Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/727C68508AB411EA89D83541C4F9AE02.roa
File: 727C68508AB411EA89D83541C4F9AE02.roa (raw, json)
Hash identifier: bNLbopYTIZnkRHkV3iJSMmgEj50I2SsjijBIBUsXZ/o=
Subject key identifier: B9:7B:98:50:02:B3:E1:E7:81:E4:BE:34:37:2B:E2:5A:1F:EE:43:86
Certificate issuer: /CN=A9165568/serialNumber=67097E492F73D6DBD31FA016A2D5B5B86A9B3FD8
Certificate serial: 1B87
Authority key identifier: 67:09:7E:49:2F:73:D6:DB:D3:1F:A0:16:A2:D5:B5:B8:6A:9B:3F:D8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/727C68508AB411EA89D83541C4F9AE02.roa
Signing time: Fri 20 Oct 2023 14:40:34 +0000
ROA not before: Fri 20 Oct 2023 14:40:34 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 23966
IP address blocks: 119.30.80.0/20 maxlen: 20
119.30.86.0/24 maxlen: 24
119.30.87.0/24 maxlen: 24
119.30.100.0/24 maxlen: 24
119.30.106.0/24 maxlen: 24
119.30.107.0/24 maxlen: 24
119.30.108.0/24 maxlen: 24
119.30.112.0/22 maxlen: 24
119.30.124.0/22 maxlen: 24
119.73.0.0/18 maxlen: 18
202.61.32.0/19 maxlen: 19
202.61.32.0/20 maxlen: 20
202.61.32.0/24 maxlen: 24
202.61.34.0/24 maxlen: 24
202.61.40.0/24 maxlen: 24
202.61.41.0/24 maxlen: 24
202.61.42.0/24 maxlen: 24
202.61.43.0/24 maxlen: 24
202.61.44.0/24 maxlen: 24
202.61.46.0/24 maxlen: 24
202.61.47.0/24 maxlen: 24
202.61.48.0/21 maxlen: 24
202.61.56.0/21 maxlen: 24
202.147.160.0/20 maxlen: 24
202.147.176.0/20 maxlen: 20
202.147.176.0/21 maxlen: 24
202.147.184.0/21 maxlen: 24
202.154.224.0/19 maxlen: 19
202.154.224.0/20 maxlen: 20
202.154.224.0/24 maxlen: 24
202.154.225.0/24 maxlen: 24
202.154.226.0/24 maxlen: 24
202.154.227.0/24 maxlen: 24
202.154.228.0/24 maxlen: 24
202.154.229.0/24 maxlen: 24
202.154.230.0/24 maxlen: 24
202.154.231.0/24 maxlen: 24
202.154.232.0/24 maxlen: 24
202.154.233.0/24 maxlen: 24
202.154.234.0/24 maxlen: 24
202.154.235.0/24 maxlen: 24
202.154.236.0/24 maxlen: 24
202.154.237.0/24 maxlen: 24
202.154.238.0/24 maxlen: 24
202.154.239.0/24 maxlen: 24
202.154.240.0/20 maxlen: 20
202.154.240.0/24 maxlen: 24
202.154.241.0/24 maxlen: 24
202.154.242.0/24 maxlen: 24
202.154.243.0/24 maxlen: 24
202.154.244.0/24 maxlen: 24
202.154.245.0/24 maxlen: 24
202.154.246.0/24 maxlen: 24
202.154.247.0/24 maxlen: 24
202.154.248.0/24 maxlen: 24
202.154.249.0/24 maxlen: 24
202.154.250.0/24 maxlen: 24
202.154.251.0/24 maxlen: 24
202.154.252.0/24 maxlen: 24
202.154.253.0/24 maxlen: 24
202.154.254.0/24 maxlen: 24
202.154.255.0/24 maxlen: 24
203.223.160.0/20 maxlen: 24
210.2.128.0/18 maxlen: 18
210.2.128.0/20 maxlen: 21
210.2.128.0/24 maxlen: 24
210.2.129.0/24 maxlen: 24
210.2.130.0/24 maxlen: 24
210.2.131.0/24 maxlen: 24
210.2.132.0/22 maxlen: 22
210.2.132.0/24 maxlen: 24
210.2.133.0/24 maxlen: 24
210.2.134.0/24 maxlen: 24
210.2.135.0/24 maxlen: 24
210.2.136.0/21 maxlen: 22
210.2.136.0/24 maxlen: 24
210.2.137.0/24 maxlen: 24
210.2.138.0/24 maxlen: 24
210.2.139.0/24 maxlen: 24
210.2.140.0/24 maxlen: 24
210.2.141.0/24 maxlen: 24
210.2.142.0/24 maxlen: 24
210.2.143.0/24 maxlen: 24
210.2.144.0/20 maxlen: 21
210.2.144.0/24 maxlen: 24
210.2.145.0/24 maxlen: 24
210.2.146.0/24 maxlen: 24
210.2.147.0/24 maxlen: 24
210.2.148.0/24 maxlen: 24
210.2.149.0/24 maxlen: 24
210.2.150.0/24 maxlen: 24
210.2.151.0/24 maxlen: 24
210.2.152.0/24 maxlen: 24
210.2.153.0/24 maxlen: 24
210.2.154.0/24 maxlen: 24
210.2.155.0/24 maxlen: 24
210.2.156.0/24 maxlen: 24
210.2.157.0/24 maxlen: 24
210.2.158.0/24 maxlen: 24
210.2.159.0/24 maxlen: 24
210.2.160.0/20 maxlen: 21
210.2.160.0/24 maxlen: 24
210.2.161.0/24 maxlen: 24
210.2.162.0/24 maxlen: 24
210.2.163.0/24 maxlen: 24
210.2.164.0/24 maxlen: 24
210.2.165.0/24 maxlen: 24
210.2.166.0/24 maxlen: 24
210.2.167.0/24 maxlen: 24
210.2.168.0/24 maxlen: 24
210.2.169.0/24 maxlen: 24
210.2.170.0/24 maxlen: 24
210.2.171.0/24 maxlen: 24
210.2.172.0/24 maxlen: 24
210.2.173.0/24 maxlen: 24
210.2.174.0/24 maxlen: 24
210.2.175.0/24 maxlen: 24
210.2.176.0/20 maxlen: 22
210.2.176.0/24 maxlen: 24
210.2.177.0/24 maxlen: 24
210.2.178.0/24 maxlen: 24
210.2.179.0/24 maxlen: 24
210.2.180.0/24 maxlen: 24
210.2.181.0/24 maxlen: 24
210.2.182.0/24 maxlen: 24
210.2.183.0/24 maxlen: 24
210.2.184.0/24 maxlen: 24
210.2.185.0/24 maxlen: 24
210.2.186.0/24 maxlen: 24
210.2.187.0/24 maxlen: 24
210.2.188.0/24 maxlen: 24
210.2.189.0/24 maxlen: 24
210.2.190.0/24 maxlen: 24
210.2.191.0/24 maxlen: 24
2401:0:201::/48 maxlen: 48
2401:0:4000::/40 maxlen: 40
2401:0:8001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.crl
rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 04 Jun 2024 14:32:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7047 (0x1b87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9165568/serialNumber=67097E492F73D6DBD31FA016A2D5B5B86A9B3FD8
Validity
Not Before: Oct 20 14:40:34 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65329162-04a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:67:f6:30:ff:e0:bf:99:01:87:cb:31:24:35:
d3:2e:9b:ad:b7:60:b3:c2:b8:a6:ea:a1:41:0f:c8:
5f:02:69:e7:91:9c:66:b2:ee:c2:b9:fd:22:62:7a:
97:a7:d1:aa:1e:4f:41:36:59:e0:3e:dc:bc:c5:07:
17:ae:db:55:4b:6a:f0:0a:e9:b5:92:bb:4a:12:3f:
02:e9:3b:f5:c1:f4:29:94:0d:5c:92:ba:fd:36:f7:
63:af:2e:fa:00:37:12:2d:3a:2c:5d:bc:92:df:a1:
7c:9b:7a:5f:eb:d0:cd:f7:e0:d6:14:6f:b4:2a:a6:
93:f6:e8:f3:50:0e:5b:6f:65:00:5e:a3:36:11:22:
fb:b6:43:41:0d:a5:b3:af:aa:b6:bf:4b:d5:3b:54:
73:4c:fa:3e:e5:54:1f:4e:16:bc:61:0d:00:6a:37:
75:8e:06:5b:0a:8b:11:c7:78:13:2e:70:23:32:7c:
05:e5:b6:0c:ff:45:e3:20:e0:b1:4c:7d:74:f5:3c:
74:eb:f2:74:70:ad:0b:70:1a:3b:6d:2d:65:30:6a:
29:3d:de:3c:d8:0a:1a:d9:73:7c:ce:fe:c7:82:50:
50:74:83:92:a8:59:03:bd:fb:97:78:09:3a:54:24:
7c:9d:0e:34:3c:a5:4b:e8:8f:37:7a:73:bb:7c:3d:
21:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7B:98:50:02:B3:E1:E7:81:E4:BE:34:37:2B:E2:5A:1F:EE:43:86
X509v3 Authority Key Identifier:
keyid:67:09:7E:49:2F:73:D6:DB:D3:1F:A0:16:A2:D5:B5:B8:6A:9B:3F:D8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zwl-SS9z1tvTH6AWotW1uGqbP9g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165568/BD1A95D21D8711E29BE3E6DF08B02CD2/727C68508AB411EA89D83541C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
119.30.80.0/20
119.30.100.0/24
119.30.106.0-119.30.108.255
119.30.112.0/22
119.30.124.0/22
119.73.0.0/18
202.61.32.0/19
202.147.160.0/19
202.154.224.0/19
203.223.160.0/20
210.2.128.0/18
IPv6:
2401:0:201::/48
2401:0:4000::/40
2401:0:8001::/48
Signature Algorithm: sha256WithRSAEncryption
b3:f3:25:b7:2e:2d:0a:5e:e3:5f:3f:c4:6b:71:a8:a7:9b:35:
04:66:b7:27:6e:a4:38:7d:50:58:ca:e3:3e:4a:fc:5c:ee:64:
fc:d6:ec:e8:24:cf:f6:ea:79:d3:e5:fc:c6:66:ca:53:2d:2f:
91:2c:27:8f:a3:fa:64:1c:06:b6:6f:41:2e:d6:f4:50:ff:fa:
05:35:f3:ce:1f:4a:4d:d3:3e:6a:4e:69:8f:16:45:2b:6d:a7:
e3:26:b7:6a:36:4e:ac:6a:33:e2:15:ec:51:13:47:c7:13:8d:
56:8e:0e:13:11:50:12:cc:0c:39:76:1c:82:42:a8:76:1d:00:
87:f2:de:84:7e:fa:e6:cd:09:27:6f:83:03:d6:78:78:b3:4e:
c6:10:c2:d4:25:6d:e4:52:9f:84:8d:20:b3:29:ea:7c:44:b1:
33:d2:f5:dd:40:90:e4:34:cf:21:00:72:24:8f:00:37:67:2f:
6d:be:48:37:83:9d:fc:20:b7:f7:c6:06:ff:90:5e:33:3c:8a:
47:6b:ec:39:5d:e9:9f:1e:8f:ef:3e:a2:4d:22:b1:56:20:d0:
43:4f:5f:dd:91:c3:1f:6c:06:4d:30:e9:e2:79:dc:8a:54:45:
16:53:a8:14:18:3a:4b:51:fa:07:70:0b:21:71:32:3f:93:f3:
08:12:b7:fb
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgICG4cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1NjgxMTAvBgNVBAUTKDY3MDk3RTQ5MkY3M0Q2REJEMzFGQTAxNkEyRDVCNUI4
NkE5QjNGRDgwHhcNMjMxMDIwMTQ0MDM0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTMyOTE2Mi0wNGEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoGf2MP/gv5kBh8sxJDXTLputt2Czwrim6qFBD8hfAmnnkZxmsu7Cuf0iYnqX
p9GqHk9BNlngPty8xQcXrttVS2rwCum1krtKEj8C6Tv1wfQplA1ckrr9Nvdjry76
ADcSLTosXbyS36F8m3pf69DN9+DWFG+0KqaT9ujzUA5bb2UAXqM2ESL7tkNBDaWz
r6q2v0vVO1RzTPo+5VQfTha8YQ0Aajd1jgZbCosRx3gTLnAjMnwF5bYM/0XjIOCx
TH109Tx06/J0cK0LcBo7bS1lMGopPd482Aoa2XN8zv7HglBQdIOSqFkDvfuXeAk6
VCR8nQ40PKVL6I83enO7fD0hqQIDAQABo4IC/DCCAvgwHQYDVR0OBBYEFLl7mFAC
s+HngeS+NDcr4lof7kOGMB8GA1UdIwQYMBaAFGcJfkkvc9bb0x+gFqLVtbhqmz/Y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU2OC9CRDFBOTVEMjFE
ODcxMUUyOUJFM0U2REYwOEIwMkNEMi9ad2wtU1M5ejF0dlRINkFXb3RXMXVHcWJQ
OWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1p3bC1TUzl6MXR2VEg2QVdvdFcxdUdxYlA5Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1NjgvQkQxQTk1RDIxRDg3MTFFMjlCRTNFNkRGMDhCMDJDRDIvNzI3QzY4NTA4
QUI0MTFFQTg5RDgzNTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYUGCCsGAQUFBwEHAQH/
BHYwdDBQBAIAATBKAwQEdx5QAwQAdx5kMAwDBAF3HmoDBAB3HmwDBAJ3HnADBAJ3
HnwDBAZ3SQADBAXKPSADBAXKk6ADBAXKmuADBATL36ADBAbSAoAwIAQCAAIwGgMH
ACQBAAACAQMGACQBAABAAwcAJAEAAIABMA0GCSqGSIb3DQEBCwUAA4IBAQCz8yW3
Li0KXuNfP8RrcainmzUEZrcnbqQ4fVBYyuM+Svxc7mT81uzoJM/26nnT5fzGZspT
LS+RLCePo/pkHAa2b0Eu1vRQ//oFNfPOH0pN0z5qTmmPFkUrbafjJrdqNk6sajPi
FexRE0fHE41Wjg4TEVASzAw5dhyCQqh2HQCH8t6EfvrmzQknb4MD1nh4s07GEMLU
JW3kUp+EjSCzKep8RLEz0vXdQJDkNM8hAHIkjwA3Zy9tvkg3g538ILf3xgb/kF4z
PIpHa+w5XemfHo/vPqJNIrFWINBDT1/dkcMfbAZNMOniedyKVEUWU6gUGDpLUfoH
cAshcTI/k/MIErf7
-----END CERTIFICATE-----
Generated at Tue May 28 15:25:25 2024 by rpki-client on console-fra.rpki-client.org