Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
File: 75D2A3666E8011EF92BDE465C4F9AE02.roa (raw, json)
Hash identifier: 7ejHexwU58Vd/6AhEj3R11Z55i5VPsu0+3DBnr8HpKI=
Subject key identifier: 51:52:68:C0:67:D4:1D:E2:5D:1B:C2:6B:9F:1E:78:90:D8:E0:0A:0A
Certificate issuer: /CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Certificate serial: 1C60
Authority key identifier: 8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
Signing time: Mon 30 Sep 2024 16:24:15 +0000
ROA not before: Mon 30 Sep 2024 16:24:15 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 132165
IP address blocks: 43.245.128.0/24 maxlen: 24
43.245.129.0/24 maxlen: 24
43.245.130.0/24 maxlen: 24
43.245.131.0/24 maxlen: 24
103.12.120.0/24 maxlen: 24
103.12.121.0/24 maxlen: 24
103.12.122.0/24 maxlen: 24
103.12.123.0/24 maxlen: 24
111.119.160.0/24 maxlen: 24
111.119.161.0/24 maxlen: 24
111.119.162.0/24 maxlen: 24
111.119.163.0/24 maxlen: 24
111.119.164.0/24 maxlen: 24
111.119.165.0/24 maxlen: 24
111.119.166.0/24 maxlen: 24
111.119.167.0/24 maxlen: 24
113.203.192.0/24 maxlen: 24
113.203.193.0/24 maxlen: 24
113.203.195.0/24 maxlen: 24
113.203.200.0/24 maxlen: 24
113.203.201.0/24 maxlen: 24
113.203.202.0/24 maxlen: 24
113.203.203.0/24 maxlen: 24
113.203.204.0/24 maxlen: 24
113.203.205.0/24 maxlen: 24
113.203.207.0/24 maxlen: 24
115.42.64.0/24 maxlen: 24
115.42.65.0/24 maxlen: 24
115.42.66.0/24 maxlen: 24
115.42.67.0/24 maxlen: 24
118.103.226.0/24 maxlen: 24
118.103.227.0/24 maxlen: 24
118.103.228.0/24 maxlen: 24
118.103.229.0/24 maxlen: 24
118.103.230.0/24 maxlen: 24
118.103.231.0/24 maxlen: 24
118.103.232.0/24 maxlen: 24
118.103.233.0/24 maxlen: 24
118.103.234.0/24 maxlen: 24
118.103.235.0/24 maxlen: 24
118.103.236.0/24 maxlen: 24
118.103.237.0/24 maxlen: 24
118.103.238.0/24 maxlen: 24
118.103.239.0/24 maxlen: 24
2406:d00::/48 maxlen: 48
2406:d00:2222::/48 maxlen: 48
2406:d00:5555::/48 maxlen: 48
2406:d00:aaaa::/48 maxlen: 48
2406:d00:bbbb::/48 maxlen: 48
2406:d00:ccaa::/47 maxlen: 48
2406:d00:ccc0::/46 maxlen: 48
2406:d00:cccc::/46 maxlen: 48
2406:d00:cce0::/48 maxlen: 48
2406:d00:ccea::/48 maxlen: 48
2406:d00:ddc1::/48 maxlen: 48
2406:d00:ddcc::/48 maxlen: 48
2406:d00:ddd1::/48 maxlen: 48
2406:d00:dddd::/48 maxlen: 48
2406:d00:ddf1::/48 maxlen: 48
2406:d00:ddff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 16:11:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7264 (0x1c60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917A84A/serialNumber=8A1A10EB8FBA45C2152CA8956F432F9A8139603A
Validity
Not Before: Sep 30 16:24:15 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66fad0ae-159e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cd:7e:27:29:fc:18:f2:cf:ab:a9:33:22:c0:
b3:7b:af:0b:7d:c3:3c:43:2b:77:8a:00:f0:98:68:
fa:da:95:c1:b4:94:46:f3:36:c6:b3:00:38:68:6a:
d4:71:8b:bc:0b:cd:53:90:45:37:60:5f:cb:2d:8e:
3e:9a:5a:a0:4c:67:7f:6c:3e:6e:a6:68:26:cd:06:
b0:78:a9:fd:e2:ff:ca:4a:bb:b1:32:ce:7f:d9:bd:
93:dd:7e:cb:4a:d8:0c:f3:fb:ae:ed:9d:cc:e8:33:
ac:35:a7:66:ca:25:f7:f8:14:11:1d:de:a8:e7:be:
0f:60:33:49:38:6d:4a:49:ff:09:51:37:9c:0f:b7:
27:42:20:25:92:ff:15:db:48:58:df:13:f7:b7:28:
a2:32:d1:dc:56:6b:dd:50:41:51:06:ee:b7:01:bc:
bd:f3:f4:26:8a:d4:e7:14:b3:a5:b8:e7:aa:ea:f3:
52:70:15:70:a4:6a:f3:5c:1d:a7:e3:53:2f:88:fc:
6c:c6:a0:73:3d:0c:89:bb:5f:10:d9:c7:c7:d6:fb:
bb:47:9a:6c:ff:f1:88:c9:f5:6b:85:f7:e3:3f:9a:
ae:fc:e5:ae:7f:2b:69:aa:84:50:5e:5b:21:7c:3d:
eb:d6:cf:90:1c:c1:b5:61:4a:ad:4b:3b:76:63:c5:
83:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:52:68:C0:67:D4:1D:E2:5D:1B:C2:6B:9F:1E:78:90:D8:E0:0A:0A
X509v3 Authority Key Identifier:
keyid:8A:1A:10:EB:8F:BA:45:C2:15:2C:A8:95:6F:43:2F:9A:81:39:60:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/ihoQ64-6RcIVLKiVb0MvmoE5YDo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihoQ64-6RcIVLKiVb0MvmoE5YDo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A84A/1805191AE1EF11E69D36501BC4F9AE02/75D2A3666E8011EF92BDE465C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.128.0/22
103.12.120.0/22
111.119.160.0/21
113.203.192.0/23
113.203.195.0/24
113.203.200.0-113.203.205.255
113.203.207.0/24
115.42.64.0/22
118.103.226.0-118.103.239.255
IPv6:
2406:d00::/48
2406:d00:2222::/48
2406:d00:5555::/48
2406:d00:aaaa::/48
2406:d00:bbbb::/48
2406:d00:ccaa::/47
2406:d00:ccc0::/46
2406:d00:cccc::/46
2406:d00:cce0::/48
2406:d00:ccea::/48
2406:d00:ddc1::/48
2406:d00:ddcc::/48
2406:d00:ddd1::/48
2406:d00:dddd::/48
2406:d00:ddf1::/48
2406:d00:ddff::/48
Signature Algorithm: sha256WithRSAEncryption
8d:0e:92:52:13:56:9d:4a:f6:e1:14:74:17:16:d5:37:be:fb:
24:14:82:d9:7e:5b:57:28:ea:1a:bb:81:19:45:77:f0:0c:46:
76:a0:35:f2:0a:fe:3f:63:7e:4b:90:0a:59:60:30:5e:79:7b:
e9:33:e1:76:f1:bb:52:25:19:cc:7f:3b:8c:df:94:22:ee:fc:
1b:bf:7d:78:3c:9e:10:f7:93:c3:31:76:af:d4:77:0c:cb:a0:
5c:95:0d:d0:ee:f4:1f:76:d6:03:5e:46:e8:07:ca:60:5d:19:
f8:d9:08:a8:9c:0d:64:cb:0a:56:a1:ed:77:b6:dd:88:47:aa:
58:d5:f6:cd:d3:36:fc:0d:42:b6:9a:e4:88:04:2e:15:7c:88:
ff:d5:89:11:5f:58:98:f1:c0:60:d3:6a:ae:cc:b8:4a:ef:2d:
37:52:53:f3:d4:2c:7d:3c:a8:5c:0f:70:e5:4b:c4:47:fe:85:
a2:1e:42:3a:2c:17:cc:8a:fa:4a:14:c3:a9:74:98:46:cf:85:
69:ba:f7:95:55:4f:78:4c:ce:5c:a4:3c:51:ea:b7:a2:42:e6:
57:69:ec:a5:5d:05:9a:9f:b0:f5:42:0a:2b:ee:19:2f:e3:09:
8e:10:13:95:c8:50:de:a0:62:e0:3f:07:3e:6a:2b:85:9b:a6:
18:ad:40:ae
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgICHGAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0E4NEExMTAvBgNVBAUTKDhBMUExMEVCOEZCQTQ1QzIxNTJDQTg5NTZGNDMyRjlB
ODEzOTYwM0EwHhcNMjQwOTMwMTYyNDE1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZhZDBhZS0xNTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwM1+Jyn8GPLPq6kzIsCze68LfcM8Qyt3igDwmGj62pXBtJRG8zbGswA4aGrU
cYu8C81TkEU3YF/LLY4+mlqgTGd/bD5upmgmzQaweKn94v/KSruxMs5/2b2T3X7L
StgM8/uu7Z3M6DOsNadmyiX3+BQRHd6o574PYDNJOG1KSf8JUTecD7cnQiAlkv8V
20hY3xP3tyiiMtHcVmvdUEFRBu63Aby98/QmitTnFLOluOeq6vNScBVwpGrzXB2n
41MviPxsxqBzPQyJu18Q2cfH1vu7R5ps//GIyfVrhffjP5qu/OWufytpqoRQXlsh
fD3r1s+QHMG1YUqtSzt2Y8WDbQIDAQABo4IDcjCCA24wHQYDVR0OBBYEFFFSaMBn
1B3iXRvCa58eeJDY4AoKMB8GA1UdIwQYMBaAFIoaEOuPukXCFSyolW9DL5qBOWA6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTg0QS8xODA1MTkxQUUx
RUYxMUU2OUQzNjUwMUJDNEY5QUUwMi9paG9RNjQtNlJjSVZMS2lWYjBNdm1vRTVZ
RG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lob1E2NC02UmNJVkxLaVZiME12bW9FNVlEby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0E4NEEvMTgwNTE5MUFFMUVGMTFFNjlEMzY1MDFCQzRGOUFFMDIvNzVEMkEzNjY2
RTgwMTFFRjkyQkRFNDY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgfsGCCsGAQUFBwEHAQH/
BIHrMIHoMEwEAgABMEYDBAIr9YADBAJnDHgDBANvd6ADBAFxy8ADBABxy8MwDAME
A3HLyAMEAXHLzAMEAHHLzwMEAnMqQDAMAwQBdmfiAwQEdmfgMIGXBAIAAjCBkAMH
ACQGDQAAAAMHACQGDQAiIgMHACQGDQBVVQMHACQGDQCqqgMHACQGDQC7uwMHASQG
DQDMqgMHAiQGDQDMwAMHAiQGDQDMzAMHACQGDQDM4AMHACQGDQDM6gMHACQGDQDd
wQMHACQGDQDdzAMHACQGDQDd0QMHACQGDQDd3QMHACQGDQDd8QMHACQGDQDd/zAN
BgkqhkiG9w0BAQsFAAOCAQEAjQ6SUhNWnUr24RR0FxbVN777JBSC2X5bVyjqGruB
GUV38AxGdqA18gr+P2N+S5AKWWAwXnl76TPhdvG7UiUZzH87jN+UIu78G799eDye
EPeTwzF2r9R3DMugXJUN0O70H3bWA15G6AfKYF0Z+NkIqJwNZMsKVqHtd7bdiEeq
WNX2zdM2/A1CtprkiAQuFXyI/9WJEV9YmPHAYNNqrsy4Su8tN1JT89QsfTyoXA9w
5UvER/6Foh5COiwXzIr6ShTDqXSYRs+Fabr3lVVPeEzOXKQ8Ueq3okLmV2nspV0F
mp+w9UIKK+4ZL+MJjhATlchQ3qBi4D8HPmorhZumGK1Arg==
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:05:21 2024 by rpki-client on console-ams.rpki-client.org