Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/65DFCD4A884D11EE8423C486C4F9AE02.roa
File: 65DFCD4A884D11EE8423C486C4F9AE02.roa (raw, json)
Hash identifier: XB3vXSrIjKmm7/h+1aGsOWgWiHrKFGWrKMxR+7JMgKw=
Subject key identifier: FC:64:B8:A7:D6:67:7F:F2:62:72:57:45:C8:E9:F5:8E:BB:2F:01:FE
Certificate issuer: /CN=A91F17B1/serialNumber=FE50C385D9EB19E2EFA14FA35ADA5BDEA5B456D3
Certificate serial: 0528
Authority key identifier: FE:50:C3:85:D9:EB:19:E2:EF:A1:4F:A3:5A:DA:5B:DE:A5:B4:56:D3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_lDDhdnrGeLvoU-jWtpb3qW0VtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/65DFCD4A884D11EE8423C486C4F9AE02.roa
Signing time: Thu 14 Nov 2024 23:22:33 +0000
ROA not before: Thu 14 Nov 2024 23:22:33 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 23888
IP address blocks: 43.250.84.0/22 maxlen: 22
43.250.84.0/24 maxlen: 24
43.250.85.0/24 maxlen: 24
43.250.86.0/24 maxlen: 24
43.250.87.0/24 maxlen: 24
103.253.156.0/22 maxlen: 22
103.253.156.0/24 maxlen: 24
103.253.157.0/24 maxlen: 24
103.253.158.0/24 maxlen: 24
103.253.159.0/24 maxlen: 24
113.197.48.0/22 maxlen: 22
113.197.48.0/24 maxlen: 24
113.197.49.0/24 maxlen: 24
113.197.50.0/23 maxlen: 23
113.197.52.0/23 maxlen: 23
113.197.54.0/24 maxlen: 24
113.197.55.0/24 maxlen: 24
175.107.0.0/20 maxlen: 20
175.107.0.0/22 maxlen: 23
175.107.4.0/22 maxlen: 22
175.107.5.0/24 maxlen: 24
175.107.7.0/24 maxlen: 24
175.107.8.0/24 maxlen: 24
175.107.9.0/24 maxlen: 24
175.107.10.0/24 maxlen: 24
175.107.11.0/24 maxlen: 24
175.107.12.0/24 maxlen: 24
175.107.13.0/24 maxlen: 24
175.107.14.0/24 maxlen: 24
175.107.15.0/24 maxlen: 24
175.107.16.0/20 maxlen: 20
175.107.16.0/24 maxlen: 24
175.107.17.0/24 maxlen: 24
175.107.18.0/24 maxlen: 24
175.107.19.0/24 maxlen: 24
175.107.20.0/24 maxlen: 24
175.107.21.0/24 maxlen: 24
175.107.22.0/23 maxlen: 23
175.107.24.0/21 maxlen: 21
175.107.24.0/24 maxlen: 24
175.107.25.0/24 maxlen: 24
175.107.26.0/23 maxlen: 24
175.107.28.0/22 maxlen: 24
175.107.32.0/20 maxlen: 20
175.107.32.0/24 maxlen: 24
175.107.33.0/24 maxlen: 24
175.107.35.0/24 maxlen: 24
175.107.36.0/22 maxlen: 22
175.107.40.0/22 maxlen: 22
175.107.44.0/22 maxlen: 22
175.107.48.0/20 maxlen: 20
175.107.48.0/24 maxlen: 24
175.107.49.0/24 maxlen: 24
175.107.50.0/24 maxlen: 24
175.107.51.0/24 maxlen: 24
175.107.52.0/24 maxlen: 24
175.107.53.0/24 maxlen: 24
175.107.54.0/24 maxlen: 24
175.107.55.0/24 maxlen: 24
175.107.56.0/24 maxlen: 24
175.107.58.0/24 maxlen: 24
175.107.59.0/24 maxlen: 24
175.107.60.0/24 maxlen: 24
175.107.61.0/24 maxlen: 24
175.107.62.0/24 maxlen: 24
175.107.63.0/24 maxlen: 24
202.83.160.0/20 maxlen: 20
202.83.160.0/22 maxlen: 22
202.83.160.0/24 maxlen: 24
202.83.161.0/24 maxlen: 24
202.83.162.0/24 maxlen: 24
202.83.163.0/24 maxlen: 24
202.83.164.0/24 maxlen: 24
202.83.165.0/24 maxlen: 24
202.83.166.0/24 maxlen: 24
202.83.167.0/24 maxlen: 24
202.83.168.0/24 maxlen: 24
202.83.169.0/24 maxlen: 24
202.83.170.0/24 maxlen: 24
202.83.171.0/24 maxlen: 24
202.83.172.0/24 maxlen: 24
202.83.173.0/24 maxlen: 24
202.83.174.0/24 maxlen: 24
202.83.175.0/24 maxlen: 24
2407:9e00::/48 maxlen: 48
2407:9e00:1::/48 maxlen: 48
2407:9e00:2::/48 maxlen: 48
2407:9e00:3::/48 maxlen: 48
2407:9e00:4::/48 maxlen: 48
2407:9e00:5::/48 maxlen: 48
2407:9e00:6::/48 maxlen: 48
2407:9e00:7::/48 maxlen: 48
2407:9e00:10::/48 maxlen: 48
2407:9e00:11::/48 maxlen: 48
2407:9e00:12::/48 maxlen: 48
2407:9e00:13::/48 maxlen: 48
2407:9e00:14::/48 maxlen: 48
2407:9e00:15::/48 maxlen: 48
2407:9e00:20::/48 maxlen: 48
2407:9e00:21::/48 maxlen: 48
2407:9e00:22::/48 maxlen: 48
2407:9e00:23::/48 maxlen: 48
2407:9e00:24::/48 maxlen: 48
2407:9e00:25::/48 maxlen: 48
2407:9e00:30::/48 maxlen: 48
2407:9e00:31::/48 maxlen: 48
2407:9e00:32::/48 maxlen: 48
2407:9e00:33::/48 maxlen: 48
2407:9e00:35::/48 maxlen: 48
2407:9e00:40::/48 maxlen: 48
2407:9e00:41::/48 maxlen: 48
2407:9e00:42::/48 maxlen: 48
2407:9e00:43::/48 maxlen: 48
2407:9e00:44::/48 maxlen: 48
2407:9e00:50::/48 maxlen: 48
2407:9e00:51::/48 maxlen: 48
2407:9e00:52::/48 maxlen: 48
2407:9e00:53::/48 maxlen: 48
2407:9e00:60::/48 maxlen: 48
2407:9e00:61::/48 maxlen: 48
2407:9e00:62::/48 maxlen: 48
2407:9e00:70::/48 maxlen: 48
2407:9e00:71::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/_lDDhdnrGeLvoU-jWtpb3qW0VtM.crl
rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/_lDDhdnrGeLvoU-jWtpb3qW0VtM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_lDDhdnrGeLvoU-jWtpb3qW0VtM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1320 (0x528)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F17B1/serialNumber=FE50C385D9EB19E2EFA14FA35ADA5BDEA5B456D3
Validity
Not Before: Nov 14 23:22:33 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67368639-9627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:14:25:07:71:f8:ef:2b:f6:09:5a:68:56:3e:
e7:d0:56:fa:49:d4:61:ae:49:2b:f1:12:58:97:75:
99:06:40:4d:81:72:96:6c:5c:76:4c:e0:fd:3a:10:
e2:d7:0d:b9:f3:73:af:2b:31:2c:25:cf:2c:25:0b:
6a:42:b4:99:c7:b9:ab:47:88:33:46:7f:b0:7b:dc:
aa:21:3a:2d:6c:0a:b7:6f:7f:e8:ef:e5:a7:3c:bc:
c6:71:0f:86:22:fe:4e:db:c6:79:29:a9:ab:0a:c8:
8b:d5:99:a4:15:2b:5c:44:1a:b5:b3:e4:ed:c2:8a:
0e:c9:59:23:2a:08:86:81:24:e4:58:1a:34:b1:68:
cb:8c:ce:25:77:18:43:0d:98:e2:f0:dc:2a:dd:d7:
89:e0:3d:1c:5f:a5:24:00:11:59:f0:80:53:d7:3d:
ae:39:54:d5:a0:08:23:1c:d7:83:c9:6e:d3:21:e6:
1f:ad:80:8e:0c:82:6c:9b:a9:f6:d6:87:44:7d:49:
f5:3f:4b:85:63:29:c7:d0:52:33:93:17:02:9c:d5:
f7:40:6a:5c:0d:40:92:3f:10:ea:ee:e0:2c:8e:ee:
88:d9:25:48:44:24:6f:b4:7f:94:dd:27:06:ea:29:
85:26:78:3a:2f:7e:20:1d:00:05:49:c6:1a:fe:ad:
40:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:64:B8:A7:D6:67:7F:F2:62:72:57:45:C8:E9:F5:8E:BB:2F:01:FE
X509v3 Authority Key Identifier:
keyid:FE:50:C3:85:D9:EB:19:E2:EF:A1:4F:A3:5A:DA:5B:DE:A5:B4:56:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/_lDDhdnrGeLvoU-jWtpb3qW0VtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_lDDhdnrGeLvoU-jWtpb3qW0VtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17B1/66E4E4F6FB4011EBBAB0DA3BC4F9AE02/65DFCD4A884D11EE8423C486C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.84.0/22
103.253.156.0/22
113.197.48.0/21
175.107.0.0/18
202.83.160.0/20
IPv6:
2407:9e00::/45
2407:9e00:10::-2407:9e00:15:ffff:ffff:ffff:ffff:ffff
2407:9e00:20::-2407:9e00:25:ffff:ffff:ffff:ffff:ffff
2407:9e00:30::/46
2407:9e00:35::/48
2407:9e00:40::-2407:9e00:44:ffff:ffff:ffff:ffff:ffff
2407:9e00:50::/46
2407:9e00:60::-2407:9e00:62:ffff:ffff:ffff:ffff:ffff
2407:9e00:70::/47
Signature Algorithm: sha256WithRSAEncryption
9a:dd:11:40:cc:ef:88:98:ac:d1:01:78:44:3e:85:11:4a:66:
a9:d4:d5:f6:8d:39:d7:03:57:4e:2e:5e:b3:3c:18:a9:3d:25:
0b:ad:9a:00:69:56:cc:c3:dc:0d:20:ae:f0:ce:9d:76:9d:0d:
fd:b1:fd:c3:da:1a:07:7c:d1:4d:51:bb:1b:d7:6e:7a:8a:c6:
47:f8:b8:3b:f4:b6:94:28:71:34:59:bd:11:f3:25:90:63:0b:
e9:6f:b7:5f:2a:80:87:27:86:ef:e5:67:4e:70:f7:6d:78:0c:
9e:e1:66:64:f4:44:1d:af:94:a3:a9:07:03:40:e7:21:c2:a5:
ae:aa:73:40:b9:d3:d3:c3:1c:eb:6a:b6:93:1b:76:5b:27:9c:
eb:11:0e:fc:38:99:5c:79:29:8b:bf:2f:6c:4e:05:8c:10:c8:
1c:ea:2d:63:d5:1a:1c:b6:ec:48:97:0d:ff:cc:c7:84:49:0c:
c6:4b:53:fd:6d:c5:1e:44:48:56:0c:77:20:81:86:79:19:a9:
43:dd:0a:dc:a7:ac:66:a4:2d:a6:71:e9:07:e9:68:49:28:92:
42:3e:5c:dc:84:cd:d0:f3:be:41:3e:23:34:a8:9c:b8:5d:4f:
83:a8:71:9e:a7:17:e7:a1:fc:1e:4f:48:1c:2a:61:04:18:87:
9f:e7:9a:86
-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgICBSgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjE3QjExMTAvBgNVBAUTKEZFNTBDMzg1RDlFQjE5RTJFRkExNEZBMzVBREE1QkRF
QTVCNDU2RDMwHhcNMjQxMTE0MjMyMjMzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzM2ODYzOS05NjI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1RQlB3H47yv2CVpoVj7n0Fb6SdRhrkkr8RJYl3WZBkBNgXKWbFx2TOD9OhDi
1w2583OvKzEsJc8sJQtqQrSZx7mrR4gzRn+we9yqITotbAq3b3/o7+WnPLzGcQ+G
Iv5O28Z5KamrCsiL1ZmkFStcRBq1s+TtwooOyVkjKgiGgSTkWBo0sWjLjM4ldxhD
DZji8Nwq3deJ4D0cX6UkABFZ8IBT1z2uOVTVoAgjHNeDyW7TIeYfrYCODIJsm6n2
1odEfUn1P0uFYynH0FIzkxcCnNX3QGpcDUCSPxDq7uAsju6I2SVIRCRvtH+U3ScG
6imFJng6L34gHQAFScYa/q1AsQIDAQABo4IDNjCCAzIwHQYDVR0OBBYEFPxkuKfW
Z3/yYnJXRcjp9Y67LwH+MB8GA1UdIwQYMBaAFP5Qw4XZ6xni76FPo1raW96ltFbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTdCMS82NkU0RTRGNkZC
NDAxMUVCQkFCMERBM0JDNEY5QUUwMi9fbEREaGRuckdlTHZvVS1qV3RwYjNxVzBW
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19sRERoZG5yR2VMdm9VLWpXdHBiM3FXMFZ0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjE3QjEvNjZFNEU0RjZGQjQwMTFFQkJBQjBEQTNCQzRGOUFFMDIvNjVERkNENEE4
ODREMTFFRTg0MjNDNDg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgb8GCCsGAQUFBwEHAQH/
BIGvMIGsMCQEAgABMB4DBAIr+lQDBAJn/ZwDBANxxTADBAavawADBATKU6AwgYME
AgACMH0DBwMkB54AAAAwEgMHBCQHngAAEAMHASQHngAAFDASAwcFJAeeAAAgAwcB
JAeeAAAkAwcCJAeeAAAwAwcAJAeeAAA1MBIDBwYkB54AAEADBwAkB54AAEQDBwIk
B54AAFAwEgMHBSQHngAAYAMHACQHngAAYgMHASQHngAAcDANBgkqhkiG9w0BAQsF
AAOCAQEAmt0RQMzviJis0QF4RD6FEUpmqdTV9o051wNXTi5eszwYqT0lC62aAGlW
zMPcDSCu8M6ddp0N/bH9w9oaB3zRTVG7G9dueorGR/i4O/S2lChxNFm9EfMlkGML
6W+3XyqAhyeG7+VnTnD3bXgMnuFmZPREHa+Uo6kHA0DnIcKlrqpzQLnT08Mc62q2
kxt2Wyec6xEO/DiZXHkpi78vbE4FjBDIHOotY9UaHLbsSJcN/8zHhEkMxktT/W3F
HkRIVgx3IIGGeRmpQ90K3KesZqQtpnHpB+loSSiSQj5c3ITN0PO+QT4jNKicuF1P
g6hxnqcX56H8Hk9IHCphBBiHn+eahg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:27:29 2024 by rpki-client on console-ams.rpki-client.org