Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A09BF/D13DA1D42DFC11EABC1B6B82C4F9AE02/7510C8E4A58111EFB180AE4CC4F9AE02.roa
File: 7510C8E4A58111EFB180AE4CC4F9AE02.roa (raw, json)
Hash identifier: E/BGID6Gby6v5QvQj4hPXMbAhQVogenf9fUtMLowUnA=
Subject key identifier: 0E:2D:EF:FF:0B:76:A4:30:A9:3E:14:BD:3A:1A:15:8B:F6:DB:8F:E5
Certificate issuer: /CN=A91A09BF/serialNumber=7870F240BC4516E39A9C25958CF97B194BE76567
Certificate serial: 0B3B
Authority key identifier: 78:70:F2:40:BC:45:16:E3:9A:9C:25:95:8C:F9:7B:19:4B:E7:65:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eHDyQLxFFuOanCWVjPl7GUvnZWc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A09BF/D13DA1D42DFC11EABC1B6B82C4F9AE02/7510C8E4A58111EFB180AE4CC4F9AE02.roa
Signing time: Mon 18 Nov 2024 07:48:10 +0000
ROA not before: Mon 18 Nov 2024 07:48:10 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 9729
IP address blocks: 202.85.128.0/20 maxlen: 20
202.85.128.0/24 maxlen: 24
202.85.129.0/24 maxlen: 24
202.85.131.0/24 maxlen: 24
202.85.132.0/24 maxlen: 24
202.85.137.0/24 maxlen: 24
202.85.138.0/24 maxlen: 24
202.85.140.0/24 maxlen: 24
202.85.144.0/20 maxlen: 20
202.85.164.0/23 maxlen: 23
202.85.165.0/24 maxlen: 24
202.85.166.0/23 maxlen: 23
202.85.167.0/24 maxlen: 24
202.85.168.0/22 maxlen: 22
202.85.169.0/24 maxlen: 24
202.85.170.0/24 maxlen: 24
202.85.171.0/24 maxlen: 24
202.85.172.0/22 maxlen: 22
202.85.172.0/24 maxlen: 24
202.85.180.0/22 maxlen: 22
202.85.181.0/24 maxlen: 24
202.85.184.0/22 maxlen: 22
202.85.188.0/24 maxlen: 24
202.85.190.0/24 maxlen: 24
202.85.191.0/24 maxlen: 24
203.194.128.0/21 maxlen: 21
203.194.133.0/24 maxlen: 24
203.194.135.0/24 maxlen: 24
203.194.136.0/21 maxlen: 21
203.194.136.0/24 maxlen: 24
203.194.140.0/22 maxlen: 24
203.194.144.0/21 maxlen: 21
203.194.144.0/24 maxlen: 24
203.194.145.0/24 maxlen: 24
203.194.146.0/24 maxlen: 24
203.194.148.0/24 maxlen: 24
203.194.149.0/24 maxlen: 24
203.194.152.0/21 maxlen: 21
203.194.153.0/24 maxlen: 24
203.194.159.0/24 maxlen: 24
203.194.160.0/22 maxlen: 24
203.194.164.0/22 maxlen: 22
203.194.168.0/22 maxlen: 22
203.194.168.0/24 maxlen: 24
203.194.169.0/24 maxlen: 24
203.194.170.0/24 maxlen: 24
203.194.171.0/24 maxlen: 24
203.194.176.0/22 maxlen: 22
203.194.176.0/24 maxlen: 24
203.194.177.0/24 maxlen: 24
203.194.179.0/24 maxlen: 24
203.194.183.0/24 maxlen: 24
203.194.186.0/23 maxlen: 24
203.194.188.0/22 maxlen: 22
203.194.188.0/24 maxlen: 24
203.194.192.0/21 maxlen: 21
203.194.196.0/24 maxlen: 24
203.194.199.0/24 maxlen: 24
203.194.200.0/22 maxlen: 22
203.194.200.0/23 maxlen: 23
203.194.204.0/22 maxlen: 22
203.194.206.0/24 maxlen: 24
203.194.208.0/22 maxlen: 22
203.194.208.0/24 maxlen: 24
203.194.209.0/24 maxlen: 24
203.194.211.0/24 maxlen: 24
203.194.212.0/22 maxlen: 22
203.194.212.0/23 maxlen: 23
203.194.216.0/22 maxlen: 22
203.194.216.0/24 maxlen: 24
203.194.217.0/24 maxlen: 24
203.194.218.0/24 maxlen: 24
203.194.219.0/24 maxlen: 24
203.194.220.0/22 maxlen: 22
203.194.220.0/24 maxlen: 24
203.194.221.0/24 maxlen: 24
203.194.223.0/24 maxlen: 24
203.194.224.0/22 maxlen: 22
203.194.224.0/24 maxlen: 24
203.194.227.0/24 maxlen: 24
203.194.228.0/22 maxlen: 22
203.194.228.0/24 maxlen: 24
203.194.232.0/22 maxlen: 22
203.194.232.0/24 maxlen: 24
203.194.233.0/24 maxlen: 24
203.194.236.0/22 maxlen: 24
203.194.240.0/22 maxlen: 22
203.194.244.0/22 maxlen: 22
203.194.244.0/24 maxlen: 24
203.194.248.0/21 maxlen: 21
203.194.255.0/24 maxlen: 24
210.184.96.0/22 maxlen: 22
210.184.97.0/24 maxlen: 24
210.184.99.0/24 maxlen: 24
210.184.100.0/22 maxlen: 22
210.184.108.0/22 maxlen: 22
210.184.110.0/24 maxlen: 24
210.184.112.0/21 maxlen: 21
210.184.113.0/24 maxlen: 24
210.184.114.0/24 maxlen: 24
210.184.120.0/24 maxlen: 24
210.184.121.0/24 maxlen: 24
210.184.122.0/24 maxlen: 24
210.184.124.0/24 maxlen: 24
210.184.127.0/24 maxlen: 24
210.184.128.0/17 maxlen: 17
210.184.128.0/21 maxlen: 21
210.184.136.0/22 maxlen: 22
210.184.137.0/24 maxlen: 24
210.184.139.0/24 maxlen: 24
210.184.142.0/24 maxlen: 24
210.184.152.0/22 maxlen: 22
210.184.156.0/23 maxlen: 23
210.184.158.0/23 maxlen: 23
210.184.164.0/22 maxlen: 22
210.184.167.0/24 maxlen: 24
210.184.168.0/22 maxlen: 22
210.184.172.0/23 maxlen: 23
210.184.174.0/23 maxlen: 23
210.184.178.0/23 maxlen: 23
210.184.178.0/24 maxlen: 24
210.184.180.0/22 maxlen: 22
210.184.180.0/24 maxlen: 24
210.184.184.0/22 maxlen: 22
210.184.189.0/24 maxlen: 24
210.184.190.0/23 maxlen: 23
210.184.190.0/24 maxlen: 24
210.184.192.0/24 maxlen: 24
210.184.193.0/24 maxlen: 24
210.184.194.0/24 maxlen: 24
210.184.196.0/22 maxlen: 22
210.184.196.0/24 maxlen: 24
210.184.197.0/24 maxlen: 24
210.184.198.0/23 maxlen: 24
210.184.200.0/22 maxlen: 22
210.184.200.0/24 maxlen: 24
210.184.201.0/24 maxlen: 24
210.184.202.0/24 maxlen: 24
210.184.203.0/24 maxlen: 24
210.184.204.0/22 maxlen: 22
210.184.208.0/24 maxlen: 24
210.184.209.0/24 maxlen: 24
210.184.210.0/24 maxlen: 24
210.184.211.0/24 maxlen: 24
210.184.212.0/24 maxlen: 24
210.184.213.0/24 maxlen: 24
210.184.214.0/24 maxlen: 24
210.184.215.0/24 maxlen: 24
210.184.216.0/24 maxlen: 24
210.184.217.0/24 maxlen: 24
210.184.218.0/24 maxlen: 24
210.184.219.0/24 maxlen: 24
210.184.220.0/24 maxlen: 24
210.184.221.0/24 maxlen: 24
210.184.222.0/24 maxlen: 24
210.184.223.0/24 maxlen: 24
210.184.224.0/24 maxlen: 24
210.184.225.0/24 maxlen: 24
210.184.226.0/24 maxlen: 24
210.184.240.0/24 maxlen: 24
210.184.241.0/24 maxlen: 24
210.184.242.0/23 maxlen: 24
210.184.248.0/21 maxlen: 22
210.184.248.0/23 maxlen: 24
210.184.251.0/24 maxlen: 24
210.184.254.0/24 maxlen: 24
2403:2400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A09BF/D13DA1D42DFC11EABC1B6B82C4F9AE02/eHDyQLxFFuOanCWVjPl7GUvnZWc.crl
rsync://rpki.apnic.net/member_repository/A91A09BF/D13DA1D42DFC11EABC1B6B82C4F9AE02/eHDyQLxFFuOanCWVjPl7GUvnZWc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eHDyQLxFFuOanCWVjPl7GUvnZWc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 19:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2875 (0xb3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A09BF/serialNumber=7870F240BC4516E39A9C25958CF97B194BE76567
Validity
Not Before: Nov 18 07:48:10 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=673af13a-554d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:12:4d:aa:c0:b6:53:1f:b1:f3:07:81:0e:04:
36:87:d6:fb:c2:5f:f7:3e:ec:ae:10:00:ad:0c:9b:
05:2a:81:d7:f6:87:0c:e5:96:2e:76:c2:d9:db:cc:
47:53:77:2a:bc:34:02:f2:9e:00:cd:2f:14:5d:ec:
11:af:a0:34:ec:fe:3a:ea:a6:f4:c0:52:66:01:22:
71:9f:d7:49:ca:81:bb:9c:6c:60:ed:c6:a3:28:4f:
81:23:a3:bc:98:f7:3b:33:89:09:af:c2:3f:05:d0:
95:6b:53:95:89:33:6b:38:e9:f6:52:25:74:9b:de:
28:2a:cc:fe:a2:24:1a:53:99:34:80:9d:c1:50:81:
02:8b:9a:8f:d6:98:f5:e5:a4:b8:7d:ce:43:88:8e:
3b:ee:4d:50:97:b4:60:c3:24:46:bf:df:c1:57:b9:
02:2b:dc:f4:04:d5:ab:01:3a:c6:3a:5f:0c:9e:a6:
3a:37:62:39:5d:d5:af:a3:38:4b:e9:35:68:8f:fe:
5a:41:7d:b7:67:fb:b9:c6:f5:54:66:eb:c9:3e:ef:
3b:23:37:ff:cb:3e:1e:55:e9:bf:b0:19:a1:7e:b3:
80:e0:1a:9b:66:d2:69:4d:56:4f:c1:35:a0:e0:24:
e0:c9:8f:b9:37:78:86:6b:21:a1:ff:78:b8:22:7c:
dc:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2D:EF:FF:0B:76:A4:30:A9:3E:14:BD:3A:1A:15:8B:F6:DB:8F:E5
X509v3 Authority Key Identifier:
keyid:78:70:F2:40:BC:45:16:E3:9A:9C:25:95:8C:F9:7B:19:4B:E7:65:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A09BF/D13DA1D42DFC11EABC1B6B82C4F9AE02/eHDyQLxFFuOanCWVjPl7GUvnZWc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eHDyQLxFFuOanCWVjPl7GUvnZWc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A09BF/D13DA1D42DFC11EABC1B6B82C4F9AE02/7510C8E4A58111EFB180AE4CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.85.128.0/19
202.85.164.0-202.85.175.255
202.85.180.0-202.85.188.255
202.85.190.0/23
203.194.128.0-203.194.171.255
203.194.176.0/22
203.194.183.0/24
203.194.186.0-203.194.255.255
210.184.96.0/21
210.184.108.0-210.184.122.255
210.184.124.0/24
210.184.127.0-210.184.255.255
IPv6:
2403:2400::/32
Signature Algorithm: sha256WithRSAEncryption
1f:66:f2:81:b6:19:98:aa:11:6a:40:af:f8:d3:fc:13:a8:ed:
24:73:8d:55:6b:ac:53:84:68:a6:b1:44:cc:58:b1:cd:3e:3b:
38:64:24:65:cb:8d:c6:34:92:0d:3f:14:3b:fb:e7:21:d4:c0:
35:89:c3:ca:f5:f0:42:d5:e3:f5:06:32:7e:f0:cf:40:34:7c:
7d:99:7b:cd:6e:f8:b7:1f:25:1a:8a:3c:f4:c5:d4:5a:80:0a:
c7:ca:c6:e9:ee:3a:28:93:65:14:7a:b8:57:02:05:7a:c4:26:
ed:6a:6b:40:9b:9f:1a:a3:a0:af:bf:a2:c5:4e:3a:43:50:bf:
06:da:18:b7:4a:31:d0:29:3d:28:52:a3:8d:4a:71:fe:50:92:
de:e0:64:9b:ff:da:1b:83:41:ce:79:14:da:13:e1:0d:2d:be:
0f:ea:a2:d3:b5:21:10:d3:86:8f:19:a0:df:d6:0f:a4:80:79:
be:99:2e:1c:77:cd:9b:d1:a6:8c:14:34:2a:04:7a:38:0d:6f:
28:32:36:26:ae:66:ce:71:e7:81:bb:84:c3:61:ce:26:da:06:
3e:7b:08:73:05:0e:a2:5d:74:46:de:92:2c:43:75:97:4e:15:
4c:bf:8e:65:13:c7:9b:2e:b5:7c:0d:4b:21:f2:42:c3:f4:1b:
f9:79:33:99
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgICCzswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTA5QkYxMTAvBgNVBAUTKDc4NzBGMjQwQkM0NTE2RTM5QTlDMjU5NThDRjk3QjE5
NEJFNzY1NjcwHhcNMjQxMTE4MDc0ODEwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNhZjEzYS01NTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0xJNqsC2Ux+x8weBDgQ2h9b7wl/3PuyuEACtDJsFKoHX9ocM5ZYudsLZ28xH
U3cqvDQC8p4AzS8UXewRr6A07P466qb0wFJmASJxn9dJyoG7nGxg7cajKE+BI6O8
mPc7M4kJr8I/BdCVa1OViTNrOOn2UiV0m94oKsz+oiQaU5k0gJ3BUIECi5qP1pj1
5aS4fc5DiI477k1Ql7RgwyRGv9/BV7kCK9z0BNWrATrGOl8MnqY6N2I5XdWvozhL
6TVoj/5aQX23Z/u5xvVUZuvJPu87Izf/yz4eVem/sBmhfrOA4BqbZtJpTVZPwTWg
4CTgyY+5N3iGayGh/3i4InzcrQIDAQABo4IDFzCCAxMwHQYDVR0OBBYEFA4t7/8L
dqQwqT4UvToaFYv224/lMB8GA1UdIwQYMBaAFHhw8kC8RRbjmpwllYz5exlL52Vn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDlCRi9EMTNEQTFENDJE
RkMxMUVBQkMxQjZCODJDNEY5QUUwMi9lSER5UUx4RkZ1T2FuQ1dWalBsN0dVdm5a
V2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VIRHlRTHhGRnVPYW5DV1ZqUGw3R1V2blpXYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTA5QkYvRDEzREExRDQyREZDMTFFQUJDMUI2QjgyQzRGOUFFMDIvNzUxMEM4RTRB
NTgxMTFFRkIxODBBRTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaAGCCsGAQUFBwEHAQH/
BIGQMIGNMHwEAgABMHYDBAXKVYAwDAMEAspVpAMEBMpVoDAMAwQCylW0AwQAylW8
AwQBylW+MAwDBAfLwoADBALLwqgDBALLwrADBADLwrcwCwMEAcvCugMDAMvCAwQD
0rhgMAwDBALSuGwDBADSuHoDBADSuHwwCwMEANK4fwMDANK4MA0EAgACMAcDBQAk
AyQAMA0GCSqGSIb3DQEBCwUAA4IBAQAfZvKBthmYqhFqQK/40/wTqO0kc41Va6xT
hGimsUTMWLHNPjs4ZCRly43GNJINPxQ7++ch1MA1icPK9fBC1eP1BjJ+8M9ANHx9
mXvNbvi3HyUaijz0xdRagArHysbp7jook2UUerhXAgV6xCbtamtAm58ao6Cvv6LF
TjpDUL8G2hi3SjHQKT0oUqONSnH+UJLe4GSb/9obg0HOeRTaE+ENLb4P6qLTtSEQ
04aPGaDf1g+kgHm+mS4cd82b0aaMFDQqBHo4DW8oMjYmrmbOceeBu4TDYc4m2gY+
ewhzBQ6iXXRG3pIsQ3WXThVMv45lE8ebLrV8DUsh8kLD9Bv5eTOZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:36 2024 by rpki-client on console-ams.rpki-client.org