Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/6340E1B8FC0C11EEB75C6D54C4F9AE02.roa
File: 6340E1B8FC0C11EEB75C6D54C4F9AE02.roa (raw, json)
Hash identifier: dj6+A46m2flcL6Gylu4PVkjY6OLiJ9WmcuQgsovd/Z4=
Subject key identifier: 53:AB:D8:E6:20:7F:C2:2D:6C:18:57:3B:E9:F7:FB:7C:67:EC:82:96
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 3628
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/6340E1B8FC0C11EEB75C6D54C4F9AE02.roa
Signing time: Mon 06 May 2024 09:17:06 +0000
ROA not before: Mon 06 May 2024 09:17:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38710
IP address blocks: 111.88.72.0/21 maxlen: 21
111.88.72.0/23 maxlen: 24
111.88.74.0/23 maxlen: 24
111.88.76.0/22 maxlen: 24
111.88.96.0/19 maxlen: 19
111.88.138.0/24 maxlen: 24
111.88.139.0/24 maxlen: 24
111.88.144.0/20 maxlen: 24
111.88.164.0/22 maxlen: 24
111.88.168.0/22 maxlen: 24
111.88.184.0/22 maxlen: 24
111.88.188.0/22 maxlen: 24
111.88.232.0/24 maxlen: 24
111.88.233.0/24 maxlen: 24
111.88.234.0/24 maxlen: 24
111.88.235.0/24 maxlen: 24
111.88.236.0/24 maxlen: 24
111.88.237.0/24 maxlen: 24
111.88.238.0/24 maxlen: 24
111.88.239.0/24 maxlen: 24
111.88.240.0/24 maxlen: 24
111.88.241.0/24 maxlen: 24
111.88.242.0/24 maxlen: 24
111.88.243.0/24 maxlen: 24
111.88.244.0/22 maxlen: 22
111.88.244.0/24 maxlen: 24
111.88.245.0/24 maxlen: 24
111.88.246.0/24 maxlen: 24
111.88.247.0/24 maxlen: 24
111.88.248.0/21 maxlen: 21
111.88.248.0/22 maxlen: 22
111.88.248.0/23 maxlen: 24
111.88.250.0/24 maxlen: 24
111.88.251.0/24 maxlen: 24
111.88.252.0/24 maxlen: 24
111.88.253.0/24 maxlen: 24
111.88.254.0/24 maxlen: 24
111.88.255.0/24 maxlen: 24
115.186.1.0/24 maxlen: 24
115.186.10.0/23 maxlen: 24
115.186.12.0/23 maxlen: 24
115.186.14.0/24 maxlen: 24
115.186.16.0/24 maxlen: 24
115.186.17.0/24 maxlen: 24
115.186.19.0/24 maxlen: 24
115.186.21.0/24 maxlen: 24
115.186.23.0/24 maxlen: 24
115.186.24.0/23 maxlen: 23
115.186.25.0/24 maxlen: 24
115.186.30.0/23 maxlen: 24
115.186.32.0/20 maxlen: 22
115.186.32.0/24 maxlen: 24
115.186.33.0/24 maxlen: 24
115.186.34.0/24 maxlen: 24
115.186.35.0/24 maxlen: 24
115.186.36.0/22 maxlen: 23
115.186.36.0/23 maxlen: 24
115.186.40.0/24 maxlen: 24
115.186.41.0/24 maxlen: 24
115.186.42.0/24 maxlen: 24
115.186.43.0/24 maxlen: 24
115.186.44.0/24 maxlen: 24
115.186.45.0/24 maxlen: 24
115.186.46.0/24 maxlen: 24
115.186.47.0/24 maxlen: 24
115.186.56.0/21 maxlen: 24
115.186.64.0/19 maxlen: 24
115.186.96.0/20 maxlen: 24
115.186.112.0/20 maxlen: 24
117.102.0.0/21 maxlen: 21
117.102.0.0/22 maxlen: 22
117.102.0.0/23 maxlen: 24
117.102.2.0/24 maxlen: 24
117.102.3.0/24 maxlen: 24
117.102.4.0/24 maxlen: 24
117.102.5.0/24 maxlen: 24
117.102.6.0/24 maxlen: 24
117.102.7.0/24 maxlen: 24
117.102.8.0/24 maxlen: 24
117.102.9.0/24 maxlen: 24
117.102.10.0/24 maxlen: 24
117.102.12.0/23 maxlen: 24
117.102.14.0/23 maxlen: 24
117.102.16.0/24 maxlen: 24
117.102.17.0/24 maxlen: 24
117.102.18.0/23 maxlen: 24
117.102.20.0/22 maxlen: 24
117.102.24.0/22 maxlen: 22
117.102.24.0/23 maxlen: 24
117.102.26.0/24 maxlen: 24
117.102.27.0/24 maxlen: 24
117.102.28.0/24 maxlen: 24
117.102.29.0/24 maxlen: 24
117.102.30.0/24 maxlen: 24
117.102.31.0/24 maxlen: 24
117.102.32.0/24 maxlen: 24
117.102.33.0/24 maxlen: 24
117.102.34.0/24 maxlen: 24
117.102.35.0/24 maxlen: 24
117.102.36.0/24 maxlen: 24
117.102.37.0/24 maxlen: 24
117.102.38.0/24 maxlen: 24
117.102.39.0/24 maxlen: 24
117.102.40.0/24 maxlen: 24
117.102.41.0/24 maxlen: 24
117.102.42.0/24 maxlen: 24
117.102.43.0/24 maxlen: 24
117.102.44.0/24 maxlen: 24
117.102.45.0/24 maxlen: 24
117.102.46.0/24 maxlen: 24
117.102.47.0/24 maxlen: 24
203.81.192.0/21 maxlen: 22
203.81.192.0/24 maxlen: 24
203.81.193.0/24 maxlen: 24
203.81.194.0/24 maxlen: 24
203.81.195.0/24 maxlen: 24
203.81.196.0/24 maxlen: 24
203.81.197.0/24 maxlen: 24
203.81.198.0/23 maxlen: 24
203.81.208.0/20 maxlen: 24
203.81.224.0/20 maxlen: 24
2406:7000::/32 maxlen: 32
2406:7000::/48 maxlen: 48
2406:7000:1::/48 maxlen: 48
2406:7000:2::/48 maxlen: 48
2406:7000:3::/48 maxlen: 48
2406:7000:4::/48 maxlen: 48
2406:7000:5::/48 maxlen: 48
2406:7000:6::/48 maxlen: 48
2406:7000:7::/48 maxlen: 48
2406:7000:8::/48 maxlen: 48
2406:7000:9::/48 maxlen: 48
2406:7000:a::/48 maxlen: 48
2406:7000:b::/48 maxlen: 48
2406:7000:c::/48 maxlen: 48
2406:7000:d::/48 maxlen: 48
2406:7000:e::/48 maxlen: 48
2406:7000:f::/48 maxlen: 48
2406:7000:10::/48 maxlen: 48
2406:7000:11::/48 maxlen: 48
2406:7000:12::/48 maxlen: 48
2406:7000:13::/48 maxlen: 48
2406:7000:14::/48 maxlen: 48
2406:7000:15::/48 maxlen: 48
2406:7000:16::/48 maxlen: 48
2406:7000:17::/48 maxlen: 48
2406:7000:18::/48 maxlen: 48
2406:7000:19::/48 maxlen: 48
2406:7000:1a::/48 maxlen: 48
2406:7000:1b::/48 maxlen: 48
2406:7000:1c::/48 maxlen: 48
2406:7000:1d::/48 maxlen: 48
2406:7000:1e::/48 maxlen: 48
2406:7000:1f::/48 maxlen: 48
2406:7000:20::/48 maxlen: 48
2406:7000:21::/48 maxlen: 48
2406:7000:22::/48 maxlen: 48
2406:7000:23::/48 maxlen: 48
2406:7000:24::/48 maxlen: 48
2406:7000:25::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 09 Jun 2024 14:35:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13864 (0x3628)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: May 6 09:17:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6638a012-99f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:04:4e:5d:e8:f3:ef:5b:b9:21:77:82:f1:c0:
fb:f7:1d:f6:cf:b5:d3:d7:c6:c1:95:0b:89:ed:c5:
e3:bd:cb:88:79:ca:a2:db:d7:ce:67:05:f0:9a:1b:
83:19:52:86:27:64:fd:34:28:98:30:e2:2e:af:96:
a7:3c:97:3d:42:5c:39:44:f4:d8:ff:d4:6e:c0:a9:
d1:eb:8c:fd:f5:4c:ea:e0:a0:e0:4c:4b:d9:a9:54:
90:5b:5f:47:74:6e:31:61:aa:12:49:09:bb:06:18:
8a:45:05:2d:aa:c4:40:a4:b7:62:80:80:88:1e:44:
05:06:3c:eb:fc:7f:ac:25:07:88:34:15:0d:b6:cf:
5d:fc:1d:8f:8e:bd:0a:7d:56:6c:6d:ba:aa:b1:bc:
61:af:12:d3:6c:10:30:9e:b5:e7:1c:1c:d3:44:e2:
fe:c6:36:0d:27:b8:3c:10:71:7a:b0:5b:cb:57:ce:
b0:2b:22:5c:e1:b9:07:64:87:db:d4:ef:e6:8f:7f:
5c:18:2f:46:b9:61:e0:a2:07:7e:97:4a:93:31:b4:
33:88:db:e5:de:b4:0c:a7:f0:2f:6a:72:de:c0:8b:
28:5e:1b:1e:96:94:36:5c:f7:f3:ba:13:23:e8:33:
ac:e1:91:e9:93:b8:ff:5f:99:a4:54:e8:20:ce:5e:
22:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:AB:D8:E6:20:7F:C2:2D:6C:18:57:3B:E9:F7:FB:7C:67:EC:82:96
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/6340E1B8FC0C11EEB75C6D54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.72.0/21
111.88.96.0/19
111.88.138.0/23
111.88.144.0/20
111.88.164.0-111.88.171.255
111.88.184.0/21
111.88.232.0-111.88.255.255
115.186.1.0/24
115.186.10.0-115.186.14.255
115.186.16.0/23
115.186.19.0/24
115.186.21.0/24
115.186.23.0-115.186.25.255
115.186.30.0-115.186.47.255
115.186.56.0-115.186.127.255
117.102.0.0-117.102.10.255
117.102.12.0-117.102.47.255
203.81.192.0/21
203.81.208.0-203.81.239.255
IPv6:
2406:7000::/32
Signature Algorithm: sha256WithRSAEncryption
07:68:8d:ac:18:36:a7:20:22:27:bf:7f:54:11:6f:0b:be:a5:
63:85:68:7f:7a:e4:f0:ed:2d:52:61:73:15:23:d0:d4:eb:25:
d6:69:37:13:bc:17:58:18:3d:cf:4b:f0:a2:99:06:e2:fe:b7:
29:25:61:ff:bd:9d:50:da:84:63:b2:99:fa:4b:5c:fb:42:cf:
6a:d3:72:b8:55:03:37:30:79:14:a1:27:58:0b:05:0a:6b:4f:
fb:0f:4f:73:5e:6e:7a:e7:5c:91:f3:9c:e8:51:31:63:59:06:
b9:e9:f4:6f:0f:3e:66:ef:d0:c4:e4:0c:ac:ea:b4:2c:1f:48:
7e:0d:1d:db:fd:06:16:1d:90:7b:80:61:86:ba:8e:a5:3c:7b:
4c:5a:a7:bd:ce:87:38:e7:e0:27:75:6b:76:d2:87:25:90:67:
ad:d9:af:2a:43:44:20:14:3c:c5:d4:d7:6b:6d:eb:57:31:1e:
a0:cd:0c:b9:d5:bc:3e:3f:50:3f:da:4f:5f:26:e2:13:76:90:
ff:2f:f5:27:7e:05:80:66:fd:cc:08:15:15:1e:d0:05:f6:b6:
8a:28:1b:be:80:a8:e3:fc:77:22:bc:16:07:3d:1f:82:14:e3:
68:1b:73:0a:53:fd:d1:9a:5c:e5:94:36:4b:ac:84:f2:e3:3e:
c0:34:c6:bd
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgICNigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjQwNTA2MDkxNzA2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4YTAxMi05OWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArwROXejz71u5IXeC8cD79x32z7XT18bBlQuJ7cXjvcuIecqi29fOZwXwmhuD
GVKGJ2T9NCiYMOIur5anPJc9Qlw5RPTY/9RuwKnR64z99Uzq4KDgTEvZqVSQW19H
dG4xYaoSSQm7BhiKRQUtqsRApLdigICIHkQFBjzr/H+sJQeINBUNts9d/B2Pjr0K
fVZsbbqqsbxhrxLTbBAwnrXnHBzTROL+xjYNJ7g8EHF6sFvLV86wKyJc4bkHZIfb
1O/mj39cGC9GuWHgogd+l0qTMbQziNvl3rQMp/AvanLewIsoXhselpQ2XPfzuhMj
6DOs4ZHpk7j/X5mkVOggzl4iJwIDAQABo4IDWzCCA1cwHQYDVR0OBBYEFFOr2OYg
f8ItbBhXO+n3+3xn7IKWMB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvNjM0MEUxQjhG
QzBDMTFFRUI3NUM2RDU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeQGCCsGAQUFBwEHAQH/
BIHUMIHRMIG/BAIAATCBuAMEA29YSAMEBW9YYAMEAW9YigMEBG9YkDAMAwQCb1ik
AwQCb1ioAwQDb1i4MAsDBANvWOgDAwBvWAMEAHO6ATAMAwQBc7oKAwQAc7oOAwQB
c7oQAwQAc7oTAwQAc7oVMAwDBABzuhcDBAFzuhgwDAMEAXO6HgMEBHO6IDAMAwQD
c7o4AwQHc7oAMAsDAwF1ZgMEAHVmCjAMAwQCdWYMAwQEdWYgAwQDy1HAMAwDBATL
UdADBATLUeAwDQQCAAIwBwMFACQGcAAwDQYJKoZIhvcNAQELBQADggEBAAdojawY
NqcgIie/f1QRbwu+pWOFaH965PDtLVJhcxUj0NTrJdZpNxO8F1gYPc9L8KKZBuL+
tyklYf+9nVDahGOymfpLXPtCz2rTcrhVAzcweRShJ1gLBQprT/sPT3NebnrnXJHz
nOhRMWNZBrnp9G8PPmbv0MTkDKzqtCwfSH4NHdv9BhYdkHuAYYa6jqU8e0xap73O
hzjn4Cd1a3bShyWQZ63ZrypDRCAUPMXU12tt61cxHqDNDLnVvD4/UD/aT18m4hN2
kP8v9Sd+BYBm/cwIFRUe0AX2toooG76AqOP8dyK8Fgc9H4IU42gbcwpT/dGaXOWU
NkushPLjPsA0xr0=
-----END CERTIFICATE-----
Generated at Sun Jun 2 18:46:22 2024 by rpki-client on console-ams.rpki-client.org