Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/6FEF4E442DE011EA853E2328C4F9AE02.roa
File: 6FEF4E442DE011EA853E2328C4F9AE02.roa (raw, json)
Hash identifier: y9hlvcbbwajIefGB4Px8cK+/Wv7KVNqhLN9ui6sJIMs=
Subject key identifier: C6:B6:7F:4D:05:EC:21:91:96:75:FD:30:40:C3:68:27:09:3D:D4:DB
Certificate issuer: /CN=A9186214/serialNumber=3FB18D89FAF3188DCE590F7C489077961F82A957
Certificate serial: 29EB
Authority key identifier: 3F:B1:8D:89:FA:F3:18:8D:CE:59:0F:7C:48:90:77:96:1F:82:A9:57
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7GNifrzGI3OWQ98SJB3lh-CqVc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/6FEF4E442DE011EA853E2328C4F9AE02.roa
Signing time: Tue 30 Jul 2024 16:02:21 +0000
ROA not before: Tue 30 Jul 2024 16:02:21 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 24203
IP address blocks: 140.213.3.0/24 maxlen: 24
140.213.4.0/24 maxlen: 24
140.213.5.0/24 maxlen: 24
140.213.6.0/24 maxlen: 24
140.213.7.0/24 maxlen: 24
140.213.9.0/24 maxlen: 24
140.213.10.0/24 maxlen: 24
140.213.12.0/24 maxlen: 24
140.213.14.0/24 maxlen: 24
140.213.16.0/24 maxlen: 24
140.213.19.0/24 maxlen: 24
140.213.20.0/24 maxlen: 24
140.213.23.0/24 maxlen: 24
140.213.29.0/24 maxlen: 24
140.213.32.0/24 maxlen: 24
140.213.33.0/24 maxlen: 24
140.213.35.0/24 maxlen: 24
140.213.36.0/24 maxlen: 24
140.213.38.0/24 maxlen: 24
140.213.39.0/24 maxlen: 24
140.213.42.0/24 maxlen: 24
140.213.47.0/24 maxlen: 24
140.213.50.0/24 maxlen: 24
140.213.51.0/24 maxlen: 24
140.213.53.0/24 maxlen: 24
140.213.56.0/24 maxlen: 24
140.213.58.0/24 maxlen: 24
140.213.62.0/24 maxlen: 24
140.213.72.0/24 maxlen: 24
140.213.75.0/24 maxlen: 24
140.213.88.0/24 maxlen: 24
140.213.114.0/24 maxlen: 24
140.213.138.0/24 maxlen: 24
140.213.139.0/24 maxlen: 24
140.213.142.0/24 maxlen: 24
140.213.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/P7GNifrzGI3OWQ98SJB3lh-CqVc.crl
rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/P7GNifrzGI3OWQ98SJB3lh-CqVc.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7GNifrzGI3OWQ98SJB3lh-CqVc.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 00:51:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10731 (0x29eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214/serialNumber=3FB18D89FAF3188DCE590F7C489077961F82A957
Validity
Not Before: Jul 30 16:02:21 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66a90e8d-b623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cb:c9:2a:2a:72:4d:40:f1:6c:45:1a:56:6a:
19:c8:e0:10:7c:ff:26:ac:c2:74:c4:9b:02:7f:b6:
04:4d:24:02:4e:61:aa:35:67:13:c7:6f:32:6b:05:
2f:bf:9b:d4:6b:cf:d6:5a:81:0d:32:35:a1:99:f3:
38:4b:fc:af:27:34:b0:ac:d2:58:04:ea:61:d8:fd:
95:d4:1f:c9:d3:cf:8b:6d:2b:0a:c1:80:50:83:cb:
4f:c2:92:ff:ca:47:ce:c4:96:38:78:7f:68:4b:02:
02:37:95:7b:cb:00:19:76:f1:6e:5a:02:ea:a6:ad:
b4:04:f1:c4:ba:de:08:d4:a1:ff:b0:98:34:77:ea:
e2:ea:61:0e:a5:3a:60:7f:86:34:55:aa:ef:34:cc:
33:6c:32:6d:f8:45:eb:d1:24:61:cf:5b:f0:b5:15:
b8:53:aa:8c:19:aa:7f:06:96:9e:fa:5a:54:36:7a:
2f:dd:0b:79:27:50:e7:f4:29:7f:b0:a9:46:8d:2c:
77:e3:b6:3b:54:37:99:70:c2:e0:8d:d7:96:21:4e:
d9:93:a9:b7:15:4e:eb:c1:5b:c0:5a:58:34:db:8f:
41:e5:b9:9c:92:1b:eb:2d:97:bd:4f:46:e4:8d:cd:
21:9b:af:50:ba:99:01:f1:57:26:b3:56:a4:bf:d5:
72:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B6:7F:4D:05:EC:21:91:96:75:FD:30:40:C3:68:27:09:3D:D4:DB
X509v3 Authority Key Identifier:
keyid:3F:B1:8D:89:FA:F3:18:8D:CE:59:0F:7C:48:90:77:96:1F:82:A9:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/P7GNifrzGI3OWQ98SJB3lh-CqVc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/P7GNifrzGI3OWQ98SJB3lh-CqVc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/B7F81958331A11E4AF2AB37CC4F9AE02/6FEF4E442DE011EA853E2328C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
140.213.3.0-140.213.7.255
140.213.9.0-140.213.10.255
140.213.12.0/24
140.213.14.0/24
140.213.16.0/24
140.213.19.0-140.213.20.255
140.213.23.0/24
140.213.29.0/24
140.213.32.0/23
140.213.35.0-140.213.36.255
140.213.38.0/23
140.213.42.0/24
140.213.47.0/24
140.213.50.0/23
140.213.53.0/24
140.213.56.0/24
140.213.58.0/24
140.213.62.0/24
140.213.72.0/24
140.213.75.0/24
140.213.88.0/24
140.213.114.0/24
140.213.138.0/23
140.213.142.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:79:7d:f1:6c:ea:34:48:33:d8:7b:3a:ce:80:a2:17:93:c3:
e5:f7:64:90:68:41:b2:87:54:e5:4e:1c:2b:b2:35:0a:b2:04:
fe:f8:78:0d:6d:0f:eb:84:68:c3:7c:24:aa:39:23:1e:35:c1:
98:2c:ef:ec:1f:63:9e:c0:de:71:c6:d9:81:3e:7f:3e:52:22:
71:cf:7f:c5:2a:4b:bf:5c:04:35:85:ed:b4:64:96:87:b3:e9:
c6:aa:78:90:2c:9b:c0:be:a4:d4:2a:b9:08:f2:07:a4:38:cf:
b9:73:3a:16:56:c2:cd:56:9d:55:7f:71:fb:2f:b0:f8:88:fa:
e9:39:a3:95:d6:65:44:0b:b0:0b:78:72:0f:57:07:1f:39:b5:
e4:8a:27:7a:cb:18:3c:83:26:73:8f:f9:ad:23:0d:b6:10:6e:
5c:19:b8:28:b9:e5:ec:47:38:cd:bd:e8:04:92:65:da:76:c7:
46:6b:49:db:e7:6e:c6:f5:a8:59:a7:5d:c8:76:11:bc:86:4c:
e1:57:dd:2c:43:28:a6:33:c2:f7:8f:fb:0d:41:38:ed:9f:c2:
98:fd:c0:22:af:35:e5:2a:4b:e9:37:b2:07:27:33:ed:f1:11:
d3:18:9b:15:27:1c:5f:d8:dd:c4:47:e7:52:d1:cd:cd:58:ca:
d7:4e:02:0a
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgICKeswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKDNGQjE4RDg5RkFGMzE4OERDRTU5MEY3QzQ4OTA3Nzk2
MUY4MkE5NTcwHhcNMjQwNzMwMTYwMjIxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE5MGU4ZC1iNjIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxcvJKipyTUDxbEUaVmoZyOAQfP8mrMJ0xJsCf7YETSQCTmGqNWcTx28yawUv
v5vUa8/WWoENMjWhmfM4S/yvJzSwrNJYBOph2P2V1B/J08+LbSsKwYBQg8tPwpL/
ykfOxJY4eH9oSwICN5V7ywAZdvFuWgLqpq20BPHEut4I1KH/sJg0d+ri6mEOpTpg
f4Y0VarvNMwzbDJt+EXr0SRhz1vwtRW4U6qMGap/Bpae+lpUNnov3Qt5J1Dn9Cl/
sKlGjSx347Y7VDeZcMLgjdeWIU7Zk6m3FU7rwVvAWlg0249B5bmckhvrLZe9T0bk
jc0hm69QupkB8Vcms1akv9VykwIDAQABo4IDRDCCA0AwHQYDVR0OBBYEFMa2f00F
7CGRlnX9MEDDaCcJPdTbMB8GA1UdIwQYMBaAFD+xjYn68xiNzlkPfEiQd5YfgqlX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9CN0Y4MTk1ODMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi9QN0dOaWZyekdJM09XUTk4U0pCM2xoLUNx
VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1A3R05pZnJ6R0kzT1dROThTSkIzbGgtQ3FWYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQjdGODE5NTgzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvNkZFRjRFNDQy
REUwMTFFQTg1M0UyMzI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgc0GCCsGAQUFBwEHAQH/
BIG9MIG6MIG3BAIAATCBsDAMAwQAjNUDAwQDjNUAMAwDBACM1QkDBACM1QoDBACM
1QwDBACM1Q4DBACM1RAwDAMEAIzVEwMEAIzVFAMEAIzVFwMEAIzVHQMEAYzVIDAM
AwQAjNUjAwQAjNUkAwQBjNUmAwQAjNUqAwQAjNUvAwQBjNUyAwQAjNU1AwQAjNU4
AwQAjNU6AwQAjNU+AwQAjNVIAwQAjNVLAwQAjNVYAwQAjNVyAwQBjNWKAwQBjNWO
MA0GCSqGSIb3DQEBCwUAA4IBAQCKeX3xbOo0SDPYezrOgKIXk8Pl92SQaEGyh1Tl
ThwrsjUKsgT++HgNbQ/rhGjDfCSqOSMeNcGYLO/sH2OewN5xxtmBPn8+UiJxz3/F
Kku/XAQ1he20ZJaHs+nGqniQLJvAvqTUKrkI8gekOM+5czoWVsLNVp1Vf3H7L7D4
iPrpOaOV1mVEC7ALeHIPVwcfObXkiid6yxg8gyZzj/mtIw22EG5cGbgoueXsRzjN
vegEkmXadsdGa0nb527G9ahZp13IdhG8hkzhV90sQyimM8L3j/sNQTjtn8KY/cAi
rzXlKkvpN7IHJzPt8RHTGJsVJxxf2N3ER+dS0c3NWMrXTgIK
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:35 2024 by rpki-client on console-ams.rpki-client.org