Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
File: CCF0C1920EBA11ECB2C2867AC4F9AE02.roa (raw, json)
Hash identifier: KqfBVsDqUpi6Gehkl7MGE9iOQaYQus7ncGFqjuoPYkg=
Subject key identifier: 37:74:9E:47:C3:15:93:0D:B3:D1:80:E4:B0:2B:98:D1:7C:ED:AE:01
Certificate issuer: /CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Certificate serial: 2888
Authority key identifier: 90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
Signing time: Mon 03 Feb 2025 06:22:43 +0000
ROA not before: Mon 03 Feb 2025 06:22:43 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 24440
IP address blocks: 36.255.44.0/22 maxlen: 24
43.242.100.0/22 maxlen: 24
58.65.192.0/19 maxlen: 24
61.5.128.0/19 maxlen: 24
101.53.224.0/19 maxlen: 24
103.7.60.0/22 maxlen: 24
103.18.8.0/22 maxlen: 24
103.18.12.0/22 maxlen: 24
103.18.20.0/22 maxlen: 24
103.26.80.0/22 maxlen: 24
103.26.84.0/22 maxlen: 24
103.31.92.0/22 maxlen: 24
103.31.100.0/22 maxlen: 24
103.31.104.0/22 maxlen: 24
103.244.172.0/22 maxlen: 24
103.244.176.0/22 maxlen: 24
103.245.132.0/22 maxlen: 24
103.245.192.0/22 maxlen: 24
119.13.184.0/21 maxlen: 24
124.29.192.0/18 maxlen: 24
175.107.192.0/18 maxlen: 24
202.47.32.0/19 maxlen: 24
202.163.64.0/19 maxlen: 24
202.163.96.0/19 maxlen: 24
203.101.160.0/19 maxlen: 24
218.100.85.0/24 maxlen: 24
2001:4538::/32 maxlen: 32
2001:4538:41::/48 maxlen: 48
2400:adc0:200::/48 maxlen: 48
2400:adc0:4005::/48 maxlen: 48
2400:adc0:4013::/48 maxlen: 48
2400:adc0:4203::/48 maxlen: 48
2400:adc0:4302::/48 maxlen: 48
2400:adc0:4500::/48 maxlen: 48
2400:adc0:4611::/48 maxlen: 48
2400:adc0:4700::/48 maxlen: 48
2400:adc0:4710::/48 maxlen: 48
2400:adc0:4711::/48 maxlen: 48
2400:adc0:c001::/48 maxlen: 48
2400:adc0:c030::/48 maxlen: 48
2400:adc0:c102::/48 maxlen: 48
2400:adc0:c210::/48 maxlen: 48
2400:adc0:c211::/48 maxlen: 48
2400:adc0:c310::/48 maxlen: 48
2400:adc2:100::/48 maxlen: 48
2400:adc2:300::/40 maxlen: 40
2400:adc2:400::/40 maxlen: 40
2400:adc2:600::/40 maxlen: 40
2400:adc2:700::/40 maxlen: 40
2400:adc2:900::/40 maxlen: 40
2400:adc2:a00::/40 maxlen: 40
2400:adc4::/40 maxlen: 40
2400:adc4:100::/40 maxlen: 40
2400:adc4:800::/40 maxlen: 40
2400:adc4:900::/40 maxlen: 40
2400:adc5::/42 maxlen: 42
2400:adc5:40::/42 maxlen: 42
2400:adc5:80::/42 maxlen: 42
2400:adc5:c0::/42 maxlen: 42
2400:adc5:100::/42 maxlen: 42
2400:adc5:140::/42 maxlen: 42
2400:adc5:180::/42 maxlen: 42
2400:adc5:1c0::/42 maxlen: 42
2400:adc5:300::/42 maxlen: 42
2400:adc5:340::/42 maxlen: 42
2400:adc5:380::/42 maxlen: 42
2400:adc5:3c0::/42 maxlen: 42
2400:adc5:400::/42 maxlen: 42
2400:adc5:440::/42 maxlen: 42
2400:adc5:480::/42 maxlen: 42
2400:adc5:4c0::/42 maxlen: 42
2400:adca::/40 maxlen: 40
2400:adca:100::/40 maxlen: 40
2400:addb:800::/40 maxlen: 40
2400:addb:900::/40 maxlen: 40
2400:addd:2800::/40 maxlen: 40
2400:addd:2900::/40 maxlen: 40
2400:adde::/40 maxlen: 40
2400:adde:100::/40 maxlen: 40
2400:addf:800::/40 maxlen: 40
2400:addf:900::/40 maxlen: 40
2400:addf:1000::/40 maxlen: 40
2400:addf:1100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 21 Feb 2025 05:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10376 (0x2888)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150F66
Validity
Not Before: Feb 3 06:22:43 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67a060b2-e294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e5:f8:c0:50:f8:db:ea:a3:ea:22:7e:6c:ed:
b3:34:74:15:6b:3a:35:ec:77:a9:54:43:12:58:36:
7f:21:a3:53:cd:5c:54:72:36:c4:f5:a0:f4:04:bd:
d8:46:30:a1:95:df:0f:f7:31:87:5a:3e:84:f5:35:
ad:55:cb:6f:eb:e5:c1:8d:a8:d4:55:2b:cb:17:2b:
e9:70:c3:7b:9f:99:d0:f4:31:97:6b:4f:a5:35:13:
e1:55:da:fd:12:a8:95:51:60:59:41:df:2b:91:68:
1f:da:bc:d6:28:d1:f4:3c:b2:2e:ba:96:ac:f9:41:
f4:51:ab:35:11:a4:cd:5a:f4:5c:5e:d5:d7:b7:2b:
9b:ac:b1:ef:ec:4f:39:f1:9d:63:78:ff:f7:a1:c7:
bf:fb:f9:81:b1:b1:35:92:e8:4d:4e:d2:5e:2c:d2:
57:92:a2:45:71:9d:a3:56:20:ca:70:7c:75:8c:6f:
3b:3f:fc:da:64:a8:5a:3e:85:3a:f5:d4:d7:dd:86:
3e:04:88:16:e8:18:31:1b:15:4b:fd:2d:f2:c6:2a:
3a:89:29:94:b5:2b:6d:5c:03:05:39:78:60:23:cc:
6b:5b:e4:05:bb:a2:9b:8d:a2:00:79:b1:31:e6:a2:
4e:7d:96:bb:ab:1a:64:b8:5a:04:84:a2:e0:87:6e:
c5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:74:9E:47:C3:15:93:0D:B3:D1:80:E4:B0:2B:98:D1:7C:ED:AE:01
X509v3 Authority Key Identifier:
keyid:90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.44.0/22
43.242.100.0/22
58.65.192.0/19
61.5.128.0/19
101.53.224.0/19
103.7.60.0/22
103.18.8.0/21
103.18.20.0/22
103.26.80.0/21
103.31.92.0/22
103.31.100.0-103.31.107.255
103.244.172.0-103.244.179.255
103.245.132.0/22
103.245.192.0/22
119.13.184.0/21
124.29.192.0/18
175.107.192.0/18
202.47.32.0/19
202.163.64.0/18
203.101.160.0/19
218.100.85.0/24
IPv6:
2001:4538::/32
2400:adc0:200::/48
2400:adc0:4005::/48
2400:adc0:4013::/48
2400:adc0:4203::/48
2400:adc0:4302::/48
2400:adc0:4500::/48
2400:adc0:4611::/48
2400:adc0:4700::/48
2400:adc0:4710::/47
2400:adc0:c001::/48
2400:adc0:c030::/48
2400:adc0:c102::/48
2400:adc0:c210::/47
2400:adc0:c310::/48
2400:adc2:100::/48
2400:adc2:300::-2400:adc2:4ff:ffff:ffff:ffff:ffff:ffff
2400:adc2:600::/39
2400:adc2:900::-2400:adc2:aff:ffff:ffff:ffff:ffff:ffff
2400:adc4::/39
2400:adc4:800::/39
2400:adc5::/39
2400:adc5:300::-2400:adc5:4ff:ffff:ffff:ffff:ffff:ffff
2400:adca::/39
2400:addb:800::/39
2400:addd:2800::/39
2400:adde::/39
2400:addf:800::/39
2400:addf:1000::/39
Signature Algorithm: sha256WithRSAEncryption
4c:7b:6c:6e:bd:07:af:c0:48:fe:e4:d5:c2:c7:93:f3:74:b8:
29:78:74:2b:d8:fc:f0:c0:85:cf:05:ba:a7:95:c5:0c:10:bb:
9c:b7:4e:a7:9b:d8:51:72:a8:fb:03:98:b0:f8:c5:bc:b0:79:
b3:df:37:d9:64:70:a8:38:97:59:b0:ea:1f:39:4f:0c:cc:09:
a9:8a:6d:b9:15:34:86:b6:ac:ce:0b:6e:fd:25:bc:c3:10:5c:
a2:1b:02:5a:d0:46:db:3f:5f:ac:dc:4b:1c:d0:42:36:ee:da:
3c:c6:8d:ce:39:bf:4d:19:6d:93:7f:4a:af:bb:53:60:5f:6a:
dc:a5:c8:92:4f:61:fa:7f:68:62:da:a5:11:5e:65:c7:4f:32:
6a:5f:92:6d:c6:18:f6:90:3d:5d:e8:06:57:94:c6:75:90:b0:
7d:66:f5:b7:3c:6c:f1:35:6f:1f:d1:e3:9e:15:ca:f1:8a:63:
78:01:c2:3d:24:b4:7c:10:e8:e1:c4:1a:e6:af:6e:09:1d:99:
d7:3e:5f:f2:1b:e4:5c:b1:94:51:7b:11:2e:32:c6:65:73:56:
29:7d:59:5b:0f:68:07:97:0e:c5:b3:00:d2:b7:ca:74:57:c7:
5e:b9:90:24:58:19:54:fd:a5:f1:04:38:61:af:8f:3a:0d:52:
8d:f1:f8:66
-----BEGIN CERTIFICATE-----
MIIHITCCBgmgAwIBAgICKIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBGNjYxMTAvBgNVBAUTKDkwMDlFNzQxOTZENDhCMDM5NjRGMUZDNTZDRkU0NDZF
QzUwNDhDRjcwHhcNMjUwMjAzMDYyMjQzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EwNjBiMi1lMjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuuX4wFD42+qj6iJ+bO2zNHQVazo17HepVEMSWDZ/IaNTzVxUcjbE9aD0BL3Y
RjChld8P9zGHWj6E9TWtVctv6+XBjajUVSvLFyvpcMN7n5nQ9DGXa0+lNRPhVdr9
EqiVUWBZQd8rkWgf2rzWKNH0PLIuupas+UH0Uas1EaTNWvRcXtXXtyubrLHv7E85
8Z1jeP/3oce/+/mBsbE1kuhNTtJeLNJXkqJFcZ2jViDKcHx1jG87P/zaZKhaPoU6
9dTX3YY+BIgW6BgxGxVL/S3yxio6iSmUtSttXAMFOXhgI8xrW+QFu6KbjaIAebEx
5qJOfZa7qxpkuFoEhKLgh27FLQIDAQABo4IERTCCBEEwHQYDVR0OBBYEFDd0nkfD
FZMNs9GA5LArmNF87a4BMB8GA1UdIwQYMBaAFJAJ50GW1IsDlk8fxWz+RG7FBIz3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MEY2Ni9CQzFEQzFGNkMx
NzUxMUU0QTJDN0I3NENDNEY5QUUwMi9rQW5uUVpiVWl3T1dUeF9GYlA1RWJzVUVq
UGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBbm5RWmJVaXdPV1R4X0ZiUDVFYnNVRWpQYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBGNjYvQkMxREMxRjZDMTc1MTFFNEEyQzdCNzRDQzRGOUFFMDIvQ0NGMEMxOTIw
RUJBMTFFQ0IyQzI4NjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggHNBggrBgEFBQcBBwEB
/wSCAbwwggG4MIGVBAIAATCBjgMEAiT/LAMEAivyZAMEBTpBwAMEBT0FgAMEBWU1
4AMEAmcHPAMEA2cSCAMEAmcSFAMEA2caUAMEAmcfXDAMAwQCZx9kAwQCZx9oMAwD
BAJn9KwDBAJn9LADBAJn9YQDBAJn9cADBAN3DbgDBAZ8HcADBAava8ADBAXKLyAD
BAbKo0ADBAXLZaADBADaZFUwggEcBAIAAjCCARQDBQAgAUU4AwcAJACtwAIAAwcA
JACtwEAFAwcAJACtwEATAwcAJACtwEIDAwcAJACtwEMCAwcAJACtwEUAAwcAJACt
wEYRAwcAJACtwEcAAwcBJACtwEcQAwcAJACtwMABAwcAJACtwMAwAwcAJACtwMEC
AwcBJACtwMIQAwcAJACtwMMQAwcAJACtwgEAMBADBgAkAK3CAwMGACQArcIEAwYB
JACtwgYwEAMGACQArcIJAwYAJACtwgoDBgEkAK3EAAMGASQArcQIAwYBJACtxQAw
EAMGACQArcUDAwYAJACtxQQDBgEkAK3KAAMGASQArdsIAwYBJACt3SgDBgEkAK3e
AAMGASQArd8IAwYBJACt3xAwDQYJKoZIhvcNAQELBQADggEBAEx7bG69B6/ASP7k
1cLHk/N0uCl4dCvY/PDAhc8FuqeVxQwQu5y3Tqeb2FFyqPsDmLD4xbywebPfN9lk
cKg4l1mw6h85TwzMCamKbbkVNIa2rM4Lbv0lvMMQXKIbAlrQRts/X6zcSxzQQjbu
2jzGjc45v00ZbZN/Sq+7U2BfatylyJJPYfp/aGLapRFeZcdPMmpfkm3GGPaQPV3o
BleUxnWQsH1m9bc8bPE1bx/R454VyvGKY3gBwj0ktHwQ6OHEGuavbgkdmdc+X/Ib
5FyxlFF7ES4yxmVzVil9WVsPaAeXDsWzANK3ynRXx165kCRYGVT9pfEEOGGvjzoN
Uo3x+GY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:50:28 2025 by rpki-client