Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/8B0DCAFCA07811EEB25C0B54C4F9AE02.roa
File: 8B0DCAFCA07811EEB25C0B54C4F9AE02.roa (raw, json)
Hash identifier: mt8ZR3hXkXW7Czz/m/gc3AumWydWg75uW6zXvIFc8qM=
Subject key identifier: 48:67:2C:17:33:9F:05:E4:82:13:53:65:FB:F4:F5:7A:8E:DA:10:99
Certificate issuer: /CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Certificate serial: 08FF
Authority key identifier: 39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/8B0DCAFCA07811EEB25C0B54C4F9AE02.roa
Signing time: Mon 01 Apr 2024 14:40:16 +0000
ROA not before: Mon 01 Apr 2024 14:40:16 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 132203
IP address blocks: 43.128.222.0/23 maxlen: 23
43.130.0.0/17 maxlen: 24
43.130.128.0/18 maxlen: 24
43.131.0.0/18 maxlen: 24
43.131.224.0/19 maxlen: 24
43.132.68.0/24 maxlen: 24
43.132.96.0/19 maxlen: 24
43.132.128.0/17 maxlen: 24
43.134.0.0/18 maxlen: 18
43.134.64.0/18 maxlen: 18
43.135.58.0/24 maxlen: 24
43.135.187.0/24 maxlen: 24
43.152.96.0/19 maxlen: 24
43.152.192.0/19 maxlen: 19
43.152.224.0/19 maxlen: 19
43.153.0.0/18 maxlen: 18
43.153.64.0/18 maxlen: 18
43.153.128.0/18 maxlen: 18
43.153.164.0/24 maxlen: 24
43.153.187.0/24 maxlen: 24
43.153.192.0/18 maxlen: 18
43.153.250.0/23 maxlen: 23
43.154.0.0/18 maxlen: 18
43.154.64.0/18 maxlen: 18
43.154.128.0/18 maxlen: 18
43.154.192.0/18 maxlen: 18
43.155.0.0/17 maxlen: 18
43.155.127.0/24 maxlen: 24
43.155.128.0/17 maxlen: 18
43.156.0.0/18 maxlen: 18
43.156.64.0/18 maxlen: 18
43.156.128.0/18 maxlen: 18
43.156.192.0/18 maxlen: 18
43.156.252.0/24 maxlen: 24
43.156.254.0/24 maxlen: 24
43.157.0.0/17 maxlen: 24
43.157.128.0/18 maxlen: 24
43.157.192.0/18 maxlen: 24
43.158.0.0/16 maxlen: 16
43.158.0.0/17 maxlen: 24
43.158.128.0/18 maxlen: 24
43.158.192.0/18 maxlen: 24
43.159.0.0/16 maxlen: 16
43.159.0.0/20 maxlen: 24
43.159.16.0/20 maxlen: 24
43.159.32.0/19 maxlen: 24
43.159.76.0/24 maxlen: 24
43.159.128.0/18 maxlen: 24
43.159.192.0/18 maxlen: 24
43.160.0.0/16 maxlen: 24
43.161.0.0/17 maxlen: 24
43.161.128.0/17 maxlen: 24
43.162.0.0/17 maxlen: 24
43.162.128.0/17 maxlen: 24
43.163.0.0/16 maxlen: 16
43.163.0.0/17 maxlen: 17
43.163.0.0/18 maxlen: 24
43.163.64.0/18 maxlen: 24
43.163.192.0/18 maxlen: 24
43.164.0.0/16 maxlen: 24
43.165.0.0/16 maxlen: 24
43.166.0.0/16 maxlen: 24
43.167.0.0/16 maxlen: 24
43.168.0.0/16 maxlen: 24
43.169.0.0/16 maxlen: 24
43.170.0.0/16 maxlen: 24
43.171.0.0/16 maxlen: 24
43.172.0.0/16 maxlen: 24
43.173.0.0/16 maxlen: 24
43.174.0.0/16 maxlen: 24
101.32.140.0/24 maxlen: 24
101.33.4.0/23 maxlen: 23
101.33.17.0/24 maxlen: 24
101.33.18.0/23 maxlen: 23
101.33.26.0/23 maxlen: 23
101.33.30.0/23 maxlen: 23
101.33.41.0/24 maxlen: 24
101.33.114.0/23 maxlen: 24
150.109.90.0/24 maxlen: 24
150.109.91.0/24 maxlen: 24
240d:c000::/24 maxlen: 32
240d:c000:1000::/36 maxlen: 36
240d:c000:2000::/36 maxlen: 36
240d:c000:3000::/36 maxlen: 36
240d:c000:6000::/36 maxlen: 36
240d:c000:6000::/44 maxlen: 48
240d:c000:7000::/44 maxlen: 44
240d:c000:f000::/36 maxlen: 36
240d:c000:f000::/44 maxlen: 44
240d:c000:f010::/44 maxlen: 44
240d:c000:f020::/44 maxlen: 44
240d:c010::/48 maxlen: 48
240d:c010::/56 maxlen: 56
240d:c010:0:100::/56 maxlen: 56
240d:c010:10::/48 maxlen: 48
240d:c010:11::/48 maxlen: 48
240d:c010:12::/48 maxlen: 48
240d:c010:14::/48 maxlen: 48
240d:c010:16::/48 maxlen: 48
240d:c010:17::/48 maxlen: 48
240d:c010:20::/44 maxlen: 44
240d:c010:20::/56 maxlen: 56
240d:c010:20:100::/56 maxlen: 56
240d:c010:20:200::/56 maxlen: 56
240d:c010:30::/56 maxlen: 56
240d:c010:30:100::/56 maxlen: 56
240d:c010:50::/48 maxlen: 48
240d:c010:57::/48 maxlen: 48
240d:c010:58::/47 maxlen: 48
240d:c010:5c::/46 maxlen: 48
240d:c010:60::/48 maxlen: 48
240d:c010:66::/47 maxlen: 48
240d:c010:68::/48 maxlen: 48
240d:c010:6c::/47 maxlen: 48
240d:c010:6e::/48 maxlen: 48
240d:c040::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl
rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 23:13:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2303 (0x8ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157D67/serialNumber=39C43967570087F583E425A9FE9B69B9506A59BD
Validity
Not Before: Apr 1 14:40:16 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=660ac74f-ddd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:05:06:6a:96:09:b2:fe:92:ec:8a:56:96:0a:
61:ff:00:24:29:cb:d8:eb:d2:fd:13:dd:9a:55:bb:
d7:a7:be:d7:68:ca:54:f5:2b:1b:d7:3e:8b:2b:f5:
d8:03:ec:64:47:79:0d:38:e5:c7:81:f6:48:f1:df:
b4:79:b3:10:d8:c9:a4:66:60:4a:cc:8d:b3:d3:3e:
19:78:c0:10:84:54:6b:cb:11:9a:97:c6:ae:c6:55:
61:b2:f1:8e:ff:29:54:94:45:f9:b7:8c:7a:51:79:
5d:1a:54:86:3b:8f:2d:25:ad:f8:cd:ba:92:30:c4:
1f:05:9f:4e:7c:59:1c:06:db:f3:ce:28:82:35:b9:
55:6a:44:7f:fc:63:6b:c9:60:e3:d0:0d:9a:cc:10:
ce:ed:7e:d6:2b:4c:47:34:6b:d6:9b:4d:27:9a:de:
fa:db:26:9a:62:41:60:24:13:2d:26:30:ff:2e:02:
94:c5:98:ba:79:61:ec:55:2a:cb:46:a5:27:6e:87:
e5:99:0d:93:cc:92:38:45:56:b2:37:84:8e:da:97:
17:19:80:59:0a:50:12:35:ec:0c:c1:d8:c0:0a:7b:
c7:ce:53:fb:fb:fa:fc:49:d7:74:31:b9:41:55:e8:
c9:34:be:7f:62:83:97:13:9d:12:54:c2:a1:2c:c4:
6d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:67:2C:17:33:9F:05:E4:82:13:53:65:FB:F4:F5:7A:8E:DA:10:99
X509v3 Authority Key Identifier:
keyid:39:C4:39:67:57:00:87:F5:83:E4:25:A9:FE:9B:69:B9:50:6A:59:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OcQ5Z1cAh_WD5CWp_ptpuVBqWb0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157D67/69E6C16A442A11EB9599AD38C4F9AE02/8B0DCAFCA07811EEB25C0B54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.128.222.0/23
43.130.0.0-43.130.191.255
43.131.0.0/18
43.131.224.0/19
43.132.68.0/24
43.132.96.0-43.132.255.255
43.134.0.0/17
43.135.58.0/24
43.135.187.0/24
43.152.96.0/19
43.152.192.0-43.174.255.255
101.32.140.0/24
101.33.4.0/23
101.33.17.0-101.33.19.255
101.33.26.0/23
101.33.30.0/23
101.33.41.0/24
101.33.114.0/23
150.109.90.0/23
IPv6:
240d:c000::/24
Signature Algorithm: sha256WithRSAEncryption
3c:a3:52:c5:4e:17:63:4a:7c:4e:c9:fb:0d:11:9e:5b:d9:d8:
a7:45:bc:34:bb:e4:bb:fd:ed:e2:c4:66:e7:3b:a1:05:84:6e:
94:fc:f3:7f:0a:16:a4:66:d0:80:15:1b:c9:8c:91:fe:60:0f:
c1:16:b7:54:d4:e1:e7:e9:ac:c0:89:39:a4:e8:8b:52:3e:5a:
0b:4c:b7:32:4e:13:0b:e3:84:c8:f2:28:db:ec:87:e1:04:0d:
6b:7c:9b:19:9e:40:63:4b:1f:27:56:51:29:ed:f2:d6:fe:3e:
08:2c:e2:90:0e:43:14:be:d5:f3:32:7c:13:ef:1a:1a:23:41:
b1:71:f2:0d:b1:6b:73:35:ce:fe:7c:89:92:86:f7:30:19:d2:
dd:fc:b9:ec:e0:c6:a7:87:c9:5b:a4:4a:50:26:b8:3a:52:aa:
20:34:69:7e:fd:60:15:9b:99:d0:31:10:1e:7a:95:3c:33:b2:
57:57:8c:b9:73:25:b2:68:bb:d2:43:bc:3d:ba:a6:66:a7:96:
2c:85:67:8b:f1:51:13:59:c4:a8:06:67:13:dd:73:87:2c:cf:
a7:3b:7b:db:92:2a:da:86:45:f4:37:65:c1:6f:d0:53:c9:64:
2c:d7:ed:dc:f8:31:a7:de:5c:02:58:e3:6e:a7:2c:66:69:e4:
bc:a2:e9:a3
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgICCP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdENjcxMTAvBgNVBAUTKDM5QzQzOTY3NTcwMDg3RjU4M0U0MjVBOUZFOUI2OUI5
NTA2QTU5QkQwHhcNMjQwNDAxMTQ0MDE2WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBhYzc0Zi1kZGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtwUGapYJsv6S7IpWlgph/wAkKcvY69L9E92aVbvXp77XaMpU9Ssb1z6LK/XY
A+xkR3kNOOXHgfZI8d+0ebMQ2MmkZmBKzI2z0z4ZeMAQhFRryxGal8auxlVhsvGO
/ylUlEX5t4x6UXldGlSGO48tJa34zbqSMMQfBZ9OfFkcBtvzziiCNblVakR//GNr
yWDj0A2azBDO7X7WK0xHNGvWm00nmt762yaaYkFgJBMtJjD/LgKUxZi6eWHsVSrL
RqUnboflmQ2TzJI4RVayN4SO2pcXGYBZClASNewMwdjACnvHzlP7+/r8Sdd0MblB
VejJNL5/YoOXE50SVMKhLMRtgQIDAQABo4IDMTCCAy0wHQYDVR0OBBYEFEhnLBcz
nwXkghNTZfv09XqO2hCZMB8GA1UdIwQYMBaAFDnEOWdXAIf1g+Qlqf6bablQalm9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0Q2Ny82OUU2QzE2QTQ0
MkExMUVCOTU5OUFEMzhDNEY5QUUwMi9PY1E1WjFjQWhfV0Q1Q1dwX3B0cHVWQnFX
YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09jUTVaMWNBaF9XRDVDV3BfcHRwdVZCcVdiMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdENjcvNjlFNkMxNkE0NDJBMTFFQjk1OTlBRDM4QzRGOUFFMDIvOEIwRENBRkNB
MDc4MTFFRUIyNUMwQjU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgboGCCsGAQUFBwEHAQH/
BIGqMIGnMIGWBAIAATCBjwMEASuA3jALAwMBK4IDBAYrgoADBAYrgwADBAUrg+AD
BAArhEQwCwMEBSuEYAMDACuEAwQHK4YAAwQAK4c6AwQAK4e7AwQFK5hgMAsDBAYr
mMADAwArrgMEAGUgjAMEAWUhBDAMAwQAZSERAwQCZSEQAwQBZSEaAwQBZSEeAwQA
ZSEpAwQBZSFyAwQBlm1aMAwEAgACMAYDBAAkDcAwDQYJKoZIhvcNAQELBQADggEB
ADyjUsVOF2NKfE7J+w0RnlvZ2KdFvDS75Lv97eLEZuc7oQWEbpT8838KFqRm0IAV
G8mMkf5gD8EWt1TU4efprMCJOaToi1I+WgtMtzJOEwvjhMjyKNvsh+EEDWt8mxme
QGNLHydWUSnt8tb+Pggs4pAOQxS+1fMyfBPvGhojQbFx8g2xa3M1zv58iZKG9zAZ
0t38uezgxqeHyVukSlAmuDpSqiA0aX79YBWbmdAxEB56lTwzsldXjLlzJbJou9JD
vD26pmanliyFZ4vxURNZxKgGZxPdc4csz6c7e9uSKtqGRfQ3ZcFv0FPJZCzX7dz4
MafeXAJY426nLGZp5Lyi6aM=
-----END CERTIFICATE-----
Generated at Fri May 17 00:24:20 2024 by rpki-client on console-fra.rpki-client.org