Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/42F41E56B0D011E5A58E097CC4F9AE02.roa
File: 42F41E56B0D011E5A58E097CC4F9AE02.roa (raw, json)
Hash identifier: uS7mm4nJeuJObvS/1zoAs7w7Tk8NzuTKO3u3JE9tzqg=
Subject key identifier: BF:11:D0:F8:D4:9E:7F:25:BE:F5:39:3B:FA:AB:CC:87:28:6D:1A:DF
Certificate issuer: /CN=A91A1EE0/serialNumber=860C0904CED7BB0D1D97B292FDB662E8B9A8AFF0
Certificate serial: 3391
Authority key identifier: 86:0C:09:04:CE:D7:BB:0D:1D:97:B2:92:FD:B6:62:E8:B9:A8:AF:F0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/42F41E56B0D011E5A58E097CC4F9AE02.roa
Signing time: Fri 22 Sep 2023 14:50:38 +0000
ROA not before: Fri 22 Sep 2023 14:50:38 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 24122
IP address blocks: 43.243.204.0/22 maxlen: 22
43.243.204.0/23 maxlen: 23
43.243.204.0/24 maxlen: 24
43.243.205.0/24 maxlen: 24
43.243.206.0/23 maxlen: 23
43.243.206.0/24 maxlen: 24
43.243.207.0/24 maxlen: 24
103.16.72.0/22 maxlen: 22
103.16.72.0/23 maxlen: 23
103.16.72.0/24 maxlen: 24
103.16.73.0/24 maxlen: 24
103.16.74.0/23 maxlen: 23
103.16.74.0/24 maxlen: 24
103.16.75.0/24 maxlen: 24
119.40.80.0/20 maxlen: 20
119.40.80.0/20 maxlen: 24
119.40.80.0/21 maxlen: 21
119.40.80.0/23 maxlen: 23
119.40.80.0/24 maxlen: 24
119.40.81.0/24 maxlen: 24
119.40.82.0/24 maxlen: 24
119.40.83.0/24 maxlen: 24
119.40.84.0/23 maxlen: 23
119.40.84.0/24 maxlen: 24
119.40.85.0/24 maxlen: 24
119.40.86.0/24 maxlen: 24
119.40.87.0/24 maxlen: 24
119.40.88.0/21 maxlen: 21
119.40.88.0/22 maxlen: 22
119.40.88.0/24 maxlen: 24
119.40.89.0/24 maxlen: 24
119.40.90.0/24 maxlen: 24
119.40.91.0/24 maxlen: 24
119.40.92.0/22 maxlen: 22
119.40.92.0/24 maxlen: 24
119.40.93.0/24 maxlen: 24
119.40.94.0/24 maxlen: 24
119.40.95.0/24 maxlen: 24
210.4.64.0/20 maxlen: 20
210.4.64.0/20 maxlen: 24
210.4.64.0/21 maxlen: 21
210.4.64.0/24 maxlen: 24
210.4.65.0/24 maxlen: 24
210.4.66.0/23 maxlen: 23
210.4.66.0/24 maxlen: 24
210.4.67.0/24 maxlen: 24
210.4.68.0/24 maxlen: 24
210.4.69.0/24 maxlen: 24
210.4.70.0/23 maxlen: 23
210.4.70.0/24 maxlen: 24
210.4.71.0/24 maxlen: 24
210.4.72.0/21 maxlen: 21
210.4.72.0/24 maxlen: 24
210.4.73.0/24 maxlen: 24
210.4.74.0/23 maxlen: 23
210.4.74.0/24 maxlen: 24
210.4.75.0/24 maxlen: 24
210.4.76.0/24 maxlen: 24
210.4.77.0/24 maxlen: 24
210.4.78.0/24 maxlen: 24
210.4.79.0/24 maxlen: 24
2403:4000::/32 maxlen: 32
2403:4000:17::/48 maxlen: 48
2403:4000:18::/48 maxlen: 48
2403:4000:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.crl
rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 25 May 2024 14:37:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13201 (0x3391)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1EE0/serialNumber=860C0904CED7BB0D1D97B292FDB662E8B9A8AFF0
Validity
Not Before: Sep 22 14:50:38 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=650da9bd-4d38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f4:dc:d5:71:f4:4a:24:4b:16:a2:27:9f:01:
4f:f3:38:fc:68:08:85:6c:de:e7:88:ed:0a:74:ca:
af:98:71:a3:89:b4:40:05:73:76:ef:5d:6c:28:9f:
66:e5:43:08:53:af:d9:19:fd:e4:83:41:bd:f6:ea:
53:b8:45:48:b9:d8:ae:33:28:1a:eb:e0:71:fd:10:
41:f8:6d:5d:6a:25:59:a2:9d:17:39:da:bf:5c:52:
b2:e5:e7:72:bf:56:a8:06:fd:64:d8:7c:99:93:6f:
d3:f0:b6:a3:98:96:16:25:a4:33:ec:d4:9c:1f:95:
12:24:46:be:28:2b:c0:d1:eb:b8:8b:41:9e:15:c3:
05:32:15:46:9c:8b:c7:b6:95:4d:95:cb:2d:a5:fb:
bc:66:ee:3b:29:04:d6:5a:bd:bc:98:8f:9a:ae:3a:
92:ac:8a:eb:a6:fa:4a:6a:d3:f1:3b:43:a2:dd:eb:
db:5a:55:19:c4:5d:a1:b4:de:17:ac:a9:d3:f6:0a:
cb:6c:7a:b3:20:8c:5f:91:ab:b8:27:ee:ad:65:98:
ed:50:c5:d0:03:38:9e:45:77:24:7a:22:c3:30:b7:
22:07:41:5e:26:88:45:fb:72:29:52:e4:d3:8c:7e:
6b:a3:58:ec:6c:b3:00:c7:e3:c4:02:7b:70:f1:da:
8b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:11:D0:F8:D4:9E:7F:25:BE:F5:39:3B:FA:AB:CC:87:28:6D:1A:DF
X509v3 Authority Key Identifier:
keyid:86:0C:09:04:CE:D7:BB:0D:1D:97:B2:92:FD:B6:62:E8:B9:A8:AF:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hgwJBM7Xuw0dl7KS_bZi6Lmor_A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1EE0/D23634461D8A11E2820F04E508B02CD2/42F41E56B0D011E5A58E097CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.204.0/22
103.16.72.0/22
119.40.80.0/20
210.4.64.0/20
IPv6:
2403:4000::/32
Signature Algorithm: sha256WithRSAEncryption
af:76:0c:25:57:87:6f:43:8d:64:b4:24:7d:40:52:8c:d9:eb:
b6:4e:e1:15:68:a7:07:55:39:2a:d9:a1:68:21:95:37:1f:16:
2e:c9:88:33:c8:8f:80:a3:c8:7c:c6:fb:36:ae:af:18:78:73:
50:f7:32:fc:2c:8c:df:72:55:27:49:96:65:aa:bf:50:a2:b2:
3e:37:63:40:28:5e:80:dc:d9:dc:88:2d:4b:1e:15:33:47:fd:
a4:80:46:bf:b1:eb:e8:95:6c:e1:b4:61:f7:81:44:6b:ae:55:
0b:01:9c:b7:d7:39:a7:19:d1:84:90:0b:06:88:61:b3:b9:97:
6d:ea:f8:d6:86:b7:23:9f:28:0d:e0:4a:e8:c2:1d:27:d2:b2:
3d:55:9d:60:ce:7d:56:9b:89:8d:8a:95:6c:0f:4a:ba:e4:76:
ba:d8:e4:d4:61:cc:a1:b1:a0:69:98:9d:96:62:d0:92:cc:41:
0a:c7:98:0f:30:35:9b:f8:50:e1:a5:db:f0:ad:ca:c4:77:f1:
02:f2:3a:7a:a5:dc:fd:78:47:08:6a:43:7e:50:a8:45:a3:93:
19:9f:62:ab:92:c2:65:a0:2b:d1:11:c9:4f:41:4c:fb:4e:22:
eb:2f:23:68:dd:6d:ca:02:b9:8a:c5:db:25:1e:e0:d7:cc:17:
1a:36:80:da
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICM5EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTFFRTAxMTAvBgNVBAUTKDg2MEMwOTA0Q0VEN0JCMEQxRDk3QjI5MkZEQjY2MkU4
QjlBOEFGRjAwHhcNMjMwOTIyMTQ1MDM4WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTBkYTliZC00ZDM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArvTc1XH0SiRLFqInnwFP8zj8aAiFbN7niO0KdMqvmHGjibRABXN2711sKJ9m
5UMIU6/ZGf3kg0G99upTuEVIudiuMyga6+Bx/RBB+G1daiVZop0XOdq/XFKy5edy
v1aoBv1k2HyZk2/T8LajmJYWJaQz7NScH5USJEa+KCvA0eu4i0GeFcMFMhVGnIvH
tpVNlcstpfu8Zu47KQTWWr28mI+arjqSrIrrpvpKatPxO0Oi3evbWlUZxF2htN4X
rKnT9grLbHqzIIxfkau4J+6tZZjtUMXQAzieRXckeiLDMLciB0FeJohF+3IpUuTT
jH5ro1jsbLMAx+PEAntw8dqLkwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFL8R0PjU
nn8lvvU5O/qrzIcobRrfMB8GA1UdIwQYMBaAFIYMCQTO17sNHZeykv22Yui5qK/w
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUVFMC9EMjM2MzQ0NjFE
OEExMUUyODIwRjA0RTUwOEIwMkNEMi9oZ3dKQk03WHV3MGRsN0tTX2JaaTZMbW9y
X0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hnd0pCTTdYdXcwZGw3S1NfYlppNkxtb3JfQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTFFRTAvRDIzNjM0NDYxRDhBMTFFMjgyMEYwNEU1MDhCMDJDRDIvNDJGNDFFNTZC
MEQwMTFFNUE1OEUwOTdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr88wDBAJnEEgDBAR3KFADBATSBEAwDQQCAAIwBwMFACQD
QAAwDQYJKoZIhvcNAQELBQADggEBAK92DCVXh29DjWS0JH1AUozZ67ZO4RVopwdV
OSrZoWghlTcfFi7JiDPIj4CjyHzG+zaurxh4c1D3MvwsjN9yVSdJlmWqv1Cisj43
Y0AoXoDc2dyILUseFTNH/aSARr+x6+iVbOG0YfeBRGuuVQsBnLfXOacZ0YSQCwaI
YbO5l23q+NaGtyOfKA3gSujCHSfSsj1VnWDOfVabiY2KlWwPSrrkdrrY5NRhzKGx
oGmYnZZi0JLMQQrHmA8wNZv4UOGl2/CtysR38QLyOnql3P14RwhqQ35QqEWjkxmf
YquSwmWgK9ERyU9BTPtOIusvI2jdbcoCuYrF2yUe4NfMFxo2gNo=
-----END CERTIFICATE-----
Generated at Sat May 18 15:26:05 2024 by rpki-client on console-fra.rpki-client.org