Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/084044FC19AC11EB8759456DC4F9AE02.roa
File: 084044FC19AC11EB8759456DC4F9AE02.roa (raw, json)
Hash identifier: W9G6BLl6GrAu6NpuOira3w9ONwVWK7LaREYQeOaaW/o=
Subject key identifier: 52:CB:1F:05:D8:DA:18:65:A8:CD:02:8C:99:2D:90:87:17:45:37:EF
Certificate issuer: /CN=A9165568/serialNumber=67097E492F73D6DBD31FA016A2D5B5B86A9B3FD8
Certificate serial: 1C60
Authority key identifier: 67:09:7E:49:2F:73:D6:DB:D3:1F:A0:16:A2:D5:B5:B8:6A:9B:3F:D8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/084044FC19AC11EB8759456DC4F9AE02.roa
Signing time: Mon 28 Oct 2024 14:40:46 +0000
ROA not before: Mon 28 Oct 2024 14:40:46 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 9940
IP address blocks: 202.61.56.0/21 maxlen: 21
202.61.56.0/24 maxlen: 24
202.61.57.0/24 maxlen: 24
202.61.58.0/24 maxlen: 24
202.61.59.0/24 maxlen: 24
202.61.60.0/24 maxlen: 24
202.61.61.0/24 maxlen: 24
202.61.62.0/24 maxlen: 24
202.61.63.0/24 maxlen: 24
202.147.160.0/20 maxlen: 24
202.147.176.0/21 maxlen: 24
202.147.184.0/21 maxlen: 24
202.154.224.0/20 maxlen: 24
202.154.240.0/20 maxlen: 20
202.154.240.0/24 maxlen: 24
202.154.241.0/24 maxlen: 24
202.154.242.0/24 maxlen: 24
202.154.243.0/24 maxlen: 24
202.154.244.0/24 maxlen: 24
202.154.245.0/24 maxlen: 24
202.154.246.0/24 maxlen: 24
202.154.247.0/24 maxlen: 24
202.154.248.0/24 maxlen: 24
202.154.249.0/24 maxlen: 24
202.154.250.0/24 maxlen: 24
202.154.251.0/24 maxlen: 24
202.154.252.0/24 maxlen: 24
202.154.253.0/24 maxlen: 24
202.154.254.0/24 maxlen: 24
202.154.255.0/24 maxlen: 24
203.223.160.0/20 maxlen: 24
210.2.128.0/20 maxlen: 21
210.2.128.0/24 maxlen: 24
210.2.129.0/24 maxlen: 24
210.2.130.0/24 maxlen: 24
210.2.131.0/24 maxlen: 24
210.2.132.0/22 maxlen: 22
210.2.132.0/24 maxlen: 24
210.2.133.0/24 maxlen: 24
210.2.134.0/24 maxlen: 24
210.2.135.0/24 maxlen: 24
210.2.136.0/21 maxlen: 22
210.2.136.0/24 maxlen: 24
210.2.137.0/24 maxlen: 24
210.2.138.0/24 maxlen: 24
210.2.139.0/24 maxlen: 24
210.2.140.0/24 maxlen: 24
210.2.141.0/24 maxlen: 24
210.2.142.0/24 maxlen: 24
210.2.143.0/24 maxlen: 24
210.2.144.0/20 maxlen: 21
210.2.144.0/24 maxlen: 24
210.2.145.0/24 maxlen: 24
210.2.146.0/24 maxlen: 24
210.2.147.0/24 maxlen: 24
210.2.148.0/24 maxlen: 24
210.2.149.0/24 maxlen: 24
210.2.150.0/24 maxlen: 24
210.2.151.0/24 maxlen: 24
210.2.152.0/24 maxlen: 24
210.2.153.0/24 maxlen: 24
210.2.154.0/24 maxlen: 24
210.2.155.0/24 maxlen: 24
210.2.156.0/24 maxlen: 24
210.2.157.0/24 maxlen: 24
210.2.158.0/24 maxlen: 24
210.2.159.0/24 maxlen: 24
210.2.160.0/20 maxlen: 21
210.2.160.0/24 maxlen: 24
210.2.161.0/24 maxlen: 24
210.2.162.0/24 maxlen: 24
210.2.163.0/24 maxlen: 24
210.2.164.0/24 maxlen: 24
210.2.165.0/24 maxlen: 24
210.2.166.0/24 maxlen: 24
210.2.167.0/24 maxlen: 24
210.2.168.0/24 maxlen: 24
210.2.169.0/24 maxlen: 24
210.2.170.0/24 maxlen: 24
210.2.171.0/24 maxlen: 24
210.2.172.0/24 maxlen: 24
210.2.173.0/24 maxlen: 24
210.2.174.0/24 maxlen: 24
210.2.175.0/24 maxlen: 24
210.2.176.0/20 maxlen: 22
210.2.176.0/24 maxlen: 24
210.2.177.0/24 maxlen: 24
210.2.178.0/24 maxlen: 24
210.2.179.0/24 maxlen: 24
210.2.180.0/24 maxlen: 24
210.2.181.0/24 maxlen: 24
210.2.182.0/24 maxlen: 24
210.2.183.0/24 maxlen: 24
210.2.184.0/24 maxlen: 24
210.2.185.0/24 maxlen: 24
210.2.186.0/24 maxlen: 24
210.2.187.0/24 maxlen: 24
210.2.188.0/24 maxlen: 24
210.2.189.0/24 maxlen: 24
210.2.190.0/24 maxlen: 24
210.2.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.crl
rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:28:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7264 (0x1c60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9165568/serialNumber=67097E492F73D6DBD31FA016A2D5B5B86A9B3FD8
Validity
Not Before: Oct 28 14:40:46 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=671fa26d-965f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:fb:8a:69:66:da:e6:12:af:0e:46:13:70:75:
65:9a:52:bd:c4:e8:74:58:2a:73:6b:92:2d:7e:38:
13:b4:cd:7b:d7:f6:3c:07:4a:de:34:af:04:97:29:
62:54:66:80:4c:0b:1e:55:db:48:65:fd:6a:1c:14:
20:86:7d:c1:05:b7:db:8c:fd:e1:12:5e:83:e0:98:
0c:68:20:b9:73:f0:43:86:2c:04:60:72:fd:82:b8:
de:72:d4:22:6d:10:31:90:2f:e1:cb:36:6c:d2:2c:
89:8a:d0:e0:96:d6:9a:4f:39:a5:f5:89:59:78:df:
f6:71:29:d8:46:44:67:46:de:d5:01:61:fd:5d:7b:
16:87:ae:80:bb:82:a9:ff:2c:20:0c:85:66:49:68:
82:cb:9d:29:b6:6a:08:8a:94:46:09:f9:03:db:c9:
0c:09:d7:43:58:c7:8c:68:8a:8b:8e:f7:2b:b3:e0:
d7:0e:b7:49:13:50:bf:68:9a:a1:2f:de:be:7f:8c:
a6:dc:e3:64:a9:81:3c:ea:04:62:c7:c5:fd:3c:09:
c1:db:a8:ed:2f:89:f1:f6:42:25:8e:8e:52:e4:7a:
bf:d7:c8:0d:1a:79:bf:cf:c1:da:8e:33:01:f4:76:
48:00:23:bf:17:3a:b5:32:e9:31:84:6b:c9:a6:5b:
ce:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:CB:1F:05:D8:DA:18:65:A8:CD:02:8C:99:2D:90:87:17:45:37:EF
X509v3 Authority Key Identifier:
keyid:67:09:7E:49:2F:73:D6:DB:D3:1F:A0:16:A2:D5:B5:B8:6A:9B:3F:D8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/084044FC19AC11EB8759456DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.61.56.0/21
202.147.160.0/19
202.154.224.0/19
203.223.160.0/20
210.2.128.0/18
Signature Algorithm: sha256WithRSAEncryption
52:12:2a:e5:ca:90:2c:00:6e:6e:73:ec:8d:d7:69:b4:0f:1e:
88:9a:5c:46:74:c8:9d:1c:6e:44:c0:7a:a5:bf:bb:ca:72:d5:
05:88:df:7f:6b:25:2d:7b:95:4f:80:29:d2:53:e0:bc:18:bd:
2f:df:3b:ef:3d:79:62:1b:be:ac:3d:27:e3:db:21:47:63:f8:
80:ac:df:77:a3:9f:26:56:97:16:43:e1:b1:f2:42:e5:f2:95:
83:b9:5a:91:19:a0:4f:56:f6:5a:db:05:e7:78:e5:09:7a:e6:
ac:95:03:02:55:c1:9b:af:84:4c:8f:05:a8:26:4d:18:e8:95:
8a:e7:74:c7:b1:f2:50:10:13:3a:59:47:d2:7f:b2:9a:1f:94:
cd:8a:1c:fc:d5:23:09:a1:75:08:28:67:73:8c:d9:85:fc:cd:
76:fa:b6:8c:99:12:0c:03:a8:4e:f5:c6:7b:e7:af:72:54:bf:
2f:d9:3f:99:29:67:f5:54:4b:8c:60:a4:2a:8d:50:21:f6:63:
a6:81:2e:63:28:0d:c7:35:55:10:cc:c5:ce:c0:c9:58:77:d9:
6a:cd:f5:2f:c7:95:a2:47:19:8a:fe:ae:15:ac:32:64:86:33:
1e:62:9c:7f:74:c0:ce:11:a6:52:90:61:7f:ef:09:ab:5d:c9:
a5:9c:d0:75
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICHGAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1NjgxMTAvBgNVBAUTKDY3MDk3RTQ5MkY3M0Q2REJEMzFGQTAxNkEyRDVCNUI4
NkE5QjNGRDgwHhcNMjQxMDI4MTQ0MDQ2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzFmYTI2ZC05NjVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0vuKaWba5hKvDkYTcHVlmlK9xOh0WCpza5ItfjgTtM171/Y8B0reNK8Elyli
VGaATAseVdtIZf1qHBQghn3BBbfbjP3hEl6D4JgMaCC5c/BDhiwEYHL9grjectQi
bRAxkC/hyzZs0iyJitDgltaaTzml9YlZeN/2cSnYRkRnRt7VAWH9XXsWh66Au4Kp
/ywgDIVmSWiCy50ptmoIipRGCfkD28kMCddDWMeMaIqLjvcrs+DXDrdJE1C/aJqh
L96+f4ym3ONkqYE86gRix8X9PAnB26jtL4nx9kIljo5S5Hq/18gNGnm/z8HajjMB
9HZIACO/Fzq1MukxhGvJplvOVQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFFLLHwXY
2hhlqM0CjJktkIcXRTfvMB8GA1UdIwQYMBaAFGcJfkkvc9bb0x+gFqLVtbhqmz/Y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU2OC9CRDFBOTVEMjFE
ODcxMUUyOUJFM0U2REYwOEIwMkNEMi9ad2wtU1M5ejF0dlRINkFXb3RXMXVHcWJQ
OWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1p3bC1TUzl6MXR2VEg2QVdvdFcxdUdxYlA5Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1NjgvQkQxQTk1RDIxRDg3MTFFMjlCRTNFNkRGMDhCMDJDRDIvMDg0MDQ0RkMx
OUFDMTFFQjg3NTk0NTZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAPKPTgDBAXKk6ADBAXKmuADBATL36ADBAbSAoAwDQYJKoZI
hvcNAQELBQADggEBAFISKuXKkCwAbm5z7I3XabQPHoiaXEZ0yJ0cbkTAeqW/u8py
1QWI339rJS17lU+AKdJT4LwYvS/fO+89eWIbvqw9J+PbIUdj+ICs33ejnyZWlxZD
4bHyQuXylYO5WpEZoE9W9lrbBed45Ql65qyVAwJVwZuvhEyPBagmTRjolYrndMex
8lAQEzpZR9J/spoflM2KHPzVIwmhdQgoZ3OM2YX8zXb6toyZEgwDqE71xnvnr3JU
vy/ZP5kpZ/VUS4xgpCqNUCH2Y6aBLmMoDcc1VRDMxc7AyVh32WrN9S/HlaJHGYr+
rhWsMmSGMx5inH90wM4RplKQYX/vCatdyaWc0HU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:25:37 2024 by rpki-client on console-fra.rpki-client.org