Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
File: CCF0C1920EBA11ECB2C2867AC4F9AE02.roa (raw, json)
Hash identifier: 2xWbrnHwz3OQ4/YSi1KDjiY+Btu6Pg+aM5b286IQ9MU=
Subject key identifier: C5:74:28:15:5F:E8:01:1C:14:C4:88:02:A6:64:D3:B9:02:DC:C5:36
Certificate issuer: /CN=A9150F66/serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Certificate serial: 28B7
Authority key identifier: 90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
Signing time: Tue 15 Apr 2025 05:48:54 +0000
ROA not before: Tue 15 Apr 2025 05:48:54 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 24440
IP address blocks: 36.255.44.0/22 maxlen: 24
43.242.100.0/22 maxlen: 24
58.65.192.0/19 maxlen: 24
61.5.128.0/19 maxlen: 24
101.53.224.0/19 maxlen: 24
103.7.60.0/22 maxlen: 24
103.18.8.0/22 maxlen: 24
103.18.12.0/22 maxlen: 24
103.18.20.0/22 maxlen: 24
103.26.80.0/22 maxlen: 24
103.26.84.0/22 maxlen: 24
103.31.92.0/22 maxlen: 24
103.31.100.0/22 maxlen: 24
103.31.104.0/22 maxlen: 24
103.244.172.0/22 maxlen: 24
103.244.176.0/22 maxlen: 24
103.245.132.0/22 maxlen: 24
103.245.192.0/22 maxlen: 24
119.13.184.0/21 maxlen: 24
124.29.192.0/18 maxlen: 24
175.107.192.0/18 maxlen: 24
202.47.32.0/19 maxlen: 24
202.163.64.0/19 maxlen: 24
202.163.96.0/19 maxlen: 24
203.101.160.0/19 maxlen: 24
218.100.85.0/24 maxlen: 24
2001:4538::/32 maxlen: 32
2001:4538:41::/48 maxlen: 48
2400:adc0:9::/64 maxlen: 64
2400:adc0:200::/48 maxlen: 48
2400:adc0:4005::/48 maxlen: 48
2400:adc0:4013::/48 maxlen: 48
2400:adc0:4203::/48 maxlen: 48
2400:adc0:4302::/48 maxlen: 48
2400:adc0:4500::/48 maxlen: 48
2400:adc0:4611::/48 maxlen: 48
2400:adc0:4700::/48 maxlen: 48
2400:adc0:4710::/48 maxlen: 48
2400:adc0:4711::/48 maxlen: 48
2400:adc0:c001::/48 maxlen: 48
2400:adc0:c003::/48 maxlen: 48
2400:adc0:c030::/48 maxlen: 48
2400:adc0:c102::/48 maxlen: 48
2400:adc0:c210::/48 maxlen: 48
2400:adc0:c211::/48 maxlen: 48
2400:adc0:c310::/48 maxlen: 48
2400:adc2:100::/48 maxlen: 48
2400:adc2:300::/40 maxlen: 40
2400:adc2:400::/40 maxlen: 40
2400:adc2:600::/40 maxlen: 40
2400:adc2:700::/40 maxlen: 40
2400:adc2:900::/40 maxlen: 40
2400:adc2:a00::/40 maxlen: 40
2400:adc4::/40 maxlen: 40
2400:adc4:100::/40 maxlen: 40
2400:adc4:800::/40 maxlen: 40
2400:adc4:900::/40 maxlen: 40
2400:adc5::/42 maxlen: 42
2400:adc5:40::/42 maxlen: 42
2400:adc5:80::/42 maxlen: 42
2400:adc5:c0::/42 maxlen: 42
2400:adc5:100::/42 maxlen: 42
2400:adc5:140::/42 maxlen: 42
2400:adc5:180::/42 maxlen: 42
2400:adc5:1c0::/42 maxlen: 42
2400:adc5:300::/42 maxlen: 42
2400:adc5:340::/42 maxlen: 42
2400:adc5:380::/42 maxlen: 42
2400:adc5:3c0::/42 maxlen: 42
2400:adc5:400::/42 maxlen: 42
2400:adc5:440::/42 maxlen: 42
2400:adc5:480::/42 maxlen: 42
2400:adc5:4c0::/42 maxlen: 42
2400:adca::/40 maxlen: 40
2400:adca:100::/40 maxlen: 40
2400:addb:800::/40 maxlen: 40
2400:addb:900::/40 maxlen: 40
2400:addd:2000::/40 maxlen: 40
2400:addd:2100::/40 maxlen: 40
2400:addd:2800::/40 maxlen: 40
2400:addd:2900::/40 maxlen: 40
2400:adde::/40 maxlen: 40
2400:adde:100::/40 maxlen: 40
2400:addf:800::/40 maxlen: 40
2400:addf:900::/40 maxlen: 40
2400:addf:1000::/40 maxlen: 40
2400:addf:1100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 15:40:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10423 (0x28b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9150F66, serialNumber=9009E74196D48B03964F1FC56CFE446EC5048CF7
Validity
Not Before: Apr 15 05:48:54 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67fdf346-7992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:de:2d:57:2f:0e:d3:38:fd:34:91:1b:2d:b7:
97:e9:0b:25:00:4d:2e:ae:0c:7c:2b:6d:86:d0:12:
6a:88:10:e3:ad:c4:a1:a9:93:b5:fb:8f:ee:ed:c2:
b7:67:7c:02:0e:3c:a9:d7:5e:cb:fc:6a:d4:4d:2d:
2e:d0:01:d9:7e:f0:3a:20:8d:62:8d:b1:a3:37:13:
10:43:60:33:a6:f6:01:53:f4:aa:2a:86:c0:73:91:
9c:fd:23:fb:b8:c8:2b:43:41:50:43:9f:a0:2c:04:
68:ad:54:3b:5a:71:4e:30:55:9c:df:da:69:a6:71:
4a:ed:bd:6a:c0:14:7b:f2:75:fa:0f:4c:f0:ec:5b:
77:de:fc:f5:5e:61:9e:b6:5a:0f:67:ed:5d:b4:9e:
52:b6:02:54:72:75:7b:6f:3a:43:16:9e:0e:95:af:
ab:e4:33:c8:8d:e9:fb:64:ec:24:85:af:f7:3a:23:
76:8e:4b:e3:ce:02:cb:65:90:0f:19:53:2a:c3:5c:
31:5b:2c:ad:80:2a:bb:b4:ea:ca:18:00:46:50:73:
d4:dd:de:f5:7e:4a:ac:e0:7e:14:22:b4:79:42:36:
5f:5e:e6:28:24:ce:b0:c9:66:32:01:18:20:66:00:
e9:b0:86:f8:4a:97:3c:e8:ef:09:c9:b6:7d:ad:8b:
b9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:74:28:15:5F:E8:01:1C:14:C4:88:02:A6:64:D3:B9:02:DC:C5:36
X509v3 Authority Key Identifier:
keyid:90:09:E7:41:96:D4:8B:03:96:4F:1F:C5:6C:FE:44:6E:C5:04:8C:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/kAnnQZbUiwOWTx_FbP5EbsUEjPc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kAnnQZbUiwOWTx_FbP5EbsUEjPc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9150F66/BC1DC1F6C17511E4A2C7B74CC4F9AE02/CCF0C1920EBA11ECB2C2867AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.44.0/22
43.242.100.0/22
58.65.192.0/19
61.5.128.0/19
101.53.224.0/19
103.7.60.0/22
103.18.8.0/21
103.18.20.0/22
103.26.80.0/21
103.31.92.0/22
103.31.100.0-103.31.107.255
103.244.172.0-103.244.179.255
103.245.132.0/22
103.245.192.0/22
119.13.184.0/21
124.29.192.0/18
175.107.192.0/18
202.47.32.0/19
202.163.64.0/18
203.101.160.0/19
218.100.85.0/24
IPv6:
2001:4538::/32
2400:adc0:9::/64
2400:adc0:200::/48
2400:adc0:4005::/48
2400:adc0:4013::/48
2400:adc0:4203::/48
2400:adc0:4302::/48
2400:adc0:4500::/48
2400:adc0:4611::/48
2400:adc0:4700::/48
2400:adc0:4710::/47
2400:adc0:c001::/48
2400:adc0:c003::/48
2400:adc0:c030::/48
2400:adc0:c102::/48
2400:adc0:c210::/47
2400:adc0:c310::/48
2400:adc2:100::/48
2400:adc2:300::-2400:adc2:4ff:ffff:ffff:ffff:ffff:ffff
2400:adc2:600::/39
2400:adc2:900::-2400:adc2:aff:ffff:ffff:ffff:ffff:ffff
2400:adc4::/39
2400:adc4:800::/39
2400:adc5::/39
2400:adc5:300::-2400:adc5:4ff:ffff:ffff:ffff:ffff:ffff
2400:adca::/39
2400:addb:800::/39
2400:addd:2000::/39
2400:addd:2800::/39
2400:adde::/39
2400:addf:800::/39
2400:addf:1000::/39
Signature Algorithm: sha256WithRSAEncryption
85:66:2b:e1:24:e4:45:c4:eb:38:cf:b8:3c:52:66:ee:07:0d:
8a:4a:ce:11:03:58:a6:36:11:bc:51:80:3b:a0:c9:56:c8:02:
5d:c0:87:c0:ae:34:81:aa:cc:ec:12:40:40:ca:06:94:15:91:
30:3e:5c:41:f1:33:25:72:b6:b5:f6:20:25:0c:91:05:45:08:
f2:19:79:21:61:38:3d:9f:ca:08:4e:29:46:bc:ee:41:e4:02:
77:bd:81:4d:0a:0f:72:dc:e8:a9:ea:73:9b:a0:4d:c0:eb:46:
b8:f7:5e:87:ad:ad:05:b3:03:54:e8:d7:53:af:76:38:47:1b:
bf:80:85:be:ae:f1:e5:50:db:42:2e:96:81:74:55:a9:59:5c:
22:82:de:b2:42:2d:f6:61:52:7a:07:7f:86:3c:37:b3:b0:e0:
6c:1f:18:a4:5d:bb:5f:13:ca:e5:b1:43:c5:3b:21:57:23:9f:
b7:21:3a:3c:56:f7:45:ef:7a:3f:a1:c4:7c:e5:9c:1b:84:fe:
2f:ff:06:40:27:ce:3b:ed:9f:4b:08:92:c2:27:83:ec:cd:e4:
3e:f3:02:87:00:bf:32:81:84:13:b8:e3:ca:09:2a:8b:69:63:
7f:7d:ee:06:9f:0f:fd:8d:f7:be:07:38:24:98:6b:4f:19:40:
9d:39:f7:48
-----BEGIN CERTIFICATE-----
MIIHPTCCBiWgAwIBAgICKLcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTBGNjYxMTAvBgNVBAUTKDkwMDlFNzQxOTZENDhCMDM5NjRGMUZDNTZDRkU0NDZF
QzUwNDhDRjcwHhcNMjUwNDE1MDU0ODU0WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ZkZjM0Ni03OTkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAud4tVy8O0zj9NJEbLbeX6QslAE0urgx8K22G0BJqiBDjrcShqZO1+4/u7cK3
Z3wCDjyp117L/GrUTS0u0AHZfvA6II1ijbGjNxMQQ2AzpvYBU/SqKobAc5Gc/SP7
uMgrQ0FQQ5+gLARorVQ7WnFOMFWc39pppnFK7b1qwBR78nX6D0zw7Ft33vz1XmGe
tloPZ+1dtJ5StgJUcnV7bzpDFp4Ola+r5DPIjen7ZOwkha/3OiN2jkvjzgLLZZAP
GVMqw1wxWyytgCq7tOrKGABGUHPU3d71fkqs4H4UIrR5QjZfXuYoJM6wyWYyARgg
ZgDpsIb4Spc86O8JybZ9rYu55QIDAQABo4IEYTCCBF0wHQYDVR0OBBYEFMV0KBVf
6AEcFMSIAqZk07kC3MU2MB8GA1UdIwQYMBaAFJAJ50GW1IsDlk8fxWz+RG7FBIz3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MEY2Ni9CQzFEQzFGNkMx
NzUxMUU0QTJDN0I3NENDNEY5QUUwMi9rQW5uUVpiVWl3T1dUeF9GYlA1RWJzVUVq
UGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tBbm5RWmJVaXdPV1R4X0ZiUDVFYnNVRWpQYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTBGNjYvQkMxREMxRjZDMTc1MTFFNEEyQzdCNzRDQzRGOUFFMDIvQ0NGMEMxOTIw
RUJBMTFFQ0IyQzI4NjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggHpBggrBgEFBQcBBwEB
/wSCAdgwggHUMIGVBAIAATCBjgMEAiT/LAMEAivyZAMEBTpBwAMEBT0FgAMEBWU1
4AMEAmcHPAMEA2cSCAMEAmcSFAMEA2caUAMEAmcfXDAMAwQCZx9kAwQCZx9oMAwD
BAJn9KwDBAJn9LADBAJn9YQDBAJn9cADBAN3DbgDBAZ8HcADBAava8ADBAXKLyAD
BAbKo0ADBAXLZaADBADaZFUwggE4BAIAAjCCATADBQAgAUU4AwkAJACtwAAJAAAD
BwAkAK3AAgADBwAkAK3AQAUDBwAkAK3AQBMDBwAkAK3AQgMDBwAkAK3AQwIDBwAk
AK3ARQADBwAkAK3ARhEDBwAkAK3ARwADBwEkAK3ARxADBwAkAK3AwAEDBwAkAK3A
wAMDBwAkAK3AwDADBwAkAK3AwQIDBwEkAK3AwhADBwAkAK3AwxADBwAkAK3CAQAw
EAMGACQArcIDAwYAJACtwgQDBgEkAK3CBjAQAwYAJACtwgkDBgAkAK3CCgMGASQA
rcQAAwYBJACtxAgDBgEkAK3FADAQAwYAJACtxQMDBgAkAK3FBAMGASQArcoAAwYB
JACt2wgDBgEkAK3dIAMGASQArd0oAwYBJACt3gADBgEkAK3fCAMGASQArd8QMA0G
CSqGSIb3DQEBCwUAA4IBAQCFZivhJORFxOs4z7g8UmbuBw2KSs4RA1imNhG8UYA7
oMlWyAJdwIfArjSBqszsEkBAygaUFZEwPlxB8TMlcra19iAlDJEFRQjyGXkhYTg9
n8oITilGvO5B5AJ3vYFNCg9y3Oip6nOboE3A60a4916Hra0FswNU6NdTr3Y4Rxu/
gIW+rvHlUNtCLpaBdFWpWVwigt6yQi32YVJ6B3+GPDezsOBsHxikXbtfE8rlsUPF
OyFXI5+3ITo8VvdF73o/ocR85ZwbhP4v/wZAJ8477Z9LCJLCJ4PszeQ+8wKHAL8y
gYQTuOPKCSqLaWN/fe4Gnw/9jfe+BzgkmGtPGUCdOfdI
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:22:24 2025 by rpki-client