Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/D4EB3054E66811ECA007390EC4F9AE02.roa
File: D4EB3054E66811ECA007390EC4F9AE02.roa (raw, json)
Hash identifier: 622edGfL7zpYdLfyesl42frqJs8mT2fdL/bzTmlsAog=
Subject key identifier: BB:1C:3E:01:29:DB:31:38:43:5F:FE:69:F0:C8:87:F4:F2:8F:1F:F9
Certificate issuer: /CN=A91EA958/serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Certificate serial: 233D
Authority key identifier: 11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/D4EB3054E66811ECA007390EC4F9AE02.roa
Signing time: Sun 02 Jul 2023 15:20:44 +0000
ROA not before: Sun 02 Jul 2023 15:20:44 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 131207
IP address blocks: 96.9.64.0/23 maxlen: 23
96.9.64.0/24 maxlen: 24
96.9.65.0/24 maxlen: 24
96.9.66.0/23 maxlen: 23
96.9.66.0/24 maxlen: 24
96.9.67.0/24 maxlen: 24
96.9.68.0/23 maxlen: 23
96.9.68.0/24 maxlen: 24
96.9.69.0/24 maxlen: 24
96.9.70.0/23 maxlen: 23
96.9.70.0/24 maxlen: 24
96.9.71.0/24 maxlen: 24
96.9.72.0/23 maxlen: 23
96.9.72.0/24 maxlen: 24
96.9.73.0/24 maxlen: 24
96.9.74.0/23 maxlen: 23
96.9.74.0/24 maxlen: 24
96.9.75.0/24 maxlen: 24
96.9.76.0/23 maxlen: 23
96.9.76.0/24 maxlen: 24
96.9.77.0/24 maxlen: 24
96.9.78.0/23 maxlen: 23
96.9.78.0/24 maxlen: 24
96.9.79.0/24 maxlen: 24
96.9.80.0/23 maxlen: 23
96.9.80.0/24 maxlen: 24
96.9.81.0/24 maxlen: 24
96.9.82.0/23 maxlen: 23
96.9.82.0/24 maxlen: 24
96.9.83.0/24 maxlen: 24
96.9.84.0/23 maxlen: 23
96.9.84.0/24 maxlen: 24
96.9.85.0/24 maxlen: 24
96.9.86.0/23 maxlen: 23
96.9.86.0/24 maxlen: 24
96.9.87.0/24 maxlen: 24
96.9.88.0/23 maxlen: 23
96.9.88.0/24 maxlen: 24
96.9.89.0/24 maxlen: 24
96.9.90.0/23 maxlen: 23
96.9.90.0/24 maxlen: 24
96.9.91.0/24 maxlen: 24
96.9.92.0/23 maxlen: 23
96.9.92.0/24 maxlen: 24
96.9.93.0/24 maxlen: 24
96.9.94.0/23 maxlen: 23
96.9.94.0/24 maxlen: 24
96.9.95.0/24 maxlen: 24
136.228.128.0/23 maxlen: 23
136.228.128.0/24 maxlen: 24
136.228.129.0/24 maxlen: 24
136.228.130.0/23 maxlen: 23
136.228.130.0/24 maxlen: 24
136.228.131.0/24 maxlen: 24
136.228.132.0/23 maxlen: 24
136.228.134.0/23 maxlen: 24
136.228.136.0/22 maxlen: 22
136.228.136.0/24 maxlen: 24
136.228.140.0/23 maxlen: 23
136.228.140.0/24 maxlen: 24
136.228.141.0/24 maxlen: 24
136.228.142.0/23 maxlen: 23
136.228.142.0/24 maxlen: 24
136.228.143.0/24 maxlen: 24
136.228.144.0/23 maxlen: 23
136.228.145.0/24 maxlen: 24
136.228.146.0/23 maxlen: 23
136.228.146.0/24 maxlen: 24
136.228.147.0/24 maxlen: 24
136.228.148.0/23 maxlen: 23
136.228.148.0/24 maxlen: 24
136.228.149.0/24 maxlen: 24
136.228.150.0/23 maxlen: 23
136.228.150.0/24 maxlen: 24
136.228.151.0/24 maxlen: 24
136.228.152.0/23 maxlen: 23
136.228.154.0/23 maxlen: 23
136.228.156.0/23 maxlen: 23
136.228.156.0/24 maxlen: 24
136.228.157.0/24 maxlen: 24
136.228.158.0/23 maxlen: 23
136.228.158.0/24 maxlen: 24
136.228.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.crl
rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 07 Jun 2024 14:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9021 (0x233d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA958/serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Validity
Not Before: Jul 2 15:20:44 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64a195cc-1fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b2:cb:bd:ed:a7:b1:76:29:6e:1a:df:64:52:
7a:b5:d1:ad:33:fd:b5:ac:7b:71:7d:e3:a8:83:0c:
91:82:72:13:28:d7:d3:73:bf:c0:c3:38:bd:98:51:
e3:01:41:f5:d9:f4:a4:07:cb:d4:59:52:42:cf:ec:
98:1e:be:43:14:88:7a:65:28:cf:96:b3:76:56:7c:
b2:c7:c6:76:c9:93:d4:4d:9f:38:ec:2a:cb:53:f1:
0b:7a:2e:83:8d:65:d0:3a:b6:94:c8:23:47:12:f6:
23:23:71:39:01:4c:4e:7c:01:be:53:15:4a:9b:1a:
24:61:e7:3b:e3:68:87:14:a9:44:b5:7a:56:4d:21:
f8:e7:2a:d0:12:d7:df:66:7e:48:0c:6d:72:de:95:
34:ce:3e:81:44:49:c4:62:b1:e8:4f:b8:1b:b0:58:
e1:82:fa:89:a1:e3:b1:ea:4d:26:07:4b:f7:32:07:
e7:eb:1a:59:fa:ff:c3:a3:4e:d7:27:dd:49:c6:fa:
9c:66:07:9d:cd:87:7b:13:23:11:8d:ad:03:d8:b1:
f4:35:ae:e3:84:d9:60:c6:82:62:68:dc:62:86:72:
a8:e6:58:39:1d:78:f2:51:42:ca:1d:03:4a:94:85:
de:63:0a:8f:99:8e:51:fe:71:57:f3:7a:b1:52:22:
67:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:1C:3E:01:29:DB:31:38:43:5F:FE:69:F0:C8:87:F4:F2:8F:1F:F9
X509v3 Authority Key Identifier:
keyid:11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/D4EB3054E66811ECA007390EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
96.9.64.0/19
136.228.128.0/19
Signature Algorithm: sha256WithRSAEncryption
9b:33:12:20:3c:d2:4a:23:ad:fa:9c:23:ed:11:3c:eb:9d:88:
bc:31:c2:89:73:08:26:fc:c4:05:45:d6:39:88:12:fa:9d:22:
1f:14:e7:6b:d9:5a:e3:ff:f4:c3:ca:06:43:27:7c:1d:74:24:
ae:07:2b:d5:ed:6b:7f:b1:17:c8:46:cd:09:4e:fb:90:d5:6d:
b7:57:cd:cd:a4:71:fd:f4:60:26:4d:7e:95:9f:34:41:4c:03:
f7:12:ec:5b:d8:4d:6e:1b:77:2a:ef:86:70:37:b5:75:bf:b6:
62:de:54:54:35:44:2a:9c:78:79:6f:df:c3:54:fd:56:29:a6:
c0:16:d0:d8:f4:be:11:6a:05:cc:a6:30:7a:7f:56:31:b8:ef:
ec:e8:11:0d:9a:0e:c1:db:97:35:98:9b:a9:51:dc:80:1f:76:
94:c8:ca:4e:70:0b:05:9d:41:3f:9b:1a:d6:0c:10:7e:93:20:
84:d9:f7:60:6a:0b:d6:ed:2a:a7:60:a5:d5:42:c3:24:ed:2b:
fc:0a:77:0e:49:08:3f:70:62:2c:0d:6c:47:9a:91:76:71:06:
d6:57:ac:7b:a9:d5:3e:2f:2d:dc:c0:ec:c6:bc:9a:06:1b:b2:
8e:16:6b:31:f7:5e:e9:54:df:24:e5:a8:87:d6:fa:93:b9:4f:
89:73:a2:66
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICIz0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5NTgxMTAvBgNVBAUTKDExMTAzMTBFMEY4MDQ2NzcwM0Q4NDc3RkIzRUUyNUYx
RDg4ODhFOUUwHhcNMjMwNzAyMTUyMDQ0WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGExOTVjYy0xZmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwrLLve2nsXYpbhrfZFJ6tdGtM/21rHtxfeOogwyRgnITKNfTc7/Awzi9mFHj
AUH12fSkB8vUWVJCz+yYHr5DFIh6ZSjPlrN2Vnyyx8Z2yZPUTZ847CrLU/ELei6D
jWXQOraUyCNHEvYjI3E5AUxOfAG+UxVKmxokYec742iHFKlEtXpWTSH45yrQEtff
Zn5IDG1y3pU0zj6BREnEYrHoT7gbsFjhgvqJoeOx6k0mB0v3Mgfn6xpZ+v/Do07X
J91JxvqcZgedzYd7EyMRja0D2LH0Na7jhNlgxoJiaNxihnKo5lg5HXjyUULKHQNK
lIXeYwqPmY5R/nFX83qxUiJn8wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLscPgEp
2zE4Q1/+afDIh/Tyjx/5MB8GA1UdIwQYMBaAFBEQMQ4PgEZ3A9hHf7PuJfHYiI6e
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTk1OC9GREVGRDczNjRC
RDYxMUU1QTdDQTMwMzNDNEY5QUUwMi9FUkF4RGctQVJuY0QyRWRfcy00bDhkaUlq
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0VSQXhEZy1BUm5jRDJFZF9zLTRsOGRpSWpwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5NTgvRkRFRkQ3MzY0QkQ2MTFFNUE3Q0EzMDMzQzRGOUFFMDIvRDRFQjMwNTRF
NjY4MTFFQ0EwMDczOTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAVgCUADBAWI5IAwDQYJKoZIhvcNAQELBQADggEBAJszEiA8
0kojrfqcI+0RPOudiLwxwolzCCb8xAVF1jmIEvqdIh8U52vZWuP/9MPKBkMnfB10
JK4HK9Xta3+xF8hGzQlO+5DVbbdXzc2kcf30YCZNfpWfNEFMA/cS7FvYTW4bdyrv
hnA3tXW/tmLeVFQ1RCqceHlv38NU/VYppsAW0Nj0vhFqBcymMHp/VjG47+zoEQ2a
DsHblzWYm6lR3IAfdpTIyk5wCwWdQT+bGtYMEH6TIITZ92BqC9btKqdgpdVCwyTt
K/wKdw5JCD9wYiwNbEeakXZxBtZXrHup1T4vLdzA7Ma8mgYbso4WazH3XulU3yTl
qIfW+pO5T4lzomY=
-----END CERTIFICATE-----
Generated at Fri May 31 16:41:45 2024 by rpki-client on console-ams.rpki-client.org