Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/90606AD670AA11ED8DAE4C5AC4F9AE02.roa
File: 90606AD670AA11ED8DAE4C5AC4F9AE02.roa (raw, json)
Hash identifier: K/SJXrHKSaQpDMVLZJrukFZmfGOIIuOIUDxauUWHXXQ=
Subject key identifier: 42:7C:40:F2:8D:03:CC:3A:1C:2E:C6:CB:48:F7:5F:35:44:9B:7D:65
Certificate issuer: /CN=A9165A0B/serialNumber=71AA58CDF1B6BD7C26E61A7518A4D0AD2C9F1A14
Certificate serial: 0829
Authority key identifier: 71:AA:58:CD:F1:B6:BD:7C:26:E6:1A:75:18:A4:D0:AD:2C:9F:1A:14
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/capYzfG2vXwm5hp1GKTQrSyfGhQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/90606AD670AA11ED8DAE4C5AC4F9AE02.roa
Signing time: Fri 06 Sep 2024 21:41:52 +0000
ROA not before: Fri 06 Sep 2024 21:41:52 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 17563
IP address blocks: 103.184.58.0/23 maxlen: 24
116.58.0.0/17 maxlen: 23
116.58.0.0/24 maxlen: 24
116.58.1.0/24 maxlen: 24
116.58.2.0/24 maxlen: 24
116.58.3.0/24 maxlen: 24
116.58.4.0/24 maxlen: 24
116.58.5.0/24 maxlen: 24
116.58.6.0/24 maxlen: 24
116.58.7.0/24 maxlen: 24
116.58.8.0/24 maxlen: 24
116.58.9.0/24 maxlen: 24
116.58.10.0/24 maxlen: 24
116.58.11.0/24 maxlen: 24
116.58.12.0/24 maxlen: 24
116.58.13.0/24 maxlen: 24
116.58.14.0/24 maxlen: 24
116.58.15.0/24 maxlen: 24
116.58.16.0/24 maxlen: 24
116.58.17.0/24 maxlen: 24
116.58.18.0/24 maxlen: 24
116.58.19.0/24 maxlen: 24
116.58.20.0/24 maxlen: 24
116.58.21.0/24 maxlen: 24
116.58.22.0/24 maxlen: 24
116.58.23.0/24 maxlen: 24
116.58.24.0/24 maxlen: 24
116.58.25.0/24 maxlen: 24
116.58.26.0/24 maxlen: 24
116.58.27.0/24 maxlen: 24
116.58.28.0/24 maxlen: 24
116.58.29.0/24 maxlen: 24
116.58.30.0/24 maxlen: 24
116.58.31.0/24 maxlen: 24
116.58.32.0/24 maxlen: 24
116.58.33.0/24 maxlen: 24
116.58.34.0/24 maxlen: 24
116.58.35.0/24 maxlen: 24
116.58.36.0/24 maxlen: 24
116.58.37.0/24 maxlen: 24
116.58.38.0/24 maxlen: 24
116.58.39.0/24 maxlen: 24
116.58.40.0/24 maxlen: 24
116.58.41.0/24 maxlen: 24
116.58.42.0/24 maxlen: 24
116.58.43.0/24 maxlen: 24
116.58.44.0/24 maxlen: 24
116.58.45.0/24 maxlen: 24
116.58.46.0/24 maxlen: 24
116.58.47.0/24 maxlen: 24
116.58.48.0/24 maxlen: 24
116.58.49.0/24 maxlen: 24
116.58.50.0/24 maxlen: 24
116.58.51.0/24 maxlen: 24
116.58.52.0/24 maxlen: 24
116.58.53.0/24 maxlen: 24
116.58.54.0/24 maxlen: 24
116.58.55.0/24 maxlen: 24
116.58.56.0/24 maxlen: 24
116.58.57.0/24 maxlen: 24
116.58.58.0/24 maxlen: 24
116.58.59.0/24 maxlen: 24
116.58.60.0/24 maxlen: 24
116.58.61.0/24 maxlen: 24
116.58.62.0/24 maxlen: 24
116.58.63.0/24 maxlen: 24
116.58.64.0/24 maxlen: 24
116.58.65.0/24 maxlen: 24
116.58.66.0/24 maxlen: 24
116.58.67.0/24 maxlen: 24
116.58.68.0/24 maxlen: 24
116.58.69.0/24 maxlen: 24
116.58.70.0/24 maxlen: 24
116.58.71.0/24 maxlen: 24
116.58.72.0/24 maxlen: 24
116.58.73.0/24 maxlen: 24
116.58.74.0/24 maxlen: 24
116.58.75.0/24 maxlen: 24
116.58.76.0/24 maxlen: 24
116.58.77.0/24 maxlen: 24
116.58.78.0/24 maxlen: 24
116.58.79.0/24 maxlen: 24
116.58.80.0/24 maxlen: 24
116.58.81.0/24 maxlen: 24
116.58.82.0/24 maxlen: 24
116.58.83.0/24 maxlen: 24
116.58.84.0/24 maxlen: 24
116.58.85.0/24 maxlen: 24
116.58.86.0/24 maxlen: 24
116.58.87.0/24 maxlen: 24
116.58.88.0/24 maxlen: 24
116.58.89.0/24 maxlen: 24
116.58.90.0/24 maxlen: 24
116.58.91.0/24 maxlen: 24
116.58.92.0/24 maxlen: 24
116.58.93.0/24 maxlen: 24
116.58.94.0/24 maxlen: 24
116.58.95.0/24 maxlen: 24
116.58.96.0/24 maxlen: 24
116.58.97.0/24 maxlen: 24
116.58.98.0/24 maxlen: 24
116.58.99.0/24 maxlen: 24
116.58.100.0/24 maxlen: 24
116.58.101.0/24 maxlen: 24
116.58.102.0/24 maxlen: 24
116.58.103.0/24 maxlen: 24
116.58.104.0/24 maxlen: 24
116.58.105.0/24 maxlen: 24
116.58.106.0/24 maxlen: 24
116.58.107.0/24 maxlen: 24
116.58.108.0/24 maxlen: 24
116.58.109.0/24 maxlen: 24
116.58.110.0/24 maxlen: 24
116.58.111.0/24 maxlen: 24
116.58.112.0/24 maxlen: 24
116.58.113.0/24 maxlen: 24
116.58.114.0/24 maxlen: 24
116.58.115.0/24 maxlen: 24
116.58.116.0/24 maxlen: 24
116.58.117.0/24 maxlen: 24
116.58.118.0/24 maxlen: 24
116.58.119.0/24 maxlen: 24
116.58.120.0/24 maxlen: 24
116.58.121.0/24 maxlen: 24
116.58.122.0/24 maxlen: 24
116.58.123.0/24 maxlen: 24
116.58.124.0/24 maxlen: 24
116.58.125.0/24 maxlen: 24
116.58.126.0/24 maxlen: 24
116.58.127.0/24 maxlen: 24
202.59.64.0/19 maxlen: 23
202.59.64.0/24 maxlen: 24
202.59.65.0/24 maxlen: 24
202.59.66.0/24 maxlen: 24
202.59.67.0/24 maxlen: 24
202.59.68.0/24 maxlen: 24
202.59.69.0/24 maxlen: 24
202.59.70.0/24 maxlen: 24
202.59.71.0/24 maxlen: 24
202.59.72.0/24 maxlen: 24
202.59.73.0/24 maxlen: 24
202.59.74.0/24 maxlen: 24
202.59.75.0/24 maxlen: 24
202.59.76.0/24 maxlen: 24
202.59.77.0/24 maxlen: 24
202.59.78.0/24 maxlen: 24
202.59.79.0/24 maxlen: 24
202.59.80.0/24 maxlen: 24
202.59.81.0/24 maxlen: 24
202.59.82.0/24 maxlen: 24
202.59.83.0/24 maxlen: 24
202.59.84.0/24 maxlen: 24
202.59.85.0/24 maxlen: 24
202.59.86.0/24 maxlen: 24
202.59.87.0/24 maxlen: 24
202.59.88.0/24 maxlen: 24
202.59.89.0/24 maxlen: 24
202.59.90.0/24 maxlen: 24
202.59.91.0/24 maxlen: 24
202.59.92.0/24 maxlen: 24
202.59.93.0/24 maxlen: 24
202.59.94.0/24 maxlen: 24
202.59.95.0/24 maxlen: 24
2400:68a0::/32 maxlen: 40
2400:68a0::/41 maxlen: 48
2400:68a0:80::/41 maxlen: 48
2400:68a0:100::/41 maxlen: 48
2400:68a0:180::/41 maxlen: 48
2400:68a0:200::/41 maxlen: 48
2400:68a0:280::/41 maxlen: 48
2400:68a0:300::/41 maxlen: 48
2400:68a0:380::/41 maxlen: 48
2400:68a0:a000::/41 maxlen: 48
2400:68a0:a580::/41 maxlen: 48
2400:68a0:af80::/41 maxlen: 48
2400:68a0:f000::/41 maxlen: 48
2400:68a0:fa00::/41 maxlen: 48
2400:68a0:ff80::/41 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/capYzfG2vXwm5hp1GKTQrSyfGhQ.crl
rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/capYzfG2vXwm5hp1GKTQrSyfGhQ.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/capYzfG2vXwm5hp1GKTQrSyfGhQ.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:35:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2089 (0x829)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9165A0B/serialNumber=71AA58CDF1B6BD7C26E61A7518A4D0AD2C9F1A14
Validity
Not Before: Sep 6 21:41:52 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66db7720-86e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d5:38:29:ce:a3:bf:e1:22:68:b5:c3:b8:1c:
ca:85:20:0c:f5:d3:66:84:78:c8:e5:d3:95:ab:37:
0f:e8:cd:08:81:82:6a:5d:fb:74:05:55:70:64:b1:
da:86:80:29:10:e8:68:d0:54:d8:e3:a0:e5:12:04:
30:86:cb:60:06:bc:4b:2b:dd:a6:a0:0f:ee:40:de:
8a:95:f8:10:ef:a4:37:85:14:65:d9:71:1a:65:69:
86:11:ac:95:22:d1:fa:17:31:15:22:57:c2:a0:74:
a7:c4:a9:54:74:1f:09:50:34:ae:88:ac:8e:89:98:
56:93:b8:74:26:52:05:de:17:61:28:85:0e:48:f7:
c8:20:0d:6d:8f:97:42:d7:3d:18:6d:62:61:59:ea:
36:0f:f2:68:84:a8:c1:95:e4:05:44:9a:0d:61:92:
8a:d0:f2:17:66:81:07:53:3d:35:38:9c:4f:29:6d:
8d:00:b9:07:1c:58:54:8e:e3:d1:05:22:de:aa:cd:
63:0f:d9:e9:9d:d7:08:77:46:c9:c5:86:bf:ed:d4:
ed:eb:14:11:c4:0b:53:5e:c4:7a:61:2e:ec:92:72:
e1:d8:b1:d0:34:a6:4c:be:02:e3:b7:44:90:08:35:
6c:71:57:b0:c7:3c:c0:90:6c:a8:43:a8:0b:b1:7e:
79:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:7C:40:F2:8D:03:CC:3A:1C:2E:C6:CB:48:F7:5F:35:44:9B:7D:65
X509v3 Authority Key Identifier:
keyid:71:AA:58:CD:F1:B6:BD:7C:26:E6:1A:75:18:A4:D0:AD:2C:9F:1A:14
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/capYzfG2vXwm5hp1GKTQrSyfGhQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/capYzfG2vXwm5hp1GKTQrSyfGhQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165A0B/15586F42C4F811EA8B9B4C13C4F9AE02/90606AD670AA11ED8DAE4C5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.184.58.0/23
116.58.0.0/17
202.59.64.0/19
IPv6:
2400:68a0::/32
Signature Algorithm: sha256WithRSAEncryption
35:c2:04:47:6a:d6:dd:61:13:50:ed:e9:5b:23:6c:21:99:ae:
14:51:8e:ee:20:b7:36:11:46:63:ec:2c:4a:e0:e2:6f:b7:da:
72:63:e4:45:a4:8c:cd:b1:ac:ed:4e:55:a5:1f:be:ec:b1:1a:
85:30:af:af:38:c5:e2:f2:69:b0:19:97:91:57:99:13:05:fa:
9c:b3:71:cd:7c:29:a6:b3:bd:f2:f5:98:13:8d:a9:cd:31:74:
36:f1:8b:fd:98:80:7e:2b:af:77:fa:21:9d:92:c2:f9:49:72:
32:6f:30:ca:5d:62:87:d5:11:17:0c:ff:45:81:b9:9d:66:fc:
11:30:77:9b:da:68:d3:e6:ae:05:7a:5e:6f:c4:68:1b:31:da:
cb:70:02:c4:24:8f:cf:51:54:1a:71:35:98:27:8b:a0:34:b1:
0b:a9:7a:01:28:cf:bb:37:44:42:f8:28:ec:27:a2:f2:28:c2:
2c:d5:3b:82:99:61:43:f1:82:09:36:3f:75:dd:4c:73:79:ef:
61:fa:65:07:23:8c:9f:75:51:e8:ec:98:d5:cd:00:8a:d6:27:
c4:1d:31:3a:57:9f:db:64:21:1a:5d:ba:17:11:69:3e:46:df:
32:10:2b:8a:66:5c:03:40:07:b5:62:2d:f6:ec:27:4a:69:7f:
fc:98:7a:5e
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICCCkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjVBMEIxMTAvBgNVBAUTKDcxQUE1OENERjFCNkJEN0MyNkU2MUE3NTE4QTREMEFE
MkM5RjFBMTQwHhcNMjQwOTA2MjE0MTUyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmRiNzcyMC04NmU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAztU4Kc6jv+EiaLXDuBzKhSAM9dNmhHjI5dOVqzcP6M0IgYJqXft0BVVwZLHa
hoApEOho0FTY46DlEgQwhstgBrxLK92moA/uQN6KlfgQ76Q3hRRl2XEaZWmGEayV
ItH6FzEVIlfCoHSnxKlUdB8JUDSuiKyOiZhWk7h0JlIF3hdhKIUOSPfIIA1tj5dC
1z0YbWJhWeo2D/JohKjBleQFRJoNYZKK0PIXZoEHUz01OJxPKW2NALkHHFhUjuPR
BSLeqs1jD9npndcId0bJxYa/7dTt6xQRxAtTXsR6YS7sknLh2LHQNKZMvgLjt0SQ
CDVscVewxzzAkGyoQ6gLsX55OwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFEJ8QPKN
A8w6HC7Gy0j3XzVEm31lMB8GA1UdIwQYMBaAFHGqWM3xtr18JuYadRik0K0snxoU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NUEwQi8xNTU4NkY0MkM0
RjgxMUVBOEI5QjRDMTNDNEY5QUUwMi9jYXBZemZHMnZYd201aHAxR0tUUXJTeWZH
aFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NhcFl6Zkcydlh3bTVocDFHS1RRclN5ZkdoUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjVBMEIvMTU1ODZGNDJDNEY4MTFFQThCOUI0QzEzQzRGOUFFMDIvOTA2MDZBRDY3
MEFBMTFFRDhEQUU0QzVBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAFnuDoDBAd0OgADBAXKO0AwDQQCAAIwBwMFACQAaKAwDQYJ
KoZIhvcNAQELBQADggEBADXCBEdq1t1hE1Dt6VsjbCGZrhRRju4gtzYRRmPsLErg
4m+32nJj5EWkjM2xrO1OVaUfvuyxGoUwr684xeLyabAZl5FXmRMF+pyzcc18Kaaz
vfL1mBONqc0xdDbxi/2YgH4rr3f6IZ2SwvlJcjJvMMpdYofVERcM/0WBuZ1m/BEw
d5vaaNPmrgV6Xm/EaBsx2stwAsQkj89RVBpxNZgni6A0sQupegEoz7s3REL4KOwn
ovIowizVO4KZYUPxggk2P3XdTHN572H6ZQcjjJ91UejsmNXNAIrWJ8QdMTpXn9tk
IRpduhcRaT5G3zIQK4pmXANAB7ViLfbsJ0ppf/yYel4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:29 2024 by rpki-client on console-ams.rpki-client.org