Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
File: CCF0C1920EBA11ECB2C2867AC4F9AE02.roa (raw, json)
Hash identifier: /HPe3GlQUWgCQecdxS2NpsaJsB9lrRhWuuGPyDpAHGM=
Subject key identifier: 62:E9:FF:22:E0:9D:1E:D8:1A:49:FC:4C:7B:30:30:69:4C:20:EF:33
Certificate issuer: /CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Certificate serial: 2797
Authority key identifier: 90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
Signing time: Wed 17 Apr 2024 05:43:49 +0000
ROA not before: Wed 17 Apr 2024 05:43:49 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 24440
IP address blocks: 36.255.44.0/22 maxlen: 24
43.242.100.0/22 maxlen: 24
58.65.192.0/19 maxlen: 24
61.5.128.0/19 maxlen: 24
101.53.224.0/19 maxlen: 24
103.7.60.0/22 maxlen: 24
103.18.8.0/22 maxlen: 24
103.18.12.0/22 maxlen: 24
103.18.20.0/22 maxlen: 24
103.26.80.0/22 maxlen: 24
103.26.84.0/22 maxlen: 24
103.31.92.0/22 maxlen: 24
103.31.100.0/22 maxlen: 24
103.31.104.0/22 maxlen: 24
103.244.172.0/22 maxlen: 24
103.244.176.0/22 maxlen: 24
103.245.132.0/22 maxlen: 24
103.245.192.0/22 maxlen: 24
119.13.184.0/21 maxlen: 24
124.29.192.0/18 maxlen: 24
175.107.192.0/18 maxlen: 24
202.47.32.0/19 maxlen: 24
202.163.64.0/19 maxlen: 24
202.163.96.0/19 maxlen: 24
203.101.160.0/19 maxlen: 24
218.100.85.0/24 maxlen: 24
2001:4538::/32 maxlen: 32
2001:4538:41::/48 maxlen: 48
2400:adc0:200::/48 maxlen: 48
2400:adc0:4013::/48 maxlen: 48
2400:adc0:4500::/48 maxlen: 48
2400:adc0:4611::/48 maxlen: 48
2400:adc0:4700::/48 maxlen: 48
2400:adc0:4710::/48 maxlen: 48
2400:adc0:4711::/48 maxlen: 48
2400:adc0:c001::/48 maxlen: 48
2400:adc0:c030::/48 maxlen: 48
2400:adc0:c102::/48 maxlen: 48
2400:adc0:c210::/48 maxlen: 48
2400:adc0:c211::/48 maxlen: 48
2400:adc2:300::/40 maxlen: 40
2400:adc2:400::/40 maxlen: 40
2400:adc2:600::/40 maxlen: 40
2400:adc2:700::/40 maxlen: 40
2400:adc2:900::/40 maxlen: 40
2400:adc2:a00::/40 maxlen: 40
2400:adc4::/40 maxlen: 40
2400:adc4:100::/40 maxlen: 40
2400:adc4:800::/40 maxlen: 40
2400:adc4:900::/40 maxlen: 40
2400:adca::/40 maxlen: 40
2400:adca:100::/40 maxlen: 40
2400:addb:800::/40 maxlen: 40
2400:addb:900::/40 maxlen: 40
2400:addd:2800::/40 maxlen: 40
2400:addd:2900::/40 maxlen: 40
2400:adde::/40 maxlen: 40
2400:adde:100::/40 maxlen: 40
2400:addf:800::/40 maxlen: 40
2400:addf:900::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 16:03:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10135 (0x2797)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Validity
Not Before: Apr 17 05:43:49 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=661f6195-0ffc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ec:be:14:90:f4:4a:c5:82:08:d4:6d:5c:6c:
4f:e5:51:76:11:a1:0d:f1:f9:20:5f:37:85:56:0b:
16:9a:a8:f4:fb:98:f0:0a:e2:8f:0b:22:cf:fb:3b:
8b:61:45:6f:be:9a:49:8e:c0:d5:13:b9:cb:27:b7:
08:02:ea:dc:e7:03:c3:b5:db:fe:7e:06:07:ee:a8:
c3:6f:cd:b2:62:1b:70:15:3f:39:77:09:dc:b7:7d:
ea:91:d0:5a:cb:d5:30:df:85:e3:84:2e:9f:a1:39:
57:0c:c9:fe:cb:bf:59:ee:ff:b4:b3:d1:a3:21:5e:
b8:62:47:ef:23:f1:98:b3:29:06:4b:cb:5b:25:9b:
0e:94:9b:0d:0b:60:be:6f:5e:b5:d3:c2:44:66:60:
38:f2:f3:4b:c7:35:a9:d1:1f:f8:65:ab:e6:76:4e:
d8:43:ca:80:9a:49:94:8d:3e:b3:f8:6a:fa:cf:41:
2b:6b:bc:3f:55:cb:85:e3:79:de:c5:83:4e:97:66:
19:a5:e0:6f:52:ce:1b:bb:c5:2d:23:c8:f1:56:f1:
86:75:01:d7:f5:a7:75:36:09:7d:91:20:3b:c8:84:
06:3d:81:37:c2:97:1f:f1:77:be:df:d1:bf:bf:c0:
09:9e:3b:0d:d3:f1:11:ed:0b:4c:fa:12:3a:15:99:
76:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:E9:FF:22:E0:9D:1E:D8:1A:49:FC:4C:7B:30:30:69:4C:20:EF:33
X509v3 Authority Key Identifier:
keyid:90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.44.0/22
43.242.100.0/22
58.65.192.0/19
61.5.128.0/19
101.53.224.0/19
103.7.60.0/22
103.18.8.0/21
103.18.20.0/22
103.26.80.0/21
103.31.92.0/22
103.31.100.0-103.31.107.255
103.244.172.0-103.244.179.255
103.245.132.0/22
103.245.192.0/22
119.13.184.0/21
124.29.192.0/18
175.107.192.0/18
202.47.32.0/19
202.163.64.0/18
203.101.160.0/19
218.100.85.0/24
IPv6:
2001:4538::/32
2400:adc0:200::/48
2400:adc0:4013::/48
2400:adc0:4500::/48
2400:adc0:4611::/48
2400:adc0:4700::/48
2400:adc0:4710::/47
2400:adc0:c001::/48
2400:adc0:c030::/48
2400:adc0:c102::/48
2400:adc0:c210::/47
2400:adc2:300::-2400:adc2:4ff:ffff:ffff:ffff:ffff:ffff
2400:adc2:600::/39
2400:adc2:900::-2400:adc2:aff:ffff:ffff:ffff:ffff:ffff
2400:adc4::/39
2400:adc4:800::/39
2400:adca::/39
2400:addb:800::/39
2400:addd:2800::/39
2400:adde::/39
2400:addf:800::/39
Signature Algorithm: sha256WithRSAEncryption
14:d5:43:23:df:5d:80:88:2f:5e:53:aa:fc:ad:c4:b7:5e:0d:
83:61:6b:12:ad:1b:e2:5f:cf:e1:dd:c4:22:19:60:16:a4:94:
d7:f9:fd:a2:54:fe:8e:75:0c:b0:d4:2a:a4:33:00:b0:1c:89:
10:2e:1f:3d:b9:67:92:5c:42:7f:64:3e:d9:5c:f4:4a:88:d4:
8c:fb:8a:5e:ee:cf:32:1b:a9:94:22:fc:13:e3:4b:5d:5f:1a:
22:fa:88:33:aa:a6:f2:9e:31:f6:18:c2:52:2c:b4:4f:2f:8d:
09:53:9a:ac:58:69:88:0d:b7:73:fd:c4:94:6c:b1:f5:a3:fa:
1d:b4:d7:f3:d2:bf:a3:e7:71:c9:34:27:e4:20:1d:62:46:02:
fe:ed:74:8f:c8:20:73:6d:e7:63:0f:54:77:45:b2:ce:57:83:
e1:a5:ad:e6:04:cc:fa:08:4a:94:34:91:f3:56:f3:16:d6:ae:
9c:bf:4b:fe:af:e9:88:b8:08:ec:48:64:a5:f6:02:be:b3:7d:
b0:b4:ee:61:37:a9:b8:ce:59:03:d6:68:ba:52:d2:cd:15:ab:
f6:78:cc:be:44:96:68:92:e1:68:fc:38:5d:2f:c1:de:e6:1b:
23:20:ec:07:26:e2:93:b2:07:5e:de:0d:4a:2a:c2:66:53:a3:
4c:c4:fe:54
-----BEGIN CERTIFICATE-----
MIIG0DCCBbigAwIBAgICJ5cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBGNjYxMTAvBgNVBAUTKDkwMDlFNzQxOTZENDhCMDM5NjRGMUZDNTZDRkU0NDZF
QzUwNDhDRjcwHhcNMjQwNDE3MDU0MzQ5WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjFmNjE5NS0wZmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwey+FJD0SsWCCNRtXGxP5VF2EaEN8fkgXzeFVgsWmqj0+5jwCuKPCyLP+zuL
YUVvvppJjsDVE7nLJ7cIAurc5wPDtdv+fgYH7qjDb82yYhtwFT85dwnct33qkdBa
y9Uw34XjhC6foTlXDMn+y79Z7v+0s9GjIV64YkfvI/GYsykGS8tbJZsOlJsNC2C+
b16108JEZmA48vNLxzWp0R/4Zavmdk7YQ8qAmkmUjT6z+Gr6z0Era7w/VcuF43ne
xYNOl2YZpeBvUs4bu8UtI8jxVvGGdQHX9ad1Ngl9kSA7yIQGPYE3wpcf8Xe+39G/
v8AJnjsN0/ER7QtM+hI6FZl2qQIDAQABo4ID9DCCA/AwHQYDVR0OBBYEFGLp/yLg
nR7YGkn8THswMGlMIO8zMB8GA1UdIwQYMBaAFJAJ50GW1IsDlk8fxWz+RG7FBIz3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MEY2Ni9CQzFEQzFGNkMx
NzUxMUU0QTJDN0I3NENDNEY5QUUwMi9rQW5uUVpiVWl3T1dUeF9GYlA1RWJzVUVq
UGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBbm5RWmJVaXdPV1R4X0ZiUDVFYnNVRWpQYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBGNjYvQkMxREMxRjZDMTc1MTFFNEEyQzdCNzRDQzRGOUFFMDIvQ0NGMEMxOTIw
RUJBMTFFQ0IyQzI4NjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggF8BggrBgEFBQcBBwEB
/wSCAWswggFnMIGVBAIAATCBjgMEAiT/LAMEAivyZAMEBTpBwAMEBT0FgAMEBWU1
4AMEAmcHPAMEA2cSCAMEAmcSFAMEA2caUAMEAmcfXDAMAwQCZx9kAwQCZx9oMAwD
BAJn9KwDBAJn9LADBAJn9YQDBAJn9cADBAN3DbgDBAZ8HcADBAava8ADBAXKLyAD
BAbKo0ADBAXLZaADBADaZFUwgcwEAgACMIHFAwUAIAFFOAMHACQArcACAAMHACQA
rcBAEwMHACQArcBFAAMHACQArcBGEQMHACQArcBHAAMHASQArcBHEAMHACQArcDA
AQMHACQArcDAMAMHACQArcDBAgMHASQArcDCEDAQAwYAJACtwgMDBgAkAK3CBAMG
ASQArcIGMBADBgAkAK3CCQMGACQArcIKAwYBJACtxAADBgEkAK3ECAMGASQArcoA
AwYBJACt2wgDBgEkAK3dKAMGASQArd4AAwYBJACt3wgwDQYJKoZIhvcNAQELBQAD
ggEBABTVQyPfXYCIL15TqvytxLdeDYNhaxKtG+Jfz+HdxCIZYBaklNf5/aJU/o51
DLDUKqQzALAciRAuHz25Z5JcQn9kPtlc9EqI1Iz7il7uzzIbqZQi/BPjS11fGiL6
iDOqpvKeMfYYwlIstE8vjQlTmqxYaYgNt3P9xJRssfWj+h201/PSv6Pncck0J+Qg
HWJGAv7tdI/IIHNt52MPVHdFss5Xg+GlreYEzPoISpQ0kfNW8xbWrpy/S/6v6Yi4
COxIZKX2Ar6zfbC07mE3qbjOWQPWaLpS0s0Vq/Z4zL5ElmiS4Wj8OF0vwd7mGyMg
7Acm4pOyB17eDUoqwmZTo0zE/lQ=
-----END CERTIFICATE-----
Generated at Thu May 16 18:26:04 2024 by rpki-client on console-fra.rpki-client.org