Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/93069024F98111E9BCD2807EC4F9AE02.roa
File: 93069024F98111E9BCD2807EC4F9AE02.roa (raw, json)
Hash identifier: 2oCHNvkAlF3VAijeoG7n6mh/mU9Imq4ludhT4VdJn3Q=
Subject key identifier: 75:72:C0:96:98:D7:7C:D2:1B:7E:3A:61:0F:8D:6B:28:9E:D1:DE:58
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 3412
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/93069024F98111E9BCD2807EC4F9AE02.roa
Signing time: Tue 30 Jul 2024 16:02:37 +0000
ROA not before: Tue 30 Jul 2024 16:02:37 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 24203
IP address blocks: 112.215.36.0/24 maxlen: 24
112.215.44.0/24 maxlen: 24
112.215.45.0/24 maxlen: 24
112.215.50.0/24 maxlen: 24
112.215.63.0/24 maxlen: 24
112.215.64.0/24 maxlen: 24
112.215.66.0/24 maxlen: 24
112.215.79.0/24 maxlen: 24
112.215.151.0/24 maxlen: 24
112.215.153.0/24 maxlen: 24
112.215.170.0/24 maxlen: 24
112.215.171.0/24 maxlen: 24
112.215.172.0/24 maxlen: 24
112.215.200.0/24 maxlen: 24
112.215.209.0/24 maxlen: 24
112.215.211.0/24 maxlen: 24
112.215.238.0/24 maxlen: 24
112.215.253.0/24 maxlen: 24
121.52.41.0/24 maxlen: 24
202.152.240.0/24 maxlen: 24
202.152.243.0/24 maxlen: 24
2400:9800:3::/48 maxlen: 48
2400:9800:4::/48 maxlen: 48
2400:9800:5::/48 maxlen: 48
2400:9800:6::/48 maxlen: 48
2400:9800:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 15:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13330 (0x3412)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Validity
Not Before: Jul 30 16:02:37 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66a90e9d-28b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:af:4e:1a:bc:81:b9:e4:57:be:8b:18:ab:ca:
03:30:b8:2c:11:a2:f5:13:33:d1:d5:dc:ef:bf:ab:
08:b2:54:7d:7b:62:cb:5b:d7:e3:91:d3:ff:e7:de:
65:f9:a4:71:72:65:2b:01:0c:8c:97:d5:04:5e:68:
da:96:45:8d:4f:4c:89:95:36:ea:5b:d0:23:50:31:
79:c8:52:f9:fb:0c:78:f2:1e:6f:b5:dd:01:a3:b4:
4e:1d:1d:a0:da:aa:17:c5:23:18:5c:b2:ec:97:95:
fc:72:96:e3:45:24:2f:bf:01:f3:dd:32:94:eb:a5:
91:c5:2e:c5:7e:d0:55:30:b6:86:08:ec:3f:be:5b:
d1:c4:70:27:6d:6d:f8:d7:e9:ea:03:82:8c:b5:d6:
a1:b9:72:1d:f5:d5:9a:59:e4:4a:b6:e1:9b:b6:69:
a0:37:90:e6:a3:29:ac:ff:6c:e5:7f:47:4b:42:c1:
d3:3b:7e:85:44:64:fc:60:e0:df:99:64:ef:7c:2b:
c1:0f:97:aa:c4:10:da:f1:82:8c:6f:ef:9c:c8:ba:
d5:3d:db:01:ac:c8:0b:e5:c6:5f:a0:5b:14:ee:c7:
f4:79:52:0f:bd:52:38:64:10:b3:ec:36:46:e8:e7:
70:5c:9a:1e:90:33:c3:b0:c1:87:f5:d1:08:2b:26:
2d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:72:C0:96:98:D7:7C:D2:1B:7E:3A:61:0F:8D:6B:28:9E:D1:DE:58
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/93069024F98111E9BCD2807EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
112.215.36.0/24
112.215.44.0/23
112.215.50.0/24
112.215.63.0-112.215.64.255
112.215.66.0/24
112.215.79.0/24
112.215.151.0/24
112.215.153.0/24
112.215.170.0-112.215.172.255
112.215.200.0/24
112.215.209.0/24
112.215.211.0/24
112.215.238.0/24
112.215.253.0/24
121.52.41.0/24
202.152.240.0/24
202.152.243.0/24
IPv6:
2400:9800:3::-2400:9800:7:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
04:5e:64:e7:b2:ab:f5:cb:fb:77:57:38:a2:7f:c1:17:c1:ba:
c0:ea:ad:98:b6:43:94:3e:65:da:4c:fa:9d:a3:cc:3e:2f:d1:
44:c8:71:3e:c7:15:ac:60:2a:78:85:a9:35:f9:95:55:23:d9:
5a:0a:0f:9c:d9:f3:23:17:73:a1:80:12:0b:b8:de:a8:9d:de:
4c:d2:82:b3:9b:10:be:02:57:ef:55:dd:4b:65:13:d6:e7:a5:
7b:05:54:52:7a:5f:24:81:15:ca:64:72:4e:22:8e:bd:93:b9:
87:67:04:39:78:a6:f8:b8:4b:48:59:ce:6e:37:1b:61:5a:d9:
c7:64:11:ef:23:36:cc:e5:2c:d3:a8:33:73:ee:47:e7:ee:53:
b9:65:2c:ee:06:24:b5:f6:e7:1a:71:f4:07:df:7d:2e:0a:14:
61:49:09:fb:61:a9:40:a7:bd:95:db:cf:e5:b8:95:6a:49:cf:
85:a4:1a:1c:a4:37:fa:cd:a9:62:95:8d:4b:53:43:8a:92:91:
80:b7:1e:4d:60:36:b0:36:11:0e:bb:cd:90:c2:ee:f4:42:6c:
fe:cf:e6:6c:3b:79:56:2d:6d:ca:49:25:6a:a5:4f:22:95:73:
4b:c9:0a:3a:ce:88:c4:28:2a:c6:24:dd:dd:49:e7:a0:71:62:
97:2a:ae:aa
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgICNBIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjQwNzMwMTYwMjM3WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE5MGU5ZC0yOGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtK9OGryBueRXvosYq8oDMLgsEaL1EzPR1dzvv6sIslR9e2LLW9fjkdP/595l
+aRxcmUrAQyMl9UEXmjalkWNT0yJlTbqW9AjUDF5yFL5+wx48h5vtd0Bo7ROHR2g
2qoXxSMYXLLsl5X8cpbjRSQvvwHz3TKU66WRxS7FftBVMLaGCOw/vlvRxHAnbW34
1+nqA4KMtdahuXId9dWaWeRKtuGbtmmgN5Dmoyms/2zlf0dLQsHTO36FRGT8YODf
mWTvfCvBD5eqxBDa8YKMb++cyLrVPdsBrMgL5cZfoFsU7sf0eVIPvVI4ZBCz7DZG
6OdwXJoekDPDsMGH9dEIKyYtZQIDAQABo4IDJDCCAyAwHQYDVR0OBBYEFHVywJaY
13zSG346YQ+Nayie0d5YMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvOTMwNjkwMjRG
OTgxMTFFOUJDRDI4MDdFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga0GCCsGAQUFBwEHAQH/
BIGdMIGaMHwEAgABMHYDBABw1yQDBAFw1ywDBABw1zIwDAMEAHDXPwMEAHDXQAME
AHDXQgMEAHDXTwMEAHDXlwMEAHDXmTAMAwQBcNeqAwQAcNesAwQAcNfIAwQAcNfR
AwQAcNfTAwQAcNfuAwQAcNf9AwQAeTQpAwQAypjwAwQAypjzMBoEAgACMBQwEgMH
ACQAmAAAAwMHAyQAmAAAADANBgkqhkiG9w0BAQsFAAOCAQEABF5k57Kr9cv7d1c4
on/BF8G6wOqtmLZDlD5l2kz6naPMPi/RRMhxPscVrGAqeIWpNfmVVSPZWgoPnNnz
IxdzoYASC7jeqJ3eTNKCs5sQvgJX71XdS2UT1uelewVUUnpfJIEVymRyTiKOvZO5
h2cEOXim+LhLSFnObjcbYVrZx2QR7yM2zOUs06gzc+5H5+5TuWUs7gYktfbnGnH0
B999LgoUYUkJ+2GpQKe9ldvP5biVaknPhaQaHKQ3+s2pYpWNS1NDipKRgLceTWA2
sDYRDrvNkMLu9EJs/s/mbDt5Vi1tykklaqVPIpVzS8kKOs6IxCgqxiTd3UnnoHFi
lyquqg==
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:24:19 2024 by rpki-client on console-ams.rpki-client.org