Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/D4EB3054E66811ECA007390EC4F9AE02.roa
File: D4EB3054E66811ECA007390EC4F9AE02.roa (raw, json)
Hash identifier: 3kDcxjoJt+uLwNPAJETs74uGi0S+qOhaB4Kap466oyI=
Subject key identifier: F0:21:1C:91:87:C0:22:A8:8E:7A:22:4C:10:85:8A:E7:5E:D9:12:D7
Certificate issuer: /CN=A91EA958/serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Certificate serial: 240F
Authority key identifier: 11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/D4EB3054E66811ECA007390EC4F9AE02.roa
Signing time: Fri 02 Aug 2024 15:30:56 +0000
ROA not before: Fri 02 Aug 2024 15:30:56 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 131207
IP address blocks: 96.9.64.0/23 maxlen: 23
96.9.64.0/24 maxlen: 24
96.9.65.0/24 maxlen: 24
96.9.66.0/23 maxlen: 23
96.9.66.0/24 maxlen: 24
96.9.67.0/24 maxlen: 24
96.9.68.0/23 maxlen: 23
96.9.68.0/24 maxlen: 24
96.9.69.0/24 maxlen: 24
96.9.70.0/23 maxlen: 23
96.9.70.0/24 maxlen: 24
96.9.71.0/24 maxlen: 24
96.9.72.0/23 maxlen: 23
96.9.72.0/24 maxlen: 24
96.9.73.0/24 maxlen: 24
96.9.74.0/23 maxlen: 23
96.9.74.0/24 maxlen: 24
96.9.75.0/24 maxlen: 24
96.9.76.0/23 maxlen: 23
96.9.76.0/24 maxlen: 24
96.9.77.0/24 maxlen: 24
96.9.78.0/23 maxlen: 23
96.9.78.0/24 maxlen: 24
96.9.79.0/24 maxlen: 24
96.9.80.0/23 maxlen: 23
96.9.80.0/24 maxlen: 24
96.9.81.0/24 maxlen: 24
96.9.82.0/23 maxlen: 23
96.9.82.0/24 maxlen: 24
96.9.83.0/24 maxlen: 24
96.9.84.0/23 maxlen: 23
96.9.84.0/24 maxlen: 24
96.9.85.0/24 maxlen: 24
96.9.86.0/23 maxlen: 23
96.9.86.0/24 maxlen: 24
96.9.87.0/24 maxlen: 24
96.9.88.0/23 maxlen: 23
96.9.88.0/24 maxlen: 24
96.9.89.0/24 maxlen: 24
96.9.90.0/23 maxlen: 23
96.9.90.0/24 maxlen: 24
96.9.91.0/24 maxlen: 24
96.9.92.0/23 maxlen: 23
96.9.92.0/24 maxlen: 24
96.9.93.0/24 maxlen: 24
96.9.94.0/23 maxlen: 23
96.9.94.0/24 maxlen: 24
96.9.95.0/24 maxlen: 24
136.228.128.0/23 maxlen: 23
136.228.128.0/24 maxlen: 24
136.228.129.0/24 maxlen: 24
136.228.130.0/23 maxlen: 23
136.228.130.0/24 maxlen: 24
136.228.131.0/24 maxlen: 24
136.228.132.0/23 maxlen: 24
136.228.134.0/23 maxlen: 24
136.228.136.0/22 maxlen: 22
136.228.136.0/24 maxlen: 24
136.228.140.0/23 maxlen: 23
136.228.140.0/24 maxlen: 24
136.228.141.0/24 maxlen: 24
136.228.142.0/23 maxlen: 23
136.228.142.0/24 maxlen: 24
136.228.143.0/24 maxlen: 24
136.228.144.0/23 maxlen: 23
136.228.145.0/24 maxlen: 24
136.228.146.0/23 maxlen: 23
136.228.146.0/24 maxlen: 24
136.228.147.0/24 maxlen: 24
136.228.148.0/23 maxlen: 23
136.228.148.0/24 maxlen: 24
136.228.149.0/24 maxlen: 24
136.228.150.0/23 maxlen: 23
136.228.150.0/24 maxlen: 24
136.228.151.0/24 maxlen: 24
136.228.152.0/23 maxlen: 23
136.228.154.0/23 maxlen: 23
136.228.156.0/23 maxlen: 23
136.228.156.0/24 maxlen: 24
136.228.157.0/24 maxlen: 24
136.228.158.0/23 maxlen: 23
136.228.158.0/24 maxlen: 24
136.228.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.crl
rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 01 Dec 2024 15:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9231 (0x240f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA958/serialNumber=1110310E0F80467703D8477FB3EE25F1D8888E9E
Validity
Not Before: Aug 2 15:30:56 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66acfbaf-96f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:24:9f:fb:87:90:21:09:88:1a:91:dc:10:a8:
da:cd:6e:29:67:00:98:1c:b2:bf:a7:3e:73:ae:79:
e2:53:44:8b:5f:03:85:82:f9:1c:f5:63:ea:ce:50:
a0:13:5b:1c:0f:77:5f:42:a3:b7:a2:46:a4:60:b3:
62:43:4d:43:f5:c6:75:e9:45:9b:9c:83:2f:12:99:
31:d0:b9:9f:20:98:94:bb:50:81:85:d0:c9:87:4b:
cd:96:3b:18:08:d7:15:9d:25:03:ea:73:bb:85:40:
35:de:77:2f:20:b1:06:72:84:a1:cc:1f:9e:a3:99:
68:93:2b:db:a1:2b:9e:5b:e1:2a:4f:10:46:ef:62:
fb:4b:a3:89:80:48:d0:d1:f3:d9:7e:34:c7:8a:d4:
d9:bb:34:5e:ee:22:bc:47:22:78:08:80:24:52:b2:
d2:27:74:32:de:a9:0c:e5:5d:ba:70:d2:1b:b9:dd:
e8:ac:e5:d7:bc:4b:59:d5:e4:95:e3:e1:f4:ec:b7:
ff:57:68:07:ef:e8:20:47:75:fc:8e:45:c7:d3:e1:
1c:18:4f:df:ab:99:c7:0b:90:27:19:b6:2a:ee:e9:
df:06:e5:fd:75:9d:f9:71:e8:20:b7:dc:23:f1:b7:
0c:95:b8:81:55:dd:e9:b5:7b:69:62:54:47:25:b7:
9b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:21:1C:91:87:C0:22:A8:8E:7A:22:4C:10:85:8A:E7:5E:D9:12:D7
X509v3 Authority Key Identifier:
keyid:11:10:31:0E:0F:80:46:77:03:D8:47:7F:B3:EE:25:F1:D8:88:8E:9E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/ERAxDg-ARncD2Ed_s-4l8diIjp4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ERAxDg-ARncD2Ed_s-4l8diIjp4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA958/FDEFD7364BD611E5A7CA3033C4F9AE02/D4EB3054E66811ECA007390EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
96.9.64.0/19
136.228.128.0/19
Signature Algorithm: sha256WithRSAEncryption
3b:16:a8:e8:e3:28:9f:4d:03:03:31:dd:da:e3:29:e4:b0:f1:
c1:0f:59:1c:72:cf:8e:0a:2e:9f:1b:ba:28:ad:e4:c9:70:c3:
87:b7:27:a2:38:4f:55:6a:18:ac:52:5c:bf:51:87:54:cd:38:
3b:08:2a:82:60:6b:4f:5c:83:64:e6:00:66:75:74:13:d7:7d:
69:b3:f9:79:ef:fa:18:cf:21:8e:38:79:42:c5:ca:dd:f8:fc:
94:02:f8:57:bf:7b:d1:30:b3:33:01:b1:64:ef:53:08:fa:48:
7d:ea:9a:7e:a6:39:ef:e1:25:5f:d8:74:d9:1f:cf:b7:c3:8f:
ba:0e:ae:fd:1a:a0:ee:06:22:51:61:1c:7c:f5:fe:96:12:d6:
99:ba:ff:38:e2:3c:d6:e2:d1:9d:b1:4f:5f:cb:df:0e:e9:5c:
14:81:a4:2d:0f:1f:14:7c:c0:b8:fa:a7:87:e7:3a:2a:4f:ed:
3a:a0:b9:f3:f6:90:46:f7:91:a6:64:bc:32:4b:f7:94:1a:83:
fa:ee:21:b6:2f:6e:75:49:23:79:a6:91:b1:00:52:96:1f:76:
84:2c:f8:65:2b:25:66:76:25:f2:58:d8:50:2a:2b:d6:b3:c4:
89:01:d3:1b:7b:16:04:6b:59:55:70:29:5d:60:1f:df:44:1e:
59:35:73:e9
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICJA8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE5NTgxMTAvBgNVBAUTKDExMTAzMTBFMEY4MDQ2NzcwM0Q4NDc3RkIzRUUyNUYx
RDg4ODhFOUUwHhcNMjQwODAyMTUzMDU2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFjZmJhZi05NmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxCSf+4eQIQmIGpHcEKjazW4pZwCYHLK/pz5zrnniU0SLXwOFgvkc9WPqzlCg
E1scD3dfQqO3okakYLNiQ01D9cZ16UWbnIMvEpkx0LmfIJiUu1CBhdDJh0vNljsY
CNcVnSUD6nO7hUA13ncvILEGcoShzB+eo5lokyvboSueW+EqTxBG72L7S6OJgEjQ
0fPZfjTHitTZuzRe7iK8RyJ4CIAkUrLSJ3Qy3qkM5V26cNIbud3orOXXvEtZ1eSV
4+H07Lf/V2gH7+ggR3X8jkXH0+EcGE/fq5nHC5AnGbYq7unfBuX9dZ35ceggt9wj
8bcMlbiBVd3ptXtpYlRHJbebGQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPAhHJGH
wCKojnoiTBCFiude2RLXMB8GA1UdIwQYMBaAFBEQMQ4PgEZ3A9hHf7PuJfHYiI6e
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTk1OC9GREVGRDczNjRC
RDYxMUU1QTdDQTMwMzNDNEY5QUUwMi9FUkF4RGctQVJuY0QyRWRfcy00bDhkaUlq
cDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0VSQXhEZy1BUm5jRDJFZF9zLTRsOGRpSWpwNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE5NTgvRkRFRkQ3MzY0QkQ2MTFFNUE3Q0EzMDMzQzRGOUFFMDIvRDRFQjMwNTRF
NjY4MTFFQ0EwMDczOTBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAVgCUADBAWI5IAwDQYJKoZIhvcNAQELBQADggEBADsWqOjj
KJ9NAwMx3drjKeSw8cEPWRxyz44KLp8buiit5Mlww4e3J6I4T1VqGKxSXL9Rh1TN
ODsIKoJga09cg2TmAGZ1dBPXfWmz+Xnv+hjPIY44eULFyt34/JQC+Fe/e9EwszMB
sWTvUwj6SH3qmn6mOe/hJV/YdNkfz7fDj7oOrv0aoO4GIlFhHHz1/pYS1pm6/zji
PNbi0Z2xT1/L3w7pXBSBpC0PHxR8wLj6p4fnOipP7TqgufP2kEb3kaZkvDJL95Qa
g/ruIbYvbnVJI3mmkbEAUpYfdoQs+GUrJWZ2JfJY2FAqK9azxIkB0xt7FgRrWVVw
KV1gH99EHlk1c+k=
-----END CERTIFICATE-----
Generated at Sun Nov 24 17:20:53 2024 by rpki-client on console-fra.rpki-client.org