0c:8b:8f:91:be:ab:39:22:
5e:88:b2:a6:1d:bd:64:7d:95:08:9d:f1:f5:e8:89:14:0d:fc:
6b:55:ed:22:dc:e9:c3:f9:b5:45:10:0d:6f:d4:90:f8:bf:c6:
05:b6:91:72:7c:68:6e:3b:99:af:d3:26:af:7e:14:72:14:24:
75:d9:86:f2:44:60:e7:ce:fd:79:49:25:05:c1:3e:04:2f:a6:
7f:ce:e2:7b
-----BEGIN CERTIFICATE-----
MIIGUDCCBTigAwIBAgICAqIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjQ0MkExMTAvBgNVBAUTKDg0ODVBMzlFRDZCNjIxMjhFREY0Rjk5QjJDMkE4MTFG
NUMyMDE1NzAwHhcNMjQwOTAzMDUyMDI1WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ2OWM5OS00NTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvJfaBhpHzMau5t0hlImsaYdopgIOcMa6m5CgqruTkn8Fmf2EcJp5hLvD9ir8
tFXy3Ll8gjLC/nB2AFvKNCGQ0n1H7TeMhaYmQ10Kto6EXta+pXATHJ/Nv0e5KAGE
F+lWeZE2xGAqx2w7yxRJFf5+K1NS7ImzWMd+PIDWKFCQvWHUkCjkWapP8MVjXxGv
rD9JHyR//WfIOz3jBmTsQlQlQpckUC2SS9r9KFEnk7vfGnlhjrEFhQ4IInHIIe5X
58Rq84b5Ezlie1SlsP2K13tj2261W7Eu1mba4Us6zgeo72c1aBmHrB0boWOCceU9
UEXaQY9BtdxrskCXfB9VKPdw6wIDAQABo4IDdDCCA3AwHQYDVR0OBBYEFKDkkSjp
QY1K6r9cxvLLmP57bMEsMB8GA1UdIwQYMBaAFISFo57WtiEo7fT5mywqgR9cIBVw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDQyQS8yMEYyQ0IwMEVC
OUMxMUVDQTY4MjEyMENDNEY5QUUwMi9oSVdqbnRhMklTanQ5UG1iTENxQkgxd2dG
WEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hJV2pudGEySVNqdDlQbWJMQ3FCSDF3Z0ZYQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjQ0MkEvMjBGMkNCMDBFQjlDMTFFQ0E2ODIxMjBDQzRGOUFFMDIvNzJEMjM3QUVF
QkEwMTFFQzg3NjA4MjEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgf0GCCsGAQUFBwEHAQH/
BIHtMIHqMIHPBAIAATCByAMEAivwcDAMAwQDK/k4AwQDK/lAMAwDBAMr+WgDBAIr
+XADBAIr+8wDBAIr/LQDBAItQFgDBAItddADBAItejADBAItfzwDBAJnBOQDBAFn
HPAwDAMEAmcohAMEA2cokDAMAwQCZyi0AwQGZyiAAwQCZ+EYAwQCZ/A8AwQCZ/Vw
AwQGcx+AAwQDdMGQAwQEdXnQAwQDdw0YAwQFdz9AAwQCff40AwQClmvcAwQAyhtu
AwQEyl7wAwQEypSwAwQCy3JEAwQG3xvAMBYEAgACMBADBwAgAQ3wAB4DBQAkAM0A
MA0GCSqGSIb3DQEBCwUAA4IBAQACiTpUlbCD3PUKb9pvHkI+AbtxyagcWu4JTsoW
9MbLL7to801gtVlnaa+IaOyXKNSuGKdsg6Nzzhw+Q0VUZKdtJufJlTS9cvL/YTsQ
fUyWUsU4fMsTyMvx7TRmMQoJF/f/R1x4AgJSuCFTJaUsL3kXNvGADaIoOsms6XW4
HaMJ0uNr7NXrcGD7GrudG39jfUjd9u/BzqK+RH2c3JkZLH3htj2k4flsjlFsajjt
DIuPkb6rOSJeiLKmHb1kfZUInfH16IkUDfxrVe0i3OnD+bVFEA1v1JD4v8YFtpFy
fGhuO5mv0yavfhRyFCR12YbyRGDnzv15SSUFwT4EL6Z/zuJ7
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:58:35 2024 by rpki-client on console-ams.rpki-client.org