Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/65DFCD4A884D11EE8423C486C4F9AE02.roa
File: 65DFCD4A884D11EE8423C486C4F9AE02.roa (raw, json)
Hash identifier: 0n6L5DwgQwmnaLtWhoOtX9wV86ev0397x1UJ2piOano=
Subject key identifier: AD:78:5C:D9:4B:0C:A2:DD:61:FF:46:4E:90:10:F9:08:E3:A8:54:84
Certificate issuer: /CN=A91F17B1/serialNumber=FE50C385D9EB19E2EFA14FA35ADA5BDEA5B456D3
Certificate serial: 04BC
Authority key identifier: FE:50:C3:85:D9:EB:19:E2:EF:A1:4F:A3:5A:DA:5B:DE:A5:B4:56:D3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_lDDhdnrGeLvoU-jWtpb3qW0VtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/65DFCD4A884D11EE8423C486C4F9AE02.roa
Signing time: Mon 06 May 2024 06:07:14 +0000
ROA not before: Mon 06 May 2024 06:07:14 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 23888
IP address blocks: 43.250.84.0/22 maxlen: 22
43.250.84.0/24 maxlen: 24
43.250.85.0/24 maxlen: 24
43.250.86.0/24 maxlen: 24
43.250.87.0/24 maxlen: 24
103.253.156.0/22 maxlen: 22
103.253.156.0/24 maxlen: 24
103.253.157.0/24 maxlen: 24
103.253.158.0/24 maxlen: 24
103.253.159.0/24 maxlen: 24
113.197.48.0/22 maxlen: 22
113.197.48.0/24 maxlen: 24
113.197.49.0/24 maxlen: 24
113.197.50.0/23 maxlen: 23
113.197.52.0/23 maxlen: 23
113.197.54.0/24 maxlen: 24
113.197.55.0/24 maxlen: 24
175.107.0.0/20 maxlen: 20
175.107.0.0/22 maxlen: 23
175.107.4.0/22 maxlen: 22
175.107.5.0/24 maxlen: 24
175.107.7.0/24 maxlen: 24
175.107.8.0/24 maxlen: 24
175.107.9.0/24 maxlen: 24
175.107.10.0/24 maxlen: 24
175.107.11.0/24 maxlen: 24
175.107.12.0/24 maxlen: 24
175.107.13.0/24 maxlen: 24
175.107.14.0/24 maxlen: 24
175.107.15.0/24 maxlen: 24
175.107.16.0/20 maxlen: 20
175.107.16.0/24 maxlen: 24
175.107.17.0/24 maxlen: 24
175.107.18.0/24 maxlen: 24
175.107.19.0/24 maxlen: 24
175.107.20.0/24 maxlen: 24
175.107.21.0/24 maxlen: 24
175.107.22.0/23 maxlen: 23
175.107.24.0/21 maxlen: 21
175.107.24.0/24 maxlen: 24
175.107.25.0/24 maxlen: 24
175.107.26.0/23 maxlen: 24
175.107.28.0/22 maxlen: 24
175.107.32.0/20 maxlen: 20
175.107.32.0/24 maxlen: 24
175.107.33.0/24 maxlen: 24
175.107.35.0/24 maxlen: 24
175.107.36.0/22 maxlen: 22
175.107.40.0/22 maxlen: 22
175.107.44.0/22 maxlen: 22
175.107.48.0/20 maxlen: 20
175.107.48.0/24 maxlen: 24
175.107.49.0/24 maxlen: 24
175.107.50.0/24 maxlen: 24
175.107.51.0/24 maxlen: 24
175.107.52.0/24 maxlen: 24
175.107.53.0/24 maxlen: 24
175.107.54.0/24 maxlen: 24
175.107.55.0/24 maxlen: 24
175.107.56.0/24 maxlen: 24
175.107.58.0/24 maxlen: 24
175.107.59.0/24 maxlen: 24
175.107.60.0/24 maxlen: 24
175.107.61.0/24 maxlen: 24
175.107.62.0/24 maxlen: 24
175.107.63.0/24 maxlen: 24
202.83.160.0/20 maxlen: 20
202.83.160.0/22 maxlen: 22
202.83.160.0/24 maxlen: 24
202.83.161.0/24 maxlen: 24
202.83.162.0/24 maxlen: 24
202.83.163.0/24 maxlen: 24
202.83.164.0/24 maxlen: 24
202.83.165.0/24 maxlen: 24
202.83.166.0/24 maxlen: 24
202.83.167.0/24 maxlen: 24
202.83.168.0/24 maxlen: 24
202.83.169.0/24 maxlen: 24
202.83.170.0/24 maxlen: 24
202.83.171.0/24 maxlen: 24
202.83.172.0/24 maxlen: 24
202.83.173.0/24 maxlen: 24
202.83.174.0/24 maxlen: 24
202.83.175.0/24 maxlen: 24
2407:9e00::/48 maxlen: 48
2407:9e00:1::/48 maxlen: 48
2407:9e00:2::/48 maxlen: 48
2407:9e00:3::/48 maxlen: 48
2407:9e00:4::/48 maxlen: 48
2407:9e00:5::/48 maxlen: 48
2407:9e00:10::/48 maxlen: 48
2407:9e00:11::/48 maxlen: 48
2407:9e00:12::/48 maxlen: 48
2407:9e00:13::/48 maxlen: 48
2407:9e00:14::/48 maxlen: 48
2407:9e00:15::/48 maxlen: 48
2407:9e00:24::/48 maxlen: 48
2407:9e00:50::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/_lDDhdnrGeLvoU-jWtpb3qW0VtM.crl
rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/_lDDhdnrGeLvoU-jWtpb3qW0VtM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_lDDhdnrGeLvoU-jWtpb3qW0VtM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 26 May 2024 01:19:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1212 (0x4bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F17B1/serialNumber=FE50C385D9EB19E2EFA14FA35ADA5BDEA5B456D3
Validity
Not Before: May 6 06:07:14 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=66387392-080c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:16:02:99:df:8a:1a:04:02:b9:e2:68:ea:e0:
5e:3c:0c:3c:40:d8:15:13:bd:c5:8b:37:cc:02:b5:
e0:5c:d7:e7:b6:1c:93:7d:4c:f8:87:9e:58:45:ca:
d5:63:41:f4:d8:93:3f:8b:3b:9f:90:49:dd:62:d1:
fd:1a:9f:ad:98:f6:93:2c:c3:71:ee:c1:b8:0b:51:
98:f7:18:c5:a1:40:bf:8c:8b:75:bf:c4:f3:4a:4a:
01:b5:e1:7d:5d:f7:30:f6:dc:4e:6e:d6:90:72:49:
1d:4a:b1:0b:f9:20:05:32:5a:48:82:f3:fb:dd:a8:
50:16:85:df:09:13:9d:c7:9d:21:fa:51:44:6b:48:
a6:2c:c6:eb:21:c3:e9:87:a6:38:6b:b2:3e:8b:13:
3d:86:1f:de:ab:d7:dc:7c:cd:8c:a2:8f:47:58:43:
84:be:5b:c6:c2:7a:3f:55:a3:97:5f:a3:59:3a:63:
82:de:9e:80:58:eb:9e:51:2d:ec:b5:48:1f:c9:f4:
cc:43:ce:25:92:d5:ea:e7:c0:be:a5:03:82:8b:e9:
7c:44:35:3f:3d:ee:54:16:6c:46:bd:0a:c9:7c:32:
0d:58:79:c6:7d:6a:bd:ce:49:80:32:fd:e3:26:15:
95:60:f3:e9:08:f7:f9:2b:cc:18:33:e0:70:be:48:
33:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:78:5C:D9:4B:0C:A2:DD:61:FF:46:4E:90:10:F9:08:E3:A8:54:84
X509v3 Authority Key Identifier:
keyid:FE:50:C3:85:D9:EB:19:E2:EF:A1:4F:A3:5A:DA:5B:DE:A5:B4:56:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/_lDDhdnrGeLvoU-jWtpb3qW0VtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_lDDhdnrGeLvoU-jWtpb3qW0VtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/65DFCD4A884D11EE8423C486C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.84.0/22
103.253.156.0/22
113.197.48.0/21
175.107.0.0/18
202.83.160.0/20
IPv6:
2407:9e00::-2407:9e00:5:ffff:ffff:ffff:ffff:ffff
2407:9e00:10::-2407:9e00:15:ffff:ffff:ffff:ffff:ffff
2407:9e00:24::/48
2407:9e00:50::/48
Signature Algorithm: sha256WithRSAEncryption
6d:24:5b:67:a4:be:3e:d4:91:bf:2c:55:c7:25:1f:85:52:75:
c4:c7:47:2c:e5:da:98:70:22:ed:e1:6f:70:20:1e:46:00:91:
e1:1a:d7:5f:4e:0b:e0:59:88:6f:0a:83:28:05:1f:33:7b:a5:
24:2c:6a:61:fa:0b:22:a8:ed:5b:bb:87:0d:e1:54:54:65:5b:
10:f0:a4:ca:9e:4d:4b:22:cf:9f:68:1c:72:96:b0:4c:cb:bf:
56:59:09:66:0e:4f:93:19:ba:ee:09:c9:a5:03:37:01:c0:8e:
82:46:1c:0c:a6:1e:d6:6e:10:c4:2b:a2:fb:78:1d:35:de:45:
38:55:fb:f2:2a:a7:03:d0:95:06:ff:6f:dd:a1:d5:c6:4b:d3:
1c:31:74:f5:ab:26:be:03:9a:94:98:ff:f7:45:a6:03:66:4b:
a3:17:c3:81:98:1e:73:79:5e:08:a2:82:55:84:81:44:49:4c:
fa:5c:08:56:12:2a:4a:ad:c5:ec:37:8c:c5:1c:73:86:59:07:
aa:fc:ef:0c:75:2f:a9:21:f8:7a:86:7d:35:ea:6d:f3:bb:e6:
e8:ad:24:00:0c:d0:8b:08:2d:7b:25:1b:a2:bd:2e:72:22:a7:
21:5b:97:87:84:f0:d4:d7:c6:ec:d9:5b:0b:d3:2f:8d:bf:13:
f2:b3:b4:e7
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgICBLwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjE3QjExMTAvBgNVBAUTKEZFNTBDMzg1RDlFQjE5RTJFRkExNEZBMzVBREE1QkRF
QTVCNDU2RDMwHhcNMjQwNTA2MDYwNzE0WhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjM4NzM5Mi0wODBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5RYCmd+KGgQCueJo6uBePAw8QNgVE73FizfMArXgXNfnthyTfUz4h55YRcrV
Y0H02JM/izufkEndYtH9Gp+tmPaTLMNx7sG4C1GY9xjFoUC/jIt1v8TzSkoBteF9
Xfcw9txObtaQckkdSrEL+SAFMlpIgvP73ahQFoXfCROdx50h+lFEa0imLMbrIcPp
h6Y4a7I+ixM9hh/eq9fcfM2Moo9HWEOEvlvGwno/VaOXX6NZOmOC3p6AWOueUS3s
tUgfyfTMQ84lktXq58C+pQOCi+l8RDU/Pe5UFmxGvQrJfDINWHnGfWq9zkmAMv3j
JhWVYPPpCPf5K8wYM+Bwvkgz+wIDAQABo4IC7DCCAugwHQYDVR0OBBYEFK14XNlL
DKLdYf9GTpAQ+QjjqFSEMB8GA1UdIwQYMBaAFP5Qw4XZ6xni76FPo1raW96ltFbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTdCMS82NkU0RTRGNkZC
NDAxMUVCQkFCMERBM0JDNEY5QUUwMi9fbEREaGRuckdlTHZvVS1qV3RwYjNxVzBW
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19sRERoZG5yR2VMdm9VLWpXdHBiM3FXMFZ0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjE3QjEvNjZFNEU0RjZGQjQwMTFFQkJBQjBEQTNCQzRGOUFFMDIvNjVERkNENEE4
ODREMTFFRTg0MjNDNDg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwdgYIKwYBBQUHAQcBAf8E
ZzBlMCQEAgABMB4DBAIr+lQDBAJn/ZwDBANxxTADBAavawADBATKU6AwPQQCAAIw
NzAPAwQBJAeeAwcBJAeeAAAEMBIDBwQkB54AABADBwEkB54AABQDBwAkB54AACQD
BwAkB54AAFAwDQYJKoZIhvcNAQELBQADggEBAG0kW2ekvj7Ukb8sVcclH4VSdcTH
Ryzl2phwIu3hb3AgHkYAkeEa119OC+BZiG8KgygFHzN7pSQsamH6CyKo7Vu7hw3h
VFRlWxDwpMqeTUsiz59oHHKWsEzLv1ZZCWYOT5MZuu4JyaUDNwHAjoJGHAymHtZu
EMQrovt4HTXeRThV+/IqpwPQlQb/b92h1cZL0xwxdPWrJr4DmpSY//dFpgNmS6MX
w4GYHnN5XgiiglWEgURJTPpcCFYSKkqtxew3jMUcc4ZZB6r87wx1L6kh+HqGfTXq
bfO75uitJAAM0IsILXslG6K9LnIipyFbl4eE8NTXxuzZWwvTL42/E/KztOc=
-----END CERTIFICATE-----
Generated at Sun May 19 02:39:38 2024 by rpki-client on console-fra.rpki-client.org