Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/FBFEBECA10B211EEA9B11345C4F9AE02.roa
File: FBFEBECA10B211EEA9B11345C4F9AE02.roa (raw, json)
Hash identifier: wzNvofUysU9whi/bJ2KtDbO6Z+B2td019urJnh0Ecvg=
Subject key identifier: 4F:24:A7:FA:F1:FE:90:35:68:6D:6A:70:95:D3:20:1B:A1:3F:6D:9B
Certificate issuer: /CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Certificate serial: 2FCF
Authority key identifier: C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/FBFEBECA10B211EEA9B11345C4F9AE02.roa
Signing time: Tue 30 Apr 2024 15:53:05 +0000
ROA not before: Tue 30 Apr 2024 15:53:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 43.241.40.0/22 maxlen: 22
43.241.40.0/24 maxlen: 25
43.241.41.0/24 maxlen: 25
43.241.42.0/24 maxlen: 25
43.241.43.0/25 maxlen: 25
43.241.43.128/25 maxlen: 25
103.16.252.0/22 maxlen: 22
116.0.64.0/19 maxlen: 19
116.0.68.0/24 maxlen: 24
116.0.70.0/24 maxlen: 24
116.0.76.0/24 maxlen: 24
116.0.82.0/24 maxlen: 24
116.0.93.0/24 maxlen: 24
120.29.192.0/19 maxlen: 19
120.29.195.0/24 maxlen: 24
120.29.209.0/24 maxlen: 24
120.29.216.0/24 maxlen: 24
120.29.219.0/24 maxlen: 24
180.87.0.0/17 maxlen: 24
180.87.128.0/18 maxlen: 18
180.87.128.0/24 maxlen: 24
180.87.129.0/24 maxlen: 24
180.87.130.0/24 maxlen: 24
180.87.131.0/24 maxlen: 24
180.87.132.0/24 maxlen: 24
180.87.133.0/24 maxlen: 24
180.87.134.0/24 maxlen: 24
180.87.135.0/24 maxlen: 24
180.87.136.0/24 maxlen: 24
180.87.137.0/24 maxlen: 24
180.87.138.0/24 maxlen: 24
180.87.139.0/24 maxlen: 24
180.87.140.0/24 maxlen: 24
180.87.141.0/24 maxlen: 24
180.87.142.0/24 maxlen: 24
180.87.143.0/24 maxlen: 24
180.87.144.0/24 maxlen: 24
180.87.145.0/24 maxlen: 24
180.87.146.0/24 maxlen: 24
180.87.147.0/24 maxlen: 24
180.87.148.0/24 maxlen: 24
180.87.149.0/24 maxlen: 24
180.87.150.0/24 maxlen: 24
180.87.151.0/24 maxlen: 24
180.87.152.0/24 maxlen: 24
180.87.153.0/24 maxlen: 24
180.87.154.0/24 maxlen: 24
180.87.155.0/24 maxlen: 24
180.87.156.0/24 maxlen: 24
180.87.157.0/24 maxlen: 24
180.87.158.0/24 maxlen: 24
180.87.159.0/24 maxlen: 24
180.87.160.0/24 maxlen: 24
180.87.161.0/24 maxlen: 24
180.87.162.0/24 maxlen: 24
180.87.163.0/24 maxlen: 24
180.87.164.0/24 maxlen: 24
180.87.165.0/24 maxlen: 24
180.87.166.0/24 maxlen: 24
180.87.167.0/24 maxlen: 24
180.87.168.0/24 maxlen: 24
180.87.169.0/24 maxlen: 24
180.87.170.0/24 maxlen: 24
180.87.171.0/24 maxlen: 24
180.87.172.0/24 maxlen: 24
180.87.173.0/24 maxlen: 24
180.87.174.0/24 maxlen: 24
180.87.175.0/24 maxlen: 24
180.87.176.0/24 maxlen: 24
180.87.177.0/24 maxlen: 24
180.87.178.0/24 maxlen: 24
180.87.179.0/24 maxlen: 24
180.87.180.0/24 maxlen: 24
180.87.181.0/24 maxlen: 24
180.87.182.0/24 maxlen: 24
180.87.183.0/24 maxlen: 24
180.87.184.0/24 maxlen: 24
180.87.185.0/24 maxlen: 24
180.87.186.0/24 maxlen: 24
180.87.187.0/24 maxlen: 24
180.87.188.0/24 maxlen: 24
180.87.189.0/24 maxlen: 24
180.87.190.0/24 maxlen: 24
180.87.191.0/24 maxlen: 24
202.183.64.0/20 maxlen: 24
2405:2000::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 15:28:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12239 (0x2fcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91955C8/serialNumber=C6673D3648F43F4674F5F5EBFCBFA31BB964F64B
Validity
Not Before: Apr 30 15:53:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=663113e1-8399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1a:89:51:93:7f:46:0b:8d:c2:54:f6:95:1a:
89:f7:26:0d:46:ac:d4:80:30:7e:21:f5:7f:29:96:
10:fb:02:ba:b7:48:01:55:f3:6a:d4:8a:a4:2c:ad:
e0:4e:a6:63:cb:76:60:0f:b9:37:0a:8b:d0:11:88:
2f:d3:83:32:c6:d2:62:c9:18:e9:8a:0e:43:4e:22:
01:0a:d7:4b:22:47:16:17:da:5e:9d:28:94:b1:86:
88:80:62:74:e8:f7:38:0d:43:0a:d9:71:85:11:c8:
3f:1f:34:49:da:b7:90:c7:81:17:91:40:90:ce:b7:
a9:27:72:f9:79:8e:d0:39:b7:a4:08:4e:ff:07:8c:
ea:83:b3:74:e6:b9:73:f5:8c:ab:e2:c0:63:50:d7:
b5:f4:c6:00:9c:47:4b:fc:11:df:26:46:d0:d9:ac:
0f:55:bf:96:e8:96:28:45:40:bb:95:3d:82:24:9b:
50:ab:a1:80:9b:00:db:f2:0c:91:f9:ba:b3:eb:46:
a7:44:1e:2d:33:94:9c:d3:0f:d0:5d:10:8a:e8:77:
04:80:91:5f:08:95:36:9a:b7:b5:5b:81:de:f1:63:
97:52:b8:f5:e9:f1:e4:db:ce:8b:2d:e8:85:94:fb:
3b:17:bb:d9:45:ce:64:05:ab:cb:58:27:87:1d:1b:
a5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:24:A7:FA:F1:FE:90:35:68:6D:6A:70:95:D3:20:1B:A1:3F:6D:9B
X509v3 Authority Key Identifier:
keyid:C6:67:3D:36:48:F4:3F:46:74:F5:F5:EB:FC:BF:A3:1B:B9:64:F6:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xmc9Nkj0P0Z09fXr_L-jG7lk9ks.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91955C8/9CD3E8F6FF5811E2BB4B2E3F5911EA32/FBFEBECA10B211EEA9B11345C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.40.0/22
103.16.252.0/22
116.0.64.0/19
120.29.192.0/19
180.87.0.0-180.87.191.255
202.183.64.0/20
IPv6:
2405:2000::/32
Signature Algorithm: sha256WithRSAEncryption
3c:42:16:40:29:67:8a:e9:14:83:5e:9c:47:af:ce:f7:dd:0b:
45:b6:eb:fa:6a:fd:65:cf:e5:9d:22:ec:fe:9b:45:9c:f3:d2:
05:26:8c:9b:d7:90:52:2a:67:75:d9:e1:8b:5f:5e:f4:35:c0:
a3:12:64:1d:b1:1e:bc:86:c8:48:79:7b:c4:76:22:da:14:78:
12:45:58:9c:f7:30:df:73:af:c4:52:a6:98:19:74:56:20:35:
4e:03:f8:ea:34:69:cc:54:b3:a1:ee:a6:88:ac:0f:9b:75:d7:
f5:4d:1d:55:77:2f:7a:36:71:e6:c6:d2:76:c2:bf:a0:e3:a4:
ce:fd:8f:6e:14:21:cc:9f:ff:87:63:a9:48:5c:30:ee:c7:46:
96:d1:29:0e:44:b4:7b:45:98:ca:cc:06:06:08:61:72:30:45:
6e:4a:18:94:7a:f3:bf:7f:92:fa:1f:51:5c:f3:95:50:ca:17:
cb:51:e3:7a:f9:0a:01:7d:71:be:c9:2b:85:28:a3:82:6b:6e:
1a:46:5c:d6:c1:4a:34:3b:ea:5f:24:16:15:38:c7:54:ef:9c:
9d:c9:83:f5:4e:e6:e8:d4:96:59:73:2b:68:69:59:56:1c:f5:
c5:ab:98:41:a1:42:e7:54:fd:f1:c2:f6:af:d7:bd:0f:ba:77:
96:16:0b:c8
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgICL88wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTU1QzgxMTAvBgNVBAUTKEM2NjczRDM2NDhGNDNGNDY3NEY1RjVFQkZDQkZBMzFC
Qjk2NEY2NEIwHhcNMjQwNDMwMTU1MzA1WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxMTNlMS04Mzk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwBqJUZN/RguNwlT2lRqJ9yYNRqzUgDB+IfV/KZYQ+wK6t0gBVfNq1IqkLK3g
TqZjy3ZgD7k3CovQEYgv04MyxtJiyRjpig5DTiIBCtdLIkcWF9penSiUsYaIgGJ0
6Pc4DUMK2XGFEcg/HzRJ2reQx4EXkUCQzrepJ3L5eY7QObekCE7/B4zqg7N05rlz
9Yyr4sBjUNe19MYAnEdL/BHfJkbQ2awPVb+W6JYoRUC7lT2CJJtQq6GAmwDb8gyR
+bqz60anRB4tM5Sc0w/QXRCK6HcEgJFfCJU2mre1W4He8WOXUrj16fHk286LLeiF
lPs7F7vZRc5kBavLWCeHHRulAQIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFE8kp/rx
/pA1aG1qcJXTIBuhP22bMB8GA1UdIwQYMBaAFMZnPTZI9D9GdPX16/y/oxu5ZPZL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTVDOC85Q0QzRThGNkZG
NTgxMUUyQkI0QjJFM0Y1OTExRUEzMi94bWM5TmtqMFAwWjA5ZlhyX0wtakc3bGs5
a3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3htYzlOa2owUDBaMDlmWHJfTC1qRzdsazlrcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTU1QzgvOUNEM0U4RjZGRjU4MTFFMkJCNEIyRTNGNTkxMUVBMzIvRkJGRUJFQ0Ex
MEIyMTFFRUE5QjExMzQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUwYIKwYBBQUHAQcBAf8E
RDBCMDEEAgABMCsDBAIr8SgDBAJnEPwDBAV0AEADBAV4HcAwCwMDALRXAwQGtFeA
AwQEyrdAMA0EAgACMAcDBQAkBSAAMA0GCSqGSIb3DQEBCwUAA4IBAQA8QhZAKWeK
6RSDXpxHr8733QtFtuv6av1lz+WdIuz+m0Wc89IFJoyb15BSKmd12eGLX170NcCj
EmQdsR68hshIeXvEdiLaFHgSRVic9zDfc6/EUqaYGXRWIDVOA/jqNGnMVLOh7qaI
rA+bddf1TR1Vdy96NnHmxtJ2wr+g46TO/Y9uFCHMn/+HY6lIXDDux0aW0SkORLR7
RZjKzAYGCGFyMEVuShiUevO/f5L6H1Fc85VQyhfLUeN6+QoBfXG+ySuFKKOCa24a
RlzWwUo0O+pfJBYVOMdU75ydyYP1Tubo1JZZcytoaVlWHPXFq5hBoULnVP3xwvav
170PuneWFgvI
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:06:01 2024 by rpki-client on console-ams.rpki-client.org