Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/7FFC5A98825E11EFBFE61870C4F9AE02.roa
File: 7FFC5A98825E11EFBFE61870C4F9AE02.roa (raw, json)
Hash identifier: hDyS1X9LacpKryFKXL3RerGeIpbOmnxJxXDscNNrbrQ=
Subject key identifier: 89:C1:A6:28:3A:45:BA:FA:14:67:6D:74:2D:BE:47:99:BF:5D:26:35
Certificate issuer: /CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Certificate serial: 3715
Authority key identifier: E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/7FFC5A98825E11EFBFE61870C4F9AE02.roa
Signing time: Fri 04 Oct 2024 14:39:46 +0000
ROA not before: Fri 04 Oct 2024 14:39:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38710
IP address blocks: 111.88.72.0/21 maxlen: 21
111.88.72.0/23 maxlen: 24
111.88.74.0/23 maxlen: 24
111.88.76.0/22 maxlen: 23
111.88.78.0/24 maxlen: 24
111.88.96.0/19 maxlen: 19
111.88.144.0/20 maxlen: 23
111.88.164.0/22 maxlen: 23
111.88.168.0/22 maxlen: 24
111.88.184.0/22 maxlen: 23
111.88.188.0/22 maxlen: 23
111.88.233.0/24 maxlen: 24
111.88.238.0/24 maxlen: 24
111.88.239.0/24 maxlen: 24
111.88.244.0/22 maxlen: 22
111.88.248.0/21 maxlen: 21
111.88.248.0/22 maxlen: 22
111.88.248.0/23 maxlen: 23
111.88.249.0/24 maxlen: 24
111.88.250.0/24 maxlen: 24
111.88.255.0/24 maxlen: 24
115.186.10.0/23 maxlen: 23
115.186.12.0/23 maxlen: 23
115.186.14.0/24 maxlen: 24
115.186.16.0/24 maxlen: 24
115.186.17.0/24 maxlen: 24
115.186.21.0/24 maxlen: 24
115.186.23.0/24 maxlen: 24
115.186.24.0/23 maxlen: 23
115.186.25.0/24 maxlen: 24
115.186.30.0/23 maxlen: 24
115.186.32.0/20 maxlen: 22
115.186.32.0/24 maxlen: 24
115.186.33.0/24 maxlen: 24
115.186.34.0/24 maxlen: 24
115.186.35.0/24 maxlen: 24
115.186.36.0/22 maxlen: 23
115.186.36.0/23 maxlen: 24
115.186.40.0/24 maxlen: 24
115.186.42.0/24 maxlen: 24
115.186.43.0/24 maxlen: 24
115.186.44.0/24 maxlen: 24
115.186.45.0/24 maxlen: 24
115.186.46.0/24 maxlen: 24
115.186.47.0/24 maxlen: 24
115.186.56.0/21 maxlen: 23
115.186.56.0/22 maxlen: 24
115.186.60.0/23 maxlen: 24
115.186.63.0/24 maxlen: 24
115.186.64.0/19 maxlen: 23
115.186.76.0/22 maxlen: 24
115.186.80.0/21 maxlen: 24
115.186.90.0/24 maxlen: 24
115.186.96.0/20 maxlen: 23
115.186.96.0/22 maxlen: 24
115.186.101.0/24 maxlen: 24
115.186.102.0/23 maxlen: 24
115.186.104.0/24 maxlen: 24
115.186.106.0/23 maxlen: 24
115.186.108.0/22 maxlen: 24
115.186.112.0/20 maxlen: 23
115.186.112.0/23 maxlen: 24
115.186.115.0/24 maxlen: 24
115.186.117.0/24 maxlen: 24
115.186.118.0/23 maxlen: 24
115.186.120.0/23 maxlen: 24
115.186.125.0/24 maxlen: 24
115.186.126.0/24 maxlen: 24
117.102.0.0/21 maxlen: 21
117.102.0.0/22 maxlen: 22
117.102.0.0/23 maxlen: 24
117.102.2.0/24 maxlen: 24
117.102.3.0/24 maxlen: 24
117.102.4.0/24 maxlen: 24
117.102.5.0/24 maxlen: 24
117.102.6.0/24 maxlen: 24
117.102.7.0/24 maxlen: 24
117.102.8.0/24 maxlen: 24
117.102.9.0/24 maxlen: 24
117.102.12.0/23 maxlen: 23
117.102.12.0/24 maxlen: 24
117.102.14.0/23 maxlen: 23
117.102.16.0/24 maxlen: 24
117.102.17.0/24 maxlen: 24
117.102.18.0/23 maxlen: 24
117.102.20.0/22 maxlen: 23
117.102.24.0/22 maxlen: 22
117.102.24.0/23 maxlen: 24
117.102.26.0/24 maxlen: 24
117.102.28.0/24 maxlen: 24
117.102.32.0/24 maxlen: 24
117.102.33.0/24 maxlen: 24
117.102.34.0/24 maxlen: 24
117.102.35.0/24 maxlen: 24
117.102.36.0/24 maxlen: 24
117.102.37.0/24 maxlen: 24
117.102.38.0/24 maxlen: 24
117.102.39.0/24 maxlen: 24
117.102.40.0/24 maxlen: 24
117.102.41.0/24 maxlen: 24
117.102.42.0/24 maxlen: 24
117.102.43.0/24 maxlen: 24
117.102.44.0/24 maxlen: 24
117.102.45.0/24 maxlen: 24
117.102.46.0/24 maxlen: 24
117.102.47.0/24 maxlen: 24
203.81.192.0/21 maxlen: 22
203.81.192.0/24 maxlen: 24
203.81.193.0/24 maxlen: 24
203.81.194.0/24 maxlen: 24
203.81.195.0/24 maxlen: 24
203.81.196.0/24 maxlen: 24
203.81.197.0/24 maxlen: 24
203.81.198.0/23 maxlen: 24
203.81.208.0/20 maxlen: 23
203.81.208.0/22 maxlen: 24
203.81.213.0/24 maxlen: 24
203.81.215.0/24 maxlen: 24
203.81.224.0/20 maxlen: 23
203.81.230.0/24 maxlen: 24
203.81.239.0/24 maxlen: 24
2406:7000::/32 maxlen: 32
2406:7000::/48 maxlen: 48
2406:7000:1::/48 maxlen: 48
2406:7000:2::/48 maxlen: 48
2406:7000:3::/48 maxlen: 48
2406:7000:4::/48 maxlen: 48
2406:7000:5::/48 maxlen: 48
2406:7000:6::/48 maxlen: 48
2406:7000:7::/48 maxlen: 48
2406:7000:8::/48 maxlen: 48
2406:7000:9::/48 maxlen: 48
2406:7000:a::/48 maxlen: 48
2406:7000:b::/48 maxlen: 48
2406:7000:c::/48 maxlen: 48
2406:7000:d::/48 maxlen: 48
2406:7000:e::/48 maxlen: 48
2406:7000:f::/48 maxlen: 48
2406:7000:10::/48 maxlen: 48
2406:7000:11::/48 maxlen: 48
2406:7000:12::/48 maxlen: 48
2406:7000:13::/48 maxlen: 48
2406:7000:14::/48 maxlen: 48
2406:7000:15::/48 maxlen: 48
2406:7000:16::/48 maxlen: 48
2406:7000:17::/48 maxlen: 48
2406:7000:18::/48 maxlen: 48
2406:7000:19::/48 maxlen: 48
2406:7000:1a::/48 maxlen: 48
2406:7000:1b::/48 maxlen: 48
2406:7000:1c::/48 maxlen: 48
2406:7000:1d::/48 maxlen: 48
2406:7000:1e::/48 maxlen: 48
2406:7000:1f::/48 maxlen: 48
2406:7000:20::/48 maxlen: 48
2406:7000:21::/48 maxlen: 48
2406:7000:22::/48 maxlen: 48
2406:7000:23::/48 maxlen: 48
2406:7000:24::/48 maxlen: 48
2406:7000:25::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14101 (0x3715)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C83B/serialNumber=E76EB256C0FCB07E2907978343E9AD9DD21FE206
Validity
Not Before: Oct 4 14:39:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66fffe32-ed6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:4e:50:9a:cc:c3:7f:97:b3:ef:a7:46:39:cd:
0c:bf:de:25:d6:5b:0a:d3:54:a6:1f:53:73:4d:e1:
1d:a5:af:d5:58:43:e5:70:b7:b8:de:71:77:40:ad:
36:4a:28:80:28:5b:27:47:e9:ce:ec:c7:28:15:26:
90:82:9b:e2:70:7f:5c:51:11:b1:a2:1a:d8:f1:cd:
9d:13:62:dc:40:4c:21:70:7f:0b:d1:2f:2d:31:39:
f5:d0:af:17:1b:ba:2e:23:f1:93:95:2e:7b:f5:5d:
2e:91:90:c6:df:12:5c:c4:d2:db:b9:24:87:46:da:
51:cc:05:c6:25:be:35:b3:8f:01:60:20:6e:43:d2:
17:de:ae:ab:4d:df:a3:4a:bf:32:5d:5e:e0:85:b1:
06:d0:8a:b3:b5:70:b8:9e:ae:21:6c:29:fa:22:78:
2b:c8:8b:ac:8c:a8:00:3a:c4:34:fc:70:e2:81:21:
cc:1a:a1:b3:22:21:0a:20:45:44:02:79:6e:83:76:
3a:ab:1d:25:eb:d4:ad:a3:3e:7f:9f:56:9c:72:95:
53:63:1c:e0:c9:2a:16:ca:49:66:7b:c6:81:ed:54:
b2:ba:49:2b:82:e3:4c:a0:0e:91:24:4d:65:be:2d:
9a:62:d7:86:5d:d5:80:cc:88:8c:f6:81:d2:43:b8:
57:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C1:A6:28:3A:45:BA:FA:14:67:6D:74:2D:BE:47:99:BF:5D:26:35
X509v3 Authority Key Identifier:
keyid:E7:6E:B2:56:C0:FC:B0:7E:29:07:97:83:43:E9:AD:9D:D2:1F:E2:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/526yVsD8sH4pB5eDQ-mtndIf4gY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/526yVsD8sH4pB5eDQ-mtndIf4gY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C83B/E4E10B4A1D8811E2A012CBE108B02CD2/7FFC5A98825E11EFBFE61870C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.88.72.0/21
111.88.96.0/19
111.88.144.0/20
111.88.164.0-111.88.171.255
111.88.184.0/21
111.88.233.0/24
111.88.238.0/23
111.88.244.0-111.88.255.255
115.186.10.0-115.186.14.255
115.186.16.0/23
115.186.21.0/24
115.186.23.0-115.186.25.255
115.186.30.0-115.186.47.255
115.186.56.0-115.186.127.255
117.102.0.0-117.102.9.255
117.102.12.0-117.102.28.255
117.102.32.0/20
203.81.192.0/21
203.81.208.0-203.81.239.255
IPv6:
2406:7000::/32
Signature Algorithm: sha256WithRSAEncryption
cc:05:a4:c2:b7:30:19:d4:9e:df:e9:73:86:a9:1f:ba:b1:63:
47:1f:12:ad:d5:e8:12:e9:28:90:08:9f:2c:4e:f2:c1:94:52:
a8:6a:0f:8c:45:21:1e:9d:86:d1:fa:a5:b3:a2:9e:3a:2c:98:
a8:99:d4:0c:fb:4d:8f:e4:ef:da:84:e7:65:b7:db:14:e2:27:
cd:a5:fa:45:b9:4d:36:c9:e4:80:cf:f5:c1:06:b7:de:0e:be:
d7:da:54:d5:ff:30:37:23:df:c5:cb:35:1c:ef:78:11:62:93:
55:3a:e7:39:b1:d0:98:d2:0e:dc:a5:65:25:15:5e:79:0e:34:
52:36:bd:87:1e:e8:ed:b2:5f:44:20:e8:3c:c8:19:a5:5e:9f:
fb:ef:30:03:8b:7f:36:0d:c6:19:e9:55:1a:ef:f5:bf:b0:0f:
ef:d9:23:ab:29:6f:f9:df:ac:a4:cc:2a:d5:81:52:62:59:e1:
4a:2a:68:e0:31:f3:60:8d:f5:3d:5b:2d:f4:7c:d3:29:df:a1:
c7:28:8a:bf:2d:4d:e4:d0:ed:67:37:7b:a8:6d:67:db:51:6f:
47:2f:83:20:51:bd:9d:d3:a3:21:16:79:8c:06:51:b5:e1:5b:
de:ff:ce:d6:62:d3:cf:be:07:10:f9:64:86:4a:25:08:56:f7:
62:fb:eb:c3
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgICNxUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM4M0IxMTAvBgNVBAUTKEU3NkVCMjU2QzBGQ0IwN0UyOTA3OTc4MzQzRTlBRDlE
RDIxRkUyMDYwHhcNMjQxMDA0MTQzOTQ2WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZmZmUzMi1lZDZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5E5QmszDf5ez76dGOc0Mv94l1lsK01SmH1NzTeEdpa/VWEPlcLe43nF3QK02
SiiAKFsnR+nO7McoFSaQgpvicH9cURGxohrY8c2dE2LcQEwhcH8L0S8tMTn10K8X
G7ouI/GTlS579V0ukZDG3xJcxNLbuSSHRtpRzAXGJb41s48BYCBuQ9IX3q6rTd+j
Sr8yXV7ghbEG0IqztXC4nq4hbCn6IngryIusjKgAOsQ0/HDigSHMGqGzIiEKIEVE
Anlug3Y6qx0l69Stoz5/n1accpVTYxzgySoWyklme8aB7VSyukkrguNMoA6RJE1l
vi2aYteGXdWAzIiM9oHSQ7hXTQIDAQABo4IDWzCCA1cwHQYDVR0OBBYEFInBpig6
Rbr6FGdtdC2+R5m/XSY1MB8GA1UdIwQYMBaAFOduslbA/LB+KQeXg0PprZ3SH+IG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzgzQi9FNEUxMEI0QTFE
ODgxMUUyQTAxMkNCRTEwOEIwMkNEMi81MjZ5VnNEOHNINHBCNWVEUS1tdG5kSWY0
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzUyNnlWc0Q4c0g0cEI1ZURRLW10bmRJZjRnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM4M0IvRTRFMTBCNEExRDg4MTFFMkEwMTJDQkUxMDhCMDJDRDIvN0ZGQzVBOTg4
MjVFMTFFRkJGRTYxODcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgeQGCCsGAQUFBwEHAQH/
BIHUMIHRMIG/BAIAATCBuAMEA29YSAMEBW9YYAMEBG9YkDAMAwQCb1ikAwQCb1io
AwQDb1i4AwQAb1jpAwQBb1juMAsDBAJvWPQDAwBvWDAMAwQBc7oKAwQAc7oOAwQB
c7oQAwQAc7oVMAwDBABzuhcDBAFzuhgwDAMEAXO6HgMEBHO6IDAMAwQDc7o4AwQH
c7oAMAsDAwF1ZgMEAXVmCDAMAwQCdWYMAwQAdWYcAwQEdWYgAwQDy1HAMAwDBATL
UdADBATLUeAwDQQCAAIwBwMFACQGcAAwDQYJKoZIhvcNAQELBQADggEBAMwFpMK3
MBnUnt/pc4apH7qxY0cfEq3V6BLpKJAInyxO8sGUUqhqD4xFIR6dhtH6pbOinjos
mKiZ1Az7TY/k79qE52W32xTiJ82l+kW5TTbJ5IDP9cEGt94OvtfaVNX/MDcj38XL
NRzveBFik1U65zmx0JjSDtylZSUVXnkONFI2vYce6O2yX0Qg6DzIGaVen/vvMAOL
fzYNxhnpVRrv9b+wD+/ZI6spb/nfrKTMKtWBUmJZ4UoqaOAx82CN9T1bLfR80ynf
occoir8tTeTQ7Wc3e6htZ9tRb0cvgyBRvZ3ToyEWeYwGUbXhW97/ztZi08++BxD5
ZIZKJQhW92L768M=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:49:22 2024 by rpki-client on console-ams.rpki-client.org