Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/93069024F98111E9BCD2807EC4F9AE02.roa
File: 93069024F98111E9BCD2807EC4F9AE02.roa (raw, json)
Hash identifier: nu16uL/KRDV0B4CFnROJ1c3kxYgCVInbvWC3GWFkhZI=
Subject key identifier: 31:49:49:D2:99:15:07:98:5F:79:FC:82:89:66:88:11:EA:68:16:E8
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 34C3
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/93069024F98111E9BCD2807EC4F9AE02.roa
Signing time: Fri 24 Jan 2025 16:02:27 +0000
ROA not before: Fri 24 Jan 2025 16:02:27 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 24203
IP address blocks: 112.215.36.0/24 maxlen: 24
112.215.44.0/24 maxlen: 24
112.215.45.0/24 maxlen: 24
112.215.50.0/24 maxlen: 24
112.215.63.0/24 maxlen: 24
112.215.64.0/24 maxlen: 24
112.215.66.0/24 maxlen: 24
112.215.79.0/24 maxlen: 24
112.215.151.0/24 maxlen: 24
112.215.153.0/24 maxlen: 24
112.215.170.0/24 maxlen: 24
112.215.171.0/24 maxlen: 24
112.215.172.0/24 maxlen: 24
112.215.200.0/24 maxlen: 24
112.215.209.0/24 maxlen: 24
112.215.211.0/24 maxlen: 24
112.215.238.0/24 maxlen: 24
112.215.253.0/24 maxlen: 24
121.52.41.0/24 maxlen: 24
202.152.240.0/24 maxlen: 24
202.152.243.0/24 maxlen: 24
2400:9800:3::/48 maxlen: 48
2400:9800:4::/48 maxlen: 48
2400:9800:5::/48 maxlen: 48
2400:9800:6::/48 maxlen: 48
2400:9800:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 13 Apr 2025 15:33:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13507 (0x34c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214
Validity
Not Before: Jan 24 16:02:27 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6793b993-a38f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:34:78:b8:27:70:d4:13:05:ac:f5:ef:20:3d:
e9:35:ce:3f:7c:eb:4c:2b:f6:4f:63:50:44:73:32:
83:6c:f5:3f:42:2d:22:a3:7c:77:43:e1:65:99:24:
f7:3d:0e:1e:27:bc:e3:48:79:57:71:52:3f:11:ff:
6a:ed:5b:60:89:93:29:4f:b0:51:20:b9:9a:3f:b1:
54:c8:cc:66:7f:bb:95:9c:80:12:c5:f9:de:35:d3:
78:da:46:cb:ad:99:cd:35:cc:19:9d:f7:e4:4c:ff:
a0:5f:d5:39:cc:b8:a8:d9:2d:ac:65:28:fe:9f:5b:
05:e7:b1:c3:a3:b2:3f:47:38:7a:53:10:1c:45:29:
ee:3b:8c:43:95:9e:94:ad:a9:4e:cf:c5:06:5b:39:
f4:d8:3d:14:56:c3:92:9d:77:bc:47:78:16:4c:39:
de:e8:ca:a4:a6:1f:e7:c1:38:8b:af:d8:bb:22:b1:
f6:e1:df:50:2a:bb:41:2c:d0:80:08:13:6d:1b:46:
ea:7d:09:5d:98:01:9d:d0:97:49:67:59:f4:db:3f:
74:12:e5:e3:5c:4a:3a:1b:2c:48:6a:71:4b:26:89:
df:4d:85:7e:0b:82:79:d3:d8:cf:47:38:a8:db:58:
3b:e2:27:14:80:8d:97:20:08:eb:d2:80:39:a8:f5:
48:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:49:49:D2:99:15:07:98:5F:79:FC:82:89:66:88:11:EA:68:16:E8
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/93069024F98111E9BCD2807EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
112.215.36.0/24
112.215.44.0/23
112.215.50.0/24
112.215.63.0-112.215.64.255
112.215.66.0/24
112.215.79.0/24
112.215.151.0/24
112.215.153.0/24
112.215.170.0-112.215.172.255
112.215.200.0/24
112.215.209.0/24
112.215.211.0/24
112.215.238.0/24
112.215.253.0/24
121.52.41.0/24
202.152.240.0/24
202.152.243.0/24
IPv6:
2400:9800:3::-2400:9800:7:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2e:db:f0:f6:b5:90:ff:09:32:ba:e6:d9:c8:66:7f:30:94:32:
af:8d:2f:40:df:a8:75:52:88:4b:b6:a1:39:b1:80:e0:43:60:
0b:b1:39:4a:e1:ac:62:08:ff:b3:3f:c1:df:47:35:7d:48:34:
43:d1:38:6c:aa:b1:81:7b:e5:e0:06:0c:ef:0e:56:cf:62:69:
d5:63:f8:d5:29:81:c9:5b:e2:97:42:56:bd:e4:c5:0a:1f:f7:
ea:94:cf:80:0a:e4:19:7c:6f:c0:84:1e:a0:be:df:3c:11:ff:
dc:59:e7:b8:b2:aa:cc:f4:0f:f5:7e:93:df:87:8d:60:65:3c:
f5:fc:92:14:d9:66:85:f5:a8:38:e2:de:f1:0d:47:c3:55:e6:
2a:87:b9:a5:1f:e5:40:1e:6d:07:2b:3f:e8:60:ce:f4:e9:39:
35:b1:bd:5c:6c:65:ed:6a:b7:83:6a:8c:28:c4:1e:1c:2c:4b:
71:ee:84:fa:37:56:93:0d:b1:c4:2e:38:63:0e:70:bf:89:40:
16:40:85:ca:e2:1d:6b:53:9c:b9:3d:9f:b9:52:a6:c3:73:d4:
20:ab:32:1b:41:69:d2:cf:13:b6:92:00:56:4b:f8:8c:ab:d3:
7f:bd:af:73:2e:98:83:57:18:d0:f2:81:45:77:59:8d:ee:0a:
51:23:41:c2
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgICNMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjUwMTI0MTYwMjI3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkzYjk5My1hMzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4TR4uCdw1BMFrPXvID3pNc4/fOtMK/ZPY1BEczKDbPU/Qi0io3x3Q+FlmST3
PQ4eJ7zjSHlXcVI/Ef9q7VtgiZMpT7BRILmaP7FUyMxmf7uVnIASxfneNdN42kbL
rZnNNcwZnffkTP+gX9U5zLio2S2sZSj+n1sF57HDo7I/Rzh6UxAcRSnuO4xDlZ6U
ralOz8UGWzn02D0UVsOSnXe8R3gWTDne6Mqkph/nwTiLr9i7IrH24d9QKrtBLNCA
CBNtG0bqfQldmAGd0JdJZ1n02z90EuXjXEo6GyxIanFLJonfTYV+C4J509jPRzio
21g74icUgI2XIAjr0oA5qPVIGQIDAQABo4IDJDCCAyAwHQYDVR0OBBYEFDFJSdKZ
FQeYX3n8golmiBHqaBboMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvOTMwNjkwMjRG
OTgxMTFFOUJDRDI4MDdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga0GCCsGAQUFBwEHAQH/
BIGdMIGaMHwEAgABMHYDBABw1yQDBAFw1ywDBABw1zIwDAMEAHDXPwMEAHDXQAME
AHDXQgMEAHDXTwMEAHDXlwMEAHDXmTAMAwQBcNeqAwQAcNesAwQAcNfIAwQAcNfR
AwQAcNfTAwQAcNfuAwQAcNf9AwQAeTQpAwQAypjwAwQAypjzMBoEAgACMBQwEgMH
ACQAmAAAAwMHAyQAmAAAADANBgkqhkiG9w0BAQsFAAOCAQEALtvw9rWQ/wkyuubZ
yGZ/MJQyr40vQN+odVKIS7ahObGA4ENgC7E5SuGsYgj/sz/B30c1fUg0Q9E4bKqx
gXvl4AYM7w5Wz2Jp1WP41SmByVvil0JWveTFCh/36pTPgArkGXxvwIQeoL7fPBH/
3FnnuLKqzPQP9X6T34eNYGU89fySFNlmhfWoOOLe8Q1Hw1XmKoe5pR/lQB5tBys/
6GDO9Ok5NbG9XGxl7Wq3g2qMKMQeHCxLce6E+jdWkw2xxC44Yw5wv4lAFkCFyuId
a1OcuT2fuVKmw3PUIKsyG0Fp0s8TtpIAVkv4jKvTf72vcy6Yg1cY0PKBRXdZje4K
USNBwg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:12:31 2025 by rpki-client