Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/FFB3EF94F53C11EEA5B4623BC4F9AE02.roa
File: FFB3EF94F53C11EEA5B4623BC4F9AE02.roa (raw, json)
Hash identifier: /fXh9rRkaaoRPfk33mjMimbuEvetu147WAhHwF4dC9Y=
Subject key identifier: 8D:F7:5B:B7:ED:A5:2C:41:D9:AF:FC:37:46:42:CA:DE:9D:D0:FF:E6
Certificate issuer: /CN=A913C627/serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
Certificate serial: 07E0
Authority key identifier: 6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/FFB3EF94F53C11EEA5B4623BC4F9AE02.roa
Signing time: Thu 29 Aug 2024 04:53:02 +0000
ROA not before: Thu 29 Aug 2024 04:53:02 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 9738
IP address blocks: 61.14.96.0/19 maxlen: 19
61.14.96.0/23 maxlen: 24
61.14.98.0/23 maxlen: 24
61.14.100.0/24 maxlen: 24
61.14.101.0/24 maxlen: 24
61.14.102.0/23 maxlen: 24
61.14.104.0/24 maxlen: 24
61.14.105.0/24 maxlen: 24
61.14.106.0/24 maxlen: 24
61.14.107.0/24 maxlen: 24
61.14.108.0/24 maxlen: 24
61.14.109.0/24 maxlen: 24
61.14.110.0/24 maxlen: 24
61.14.111.0/24 maxlen: 24
61.14.112.0/24 maxlen: 24
61.14.113.0/24 maxlen: 24
61.14.114.0/24 maxlen: 24
61.14.115.0/24 maxlen: 24
61.14.116.0/24 maxlen: 24
61.14.117.0/24 maxlen: 24
61.14.118.0/24 maxlen: 24
61.14.119.0/24 maxlen: 24
61.14.121.0/24 maxlen: 24
61.14.122.0/24 maxlen: 24
61.14.123.0/24 maxlen: 24
61.14.127.0/24 maxlen: 24
103.28.196.0/22 maxlen: 22
103.28.196.0/23 maxlen: 23
103.28.198.0/23 maxlen: 23
202.148.224.0/21 maxlen: 21
202.148.224.0/24 maxlen: 24
202.148.225.0/24 maxlen: 24
202.148.226.0/24 maxlen: 24
202.148.227.0/24 maxlen: 24
202.148.228.0/24 maxlen: 24
202.148.229.0/24 maxlen: 24
202.148.231.0/24 maxlen: 24
202.148.232.0/24 maxlen: 24
202.148.233.0/24 maxlen: 24
202.148.234.0/23 maxlen: 23
202.148.234.0/24 maxlen: 24
202.148.235.0/24 maxlen: 24
202.148.236.0/22 maxlen: 22
202.148.236.0/23 maxlen: 24
202.148.238.0/24 maxlen: 24
202.148.239.0/24 maxlen: 24
203.19.157.0/24 maxlen: 24
210.18.192.0/22 maxlen: 24
210.18.196.0/24 maxlen: 24
210.18.197.0/24 maxlen: 24
210.18.198.0/24 maxlen: 24
210.18.199.0/24 maxlen: 24
210.18.200.0/24 maxlen: 24
210.18.201.0/24 maxlen: 24
210.18.202.0/23 maxlen: 23
210.18.202.0/24 maxlen: 24
210.18.203.0/24 maxlen: 24
210.18.204.0/22 maxlen: 22
210.18.204.0/24 maxlen: 24
210.18.205.0/24 maxlen: 24
210.18.207.0/24 maxlen: 24
210.18.208.0/20 maxlen: 21
210.18.208.0/23 maxlen: 24
210.18.210.0/23 maxlen: 24
210.18.212.0/23 maxlen: 24
210.18.214.0/23 maxlen: 24
210.18.216.0/21 maxlen: 24
210.18.224.0/20 maxlen: 20
210.18.224.0/21 maxlen: 21
210.18.227.0/24 maxlen: 24
210.18.232.0/24 maxlen: 24
210.18.233.0/24 maxlen: 24
210.18.234.0/23 maxlen: 24
210.18.236.0/22 maxlen: 22
210.18.236.0/24 maxlen: 24
210.18.237.0/24 maxlen: 24
210.18.238.0/24 maxlen: 24
210.18.239.0/24 maxlen: 24
210.18.240.0/24 maxlen: 24
210.18.241.0/24 maxlen: 24
210.18.242.0/24 maxlen: 24
210.18.243.0/24 maxlen: 24
210.18.244.0/22 maxlen: 22
210.18.248.0/23 maxlen: 23
210.18.248.0/24 maxlen: 24
210.18.250.0/23 maxlen: 23
210.18.251.0/24 maxlen: 24
210.18.252.0/24 maxlen: 24
210.18.253.0/24 maxlen: 24
210.18.254.0/24 maxlen: 24
210.18.255.0/24 maxlen: 24
2403:c800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.crl
rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:42:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2016 (0x7e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913C627/serialNumber=6FFA5DB159D40A3A172DBC74F5C32B55517979AF
Validity
Not Before: Aug 29 04:53:02 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66cffead-638d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:79:34:8e:88:9d:dd:0a:55:af:8e:89:39:7e:
fc:68:fb:84:f2:f1:fd:1c:c7:b4:43:15:ad:ab:eb:
d2:be:bd:2f:b8:0f:92:0f:26:d3:d6:72:2c:fd:4a:
ec:a5:29:a1:69:03:84:83:9e:af:42:e0:d8:01:72:
20:c2:a8:40:89:63:cf:16:7e:a5:05:44:33:ff:20:
ef:1d:86:9c:46:2c:de:ff:41:3e:11:17:b9:30:db:
ac:fa:23:4a:07:b3:f7:4d:e4:6a:13:2a:f7:bd:d0:
fb:1d:d0:3d:7f:ff:08:fd:50:c5:5c:f0:0b:a1:18:
80:d9:3c:a6:4e:85:c6:60:61:80:f3:59:72:e4:1e:
af:53:11:6c:9d:d1:22:e7:79:cb:bc:5b:0f:e4:a4:
50:93:0a:10:fb:c4:03:fe:d4:a8:d4:21:ad:7f:62:
90:c3:eb:6f:98:5e:29:dd:6f:f6:b9:f9:c3:1c:f8:
a3:9d:70:8d:6d:fe:c8:f2:b7:56:28:34:e0:57:12:
10:74:82:3a:a5:fd:1b:4b:e5:f3:0c:5a:43:60:bb:
73:5f:45:9d:7f:55:67:de:cb:ff:6f:4e:69:bb:e3:
43:88:e5:5e:bd:23:a7:88:89:dc:f3:0d:10:06:eb:
51:b9:09:36:5c:0c:ea:69:71:91:2f:33:77:9b:0b:
40:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F7:5B:B7:ED:A5:2C:41:D9:AF:FC:37:46:42:CA:DE:9D:D0:FF:E6
X509v3 Authority Key Identifier:
keyid:6F:FA:5D:B1:59:D4:0A:3A:17:2D:BC:74:F5:C3:2B:55:51:79:79:AF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/b_pdsVnUCjoXLbx09cMrVVF5ea8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b_pdsVnUCjoXLbx09cMrVVF5ea8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C627/C265C1A4D07D11EA8600986DC4F9AE02/FFB3EF94F53C11EEA5B4623BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.14.96.0/19
103.28.196.0/22
202.148.224.0/20
203.19.157.0/24
210.18.192.0/18
IPv6:
2403:c800::/32
Signature Algorithm: sha256WithRSAEncryption
83:1b:3e:07:b5:34:8f:f7:44:a5:66:5c:9c:1f:ab:3d:6a:f1:
f3:ea:ac:36:c0:9e:2f:83:9f:90:ff:a9:73:0f:96:e0:6c:0f:
96:2f:58:3d:95:2f:0f:bc:d0:59:0f:fc:4d:1d:bd:11:52:5e:
ef:9d:ce:d9:da:28:36:c4:81:1c:2c:43:83:87:ae:ab:a1:c7:
3b:a0:e9:4d:e6:36:5a:09:d5:03:53:86:27:46:09:83:4a:57:
5b:d3:b5:ea:08:c0:65:c0:1a:b1:b7:9e:f0:dc:c3:a6:bc:cc:
64:05:e5:b6:ea:cc:98:d8:b0:2c:93:2d:ad:e8:a9:c2:ac:8a:
10:48:e1:ae:04:9c:14:a2:20:59:20:c0:17:30:01:13:d4:61:
87:8f:0c:68:b6:04:8f:d3:38:2b:fc:ac:5c:36:3d:18:7c:5b:
f9:0d:9d:8b:67:17:e6:1e:c8:e2:14:b3:9e:dd:88:24:86:48:
6e:dc:17:dd:5f:47:9b:8f:39:b6:e7:ba:e6:2c:e7:bd:80:f7:
06:40:2d:c0:69:b4:59:75:6d:12:d7:c8:c5:c4:ef:1a:ce:9e:
5f:52:f7:b5:28:fe:94:a5:c0:34:e0:10:73:46:23:e1:7e:e1:
0b:2f:f9:29:e9:86:f3:54:d6:2c:d5:3a:53:f5:f5:e0:1d:ea:
1b:a2:6b:bd
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICB+AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0M2MjcxMTAvBgNVBAUTKDZGRkE1REIxNTlENDBBM0ExNzJEQkM3NEY1QzMyQjU1
NTE3OTc5QUYwHhcNMjQwODI5MDQ1MzAyWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmNmZmVhZC02MzhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx3k0joid3QpVr46JOX78aPuE8vH9HMe0QxWtq+vSvr0vuA+SDybT1nIs/Urs
pSmhaQOEg56vQuDYAXIgwqhAiWPPFn6lBUQz/yDvHYacRize/0E+ERe5MNus+iNK
B7P3TeRqEyr3vdD7HdA9f/8I/VDFXPALoRiA2TymToXGYGGA81ly5B6vUxFsndEi
53nLvFsP5KRQkwoQ+8QD/tSo1CGtf2KQw+tvmF4p3W/2ufnDHPijnXCNbf7I8rdW
KDTgVxIQdII6pf0bS+XzDFpDYLtzX0Wdf1Vn3sv/b05pu+NDiOVevSOniInc8w0Q
ButRuQk2XAzqaXGRLzN3mwtA3wIDAQABo4ICvDCCArgwHQYDVR0OBBYEFI33W7ft
pSxB2a/8N0ZCyt6d0P/mMB8GA1UdIwQYMBaAFG/6XbFZ1Ao6Fy28dPXDK1VReXmv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzYyNy9DMjY1QzFBNEQw
N0QxMUVBODYwMDk4NkRDNEY5QUUwMi9iX3Bkc1ZuVUNqb1hMYngwOWNNclZWRjVl
YTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JfcGRzVm5VQ2pvWExieDA5Y01yVlZGNWVhOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0M2MjcvQzI2NUMxQTREMDdEMTFFQTg2MDA5ODZEQzRGOUFFMDIvRkZCM0VGOTRG
NTNDMTFFRUE1QjQ2MjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAU9DmADBAJnHMQDBATKlOADBADLE50DBAbSEsAwDQQCAAIw
BwMFACQDyAAwDQYJKoZIhvcNAQELBQADggEBAIMbPge1NI/3RKVmXJwfqz1q8fPq
rDbAni+Dn5D/qXMPluBsD5YvWD2VLw+80FkP/E0dvRFSXu+dztnaKDbEgRwsQ4OH
rquhxzug6U3mNloJ1QNThidGCYNKV1vTteoIwGXAGrG3nvDcw6a8zGQF5bbqzJjY
sCyTLa3oqcKsihBI4a4EnBSiIFkgwBcwARPUYYePDGi2BI/TOCv8rFw2PRh8W/kN
nYtnF+YeyOIUs57diCSGSG7cF91fR5uPObbnuuYs572A9wZALcBptFl1bRLXyMXE
7xrOnl9S97Uo/pSlwDTgEHNGI+F+4Qsv+SnphvNU1izVOlP19eAd6huia70=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:24:07 2024 by rpki-client on console-fra.rpki-client.org