Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/42F41E56B0D011E5A58E097CC4F9AE02.roa
File: 42F41E56B0D011E5A58E097CC4F9AE02.roa (raw, json)
Hash identifier: +zLz9F1a9aSQzTKp4936Bb16x1cm8uy1LOruq1QDW6k=
Subject key identifier: 1E:6B:3A:7D:E3:AC:5A:70:51:FB:B9:1E:DB:F8:48:22:13:C2:29:AC
Certificate issuer: /CN=A91A1EE0/serialNumber=860C0904CED7BB0D1D97B292FDB662E8B9A8AFF0
Certificate serial: 344B
Authority key identifier: 86:0C:09:04:CE:D7:BB:0D:1D:97:B2:92:FD:B6:62:E8:B9:A8:AF:F0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/42F41E56B0D011E5A58E097CC4F9AE02.roa
Signing time: Thu 12 Sep 2024 14:50:42 +0000
ROA not before: Thu 12 Sep 2024 14:50:42 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 24122
IP address blocks: 43.243.204.0/22 maxlen: 22
43.243.204.0/23 maxlen: 23
43.243.204.0/24 maxlen: 24
43.243.205.0/24 maxlen: 24
43.243.206.0/23 maxlen: 23
43.243.206.0/24 maxlen: 24
43.243.207.0/24 maxlen: 24
103.16.72.0/22 maxlen: 22
103.16.72.0/23 maxlen: 23
103.16.72.0/24 maxlen: 24
103.16.73.0/24 maxlen: 24
103.16.74.0/23 maxlen: 23
103.16.74.0/24 maxlen: 24
103.16.75.0/24 maxlen: 24
119.40.80.0/20 maxlen: 20
119.40.80.0/20 maxlen: 24
119.40.80.0/21 maxlen: 21
119.40.80.0/23 maxlen: 23
119.40.80.0/24 maxlen: 24
119.40.81.0/24 maxlen: 24
119.40.82.0/24 maxlen: 24
119.40.83.0/24 maxlen: 24
119.40.84.0/23 maxlen: 23
119.40.84.0/24 maxlen: 24
119.40.85.0/24 maxlen: 24
119.40.86.0/24 maxlen: 24
119.40.87.0/24 maxlen: 24
119.40.88.0/21 maxlen: 21
119.40.88.0/22 maxlen: 22
119.40.88.0/24 maxlen: 24
119.40.89.0/24 maxlen: 24
119.40.90.0/24 maxlen: 24
119.40.91.0/24 maxlen: 24
119.40.92.0/22 maxlen: 22
119.40.92.0/24 maxlen: 24
119.40.93.0/24 maxlen: 24
119.40.94.0/24 maxlen: 24
119.40.95.0/24 maxlen: 24
210.4.64.0/20 maxlen: 20
210.4.64.0/20 maxlen: 24
210.4.64.0/21 maxlen: 21
210.4.64.0/24 maxlen: 24
210.4.65.0/24 maxlen: 24
210.4.66.0/23 maxlen: 23
210.4.66.0/24 maxlen: 24
210.4.67.0/24 maxlen: 24
210.4.68.0/24 maxlen: 24
210.4.69.0/24 maxlen: 24
210.4.70.0/23 maxlen: 23
210.4.70.0/24 maxlen: 24
210.4.71.0/24 maxlen: 24
210.4.72.0/21 maxlen: 21
210.4.72.0/24 maxlen: 24
210.4.73.0/24 maxlen: 24
210.4.74.0/23 maxlen: 23
210.4.74.0/24 maxlen: 24
210.4.75.0/24 maxlen: 24
210.4.76.0/24 maxlen: 24
210.4.77.0/24 maxlen: 24
210.4.78.0/24 maxlen: 24
210.4.79.0/24 maxlen: 24
2403:4000::/32 maxlen: 32
2403:4000:17::/48 maxlen: 48
2403:4000:18::/48 maxlen: 48
2403:4000:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.crl
rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 03 Dec 2024 14:35:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13387 (0x344b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1EE0/serialNumber=860C0904CED7BB0D1D97B292FDB662E8B9A8AFF0
Validity
Not Before: Sep 12 14:50:42 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66e2ffc2-c00d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:52:7e:79:55:8f:fa:8d:6d:23:81:a8:99:b3:
f6:c7:c6:c0:2e:1a:dd:65:3f:94:28:ce:6b:b7:b5:
e2:39:6a:92:24:c7:0c:74:29:31:a2:24:89:14:76:
48:fa:a7:e1:90:14:76:b7:88:fe:a6:6c:94:73:fe:
97:3c:83:22:69:62:cd:b3:81:b9:70:a6:14:7e:fd:
23:df:e9:30:98:df:0c:ac:7d:04:9f:e8:de:44:4c:
4b:11:83:5d:df:20:2a:b3:90:ed:a1:d1:eb:ba:79:
01:74:98:c9:89:d8:13:50:2e:6e:97:ed:56:65:5f:
4b:5e:38:11:c4:7a:4f:47:35:fb:3f:52:06:37:fb:
67:7d:47:1a:41:fa:34:2d:18:b0:23:b3:2e:fe:8c:
e6:02:17:18:f5:96:43:e7:42:23:19:92:77:d0:56:
0a:94:57:02:0c:59:c6:34:90:2c:c7:7a:4d:b7:07:
9f:a9:20:fb:da:b5:2d:a1:d6:32:08:3a:77:fd:9f:
37:f6:22:ea:07:89:8f:8a:4f:44:35:e4:0d:41:f1:
85:1a:b4:1b:37:49:05:d3:44:70:60:9b:f8:72:7b:
cb:d2:8b:35:19:d5:6c:f9:2e:90:53:51:5b:01:88:
d9:28:9e:ca:a3:91:e7:f0:7b:13:ef:80:00:27:80:
a5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:6B:3A:7D:E3:AC:5A:70:51:FB:B9:1E:DB:F8:48:22:13:C2:29:AC
X509v3 Authority Key Identifier:
keyid:86:0C:09:04:CE:D7:BB:0D:1D:97:B2:92:FD:B6:62:E8:B9:A8:AF:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/42F41E56B0D011E5A58E097CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.204.0/22
103.16.72.0/22
119.40.80.0/20
210.4.64.0/20
IPv6:
2403:4000::/32
Signature Algorithm: sha256WithRSAEncryption
2e:ef:11:bf:d4:dd:e6:73:f6:2e:c0:11:39:c9:58:39:33:f8:
0e:e9:d2:ad:99:98:f3:3b:e1:8b:31:f9:36:cb:5a:9a:46:d5:
97:c1:43:cd:ab:95:85:8e:a0:c3:d4:42:8b:84:00:66:b2:ee:
52:8c:c4:81:43:af:77:87:1e:0c:d1:49:27:16:b9:35:5b:73:
2c:2c:f0:f1:42:70:5b:a0:4b:6f:e0:b2:80:9d:71:7c:5f:ae:
d2:1a:3f:d4:85:8c:c3:11:f0:46:cf:78:60:81:47:21:59:ef:
43:78:80:bc:9e:6e:e4:9d:1b:41:a2:58:ba:f3:e3:bc:8f:a3:
71:0c:df:e9:b5:fa:81:79:41:ca:12:15:d3:1b:8b:30:7d:e3:
ff:2a:a4:c5:d8:45:f7:02:cd:03:8a:aa:bc:ef:1d:cf:5e:3d:
66:79:45:72:7a:78:c7:df:5e:f2:8d:5b:19:c3:0c:99:2d:c9:
55:a0:8c:28:0a:6a:4e:d6:89:cc:1c:58:a6:a3:df:05:89:57:
ac:53:95:fe:5e:e6:bc:44:b7:de:9f:04:e8:5d:62:b4:d8:6f:
b6:02:b3:41:4d:c2:4c:ff:9b:bb:1d:eb:d1:4a:8a:a9:42:dc:
f0:f8:0c:e3:dc:70:6a:0b:30:ce:2f:1f:3e:6c:ba:b4:bf:8f:
3c:4e:b1:d4
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICNEswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTFFRTAxMTAvBgNVBAUTKDg2MEMwOTA0Q0VEN0JCMEQxRDk3QjI5MkZEQjY2MkU4
QjlBOEFGRjAwHhcNMjQwOTEyMTQ1MDQyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmUyZmZjMi1jMDBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu1J+eVWP+o1tI4GombP2x8bALhrdZT+UKM5rt7XiOWqSJMcMdCkxoiSJFHZI
+qfhkBR2t4j+pmyUc/6XPIMiaWLNs4G5cKYUfv0j3+kwmN8MrH0En+jeRExLEYNd
3yAqs5DtodHrunkBdJjJidgTUC5ul+1WZV9LXjgRxHpPRzX7P1IGN/tnfUcaQfo0
LRiwI7Mu/ozmAhcY9ZZD50IjGZJ30FYKlFcCDFnGNJAsx3pNtwefqSD72rUtodYy
CDp3/Z839iLqB4mPik9ENeQNQfGFGrQbN0kF00RwYJv4cnvL0os1GdVs+S6QU1Fb
AYjZKJ7Ko5Hn8HsT74AAJ4ClgQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFB5rOn3j
rFpwUfu5Htv4SCITwimsMB8GA1UdIwQYMBaAFIYMCQTO17sNHZeykv22Yui5qK/w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUVFMC9EMjM2MzQ0NjFE
OEExMUUyODIwRjA0RTUwOEIwMkNEMi9oZ3dKQk03WHV3MGRsN0tTX2JaaTZMbW9y
X0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hnd0pCTTdYdXcwZGw3S1NfYlppNkxtb3JfQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFFRTAvRDIzNjM0NDYxRDhBMTFFMjgyMEYwNEU1MDhCMDJDRDIvNDJGNDFFNTZC
MEQwMTFFNUE1OEUwOTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr88wDBAJnEEgDBAR3KFADBATSBEAwDQQCAAIwBwMFACQD
QAAwDQYJKoZIhvcNAQELBQADggEBAC7vEb/U3eZz9i7AETnJWDkz+A7p0q2ZmPM7
4Ysx+TbLWppG1ZfBQ82rlYWOoMPUQouEAGay7lKMxIFDr3eHHgzRSScWuTVbcyws
8PFCcFugS2/gsoCdcXxfrtIaP9SFjMMR8EbPeGCBRyFZ70N4gLyebuSdG0GiWLrz
47yPo3EM3+m1+oF5QcoSFdMbizB94/8qpMXYRfcCzQOKqrzvHc9ePWZ5RXJ6eMff
XvKNWxnDDJktyVWgjCgKak7WicwcWKaj3wWJV6xTlf5e5rxEt96fBOhdYrTYb7YC
s0FNwkz/m7sd69FKiqlC3PD4DOPccGoLMM4vHz5surS/jzxOsdQ=
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:20:01 2024 by rpki-client on console-fra.rpki-client.org