Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/A0121BD4871711EA924C6626C4F9AE02.roa
File: A0121BD4871711EA924C6626C4F9AE02.roa (raw, json)
Hash identifier: nOTO05trzCD6uEEv4FInP/xVHgXMSyk7YCzU2yFeaPI=
Subject key identifier: 9C:2B:28:76:E0:55:E7:20:0A:B1:01:4D:93:E7:AA:94:60:96:2C:16
Certificate issuer: /CN=A917225D/serialNumber=FFE2A03729F32D32227A99C925158C82CA54B957
Certificate serial: 3423
Authority key identifier: FF:E2:A0:37:29:F3:2D:32:22:7A:99:C9:25:15:8C:82:CA:54:B9:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/A0121BD4871711EA924C6626C4F9AE02.roa
Signing time: Fri 30 Aug 2024 14:50:28 +0000
ROA not before: Fri 30 Aug 2024 14:50:28 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 23673
IP address blocks: 43.230.192.0/22 maxlen: 22
43.230.192.0/24 maxlen: 24
43.230.193.0/24 maxlen: 24
43.230.194.0/24 maxlen: 24
43.230.195.0/24 maxlen: 24
103.197.240.0/22 maxlen: 24
103.206.68.0/22 maxlen: 24
103.239.52.0/22 maxlen: 22
103.239.52.0/24 maxlen: 24
103.239.53.0/24 maxlen: 24
103.239.54.0/24 maxlen: 24
103.239.55.0/24 maxlen: 24
110.235.240.0/20 maxlen: 20
110.235.240.0/24 maxlen: 24
110.235.241.0/24 maxlen: 24
110.235.242.0/24 maxlen: 24
110.235.243.0/24 maxlen: 24
110.235.244.0/24 maxlen: 24
110.235.245.0/24 maxlen: 24
110.235.246.0/24 maxlen: 24
110.235.247.0/24 maxlen: 24
110.235.248.0/24 maxlen: 24
110.235.249.0/24 maxlen: 24
110.235.250.0/24 maxlen: 24
110.235.251.0/24 maxlen: 24
110.235.252.0/24 maxlen: 24
110.235.253.0/24 maxlen: 24
110.235.254.0/24 maxlen: 24
110.235.255.0/24 maxlen: 24
124.248.160.0/19 maxlen: 19
124.248.160.0/24 maxlen: 24
124.248.161.0/24 maxlen: 24
124.248.162.0/24 maxlen: 24
124.248.163.0/24 maxlen: 24
124.248.164.0/24 maxlen: 24
124.248.165.0/24 maxlen: 24
124.248.166.0/24 maxlen: 24
124.248.167.0/24 maxlen: 24
124.248.168.0/24 maxlen: 24
124.248.169.0/24 maxlen: 24
124.248.170.0/24 maxlen: 24
124.248.171.0/24 maxlen: 24
124.248.172.0/24 maxlen: 24
124.248.173.0/24 maxlen: 24
124.248.174.0/24 maxlen: 24
124.248.175.0/24 maxlen: 24
124.248.176.0/24 maxlen: 24
124.248.177.0/24 maxlen: 24
124.248.178.0/24 maxlen: 24
124.248.179.0/24 maxlen: 24
124.248.180.0/24 maxlen: 24
124.248.181.0/24 maxlen: 24
124.248.182.0/24 maxlen: 24
124.248.183.0/24 maxlen: 24
124.248.184.0/24 maxlen: 24
124.248.185.0/24 maxlen: 24
124.248.186.0/24 maxlen: 24
124.248.187.0/24 maxlen: 24
124.248.188.0/24 maxlen: 24
124.248.189.0/24 maxlen: 24
124.248.190.0/24 maxlen: 24
124.248.191.0/24 maxlen: 24
202.62.32.0/19 maxlen: 19
202.62.32.0/24 maxlen: 24
202.62.33.0/24 maxlen: 24
202.62.34.0/24 maxlen: 24
202.62.35.0/24 maxlen: 24
202.62.36.0/24 maxlen: 24
202.62.37.0/24 maxlen: 24
202.62.38.0/24 maxlen: 24
202.62.39.0/24 maxlen: 24
202.62.40.0/24 maxlen: 24
202.62.41.0/24 maxlen: 24
202.62.42.0/24 maxlen: 24
202.62.43.0/24 maxlen: 24
202.62.44.0/24 maxlen: 24
202.62.45.0/24 maxlen: 24
202.62.46.0/24 maxlen: 24
202.62.47.0/24 maxlen: 24
202.62.48.0/24 maxlen: 24
202.62.49.0/24 maxlen: 24
202.62.50.0/24 maxlen: 24
202.62.51.0/24 maxlen: 24
202.62.52.0/24 maxlen: 24
202.62.53.0/24 maxlen: 24
202.62.54.0/24 maxlen: 24
202.62.55.0/24 maxlen: 24
202.62.56.0/24 maxlen: 24
202.62.57.0/24 maxlen: 24
202.62.58.0/24 maxlen: 24
202.62.59.0/24 maxlen: 24
202.62.60.0/24 maxlen: 24
202.62.61.0/24 maxlen: 24
202.62.62.0/24 maxlen: 24
202.62.63.0/24 maxlen: 24
203.189.128.0/19 maxlen: 19
203.189.128.0/24 maxlen: 24
203.189.129.0/24 maxlen: 24
203.189.130.0/24 maxlen: 24
203.189.131.0/24 maxlen: 24
203.189.132.0/22 maxlen: 24
203.189.136.0/23 maxlen: 24
203.189.138.0/23 maxlen: 24
203.189.140.0/23 maxlen: 24
203.189.142.0/23 maxlen: 24
203.189.144.0/22 maxlen: 24
203.189.148.0/22 maxlen: 24
203.189.152.0/23 maxlen: 24
203.189.154.0/23 maxlen: 24
203.189.156.0/23 maxlen: 24
203.189.158.0/23 maxlen: 24
2402:c100::/32 maxlen: 32
2402:c100::/48 maxlen: 48
2402:c100:c00::/48 maxlen: 48
2402:c100:c01::/48 maxlen: 48
2402:c100:c02::/48 maxlen: 48
2402:c100:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.crl
rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 14:23:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13347 (0x3423)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917225D/serialNumber=FFE2A03729F32D32227A99C925158C82CA54B957
Validity
Not Before: Aug 30 14:50:28 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d1dc34-189f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ea:2e:6b:79:5a:9a:d8:8d:4c:2a:bf:26:ec:
23:08:f0:d8:af:eb:7e:a4:c2:fd:bd:3a:05:d6:13:
ea:4e:83:14:6e:2b:9d:1d:1b:a5:28:25:e9:48:5a:
02:c4:b4:29:49:d3:ed:db:86:4c:3a:10:db:b3:c0:
8c:6f:a5:09:3c:46:d4:8e:a7:56:7a:ed:03:99:3d:
a0:20:cf:f2:b3:d5:20:b1:31:99:22:ef:1a:4e:db:
d5:2e:f2:5f:a8:80:af:a6:01:9c:1a:f5:54:a1:c9:
f1:2f:dd:1f:7c:78:fb:f2:44:26:35:ed:1f:05:37:
40:1f:b3:de:3e:55:07:de:d0:f6:9a:79:25:06:51:
71:62:e1:5a:e5:ae:fc:e2:26:bf:8c:78:23:d0:f9:
44:6a:12:2e:53:3f:f2:5f:d3:f4:62:20:9a:4e:72:
32:dd:ec:61:c1:01:a9:7d:98:01:6d:b0:04:63:0d:
a1:1a:2a:af:ad:e1:a6:1b:c2:c1:0c:fa:ee:9e:b1:
f0:97:bd:aa:a1:6d:5e:93:5f:8e:2e:9d:a0:d9:07:
06:9d:38:bf:94:83:99:b9:88:0f:28:19:81:cc:96:
9b:25:1d:86:f6:cc:ca:54:1d:c5:a8:d7:53:b1:b8:
80:c4:29:66:bc:79:d2:a3:d2:4a:70:0c:fc:8f:62:
52:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:2B:28:76:E0:55:E7:20:0A:B1:01:4D:93:E7:AA:94:60:96:2C:16
X509v3 Authority Key Identifier:
keyid:FF:E2:A0:37:29:F3:2D:32:22:7A:99:C9:25:15:8C:82:CA:54:B9:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/A0121BD4871711EA924C6626C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.192.0/22
103.197.240.0/22
103.206.68.0/22
103.239.52.0/22
110.235.240.0/20
124.248.160.0/19
202.62.32.0/19
203.189.128.0/19
IPv6:
2402:c100::/32
Signature Algorithm: sha256WithRSAEncryption
b2:e2:08:ec:4c:f5:c4:95:8c:b3:2c:3b:d7:44:12:bb:62:8c:
7a:80:42:77:bc:e9:a2:09:e9:c2:de:ad:54:06:1a:c4:ce:c0:
2f:41:bf:df:9f:6a:aa:52:39:ae:4a:ed:d7:ed:b8:28:8c:77:
da:e5:10:49:36:7f:a1:ea:1d:d9:a4:58:f8:95:a5:19:f9:9e:
33:f9:cb:ea:08:a9:8e:e2:ec:b3:8e:8f:06:3f:0c:28:7a:f5:
40:d4:ef:78:18:e3:bc:7c:de:8a:6e:d5:cb:d2:65:85:6c:87:
64:93:e8:fe:09:a7:9b:29:1e:15:e9:4d:c5:9f:2c:cc:d9:5e:
d9:03:94:db:c0:2f:82:90:d0:b7:06:d5:44:7d:35:4a:0d:68:
34:1c:cf:06:2b:2f:d1:d6:49:06:d0:45:13:bd:a5:65:9a:47:
c7:c2:d9:6e:c9:c4:f4:29:6d:d3:4f:8f:e0:ac:39:6e:42:30:
87:24:21:35:83:b5:7f:fa:32:44:ea:d3:34:11:74:02:8b:bd:
74:25:91:1c:8c:c1:df:ce:45:60:9e:2d:87:30:50:b5:05:75:
52:59:7a:6a:ed:06:1d:cf:eb:ec:d0:84:47:8c:d4:3d:a7:73:
43:ab:b2:da:42:70:83:dd:64:34:e4:0e:1f:28:45:ee:96:1f:
9b:d1:27:fd
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgICNCMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzIyNUQxMTAvBgNVBAUTKEZGRTJBMDM3MjlGMzJEMzIyMjdBOTlDOTI1MTU4Qzgy
Q0E1NEI5NTcwHhcNMjQwODMwMTQ1MDI4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQxZGMzNC0xODlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApeoua3lamtiNTCq/JuwjCPDYr+t+pML9vToF1hPqToMUbiudHRulKCXpSFoC
xLQpSdPt24ZMOhDbs8CMb6UJPEbUjqdWeu0DmT2gIM/ys9UgsTGZIu8aTtvVLvJf
qICvpgGcGvVUocnxL90ffHj78kQmNe0fBTdAH7PePlUH3tD2mnklBlFxYuFa5a78
4ia/jHgj0PlEahIuUz/yX9P0YiCaTnIy3exhwQGpfZgBbbAEYw2hGiqvreGmG8LB
DPrunrHwl72qoW1ek1+OLp2g2QcGnTi/lIOZuYgPKBmBzJabJR2G9szKVB3FqNdT
sbiAxClmvHnSo9JKcAz8j2JSMwIDAQABo4ICzjCCAsowHQYDVR0OBBYEFJwrKHbg
VecgCrEBTZPnqpRgliwWMB8GA1UdIwQYMBaAFP/ioDcp8y0yInqZySUVjILKVLlX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjI1RC8xRjU1MDgzMDFE
ODQxMUUyOTE3QkQwRDkwOEIwMkNEMi9fLUtnTnluekxUSWllcG5KSlJXTWdzcFV1
VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL18tS2dOeW56TFRJaWVwbkpKUldNZ3NwVXVWYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzIyNUQvMUY1NTA4MzAxRDg0MTFFMjkxN0JEMEQ5MDhCMDJDRDIvQTAxMjFCRDQ4
NzE3MTFFQTkyNEM2NjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWAYIKwYBBQUHAQcBAf8E
STBHMDYEAgABMDADBAIr5sADBAJnxfADBAJnzkQDBAJn7zQDBARu6/ADBAV8+KAD
BAXKPiADBAXLvYAwDQQCAAIwBwMFACQCwQAwDQYJKoZIhvcNAQELBQADggEBALLi
COxM9cSVjLMsO9dEErtijHqAQne86aIJ6cLerVQGGsTOwC9Bv9+faqpSOa5K7dft
uCiMd9rlEEk2f6HqHdmkWPiVpRn5njP5y+oIqY7i7LOOjwY/DCh69UDU73gY47x8
3opu1cvSZYVsh2ST6P4Jp5spHhXpTcWfLMzZXtkDlNvAL4KQ0LcG1UR9NUoNaDQc
zwYrL9HWSQbQRRO9pWWaR8fC2W7JxPQpbdNPj+CsOW5CMIckITWDtX/6MkTq0zQR
dAKLvXQlkRyMwd/ORWCeLYcwULUFdVJZemrtBh3P6+zQhEeM1D2nc0OrstpCcIPd
ZDTkDh8oRe6WH5vRJ/0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:49:22 2024 by rpki-client on console-ams.rpki-client.org