Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/3C7D34E6F36511EE833F807DC4F9AE02.roa
File: 3C7D34E6F36511EE833F807DC4F9AE02.roa (raw, json)
Hash identifier: hRaOBl2xqVagge4zNrwRf8mgjPcXRiPDZrly0vtyVzo=
Subject key identifier: 12:8C:0E:E8:20:61:D9:DE:7C:0B:5B:04:5F:83:93:98:8A:F3:3F:55
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 468F
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/3C7D34E6F36511EE833F807DC4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:36:48 +0000
ROA not before: Thu 05 Sep 2024 03:36:48 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 7552
IP address blocks: 27.64.0.0/14 maxlen: 24
27.68.0.0/15 maxlen: 24
27.70.0.0/16 maxlen: 24
27.72.0.0/13 maxlen: 24
103.84.76.0/24 maxlen: 24
115.72.0.0/13 maxlen: 24
116.96.0.0/16 maxlen: 24
116.97.0.0/17 maxlen: 24
116.97.128.0/19 maxlen: 24
116.97.160.0/20 maxlen: 24
116.97.176.0/21 maxlen: 24
116.97.192.0/18 maxlen: 24
116.98.0.0/16 maxlen: 24
116.99.0.0/16 maxlen: 24
116.100.0.0/16 maxlen: 24
116.101.0.0/16 maxlen: 24
116.102.0.0/16 maxlen: 24
116.103.0.0/18 maxlen: 24
116.103.64.0/19 maxlen: 24
116.103.96.0/21 maxlen: 24
116.103.112.0/20 maxlen: 24
116.103.128.0/17 maxlen: 24
116.104.0.0/16 maxlen: 24
116.105.0.0/16 maxlen: 24
116.106.0.0/16 maxlen: 24
116.107.0.0/16 maxlen: 24
116.108.0.0/16 maxlen: 24
116.109.0.0/16 maxlen: 24
116.110.0.0/16 maxlen: 24
116.111.0.0/17 maxlen: 24
116.111.128.0/19 maxlen: 24
116.111.160.0/20 maxlen: 24
116.111.184.0/21 maxlen: 24
117.0.0.0/16 maxlen: 24
117.1.0.0/17 maxlen: 24
117.1.128.0/20 maxlen: 24
117.1.144.0/22 maxlen: 24
117.1.152.0/21 maxlen: 24
117.1.160.0/19 maxlen: 24
117.1.192.0/18 maxlen: 24
117.2.0.0/15 maxlen: 24
117.4.0.0/14 maxlen: 24
125.212.128.0/20 maxlen: 24
125.212.144.0/23 maxlen: 24
125.212.148.0/23 maxlen: 24
125.212.150.0/23 maxlen: 24
125.212.152.0/23 maxlen: 24
125.212.154.0/23 maxlen: 24
125.212.156.0/23 maxlen: 24
125.212.158.0/23 maxlen: 24
125.212.160.0/20 maxlen: 24
125.212.176.0/20 maxlen: 24
125.214.0.0/20 maxlen: 24
125.234.0.0/17 maxlen: 24
125.234.128.0/19 maxlen: 24
125.234.176.0/20 maxlen: 24
125.234.192.0/18 maxlen: 24
125.235.0.0/20 maxlen: 24
125.235.16.0/21 maxlen: 24
125.235.24.0/22 maxlen: 24
125.235.29.0/24 maxlen: 24
125.235.30.0/23 maxlen: 24
125.235.32.0/22 maxlen: 24
125.235.36.0/23 maxlen: 24
125.235.40.0/21 maxlen: 24
125.235.48.0/20 maxlen: 24
125.235.64.0/18 maxlen: 24
125.235.128.0/17 maxlen: 24
171.224.0.0/16 maxlen: 24
171.225.0.0/16 maxlen: 24
171.226.0.0/21 maxlen: 24
171.226.16.0/20 maxlen: 24
171.226.32.0/19 maxlen: 24
171.226.64.0/18 maxlen: 24
171.226.128.0/17 maxlen: 24
171.227.0.0/16 maxlen: 24
171.228.0.0/16 maxlen: 24
171.229.0.0/16 maxlen: 24
171.230.0.0/16 maxlen: 24
171.231.0.0/16 maxlen: 24
171.232.0.0/16 maxlen: 24
171.233.0.0/16 maxlen: 24
171.234.0.0/16 maxlen: 24
171.235.0.0/16 maxlen: 24
171.236.0.0/16 maxlen: 24
171.237.0.0/22 maxlen: 24
171.237.4.0/22 maxlen: 24
171.237.8.0/22 maxlen: 24
171.237.12.0/22 maxlen: 24
171.237.16.0/22 maxlen: 24
171.237.20.0/22 maxlen: 24
171.237.24.0/22 maxlen: 24
171.237.28.0/22 maxlen: 24
171.237.32.0/22 maxlen: 24
171.237.36.0/22 maxlen: 24
171.237.40.0/22 maxlen: 24
171.237.44.0/22 maxlen: 24
171.237.48.0/22 maxlen: 24
171.237.52.0/22 maxlen: 24
171.237.56.0/22 maxlen: 24
171.237.60.0/22 maxlen: 24
171.237.64.0/22 maxlen: 24
171.237.68.0/22 maxlen: 24
171.237.72.0/22 maxlen: 24
171.237.76.0/22 maxlen: 24
171.237.80.0/22 maxlen: 24
171.237.84.0/22 maxlen: 24
171.237.88.0/22 maxlen: 24
171.237.92.0/22 maxlen: 24
171.237.96.0/22 maxlen: 24
171.237.100.0/22 maxlen: 24
171.237.104.0/22 maxlen: 24
171.237.108.0/22 maxlen: 24
171.237.112.0/22 maxlen: 24
171.237.116.0/22 maxlen: 24
171.237.120.0/22 maxlen: 24
171.237.124.0/22 maxlen: 24
171.237.132.0/22 maxlen: 24
171.237.136.0/22 maxlen: 24
171.237.140.0/22 maxlen: 24
171.237.144.0/22 maxlen: 24
171.237.148.0/22 maxlen: 24
171.237.152.0/22 maxlen: 24
171.237.156.0/22 maxlen: 24
171.237.160.0/22 maxlen: 24
171.237.164.0/22 maxlen: 24
171.237.168.0/22 maxlen: 24
171.237.172.0/22 maxlen: 24
171.237.180.0/22 maxlen: 24
171.237.184.0/22 maxlen: 24
171.237.188.0/22 maxlen: 24
171.237.192.0/22 maxlen: 24
171.237.196.0/22 maxlen: 24
171.237.200.0/22 maxlen: 24
171.237.204.0/22 maxlen: 24
171.237.208.0/22 maxlen: 24
171.237.212.0/22 maxlen: 24
171.237.216.0/22 maxlen: 24
171.237.220.0/22 maxlen: 24
171.237.224.0/22 maxlen: 24
171.237.228.0/22 maxlen: 24
171.237.232.0/22 maxlen: 24
171.237.236.0/22 maxlen: 24
171.237.240.0/22 maxlen: 24
171.237.244.0/22 maxlen: 24
171.237.248.0/22 maxlen: 24
171.237.252.0/22 maxlen: 24
171.238.0.0/16 maxlen: 24
171.239.0.0/16 maxlen: 24
171.240.0.0/16 maxlen: 24
171.241.0.0/16 maxlen: 24
171.242.0.0/16 maxlen: 24
171.243.0.0/16 maxlen: 24
171.244.208.0/20 maxlen: 24
171.245.0.0/16 maxlen: 24
171.246.0.0/16 maxlen: 24
171.247.0.0/16 maxlen: 24
171.248.0.0/16 maxlen: 24
171.249.0.0/16 maxlen: 24
171.250.0.0/16 maxlen: 24
171.251.0.0/16 maxlen: 24
171.252.0.0/16 maxlen: 24
171.253.0.0/16 maxlen: 24
171.254.0.0/16 maxlen: 24
171.255.0.0/16 maxlen: 24
203.113.128.0/19 maxlen: 24
203.113.160.0/21 maxlen: 24
203.113.168.0/22 maxlen: 24
203.113.176.0/20 maxlen: 24
203.190.160.0/23 maxlen: 24
203.190.162.0/23 maxlen: 24
203.190.164.0/23 maxlen: 24
203.190.170.0/23 maxlen: 24
203.190.172.0/23 maxlen: 24
203.190.175.0/24 maxlen: 24
220.231.64.0/24 maxlen: 24
220.231.66.0/23 maxlen: 24
220.231.68.0/22 maxlen: 24
220.231.72.0/21 maxlen: 24
220.231.80.0/20 maxlen: 24
220.231.96.0/20 maxlen: 24
220.231.112.0/21 maxlen: 24
220.231.120.0/22 maxlen: 24
2401:d800::/32 maxlen: 48
2402:800::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 02 Dec 2024 11:15:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18063 (0x468f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Sep 5 03:36:48 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d92750-6ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:69:2d:0b:67:4c:d5:e3:7c:b2:e3:45:f5:54:
83:51:2c:74:8e:e7:fc:05:69:ea:a1:7b:17:5f:0e:
53:fd:b0:70:2c:de:d8:35:23:af:bd:10:27:d4:19:
5e:75:7d:1a:db:d5:81:b6:64:54:cc:4a:35:e5:24:
f4:b0:8b:49:30:10:f2:9b:20:75:76:00:98:8f:2f:
07:2a:c8:9c:96:fc:3d:fc:20:57:a6:67:c7:69:ba:
34:d5:b5:c1:ac:7a:e8:78:0f:36:7d:fb:0d:47:25:
83:32:e6:47:ea:c5:b3:10:00:7e:ff:55:0a:84:de:
da:eb:80:86:36:39:1d:bc:4c:ff:11:93:47:83:d0:
49:96:ec:7c:d4:7c:dc:fa:2e:18:a3:32:2a:0d:27:
da:77:e7:4a:e4:d4:71:06:89:c9:65:b9:5d:f9:98:
97:d7:c1:70:b0:fb:f3:77:5a:61:1d:2b:da:47:d2:
74:0c:62:04:ae:c4:84:41:96:46:ad:cd:0e:d2:d8:
41:dc:81:fd:8d:19:98:40:b5:29:70:bb:89:81:f6:
1e:1e:3f:41:d4:6e:81:13:c5:bd:d6:56:58:c7:6a:
83:b5:15:c0:a5:1f:48:a0:5b:d2:10:b6:af:be:ec:
9c:4d:de:de:9d:5e:84:a3:58:ca:6c:c6:53:fc:53:
e5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:8C:0E:E8:20:61:D9:DE:7C:0B:5B:04:5F:83:93:98:8A:F3:3F:55
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/3C7D34E6F36511EE833F807DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.64.0.0-27.70.255.255
27.72.0.0/13
103.84.76.0/24
115.72.0.0/13
116.96.0.0-116.97.183.255
116.97.192.0-116.103.103.255
116.103.112.0-116.111.175.255
116.111.184.0/21
117.0.0.0-117.1.147.255
117.1.152.0-117.7.255.255
125.212.128.0-125.212.145.255
125.212.148.0-125.212.191.255
125.214.0.0/20
125.234.0.0-125.234.159.255
125.234.176.0-125.235.27.255
125.235.29.0-125.235.37.255
125.235.40.0-125.235.255.255
171.224.0.0-171.226.7.255
171.226.16.0-171.237.127.255
171.237.132.0-171.237.175.255
171.237.180.0-171.243.255.255
171.244.208.0/20
171.245.0.0-171.255.255.255
203.113.128.0-203.113.171.255
203.113.176.0/20
203.190.160.0-203.190.165.255
203.190.170.0-203.190.173.255
203.190.175.0/24
220.231.64.0/24
220.231.66.0-220.231.123.255
IPv6:
2401:d800::/32
2402:800::/32
Signature Algorithm: sha256WithRSAEncryption
48:0f:bd:28:e3:9f:e7:24:f4:33:30:4f:0f:7e:18:84:84:13:
da:77:2a:e8:96:2f:3b:cc:a7:42:4a:4e:02:06:4d:38:08:fc:
66:38:f2:79:c9:63:a3:15:f7:4b:bc:f6:6e:77:bf:97:90:1b:
c3:40:22:2d:49:be:36:c2:da:39:13:6f:98:34:56:f2:62:d5:
1f:62:7b:10:b4:f6:c0:9b:83:b1:f6:3d:8e:bc:45:09:5e:7c:
0e:3b:38:e8:e3:87:7a:ac:b8:25:56:c4:6a:f4:b7:ce:1f:75:
db:75:d2:7f:a2:87:2f:e0:85:a3:19:fc:21:fe:87:91:37:16:
55:61:2e:98:7d:cb:f8:1d:90:49:34:61:6c:e1:fb:ed:35:8b:
02:74:d1:e4:7e:65:75:dd:ed:c4:22:a0:a2:55:b4:7c:bd:9c:
b2:14:7c:a2:04:29:b0:da:66:cf:3b:70:eb:b0:f7:6d:c6:90:
2d:1d:2c:56:43:e7:77:51:81:8f:c4:8e:ee:88:e9:e8:df:74:
94:8d:7a:1e:0b:7e:1e:b9:2c:dc:d1:01:a9:10:57:e9:6f:63:
b1:8b:a7:88:bc:7a:cc:27:29:b3:ad:c2:1c:2a:ef:c9:6e:81:
93:26:08:ec:b0:12:9d:58:a6:63:95:f0:72:09:8d:53:c8:18:
99:ff:d8:c6
-----BEGIN CERTIFICATE-----
MIIG2DCCBcCgAwIBAgICRo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNjQ4WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5Mjc1MC02ZWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA/GktC2dM1eN8suNF9VSDUSx0juf8BWnqoXsXXw5T/bBwLN7YNSOvvRAn1Ble
dX0a29WBtmRUzEo15ST0sItJMBDymyB1dgCYjy8HKsiclvw9/CBXpmfHabo01bXB
rHroeA82ffsNRyWDMuZH6sWzEAB+/1UKhN7a64CGNjkdvEz/EZNHg9BJlux81Hzc
+i4YozIqDSfad+dK5NRxBonJZbld+ZiX18FwsPvzd1phHSvaR9J0DGIErsSEQZZG
rc0O0thB3IH9jRmYQLUpcLuJgfYeHj9B1G6BE8W91lZYx2qDtRXApR9IoFvSELav
vuycTd7enV6Eo1jKbMZT/FPldQIDAQABo4ID/DCCA/gwHQYDVR0OBBYEFBKMDugg
YdnefAtbBF+Dk5iK8z9VMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvM0M3RDM0RTZG
MzY1MTFFRTgzM0Y4MDdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggGEBggrBgEFBQcBBwEB
/wSCAXMwggFvMIIBVQQCAAEwggFNMAoDAwYbQAMDABtGAwMDG0gDBABnVEwDAwNz
SDALAwMFdGADBAN0YbAwDAMEBnRhwAMEA3RnYDAMAwQEdGdwAwQEdG+gAwQDdG+4
MAoDAgB1AwQCdQGQMAsDBAN1AZgDAwN1ADAMAwQHfdSAAwQBfdSQMAwDBAJ91JQD
BAZ91IADBAR91gAwCwMDAX3qAwQFfeqAMAwDBAR96rADBAJ96xgwDAMEAH3rHQME
AX3rJDALAwQDfesoAwMCfegwCwMDBavgAwQDq+IAMAwDBASr4hADBAer7QAwDAME
AqvthAMEBKvtoDALAwQCq+20AwMCq/ADBASr9NAwCQMDAKv1AwICqDAMAwQHy3GA
AwQCy3GoAwQEy3GwMAwDBAXLvqADBAHLvqQwDAMEAcu+qgMEAcu+rAMEAMu+rwME
ANznQDAMAwQB3OdCAwQC3Od4MBQEAgACMA4DBQAkAdgAAwUAJAIIADANBgkqhkiG
9w0BAQsFAAOCAQEASA+9KOOf5yT0MzBPD34YhIQT2ncq6JYvO8ynQkpOAgZNOAj8
ZjjyecljoxX3S7z2bne/l5Abw0AiLUm+NsLaORNvmDRW8mLVH2J7ELT2wJuDsfY9
jrxFCV58Djs46OOHeqy4JVbEavS3zh9123XSf6KHL+CFoxn8If6HkTcWVWEumH3L
+B2QSTRhbOH77TWLAnTR5H5ldd3txCKgolW0fL2cshR8ogQpsNpmzztw67D3bcaQ
LR0sVkPnd1GBj8SO7ojp6N90lI16Hgt+Hrks3NEBqRBX6W9jsYuniLx6zCcps63C
HCrvyW6BkyYI7LASnVimY5XwcgmNU8gYmf/Yxg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:05:15 2024 by rpki-client on console-fra.rpki-client.org