Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/9CC241B2016511EA91E3CF4AC4F9AE02.roa
File: 9CC241B2016511EA91E3CF4AC4F9AE02.roa (raw, json)
Hash identifier: m3ykeAgv3EDaQ0uNe9CMXz7bQUz/lCt0OmaKvfcOKj0=
Subject key identifier: 42:38:59:7A:37:EE:2E:B4:48:69:E1:CD:36:C7:F8:7E:74:82:BF:A8
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 3410
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/9CC241B2016511EA91E3CF4AC4F9AE02.roa
Signing time: Tue 30 Jul 2024 16:02:35 +0000
ROA not before: Tue 30 Jul 2024 16:02:35 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 17885
IP address blocks: 112.215.7.0/24 maxlen: 24
112.215.10.0/24 maxlen: 24
112.215.11.0/24 maxlen: 24
112.215.18.0/24 maxlen: 24
112.215.21.0/24 maxlen: 24
112.215.22.0/24 maxlen: 24
112.215.30.0/24 maxlen: 24
112.215.33.0/24 maxlen: 24
112.215.34.0/24 maxlen: 24
112.215.40.0/24 maxlen: 24
112.215.41.0/24 maxlen: 24
112.215.42.0/24 maxlen: 24
112.215.46.0/24 maxlen: 24
112.215.49.0/24 maxlen: 24
112.215.62.0/24 maxlen: 24
112.215.68.0/24 maxlen: 24
112.215.69.0/24 maxlen: 24
112.215.77.0/24 maxlen: 24
112.215.78.0/24 maxlen: 24
112.215.81.0/24 maxlen: 24
112.215.87.0/24 maxlen: 24
112.215.89.0/24 maxlen: 24
112.215.94.0/24 maxlen: 24
112.215.96.0/24 maxlen: 24
112.215.97.0/24 maxlen: 24
112.215.98.0/24 maxlen: 24
112.215.100.0/24 maxlen: 24
112.215.105.0/24 maxlen: 24
112.215.106.0/24 maxlen: 24
112.215.107.0/24 maxlen: 24
112.215.108.0/24 maxlen: 24
112.215.112.0/24 maxlen: 24
112.215.113.0/24 maxlen: 24
112.215.114.0/24 maxlen: 24
112.215.116.0/24 maxlen: 24
112.215.118.0/24 maxlen: 24
112.215.121.0/24 maxlen: 24
112.215.129.0/24 maxlen: 24
112.215.131.0/24 maxlen: 24
112.215.132.0/24 maxlen: 24
112.215.141.0/24 maxlen: 24
112.215.142.0/24 maxlen: 24
112.215.143.0/24 maxlen: 24
112.215.159.0/24 maxlen: 24
112.215.176.0/24 maxlen: 24
112.215.177.0/24 maxlen: 24
112.215.178.0/24 maxlen: 24
112.215.190.0/24 maxlen: 24
112.215.191.0/24 maxlen: 24
112.215.192.0/24 maxlen: 24
112.215.193.0/24 maxlen: 24
112.215.195.0/24 maxlen: 24
112.215.205.0/24 maxlen: 24
112.215.248.0/24 maxlen: 24
121.52.25.0/24 maxlen: 24
121.52.29.0/24 maxlen: 24
121.52.35.0/24 maxlen: 24
121.52.40.0/24 maxlen: 24
121.52.41.0/24 maxlen: 24
121.52.42.0/24 maxlen: 24
121.52.45.0/24 maxlen: 24
121.52.48.0/24 maxlen: 24
121.52.49.0/24 maxlen: 24
121.52.50.0/24 maxlen: 24
121.52.51.0/24 maxlen: 24
121.52.52.0/24 maxlen: 24
121.52.53.0/24 maxlen: 24
121.52.54.0/24 maxlen: 24
121.52.55.0/24 maxlen: 24
121.52.59.0/24 maxlen: 24
121.52.60.0/24 maxlen: 24
121.52.64.0/24 maxlen: 24
121.52.65.0/24 maxlen: 24
121.52.66.0/24 maxlen: 24
121.52.67.0/24 maxlen: 24
121.52.68.0/24 maxlen: 24
121.52.70.0/24 maxlen: 24
121.52.71.0/24 maxlen: 24
121.52.72.0/24 maxlen: 24
121.52.73.0/24 maxlen: 24
121.52.74.0/24 maxlen: 24
121.52.75.0/24 maxlen: 24
121.52.76.0/24 maxlen: 24
121.52.77.0/24 maxlen: 24
121.52.78.0/24 maxlen: 24
121.52.79.0/24 maxlen: 24
121.52.80.0/24 maxlen: 24
121.52.81.0/24 maxlen: 24
121.52.82.0/24 maxlen: 24
121.52.83.0/24 maxlen: 24
121.52.84.0/24 maxlen: 24
121.52.85.0/24 maxlen: 24
121.52.87.0/24 maxlen: 24
121.52.88.0/24 maxlen: 24
121.52.89.0/24 maxlen: 24
121.52.91.0/24 maxlen: 24
121.52.92.0/24 maxlen: 24
121.52.93.0/24 maxlen: 24
121.52.94.0/24 maxlen: 24
121.52.95.0/24 maxlen: 24
202.152.224.0/24 maxlen: 24
202.152.225.0/24 maxlen: 24
202.152.230.0/24 maxlen: 24
202.152.231.0/24 maxlen: 24
202.152.233.0/24 maxlen: 24
202.152.237.0/24 maxlen: 24
202.152.244.0/24 maxlen: 24
202.152.248.0/24 maxlen: 24
202.152.249.0/24 maxlen: 24
202.152.250.0/24 maxlen: 24
202.152.251.0/24 maxlen: 24
202.152.252.0/24 maxlen: 24
202.152.253.0/24 maxlen: 24
202.152.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 15:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13328 (0x3410)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Validity
Not Before: Jul 30 16:02:35 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=66a90e9a-e3a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ac:41:56:e6:e6:4e:cb:dc:f0:1d:2e:e3:dc:
ec:e5:19:6e:22:e7:f5:63:d3:4c:aa:40:38:0d:0e:
6f:2f:33:7f:a1:7f:8c:e4:e4:76:b9:af:11:24:af:
44:0e:68:29:9c:29:f3:62:10:ce:c5:97:9c:cf:02:
e8:25:e8:73:94:10:25:dd:8e:64:78:f2:d4:af:43:
b3:5a:e7:79:23:bf:cd:53:46:ea:08:bf:5e:76:5d:
d9:d6:53:3e:7b:a6:96:f4:37:c9:97:9c:03:74:5e:
23:86:24:85:0e:dd:02:14:9b:67:af:06:55:61:f2:
38:f9:6a:d1:d9:89:f7:49:27:c2:70:af:bf:05:d4:
f3:b6:00:e7:41:ec:38:24:8b:80:91:2e:16:0a:f8:
88:b1:71:af:5a:a4:5d:bf:70:1f:6b:73:30:38:df:
49:d1:d6:35:09:f7:c1:ab:74:3a:3c:6c:6a:34:60:
15:f0:99:a1:d9:8a:bb:2c:c3:16:0a:29:ad:a2:48:
00:88:ef:9a:98:b8:5d:7c:f3:59:e1:cb:06:24:f3:
c6:57:68:da:0d:78:76:9b:e8:ad:11:7f:88:b8:3e:
e2:a0:51:f2:9d:28:33:55:2e:ca:fb:8a:4b:bb:d5:
78:32:6d:a0:b7:a2:73:56:7d:eb:69:e0:01:ca:30:
1c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:38:59:7A:37:EE:2E:B4:48:69:E1:CD:36:C7:F8:7E:74:82:BF:A8
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/9CC241B2016511EA91E3CF4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
112.215.7.0/24
112.215.10.0/23
112.215.18.0/24
112.215.21.0-112.215.22.255
112.215.30.0/24
112.215.33.0-112.215.34.255
112.215.40.0-112.215.42.255
112.215.46.0/24
112.215.49.0/24
112.215.62.0/24
112.215.68.0/23
112.215.77.0-112.215.78.255
112.215.81.0/24
112.215.87.0/24
112.215.89.0/24
112.215.94.0/24
112.215.96.0-112.215.98.255
112.215.100.0/24
112.215.105.0-112.215.108.255
112.215.112.0-112.215.114.255
112.215.116.0/24
112.215.118.0/24
112.215.121.0/24
112.215.129.0/24
112.215.131.0-112.215.132.255
112.215.141.0-112.215.143.255
112.215.159.0/24
112.215.176.0-112.215.178.255
112.215.190.0-112.215.193.255
112.215.195.0/24
112.215.205.0/24
112.215.248.0/24
121.52.25.0/24
121.52.29.0/24
121.52.35.0/24
121.52.40.0-121.52.42.255
121.52.45.0/24
121.52.48.0/21
121.52.59.0-121.52.60.255
121.52.64.0-121.52.68.255
121.52.70.0-121.52.85.255
121.52.87.0-121.52.89.255
121.52.91.0-121.52.95.255
202.152.224.0/23
202.152.230.0/23
202.152.233.0/24
202.152.237.0/24
202.152.244.0/24
202.152.248.0-202.152.254.255
Signature Algorithm: sha256WithRSAEncryption
70:8a:a3:ef:fa:0c:d1:eb:59:c4:d9:56:3a:49:da:36:9c:51:
d3:74:52:e7:75:71:e4:55:d4:a8:ca:9c:dc:4f:3a:e2:dd:c9:
18:6b:e3:21:9e:08:ac:4b:74:e2:65:39:b0:d0:6f:75:e3:9b:
27:de:9a:e5:38:7d:f1:cc:a4:a9:7c:d6:7d:bd:fe:e6:91:7b:
7d:7d:88:e9:b8:75:09:68:08:17:7e:21:e6:18:03:77:00:e1:
cd:fa:f2:10:77:15:77:90:70:11:a0:e8:c1:aa:73:44:ba:76:
94:3e:35:0b:8b:f7:5a:3e:39:a6:24:6e:e9:dd:ea:62:a2:06:
fa:03:73:da:c6:da:c6:d2:67:e6:2d:f0:d8:55:0d:d4:0f:2c:
3c:28:71:2e:84:49:b5:45:cc:b3:6a:14:6d:28:a1:ee:c8:a1:
8e:48:af:e5:3b:5b:37:7e:e3:a9:ac:7b:eb:f8:8b:f3:b8:c7:
d2:f3:fc:b3:35:bd:cf:be:3a:c5:d0:a5:a6:ed:44:9c:a3:4c:
61:27:db:66:5d:5b:86:bd:37:76:65:5c:9e:49:29:45:23:c3:
3c:a6:14:9c:5c:a5:99:c4:fb:9e:12:ea:b2:9c:1b:67:de:58:
aa:db:bb:65:56:58:a1:fe:11:bc:8e:58:58:36:2c:13:f7:f5:
fb:18:91:f6
-----BEGIN CERTIFICATE-----
MIIHKzCCBhOgAwIBAgICNBAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjQwNzMwMTYwMjM1WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmE5MGU5YS1lM2EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuKxBVubmTsvc8B0u49zs5RluIuf1Y9NMqkA4DQ5vLzN/oX+M5OR2ua8RJK9E
DmgpnCnzYhDOxZeczwLoJehzlBAl3Y5kePLUr0OzWud5I7/NU0bqCL9edl3Z1lM+
e6aW9DfJl5wDdF4jhiSFDt0CFJtnrwZVYfI4+WrR2Yn3SSfCcK+/BdTztgDnQew4
JIuAkS4WCviIsXGvWqRdv3Afa3MwON9J0dY1CffBq3Q6PGxqNGAV8Jmh2Yq7LMMW
CimtokgAiO+amLhdfPNZ4csGJPPGV2jaDXh2m+itEX+IuD7ioFHynSgzVS7K+4pL
u9V4Mm2gt6JzVn3raeAByjAcwQIDAQABo4IETzCCBEswHQYDVR0OBBYEFEI4WXo3
7i60SGnhzTbH+H50gr+oMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvOUNDMjQxQjIw
MTY1MTFFQTkxRTNDRjRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggHXBggrBgEFBQcBBwEB
/wSCAcYwggHCMIIBvgQCAAEwggG2AwQAcNcHAwQBcNcKAwQAcNcSMAwDBABw1xUD
BABw1xYDBABw1x4wDAMEAHDXIQMEAHDXIjAMAwQDcNcoAwQAcNcqAwQAcNcuAwQA
cNcxAwQAcNc+AwQBcNdEMAwDBABw100DBABw104DBABw11EDBABw11cDBABw11kD
BABw114wDAMEBXDXYAMEAHDXYgMEAHDXZDAMAwQAcNdpAwQAcNdsMAwDBARw13AD
BABw13IDBABw13QDBABw13YDBABw13kDBABw14EwDAMEAHDXgwMEAHDXhDAMAwQA
cNeNAwQEcNeAAwQAcNefMAwDBARw17ADBABw17IwDAMEAXDXvgMEAXDXwAMEAHDX
wwMEAHDXzQMEAHDX+AMEAHk0GQMEAHk0HQMEAHk0IzAMAwQDeTQoAwQAeTQqAwQA
eTQtAwQDeTQwMAwDBAB5NDsDBAB5NDwwDAMEBnk0QAMEAHk0RDAMAwQBeTRGAwQB
eTRUMAwDBAB5NFcDBAF5NFgwDAMEAHk0WwMEBXk0QAMEAcqY4AMEAcqY5gMEAMqY
6QMEAMqY7QMEAMqY9DAMAwQDypj4AwQAypj+MA0GCSqGSIb3DQEBCwUAA4IBAQBw
iqPv+gzR61nE2VY6Sdo2nFHTdFLndXHkVdSoypzcTzri3ckYa+MhngisS3TiZTmw
0G9145sn3prlOH3xzKSpfNZ9vf7mkXt9fYjpuHUJaAgXfiHmGAN3AOHN+vIQdxV3
kHARoOjBqnNEunaUPjULi/daPjmmJG7p3epiogb6A3PaxtrG0mfmLfDYVQ3UDyw8
KHEuhEm1RcyzahRtKKHuyKGOSK/lO1s3fuOprHvr+IvzuMfS8/yzNb3PvjrF0KWm
7USco0xhJ9tmXVuGvTd2ZVyeSSlFI8M8phScXKWZxPueEuqynBtn3liq27tlVlih
/hG8jlhYNiwT9/X7GJH2
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:24:19 2024 by rpki-client on console-ams.rpki-client.org