Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/3118E43E966B11EAAA23047CC4F9AE02.roa
File: 3118E43E966B11EAAA23047CC4F9AE02.roa (raw, json)
Hash identifier: gq6V0/TIcAAKvh2pY9bQTg3IwnYpN56MDdlGTWJZ3cM=
Subject key identifier: 38:39:02:37:B4:7C:20:65:41:A2:49:70:ED:51:67:43:DC:78:31:C3
Certificate issuer: /CN=A914C33A/serialNumber=9C81471F18AAEECDF945A7C917FD8A8985D7C3AC
Certificate serial: 2A14
Authority key identifier: 9C:81:47:1F:18:AA:EE:CD:F9:45:A7:C9:17:FD:8A:89:85:D7:C3:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIFHHxiq7s35RafJF_2KiYXXw6w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/3118E43E966B11EAAA23047CC4F9AE02.roa
Signing time: Tue 08 Oct 2024 16:02:32 +0000
ROA not before: Tue 08 Oct 2024 16:02:32 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 7642
IP address blocks: 27.114.128.0/18 maxlen: 18
27.114.128.0/23 maxlen: 24
27.114.130.0/23 maxlen: 24
27.114.132.0/23 maxlen: 24
27.114.134.0/23 maxlen: 24
27.114.136.0/23 maxlen: 24
27.114.138.0/23 maxlen: 24
27.114.140.0/23 maxlen: 24
27.114.142.0/23 maxlen: 24
27.114.144.0/23 maxlen: 24
27.114.146.0/23 maxlen: 24
27.114.148.0/23 maxlen: 24
27.114.150.0/23 maxlen: 24
27.114.152.0/23 maxlen: 24
27.114.154.0/23 maxlen: 24
27.114.156.0/23 maxlen: 24
27.114.158.0/23 maxlen: 24
27.114.160.0/23 maxlen: 24
27.114.162.0/23 maxlen: 24
27.114.164.0/23 maxlen: 24
27.114.166.0/23 maxlen: 24
27.114.168.0/23 maxlen: 24
27.114.170.0/23 maxlen: 24
27.114.172.0/23 maxlen: 24
27.114.174.0/23 maxlen: 24
27.114.176.0/23 maxlen: 24
27.114.178.0/23 maxlen: 24
27.114.180.0/23 maxlen: 24
27.114.182.0/23 maxlen: 24
27.114.184.0/23 maxlen: 24
27.114.186.0/23 maxlen: 24
27.114.188.0/23 maxlen: 24
27.114.190.0/23 maxlen: 24
43.226.220.0/22 maxlen: 24
103.31.84.0/22 maxlen: 24
123.176.0.0/19 maxlen: 24
124.195.192.0/19 maxlen: 19
124.195.192.0/23 maxlen: 24
124.195.194.0/23 maxlen: 24
124.195.196.0/23 maxlen: 24
124.195.198.0/23 maxlen: 24
124.195.200.0/23 maxlen: 24
124.195.202.0/23 maxlen: 24
124.195.204.0/23 maxlen: 24
124.195.206.0/23 maxlen: 24
124.195.208.0/23 maxlen: 24
124.195.210.0/23 maxlen: 24
124.195.212.0/23 maxlen: 24
124.195.214.0/23 maxlen: 24
124.195.216.0/23 maxlen: 24
124.195.218.0/23 maxlen: 24
124.195.220.0/23 maxlen: 24
124.195.222.0/23 maxlen: 24
202.1.192.0/20 maxlen: 24
203.104.24.0/21 maxlen: 21
203.104.24.0/23 maxlen: 24
203.104.26.0/23 maxlen: 24
203.104.28.0/23 maxlen: 24
203.104.30.0/23 maxlen: 24
2406:e400::/32 maxlen: 56
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/nIFHHxiq7s35RafJF_2KiYXXw6w.crl
rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/nIFHHxiq7s35RafJF_2KiYXXw6w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIFHHxiq7s35RafJF_2KiYXXw6w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 15:22:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10772 (0x2a14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914C33A/serialNumber=9C81471F18AAEECDF945A7C917FD8A8985D7C3AC
Validity
Not Before: Oct 8 16:02:32 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67055798-0897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:30:a6:d8:61:14:3f:b0:f3:43:02:ce:4a:27:
99:e5:e8:8d:19:99:9c:d1:bb:5c:91:fd:b2:0d:06:
25:7b:c0:83:88:ac:d8:0f:8e:9f:b1:81:c8:da:47:
df:2a:bf:38:21:93:1e:58:ae:6c:ee:41:99:b5:ab:
77:2f:5c:ce:0e:b2:d9:e5:30:24:14:bc:2a:65:36:
a6:9a:93:c8:f2:6d:5f:cc:13:fb:ef:1f:a3:48:7d:
01:4f:96:3a:28:e6:4e:5a:ba:39:2c:7e:0e:c1:51:
b8:bf:6d:ab:c1:e4:e2:9d:15:5c:64:92:0c:0f:26:
c2:1c:6b:bd:c1:c1:2d:f3:d7:76:52:98:8f:b6:d9:
4a:32:8e:38:94:3e:05:cd:77:25:a2:16:ad:8f:30:
e1:27:58:53:52:5e:77:77:a5:10:81:c2:82:a5:a3:
69:ac:56:69:3f:e0:a1:77:b6:c0:83:32:51:09:92:
9d:dd:df:38:bb:73:c8:41:55:d8:24:9d:a3:63:d5:
d0:b4:72:98:fc:2f:d8:70:bb:0e:ef:2f:55:8c:d3:
fc:17:4a:47:25:16:79:5d:fe:2c:93:49:43:af:4a:
8a:c8:9e:56:84:1f:75:29:5f:3d:77:ac:00:77:8a:
7c:5d:04:4d:6d:19:ba:42:cc:a4:e6:6c:4b:11:86:
84:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:39:02:37:B4:7C:20:65:41:A2:49:70:ED:51:67:43:DC:78:31:C3
X509v3 Authority Key Identifier:
keyid:9C:81:47:1F:18:AA:EE:CD:F9:45:A7:C9:17:FD:8A:89:85:D7:C3:AC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/nIFHHxiq7s35RafJF_2KiYXXw6w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nIFHHxiq7s35RafJF_2KiYXXw6w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914C33A/1D2BD03E2DDB11E49AF61530C4F9AE02/3118E43E966B11EAAA23047CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.114.128.0/18
43.226.220.0/22
103.31.84.0/22
123.176.0.0/19
124.195.192.0/19
202.1.192.0/20
203.104.24.0/21
IPv6:
2406:e400::/32
Signature Algorithm: sha256WithRSAEncryption
40:f5:65:64:be:83:d1:0e:c0:ef:af:9f:c6:f6:c2:4a:73:b0:
78:8f:57:ec:d0:d5:9b:61:09:5b:bf:68:78:80:0c:c7:b1:3a:
07:bd:fc:ff:71:f2:7f:19:91:bb:c2:92:2e:73:7c:25:76:96:
34:95:0b:52:66:4d:49:16:cc:6f:15:76:0c:70:45:33:cf:e4:
32:88:e7:96:2f:81:51:73:29:d8:0f:a2:db:12:8c:2a:e5:f9:
bb:c8:f5:db:a8:7f:d6:f0:cf:a1:b2:7e:6b:8b:e4:14:2b:9a:
47:55:99:a3:26:1f:9d:9f:71:f4:51:4c:69:d5:05:7d:b1:a6:
68:1c:a1:d7:c2:9f:d2:d1:05:2e:e5:a4:e9:21:5b:b4:5b:55:
e7:f2:64:c6:83:f6:67:91:26:32:08:f1:2e:84:c4:77:ae:3c:
47:1f:c0:b9:50:22:e3:06:c9:92:c7:49:59:67:e9:57:c4:b8:
25:e3:50:c4:e4:11:f4:d1:e9:04:dd:56:fa:41:fc:02:96:ac:
7d:6e:9a:46:35:8d:75:19:ab:a6:16:ff:27:64:e8:82:0a:ef:
b5:04:b1:b8:5f:3b:35:27:ea:18:29:f3:32:b2:ba:f3:dd:4c:
0a:89:a3:f4:f5:b8:cb:b0:65:76:cc:e1:39:e0:59:89:83:60:
19:fd:0c:c6
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgICKhQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEMzM0ExMTAvBgNVBAUTKDlDODE0NzFGMThBQUVFQ0RGOTQ1QTdDOTE3RkQ4QTg5
ODVEN0MzQUMwHhcNMjQxMDA4MTYwMjMyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzA1NTc5OC0wODk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAszCm2GEUP7DzQwLOSieZ5eiNGZmc0btckf2yDQYle8CDiKzYD46fsYHI2kff
Kr84IZMeWK5s7kGZtat3L1zODrLZ5TAkFLwqZTammpPI8m1fzBP77x+jSH0BT5Y6
KOZOWro5LH4OwVG4v22rweTinRVcZJIMDybCHGu9wcEt89d2UpiPttlKMo44lD4F
zXclohatjzDhJ1hTUl53d6UQgcKCpaNprFZpP+Chd7bAgzJRCZKd3d84u3PIQVXY
JJ2jY9XQtHKY/C/YcLsO7y9VjNP8F0pHJRZ5Xf4sk0lDr0qKyJ5WhB91KV89d6wA
d4p8XQRNbRm6Qsyk5mxLEYaE5wIDAQABo4ICyDCCAsQwHQYDVR0OBBYEFDg5Aje0
fCBlQaJJcO1RZ0PceDHDMB8GA1UdIwQYMBaAFJyBRx8Yqu7N+UWnyRf9iomF18Os
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QzMzQS8xRDJCRDAzRTJE
REIxMUU0OUFGNjE1MzBDNEY5QUUwMi9uSUZISHhpcTdzMzVSYWZKRl8yS2lZWFh3
NncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25JRkhIeGlxN3MzNVJhZkpGXzJLaVlYWHc2dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEMzM0EvMUQyQkQwM0UyRERCMTFFNDlBRjYxNTMwQzRGOUFFMDIvMzExOEU0M0U5
NjZCMTFFQUFBMjMwNDdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUgYIKwYBBQUHAQcBAf8E
QzBBMDAEAgABMCoDBAYbcoADBAIr4twDBAJnH1QDBAV7sAADBAV8w8ADBATKAcAD
BAPLaBgwDQQCAAIwBwMFACQG5AAwDQYJKoZIhvcNAQELBQADggEBAED1ZWS+g9EO
wO+vn8b2wkpzsHiPV+zQ1ZthCVu/aHiADMexOge9/P9x8n8ZkbvCki5zfCV2ljSV
C1JmTUkWzG8VdgxwRTPP5DKI55YvgVFzKdgPotsSjCrl+bvI9duof9bwz6GyfmuL
5BQrmkdVmaMmH52fcfRRTGnVBX2xpmgcodfCn9LRBS7lpOkhW7RbVefyZMaD9meR
JjII8S6ExHeuPEcfwLlQIuMGyZLHSVln6VfEuCXjUMTkEfTR6QTdVvpB/AKWrH1u
mkY1jXUZq6YW/ydk6IIK77UEsbhfOzUn6hgp8zKyuvPdTAqJo/T1uMuwZXbM4Tng
WYmDYBn9DMY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:49:19 2024 by rpki-client on console-ams.rpki-client.org