Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/9CC241B2016511EA91E3CF4AC4F9AE02.roa
File: 9CC241B2016511EA91E3CF4AC4F9AE02.roa (raw, json)
Hash identifier: SPFm8oPbTa4hyaYD8F5IhdItQAiErrjahVrh6ptJJLQ=
Subject key identifier: A4:53:1C:36:61:DB:F3:3E:EC:82:BB:61:78:79:CB:01:63:92:AF:D7
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 34C1
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/9CC241B2016511EA91E3CF4AC4F9AE02.roa
Signing time: Fri 24 Jan 2025 16:02:25 +0000
ROA not before: Fri 24 Jan 2025 16:02:25 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 17885
IP address blocks: 112.215.7.0/24 maxlen: 24
112.215.10.0/24 maxlen: 24
112.215.11.0/24 maxlen: 24
112.215.18.0/24 maxlen: 24
112.215.21.0/24 maxlen: 24
112.215.22.0/24 maxlen: 24
112.215.30.0/24 maxlen: 24
112.215.33.0/24 maxlen: 24
112.215.34.0/24 maxlen: 24
112.215.40.0/24 maxlen: 24
112.215.41.0/24 maxlen: 24
112.215.42.0/24 maxlen: 24
112.215.46.0/24 maxlen: 24
112.215.49.0/24 maxlen: 24
112.215.62.0/24 maxlen: 24
112.215.68.0/24 maxlen: 24
112.215.69.0/24 maxlen: 24
112.215.77.0/24 maxlen: 24
112.215.78.0/24 maxlen: 24
112.215.81.0/24 maxlen: 24
112.215.87.0/24 maxlen: 24
112.215.89.0/24 maxlen: 24
112.215.94.0/24 maxlen: 24
112.215.96.0/24 maxlen: 24
112.215.97.0/24 maxlen: 24
112.215.98.0/24 maxlen: 24
112.215.100.0/24 maxlen: 24
112.215.105.0/24 maxlen: 24
112.215.106.0/24 maxlen: 24
112.215.107.0/24 maxlen: 24
112.215.108.0/24 maxlen: 24
112.215.112.0/24 maxlen: 24
112.215.113.0/24 maxlen: 24
112.215.114.0/24 maxlen: 24
112.215.116.0/24 maxlen: 24
112.215.118.0/24 maxlen: 24
112.215.121.0/24 maxlen: 24
112.215.129.0/24 maxlen: 24
112.215.131.0/24 maxlen: 24
112.215.132.0/24 maxlen: 24
112.215.141.0/24 maxlen: 24
112.215.142.0/24 maxlen: 24
112.215.143.0/24 maxlen: 24
112.215.159.0/24 maxlen: 24
112.215.176.0/24 maxlen: 24
112.215.177.0/24 maxlen: 24
112.215.178.0/24 maxlen: 24
112.215.190.0/24 maxlen: 24
112.215.191.0/24 maxlen: 24
112.215.192.0/24 maxlen: 24
112.215.193.0/24 maxlen: 24
112.215.195.0/24 maxlen: 24
112.215.205.0/24 maxlen: 24
112.215.248.0/24 maxlen: 24
121.52.25.0/24 maxlen: 24
121.52.29.0/24 maxlen: 24
121.52.35.0/24 maxlen: 24
121.52.40.0/24 maxlen: 24
121.52.41.0/24 maxlen: 24
121.52.42.0/24 maxlen: 24
121.52.45.0/24 maxlen: 24
121.52.48.0/24 maxlen: 24
121.52.49.0/24 maxlen: 24
121.52.50.0/24 maxlen: 24
121.52.51.0/24 maxlen: 24
121.52.52.0/24 maxlen: 24
121.52.53.0/24 maxlen: 24
121.52.54.0/24 maxlen: 24
121.52.55.0/24 maxlen: 24
121.52.59.0/24 maxlen: 24
121.52.60.0/24 maxlen: 24
121.52.64.0/24 maxlen: 24
121.52.65.0/24 maxlen: 24
121.52.66.0/24 maxlen: 24
121.52.67.0/24 maxlen: 24
121.52.68.0/24 maxlen: 24
121.52.70.0/24 maxlen: 24
121.52.71.0/24 maxlen: 24
121.52.72.0/24 maxlen: 24
121.52.73.0/24 maxlen: 24
121.52.74.0/24 maxlen: 24
121.52.75.0/24 maxlen: 24
121.52.76.0/24 maxlen: 24
121.52.77.0/24 maxlen: 24
121.52.78.0/24 maxlen: 24
121.52.79.0/24 maxlen: 24
121.52.80.0/24 maxlen: 24
121.52.81.0/24 maxlen: 24
121.52.82.0/24 maxlen: 24
121.52.83.0/24 maxlen: 24
121.52.84.0/24 maxlen: 24
121.52.85.0/24 maxlen: 24
121.52.87.0/24 maxlen: 24
121.52.88.0/24 maxlen: 24
121.52.89.0/24 maxlen: 24
121.52.91.0/24 maxlen: 24
121.52.92.0/24 maxlen: 24
121.52.93.0/24 maxlen: 24
121.52.94.0/24 maxlen: 24
121.52.95.0/24 maxlen: 24
202.152.224.0/24 maxlen: 24
202.152.225.0/24 maxlen: 24
202.152.230.0/24 maxlen: 24
202.152.231.0/24 maxlen: 24
202.152.233.0/24 maxlen: 24
202.152.237.0/24 maxlen: 24
202.152.244.0/24 maxlen: 24
202.152.248.0/24 maxlen: 24
202.152.249.0/24 maxlen: 24
202.152.250.0/24 maxlen: 24
202.152.251.0/24 maxlen: 24
202.152.252.0/24 maxlen: 24
202.152.253.0/24 maxlen: 24
202.152.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 13 Apr 2025 15:33:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13505 (0x34c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214
Validity
Not Before: Jan 24 16:02:25 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6793b991-ef60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0f:f8:4f:4d:90:a4:0d:fd:25:78:e2:45:91:
81:a1:ad:46:fd:f9:85:31:e4:f1:07:3d:c4:a5:af:
5a:3f:30:b7:5f:f8:87:03:94:63:f4:0b:0d:d5:a4:
b5:72:b9:07:2e:1f:b8:8a:92:8a:9b:7a:d2:1d:5a:
fe:98:71:09:13:36:e0:cf:d0:49:f7:e3:80:52:76:
69:bb:af:5d:15:55:1c:c2:f4:32:9b:a4:12:7f:b9:
21:a7:77:7e:43:31:21:e4:d0:08:e0:a6:e5:ac:db:
61:c5:53:03:8e:eb:6e:ba:a3:47:95:bd:ba:60:7b:
9f:90:cf:6c:ca:39:a2:64:ca:1d:58:ff:d2:68:05:
10:09:7b:73:7c:1e:13:02:1d:01:d4:c8:52:b6:23:
33:c2:a3:3a:e3:a4:51:b5:ad:ad:e7:d9:1d:6d:7f:
b0:0a:ed:00:d9:18:4b:24:eb:10:fc:b3:6b:f9:0d:
b5:c2:08:9a:3b:42:f8:48:21:8c:e8:c1:42:62:21:
77:5a:42:ff:52:67:4b:af:e6:6b:69:05:ea:c5:b4:
7b:4e:1b:59:cd:6e:a9:d7:73:c5:f8:d6:49:61:13:
1c:4b:19:9b:0b:a2:e0:ac:95:20:91:55:a2:b9:07:
66:4e:b6:da:01:ec:54:de:92:7d:3c:77:3d:0c:ae:
7d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:53:1C:36:61:DB:F3:3E:EC:82:BB:61:78:79:CB:01:63:92:AF:D7
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/9CC241B2016511EA91E3CF4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
112.215.7.0/24
112.215.10.0/23
112.215.18.0/24
112.215.21.0-112.215.22.255
112.215.30.0/24
112.215.33.0-112.215.34.255
112.215.40.0-112.215.42.255
112.215.46.0/24
112.215.49.0/24
112.215.62.0/24
112.215.68.0/23
112.215.77.0-112.215.78.255
112.215.81.0/24
112.215.87.0/24
112.215.89.0/24
112.215.94.0/24
112.215.96.0-112.215.98.255
112.215.100.0/24
112.215.105.0-112.215.108.255
112.215.112.0-112.215.114.255
112.215.116.0/24
112.215.118.0/24
112.215.121.0/24
112.215.129.0/24
112.215.131.0-112.215.132.255
112.215.141.0-112.215.143.255
112.215.159.0/24
112.215.176.0-112.215.178.255
112.215.190.0-112.215.193.255
112.215.195.0/24
112.215.205.0/24
112.215.248.0/24
121.52.25.0/24
121.52.29.0/24
121.52.35.0/24
121.52.40.0-121.52.42.255
121.52.45.0/24
121.52.48.0/21
121.52.59.0-121.52.60.255
121.52.64.0-121.52.68.255
121.52.70.0-121.52.85.255
121.52.87.0-121.52.89.255
121.52.91.0-121.52.95.255
202.152.224.0/23
202.152.230.0/23
202.152.233.0/24
202.152.237.0/24
202.152.244.0/24
202.152.248.0-202.152.254.255
Signature Algorithm: sha256WithRSAEncryption
0d:38:5e:5b:1f:58:77:92:a9:1d:bc:81:02:ee:eb:ea:a7:a1:
47:e0:13:60:09:29:3d:b2:11:09:86:a1:c4:0f:b9:fc:76:af:
17:5d:2f:a2:90:f0:ef:7c:fd:55:7d:b7:c0:ce:3d:3e:1f:c8:
b5:f0:e8:32:21:3b:c3:5f:a8:fe:3b:28:9d:a3:a7:24:b3:22:
a2:63:16:38:e9:ef:d4:b3:f7:6d:52:fc:73:8f:05:7f:c9:6d:
4f:2c:25:64:32:90:89:dc:46:74:35:d7:ce:45:00:b6:7b:8a:
cf:74:cd:f6:9d:2f:52:70:c3:ee:da:a8:c8:3b:00:c4:f0:a3:
9a:62:54:7e:e8:51:30:1c:f6:0a:26:49:59:9b:7c:ba:ef:44:
eb:2c:b6:25:d9:59:a1:22:82:ab:72:8a:f6:29:79:88:ad:56:
e9:a8:ba:88:97:97:aa:dd:1f:a8:f3:d7:b9:8d:1f:9f:1e:dc:
46:88:ec:fc:ec:3e:c0:01:c8:2a:c7:92:09:14:af:5f:d3:04:
7b:c0:c1:2e:e7:69:e6:6f:0e:32:71:89:e2:4e:58:08:ef:51:
4b:6f:16:8f:2c:b3:fd:81:0a:29:a6:7d:21:4d:8f:88:62:c8:
84:24:0a:21:b7:4f:97:03:0d:ba:ea:d1:56:f2:10:da:0b:ae:
04:cc:a8:99
-----BEGIN CERTIFICATE-----
MIIHKzCCBhOgAwIBAgICNMEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjUwMTI0MTYwMjI1WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkzYjk5MS1lZjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuw/4T02QpA39JXjiRZGBoa1G/fmFMeTxBz3Epa9aPzC3X/iHA5Rj9AsN1aS1
crkHLh+4ipKKm3rSHVr+mHEJEzbgz9BJ9+OAUnZpu69dFVUcwvQym6QSf7khp3d+
QzEh5NAI4KblrNthxVMDjutuuqNHlb26YHufkM9syjmiZModWP/SaAUQCXtzfB4T
Ah0B1MhStiMzwqM646RRta2t59kdbX+wCu0A2RhLJOsQ/LNr+Q21wgiaO0L4SCGM
6MFCYiF3WkL/UmdLr+ZraQXqxbR7ThtZzW6p13PF+NZJYRMcSxmbC6LgrJUgkVWi
uQdmTrbaAexU3pJ9PHc9DK59UwIDAQABo4IETzCCBEswHQYDVR0OBBYEFKRTHDZh
2/M+7IK7YXh5ywFjkq/XMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvOUNDMjQxQjIw
MTY1MTFFQTkxRTNDRjRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggHXBggrBgEFBQcBBwEB
/wSCAcYwggHCMIIBvgQCAAEwggG2AwQAcNcHAwQBcNcKAwQAcNcSMAwDBABw1xUD
BABw1xYDBABw1x4wDAMEAHDXIQMEAHDXIjAMAwQDcNcoAwQAcNcqAwQAcNcuAwQA
cNcxAwQAcNc+AwQBcNdEMAwDBABw100DBABw104DBABw11EDBABw11cDBABw11kD
BABw114wDAMEBXDXYAMEAHDXYgMEAHDXZDAMAwQAcNdpAwQAcNdsMAwDBARw13AD
BABw13IDBABw13QDBABw13YDBABw13kDBABw14EwDAMEAHDXgwMEAHDXhDAMAwQA
cNeNAwQEcNeAAwQAcNefMAwDBARw17ADBABw17IwDAMEAXDXvgMEAXDXwAMEAHDX
wwMEAHDXzQMEAHDX+AMEAHk0GQMEAHk0HQMEAHk0IzAMAwQDeTQoAwQAeTQqAwQA
eTQtAwQDeTQwMAwDBAB5NDsDBAB5NDwwDAMEBnk0QAMEAHk0RDAMAwQBeTRGAwQB
eTRUMAwDBAB5NFcDBAF5NFgwDAMEAHk0WwMEBXk0QAMEAcqY4AMEAcqY5gMEAMqY
6QMEAMqY7QMEAMqY9DAMAwQDypj4AwQAypj+MA0GCSqGSIb3DQEBCwUAA4IBAQAN
OF5bH1h3kqkdvIEC7uvqp6FH4BNgCSk9shEJhqHED7n8dq8XXS+ikPDvfP1VfbfA
zj0+H8i18OgyITvDX6j+Oyido6cksyKiYxY46e/Us/dtUvxzjwV/yW1PLCVkMpCJ
3EZ0NdfORQC2e4rPdM32nS9ScMPu2qjIOwDE8KOaYlR+6FEwHPYKJklZm3y670Tr
LLYl2VmhIoKrcor2KXmIrVbpqLqIl5eq3R+o89e5jR+fHtxGiOz87D7AAcgqx5IJ
FK9f0wR7wMEu52nmbw4ycYniTlgI71FLbxaPLLP9gQoppn0hTY+IYsiEJAoht0+X
Aw266tFW8hDaC64EzKiZ
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:01:15 2025 by rpki-client