Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/084044FC19AC11EB8759456DC4F9AE02.roa
File: 084044FC19AC11EB8759456DC4F9AE02.roa (raw, json)
Hash identifier: mAa852TCkZhviddLBCirFVWcnGiv3BjKk50mxM6ts2w=
Subject key identifier: EF:78:56:31:4F:0E:8F:5E:D9:14:ED:7E:54:69:38:A4:34:3A:58:3B
Certificate issuer: /CN=A9165568/serialNumber=67097E492F73D6DBD31FA016A2D5B5B86A9B3FD8
Certificate serial: 1B8E
Authority key identifier: 67:09:7E:49:2F:73:D6:DB:D3:1F:A0:16:A2:D5:B5:B8:6A:9B:3F:D8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/084044FC19AC11EB8759456DC4F9AE02.roa
Signing time: Fri 20 Oct 2023 14:40:41 +0000
ROA not before: Fri 20 Oct 2023 14:40:41 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 9940
IP address blocks: 202.61.56.0/21 maxlen: 21
202.61.56.0/24 maxlen: 24
202.61.57.0/24 maxlen: 24
202.61.58.0/24 maxlen: 24
202.61.59.0/24 maxlen: 24
202.61.60.0/24 maxlen: 24
202.61.61.0/24 maxlen: 24
202.61.62.0/24 maxlen: 24
202.61.63.0/24 maxlen: 24
202.147.160.0/20 maxlen: 24
202.147.176.0/21 maxlen: 24
202.147.184.0/21 maxlen: 24
202.154.224.0/20 maxlen: 24
202.154.240.0/20 maxlen: 20
202.154.240.0/24 maxlen: 24
202.154.241.0/24 maxlen: 24
202.154.242.0/24 maxlen: 24
202.154.243.0/24 maxlen: 24
202.154.244.0/24 maxlen: 24
202.154.245.0/24 maxlen: 24
202.154.246.0/24 maxlen: 24
202.154.247.0/24 maxlen: 24
202.154.248.0/24 maxlen: 24
202.154.249.0/24 maxlen: 24
202.154.250.0/24 maxlen: 24
202.154.251.0/24 maxlen: 24
202.154.252.0/24 maxlen: 24
202.154.253.0/24 maxlen: 24
202.154.254.0/24 maxlen: 24
202.154.255.0/24 maxlen: 24
203.223.160.0/20 maxlen: 24
210.2.128.0/20 maxlen: 21
210.2.128.0/24 maxlen: 24
210.2.129.0/24 maxlen: 24
210.2.130.0/24 maxlen: 24
210.2.131.0/24 maxlen: 24
210.2.132.0/22 maxlen: 22
210.2.132.0/24 maxlen: 24
210.2.133.0/24 maxlen: 24
210.2.134.0/24 maxlen: 24
210.2.135.0/24 maxlen: 24
210.2.136.0/21 maxlen: 22
210.2.136.0/24 maxlen: 24
210.2.137.0/24 maxlen: 24
210.2.138.0/24 maxlen: 24
210.2.139.0/24 maxlen: 24
210.2.140.0/24 maxlen: 24
210.2.141.0/24 maxlen: 24
210.2.142.0/24 maxlen: 24
210.2.143.0/24 maxlen: 24
210.2.144.0/20 maxlen: 21
210.2.144.0/24 maxlen: 24
210.2.145.0/24 maxlen: 24
210.2.146.0/24 maxlen: 24
210.2.147.0/24 maxlen: 24
210.2.148.0/24 maxlen: 24
210.2.149.0/24 maxlen: 24
210.2.150.0/24 maxlen: 24
210.2.151.0/24 maxlen: 24
210.2.152.0/24 maxlen: 24
210.2.153.0/24 maxlen: 24
210.2.154.0/24 maxlen: 24
210.2.155.0/24 maxlen: 24
210.2.156.0/24 maxlen: 24
210.2.157.0/24 maxlen: 24
210.2.158.0/24 maxlen: 24
210.2.159.0/24 maxlen: 24
210.2.160.0/20 maxlen: 21
210.2.160.0/24 maxlen: 24
210.2.161.0/24 maxlen: 24
210.2.162.0/24 maxlen: 24
210.2.163.0/24 maxlen: 24
210.2.164.0/24 maxlen: 24
210.2.165.0/24 maxlen: 24
210.2.166.0/24 maxlen: 24
210.2.167.0/24 maxlen: 24
210.2.168.0/24 maxlen: 24
210.2.169.0/24 maxlen: 24
210.2.170.0/24 maxlen: 24
210.2.171.0/24 maxlen: 24
210.2.172.0/24 maxlen: 24
210.2.173.0/24 maxlen: 24
210.2.174.0/24 maxlen: 24
210.2.175.0/24 maxlen: 24
210.2.176.0/20 maxlen: 22
210.2.176.0/24 maxlen: 24
210.2.177.0/24 maxlen: 24
210.2.178.0/24 maxlen: 24
210.2.179.0/24 maxlen: 24
210.2.180.0/24 maxlen: 24
210.2.181.0/24 maxlen: 24
210.2.182.0/24 maxlen: 24
210.2.183.0/24 maxlen: 24
210.2.184.0/24 maxlen: 24
210.2.185.0/24 maxlen: 24
210.2.186.0/24 maxlen: 24
210.2.187.0/24 maxlen: 24
210.2.188.0/24 maxlen: 24
210.2.189.0/24 maxlen: 24
210.2.190.0/24 maxlen: 24
210.2.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.crl
rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 04 Jun 2024 13:40:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7054 (0x1b8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9165568/serialNumber=67097E492F73D6DBD31FA016A2D5B5B86A9B3FD8
Validity
Not Before: Oct 20 14:40:41 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65329169-acde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:63:2a:1f:af:ce:7c:a4:3a:5b:4e:c3:51:05:
0d:66:07:db:02:fa:b2:b7:99:ef:08:43:ac:7a:43:
3f:e5:f3:db:d3:15:b7:b2:a1:e9:8f:5f:b5:db:e7:
5e:54:7b:ed:99:79:4f:8c:93:f3:d9:52:4e:5d:a0:
d7:db:2d:17:de:90:f8:18:f6:f2:c8:cd:80:0b:46:
98:5f:de:c1:fc:91:c7:a4:63:44:3d:19:6c:7d:88:
fd:f4:f3:2c:03:df:06:ee:e7:3f:5e:75:00:22:fe:
0f:86:61:a5:c4:19:0b:59:49:63:74:fa:39:14:b1:
8b:5a:3d:e4:d0:49:06:15:c6:cf:ba:4f:7d:07:37:
62:83:25:58:ee:99:51:1a:46:52:4d:8a:2b:0e:e7:
8a:17:73:e4:89:40:06:e4:7f:73:0b:e9:c7:28:ba:
44:be:bc:8b:80:6a:92:aa:aa:c8:ae:8e:60:ab:a4:
2e:a4:b5:2a:ec:ec:e7:52:78:16:0c:e1:d2:29:39:
2c:e1:af:71:53:75:fb:75:04:66:76:db:be:61:96:
64:f8:30:34:17:d7:73:51:06:26:71:fb:cb:19:56:
ee:37:2d:c2:d2:b6:d7:30:52:0d:93:3c:e0:38:51:
3b:7d:d9:cc:a9:a0:7e:51:3d:a8:cc:14:6c:47:5f:
78:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:78:56:31:4F:0E:8F:5E:D9:14:ED:7E:54:69:38:A4:34:3A:58:3B
X509v3 Authority Key Identifier:
keyid:67:09:7E:49:2F:73:D6:DB:D3:1F:A0:16:A2:D5:B5:B8:6A:9B:3F:D8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/084044FC19AC11EB8759456DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.61.56.0/21
202.147.160.0/19
202.154.224.0/19
203.223.160.0/20
210.2.128.0/18
Signature Algorithm: sha256WithRSAEncryption
7b:46:89:80:33:36:06:6e:fd:91:4b:3b:5a:28:9a:af:0f:f1:
3c:37:e5:67:83:c5:53:df:a2:6b:f3:b8:8c:ce:2b:c8:c9:e1:
1f:e1:e4:a2:cd:8b:0d:2f:47:19:0e:73:b4:49:cf:9f:01:e7:
6f:2c:a6:0c:76:4d:b4:4e:cd:c0:e3:7d:95:3d:c9:97:c4:65:
c3:a4:5c:b0:d3:cf:1f:2a:5c:95:63:17:90:f7:30:1d:23:55:
ae:f8:6a:7e:85:32:33:c3:78:9c:37:f3:b9:05:04:a2:10:3a:
e0:4f:0b:4e:a4:95:31:d2:7e:09:e1:ac:7e:e9:4b:31:5f:e5:
49:47:b4:6a:7e:b7:a8:c3:1b:81:27:04:9a:96:2d:c3:1c:98:
d1:f6:91:83:6b:5d:47:2e:50:bd:b7:9b:57:59:3c:50:21:e8:
63:c6:b6:cb:cb:ea:32:b2:56:66:48:8c:48:5b:e4:ac:e6:65:
d9:0b:40:7c:0a:90:13:17:64:60:f4:05:e5:d8:d6:53:d8:3a:
66:e7:8f:03:a4:f2:fe:56:4e:58:51:8e:be:b8:ea:90:19:bb:
5c:75:d3:d3:13:3b:b6:3d:29:62:9d:f9:92:15:9f:46:14:27:
20:11:b8:5e:4a:30:1e:ca:20:40:4c:1a:01:7e:bc:1f:33:b5:
dd:cb:70:36
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICG44wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1NjgxMTAvBgNVBAUTKDY3MDk3RTQ5MkY3M0Q2REJEMzFGQTAxNkEyRDVCNUI4
NkE5QjNGRDgwHhcNMjMxMDIwMTQ0MDQxWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTMyOTE2OS1hY2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxGMqH6/OfKQ6W07DUQUNZgfbAvqyt5nvCEOsekM/5fPb0xW3sqHpj1+12+de
VHvtmXlPjJPz2VJOXaDX2y0X3pD4GPbyyM2AC0aYX97B/JHHpGNEPRlsfYj99PMs
A98G7uc/XnUAIv4PhmGlxBkLWUljdPo5FLGLWj3k0EkGFcbPuk99BzdigyVY7plR
GkZSTYorDueKF3PkiUAG5H9zC+nHKLpEvryLgGqSqqrIro5gq6QupLUq7OznUngW
DOHSKTks4a9xU3X7dQRmdtu+YZZk+DA0F9dzUQYmcfvLGVbuNy3C0rbXMFINkzzg
OFE7fdnMqaB+UT2ozBRsR194ywIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFO94VjFP
Do9e2RTtflRpOKQ0Olg7MB8GA1UdIwQYMBaAFGcJfkkvc9bb0x+gFqLVtbhqmz/Y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU2OC9CRDFBOTVEMjFE
ODcxMUUyOUJFM0U2REYwOEIwMkNEMi9ad2wtU1M5ejF0dlRINkFXb3RXMXVHcWJQ
OWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1p3bC1TUzl6MXR2VEg2QVdvdFcxdUdxYlA5Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1NjgvQkQxQTk1RDIxRDg3MTFFMjlCRTNFNkRGMDhCMDJDRDIvMDg0MDQ0RkMx
OUFDMTFFQjg3NTk0NTZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAPKPTgDBAXKk6ADBAXKmuADBATL36ADBAbSAoAwDQYJKoZI
hvcNAQELBQADggEBAHtGiYAzNgZu/ZFLO1oomq8P8Tw35WeDxVPfomvzuIzOK8jJ
4R/h5KLNiw0vRxkOc7RJz58B528spgx2TbROzcDjfZU9yZfEZcOkXLDTzx8qXJVj
F5D3MB0jVa74an6FMjPDeJw387kFBKIQOuBPC06klTHSfgnhrH7pSzFf5UlHtGp+
t6jDG4EnBJqWLcMcmNH2kYNrXUcuUL23m1dZPFAh6GPGtsvL6jKyVmZIjEhb5Kzm
ZdkLQHwKkBMXZGD0BeXY1lPYOmbnjwOk8v5WTlhRjr646pAZu1x109MTO7Y9KWKd
+ZIVn0YUJyARuF5KMB7KIEBMGgF+vB8ztd3LcDY=
-----END CERTIFICATE-----
Generated at Tue May 28 15:19:43 2024 by rpki-client on console-ams.rpki-client.org