Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/E69AF38AB11C11EAACC28D2EC4F9AE02.roa
File: E69AF38AB11C11EAACC28D2EC4F9AE02.roa (raw, json)
Hash identifier: teS196GOIZT4ALLG0mGVFJBt9VHCuAp9QaaTbuShiyk=
Subject key identifier: C2:71:C6:B6:B7:CF:80:D9:93:2B:2D:FA:CF:47:7A:55:21:B5:0D:6A
Certificate issuer: /CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76
Certificate serial: 0CA2
Authority key identifier: DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/E69AF38AB11C11EAACC28D2EC4F9AE02.roa
Signing time: Wed 24 Jan 2024 19:07:02 +0000
ROA not before: Wed 24 Jan 2024 19:07:02 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 19905
IP address blocks: 203.121.14.0/24 maxlen: 24
203.121.19.0/24 maxlen: 24
203.121.24.0/24 maxlen: 24
203.121.27.0/24 maxlen: 24
203.121.30.0/24 maxlen: 24
203.121.44.0/24 maxlen: 24
203.121.69.0/24 maxlen: 24
203.121.70.0/24 maxlen: 24
203.121.73.0/24 maxlen: 24
203.121.81.0/24 maxlen: 24
203.121.91.0/24 maxlen: 24
203.121.98.0/24 maxlen: 24
203.121.113.0/24 maxlen: 24
203.121.117.0/24 maxlen: 24
210.19.5.0/24 maxlen: 24
210.19.13.0/24 maxlen: 24
210.19.16.0/24 maxlen: 24
210.19.19.0/24 maxlen: 24
210.19.32.0/24 maxlen: 24
210.19.41.0/24 maxlen: 24
210.19.49.0/24 maxlen: 24
210.19.52.0/24 maxlen: 24
210.19.53.0/24 maxlen: 24
210.19.55.0/24 maxlen: 24
210.19.77.0/24 maxlen: 24
210.19.90.0/24 maxlen: 24
210.19.102.0/24 maxlen: 24
210.19.103.0/24 maxlen: 24
210.19.105.0/24 maxlen: 24
210.19.119.0/24 maxlen: 24
210.19.131.0/24 maxlen: 24
210.19.137.0/24 maxlen: 24
210.19.162.0/24 maxlen: 24
210.19.163.0/24 maxlen: 24
210.19.164.0/24 maxlen: 24
210.19.165.0/24 maxlen: 24
210.19.171.0/24 maxlen: 24
210.19.172.0/24 maxlen: 24
210.19.173.0/24 maxlen: 24
210.19.174.0/24 maxlen: 24
210.19.179.0/24 maxlen: 24
210.19.183.0/24 maxlen: 24
210.19.184.0/24 maxlen: 24
210.19.189.0/24 maxlen: 24
210.19.190.0/24 maxlen: 24
210.19.214.0/24 maxlen: 24
210.19.216.0/24 maxlen: 24
210.19.218.0/24 maxlen: 24
210.19.222.0/24 maxlen: 24
210.19.235.0/24 maxlen: 24
210.19.243.0/24 maxlen: 24
210.19.244.0/24 maxlen: 24
210.19.249.0/24 maxlen: 24
211.24.0.0/24 maxlen: 24
211.24.1.0/24 maxlen: 24
211.24.16.0/24 maxlen: 24
211.24.18.0/24 maxlen: 24
211.24.19.0/24 maxlen: 24
211.24.22.0/24 maxlen: 24
211.24.25.0/24 maxlen: 24
211.24.26.0/24 maxlen: 24
211.24.31.0/24 maxlen: 24
211.24.203.0/24 maxlen: 24
211.24.216.0/24 maxlen: 24
211.24.219.0/24 maxlen: 24
211.24.223.0/24 maxlen: 24
211.24.228.0/24 maxlen: 24
211.24.235.0/24 maxlen: 24
211.24.241.0/24 maxlen: 24
211.24.246.0/24 maxlen: 24
211.24.251.0/24 maxlen: 24
211.24.252.0/24 maxlen: 24
211.24.255.0/24 maxlen: 24
211.25.29.0/24 maxlen: 24
211.25.44.0/24 maxlen: 24
211.25.53.0/24 maxlen: 24
211.25.61.0/24 maxlen: 24
211.25.77.0/24 maxlen: 24
211.25.80.0/24 maxlen: 24
211.25.82.0/24 maxlen: 24
211.25.84.0/24 maxlen: 24
211.25.90.0/24 maxlen: 24
211.25.91.0/24 maxlen: 24
211.25.93.0/24 maxlen: 24
211.25.113.0/24 maxlen: 24
211.25.115.0/24 maxlen: 24
211.25.116.0/24 maxlen: 24
211.25.117.0/24 maxlen: 24
211.25.133.0/24 maxlen: 24
211.25.139.0/24 maxlen: 24
211.25.141.0/24 maxlen: 24
211.25.150.0/24 maxlen: 24
211.25.153.0/24 maxlen: 24
211.25.178.0/24 maxlen: 24
211.25.183.0/24 maxlen: 24
211.25.187.0/24 maxlen: 24
211.25.188.0/24 maxlen: 24
211.25.190.0/24 maxlen: 24
211.25.203.0/24 maxlen: 24
211.25.209.0/24 maxlen: 24
211.25.222.0/24 maxlen: 24
211.25.223.0/24 maxlen: 24
211.25.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl
rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 07 May 2024 19:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3234 (0xca2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76
Validity
Not Before: Jan 24 19:07:02 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65b15fd6-12d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:02:fe:a7:bb:2b:02:95:15:0a:fb:9d:71:f7:
e7:7d:db:76:21:0f:b9:f0:6d:97:69:46:e9:28:a4:
3a:b8:5d:4d:41:cb:fe:4b:77:b8:df:ff:59:f4:d3:
5b:95:d8:91:d5:9c:d9:ff:58:bc:85:6d:0b:aa:9e:
2f:e3:b6:3c:8d:9b:6b:93:82:3b:47:db:99:35:25:
5a:a5:ea:03:71:b1:5f:e1:3d:fb:c9:f1:89:82:ec:
db:b8:9e:55:14:6b:64:71:e9:4b:b6:6a:d2:20:66:
3d:43:74:bb:97:71:17:8b:f7:29:be:02:7f:4f:3e:
9f:d5:7f:bc:81:dd:cf:84:0c:1c:3f:7d:5a:6f:4d:
cd:44:d5:3b:c5:36:c4:58:19:2f:11:5b:43:65:bb:
bd:2e:71:15:01:54:28:f4:a5:39:a8:ae:43:78:1a:
5c:62:f3:54:92:97:0e:f4:59:0a:52:d7:5e:48:58:
e1:69:66:83:a6:fb:22:ee:c0:1a:11:de:b0:e4:41:
bd:3e:13:e7:07:76:c5:66:ec:ae:63:71:3a:a9:03:
65:4d:c9:eb:ef:05:b2:d4:bf:99:72:df:57:16:70:
0b:fb:91:11:e1:a1:f5:28:b7:46:9b:40:49:94:ed:
e2:4a:60:48:68:ae:d6:d6:17:1b:9b:ec:7e:82:46:
e8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:71:C6:B6:B7:CF:80:D9:93:2B:2D:FA:CF:47:7A:55:21:B5:0D:6A
X509v3 Authority Key Identifier:
keyid:DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/E69AF38AB11C11EAACC28D2EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.121.14.0/24
203.121.19.0/24
203.121.24.0/24
203.121.27.0/24
203.121.30.0/24
203.121.44.0/24
203.121.69.0-203.121.70.255
203.121.73.0/24
203.121.81.0/24
203.121.91.0/24
203.121.98.0/24
203.121.113.0/24
203.121.117.0/24
210.19.5.0/24
210.19.13.0/24
210.19.16.0/24
210.19.19.0/24
210.19.32.0/24
210.19.41.0/24
210.19.49.0/24
210.19.52.0/23
210.19.55.0/24
210.19.77.0/24
210.19.90.0/24
210.19.102.0/23
210.19.105.0/24
210.19.119.0/24
210.19.131.0/24
210.19.137.0/24
210.19.162.0-210.19.165.255
210.19.171.0-210.19.174.255
210.19.179.0/24
210.19.183.0-210.19.184.255
210.19.189.0-210.19.190.255
210.19.214.0/24
210.19.216.0/24
210.19.218.0/24
210.19.222.0/24
210.19.235.0/24
210.19.243.0-210.19.244.255
210.19.249.0/24
211.24.0.0/23
211.24.16.0/24
211.24.18.0/23
211.24.22.0/24
211.24.25.0-211.24.26.255
211.24.31.0/24
211.24.203.0/24
211.24.216.0/24
211.24.219.0/24
211.24.223.0/24
211.24.228.0/24
211.24.235.0/24
211.24.241.0/24
211.24.246.0/24
211.24.251.0-211.24.252.255
211.24.255.0/24
211.25.29.0/24
211.25.44.0/24
211.25.53.0/24
211.25.61.0/24
211.25.77.0/24
211.25.80.0/24
211.25.82.0/24
211.25.84.0/24
211.25.90.0/23
211.25.93.0/24
211.25.113.0/24
211.25.115.0-211.25.117.255
211.25.133.0/24
211.25.139.0/24
211.25.141.0/24
211.25.150.0/24
211.25.153.0/24
211.25.178.0/24
211.25.183.0/24
211.25.187.0-211.25.188.255
211.25.190.0/24
211.25.203.0/24
211.25.209.0/24
211.25.222.0/23
211.25.232.0/24
Signature Algorithm: sha256WithRSAEncryption
77:93:2d:25:e3:53:f6:ab:c2:6d:15:d6:3e:5c:a1:73:09:7a:
2c:8c:d8:99:cb:7b:5f:5b:f2:76:78:49:03:57:71:1c:91:d4:
7a:ce:6f:1d:77:b4:18:5a:bd:7a:cc:89:36:3b:c8:8d:08:27:
f5:ee:98:43:7b:9c:54:43:69:3e:6b:78:4d:ba:38:c7:a9:10:
db:f3:92:96:b0:91:a9:12:d5:b1:4a:2f:39:1b:c8:42:a6:6e:
81:37:e2:64:e3:22:ef:59:78:01:e6:b5:b0:f4:11:e0:83:44:
cd:c6:aa:2c:17:70:e6:29:08:d2:42:be:52:99:8a:2f:a0:06:
47:ae:f3:b8:18:57:f7:b7:2a:20:cd:d9:27:24:45:89:79:81:
ac:13:3a:5d:9c:32:73:7d:cd:4a:47:20:0b:14:38:d6:f8:6e:
4d:e5:6b:96:5b:fa:1e:6e:83:de:6f:29:b9:eb:75:8b:12:b0:
41:4b:31:32:28:73:89:fb:98:6f:5a:a4:ca:6f:bc:9d:c6:f3:
7b:94:75:19:92:52:49:e6:fb:8d:fd:01:f1:70:7a:fd:c8:7e:
54:70:db:d1:11:5a:5a:a7:d5:8b:6d:5f:3e:4b:a6:00:40:2e:
84:aa:72:fc:3d:5c:be:11:fe:53:cc:f7:c7:00:0b:0e:4c:98:
6b:7b:26:25
-----BEGIN CERTIFICATE-----
MIIHsTCCBpmgAwIBAgICDKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTdCQzQxMTAvBgNVBAUTKEREQTdGOEE3NEEwQTc0Q0ZGNkVCNjMwNDI4QjZDOUQ3
MEQ1N0JENzYwHhcNMjQwMTI0MTkwNzAyWhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWIxNWZkNi0xMmQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAngL+p7srApUVCvudcffnfdt2IQ+58G2XaUbpKKQ6uF1NQcv+S3e43/9Z9NNb
ldiR1ZzZ/1i8hW0Lqp4v47Y8jZtrk4I7R9uZNSVapeoDcbFf4T37yfGJguzbuJ5V
FGtkcelLtmrSIGY9Q3S7l3EXi/cpvgJ/Tz6f1X+8gd3PhAwcP31ab03NRNU7xTbE
WBkvEVtDZbu9LnEVAVQo9KU5qK5DeBpcYvNUkpcO9FkKUtdeSFjhaWaDpvsi7sAa
Ed6w5EG9PhPnB3bFZuyuY3E6qQNlTcnr7wWy1L+Zct9XFnAL+5ER4aH1KLdGm0BJ
lO3iSmBIaK7W1hcbm+x+gkboEwIDAQABo4IE1TCCBNEwHQYDVR0OBBYEFMJxxra3
z4DZkyst+s9HelUhtQ1qMB8GA1UdIwQYMBaAFN2n+KdKCnTP9utjBCi2ydcNV712
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yRDFBNTk1QUQ1
MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RNXzI2Mk1FS0xiSjF3MVh2
WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNhZjRwMG9LZE1fMjYyTUVLTGJKMXcxWHZYWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTdCQzQvMkQxQTU5NUFENTBEMTFFOUJBRDZDMjI2QzRGOUFFMDIvRTY5QUYzOEFC
MTFDMTFFQUFDQzI4RDJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggJdBggrBgEFBQcBBwEB
/wSCAkwwggJIMIICRAQCAAEwggI8AwQAy3kOAwQAy3kTAwQAy3kYAwQAy3kbAwQA
y3keAwQAy3ksMAwDBADLeUUDBADLeUYDBADLeUkDBADLeVEDBADLeVsDBADLeWID
BADLeXEDBADLeXUDBADSEwUDBADSEw0DBADSExADBADSExMDBADSEyADBADSEykD
BADSEzEDBAHSEzQDBADSEzcDBADSE00DBADSE1oDBAHSE2YDBADSE2kDBADSE3cD
BADSE4MDBADSE4kwDAMEAdITogMEAdITpDAMAwQA0hOrAwQA0hOuAwQA0hOzMAwD
BADSE7cDBADSE7gwDAMEANITvQMEANITvgMEANIT1gMEANIT2AMEANIT2gMEANIT
3gMEANIT6zAMAwQA0hPzAwQA0hP0AwQA0hP5AwQB0xgAAwQA0xgQAwQB0xgSAwQA
0xgWMAwDBADTGBkDBADTGBoDBADTGB8DBADTGMsDBADTGNgDBADTGNsDBADTGN8D
BADTGOQDBADTGOsDBADTGPEDBADTGPYwDAMEANMY+wMEANMY/AMEANMY/wMEANMZ
HQMEANMZLAMEANMZNQMEANMZPQMEANMZTQMEANMZUAMEANMZUgMEANMZVAMEAdMZ
WgMEANMZXQMEANMZcTAMAwQA0xlzAwQB0xl0AwQA0xmFAwQA0xmLAwQA0xmNAwQA
0xmWAwQA0xmZAwQA0xmyAwQA0xm3MAwDBADTGbsDBADTGbwDBADTGb4DBADTGcsD
BADTGdEDBAHTGd4DBADTGegwDQYJKoZIhvcNAQELBQADggEBAHeTLSXjU/arwm0V
1j5coXMJeiyM2JnLe19b8nZ4SQNXcRyR1HrObx13tBhavXrMiTY7yI0IJ/XumEN7
nFRDaT5reE26OMepENvzkpawkakS1bFKLzkbyEKmboE34mTjIu9ZeAHmtbD0EeCD
RM3GqiwXcOYpCNJCvlKZii+gBkeu87gYV/e3KiDN2SckRYl5gawTOl2cMnN9zUpH
IAsUONb4bk3la5Zb+h5ug95vKbnrdYsSsEFLMTIoc4n7mG9apMpvvJ3G83uUdRmS
Uknm+439AfFwev3IflRw29ERWlqn1YttXz5LpgBALoSqcvw9XL4R/lPM98cACw5M
mGt7JiU=
-----END CERTIFICATE-----
Generated at Tue Apr 30 21:38:08 2024 by rpki-client on console-fra.rpki-client.org