Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/0CC38EEC80E711EBB8CFF825C4F9AE02.roa
File: 0CC38EEC80E711EBB8CFF825C4F9AE02.roa (raw, json)
Hash identifier: p/AuYRiNnSg4t0PmmsqbbQiBX6hKVTQkj6NVyO5NMng=
Subject key identifier: 33:F8:CE:A7:5B:73:DE:E7:9B:C7:21:70:C2:D2:32:65:4B:F4:FE:40
Certificate issuer: /CN=A9146207/serialNumber=897E02CCD8EB4039A783D02379C55FEE9F0CEE59
Certificate serial: 078E
Authority key identifier: 89:7E:02:CC:D8:EB:40:39:A7:83:D0:23:79:C5:5F:EE:9F:0C:EE:59
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/0CC38EEC80E711EBB8CFF825C4F9AE02.roa
Signing time: Fri 27 Sep 2024 06:17:39 +0000
ROA not before: Fri 27 Sep 2024 06:17:39 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 4775
IP address blocks: 64.224.21.0/24 maxlen: 24
64.224.96.0/19 maxlen: 19
64.224.128.0/20 maxlen: 20
64.226.56.0/21 maxlen: 21
64.226.56.0/24 maxlen: 24
64.226.57.0/24 maxlen: 24
64.226.58.0/24 maxlen: 24
64.226.59.0/24 maxlen: 24
64.226.60.0/24 maxlen: 24
64.226.61.0/24 maxlen: 24
64.226.62.0/24 maxlen: 24
64.226.63.0/24 maxlen: 24
138.84.64.0/18 maxlen: 18
138.84.64.0/24 maxlen: 24
138.84.65.0/24 maxlen: 24
138.84.66.0/24 maxlen: 24
138.84.67.0/24 maxlen: 24
138.84.70.0/24 maxlen: 24
138.84.71.0/24 maxlen: 24
138.84.74.0/24 maxlen: 24
138.84.75.0/24 maxlen: 24
138.84.76.0/23 maxlen: 23
138.84.78.0/23 maxlen: 23
138.84.110.0/23 maxlen: 23
138.84.112.0/23 maxlen: 23
138.84.114.0/23 maxlen: 23
138.84.126.0/23 maxlen: 23
138.84.128.0/19 maxlen: 19
138.84.192.0/21 maxlen: 21
147.185.169.0/24 maxlen: 24
158.62.0.0/17 maxlen: 17
158.62.106.0/24 maxlen: 24
192.112.243.0/24 maxlen: 24
209.35.160.0/20 maxlen: 20
209.35.160.0/24 maxlen: 24
209.35.161.0/24 maxlen: 24
209.35.162.0/24 maxlen: 24
209.35.163.0/24 maxlen: 24
209.35.164.0/24 maxlen: 24
209.35.165.0/24 maxlen: 24
209.35.166.0/24 maxlen: 24
209.35.167.0/24 maxlen: 24
209.35.169.0/24 maxlen: 24
209.35.170.0/24 maxlen: 24
209.35.171.0/24 maxlen: 24
209.35.172.0/24 maxlen: 24
209.35.173.0/24 maxlen: 24
209.35.174.0/24 maxlen: 24
216.247.0.0/18 maxlen: 18
216.247.80.0/20 maxlen: 20
216.247.80.0/24 maxlen: 24
216.247.81.0/24 maxlen: 24
216.247.82.0/24 maxlen: 24
216.247.83.0/24 maxlen: 24
216.247.84.0/24 maxlen: 24
216.247.85.0/24 maxlen: 24
216.247.86.0/24 maxlen: 24
216.247.87.0/24 maxlen: 24
216.247.88.0/24 maxlen: 24
216.247.89.0/24 maxlen: 24
216.247.90.0/24 maxlen: 24
216.247.91.0/24 maxlen: 24
216.247.92.0/24 maxlen: 24
216.247.93.0/24 maxlen: 24
216.247.94.0/24 maxlen: 24
216.247.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.crl
rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 15:22:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1934 (0x78e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146207/serialNumber=897E02CCD8EB4039A783D02379C55FEE9F0CEE59
Validity
Not Before: Sep 27 06:17:39 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66f64e02-3397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:dd:83:6c:0a:0c:0b:9d:c8:e8:73:a6:e7:1e:
07:6d:47:0a:a4:9d:96:93:98:7e:5f:36:7e:be:36:
5b:49:c4:77:c8:1e:90:46:c9:fb:8a:ba:a7:b6:03:
3b:8e:69:f7:fb:1a:a0:db:ff:3c:31:4b:b2:80:13:
f5:81:61:fc:96:d1:55:52:52:81:b7:1a:1e:2f:2c:
23:c0:48:e4:8d:4c:3d:a2:50:51:4b:77:a4:21:88:
14:8a:38:98:7b:97:80:0d:b2:22:61:38:a2:69:a5:
d6:cd:7c:4e:4d:f1:23:aa:fd:8a:ec:7b:58:8f:64:
cd:35:6c:2e:c7:43:f2:eb:8d:ab:21:a6:2e:e1:f6:
df:ee:d2:63:e8:95:9a:52:c9:31:fa:ef:9d:39:bf:
af:76:f3:12:52:41:9c:7a:1f:e4:ee:ca:42:46:bb:
e6:7c:05:f3:c5:39:f7:de:f6:16:4a:a3:64:91:cb:
78:8b:cf:23:70:55:59:be:56:5f:1c:6b:34:1d:e3:
c3:9f:e9:4b:01:76:3b:a7:cf:1b:71:eb:af:fc:50:
fb:1f:c6:dd:38:5c:72:25:3b:1b:8a:54:89:b9:08:
2f:13:08:eb:be:85:54:1c:be:6f:c1:32:15:78:32:
00:3c:f3:40:9c:f4:15:00:45:24:09:8c:f7:34:b6:
6c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F8:CE:A7:5B:73:DE:E7:9B:C7:21:70:C2:D2:32:65:4B:F4:FE:40
X509v3 Authority Key Identifier:
keyid:89:7E:02:CC:D8:EB:40:39:A7:83:D0:23:79:C5:5F:EE:9F:0C:EE:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/0CC38EEC80E711EBB8CFF825C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.224.21.0/24
64.224.96.0-64.224.143.255
64.226.56.0/21
138.84.64.0-138.84.159.255
138.84.192.0/21
147.185.169.0/24
158.62.0.0/17
192.112.243.0/24
209.35.160.0/20
216.247.0.0/18
216.247.80.0/20
Signature Algorithm: sha256WithRSAEncryption
b4:ba:4d:b1:f5:ab:1e:c7:e9:28:be:06:cf:6f:3e:d0:e7:fe:
6a:90:9f:fb:95:c3:76:8b:97:91:dc:60:f2:e3:c0:ee:4d:68:
60:ef:1e:a6:f5:7e:a9:ac:07:2b:42:2b:61:56:d3:a6:71:58:
17:bd:54:8c:37:b9:5f:17:6f:a6:22:a4:b9:a4:70:98:7e:46:
f6:5e:39:80:7b:3c:95:b7:bc:10:e5:e3:4b:3b:3d:33:90:1e:
c3:2d:0b:3a:e0:de:f5:74:6a:52:80:62:c4:77:3c:ef:25:12:
ed:0b:d8:11:01:03:8e:09:94:b3:e9:dd:d9:dc:86:3f:4f:fb:
db:dc:3f:69:4f:4d:47:38:1b:ea:00:b7:3b:ae:70:67:75:88:
ba:e6:14:d9:07:2e:4e:51:be:11:a1:39:ad:57:a9:64:24:02:
9c:16:ba:c7:37:bf:6b:f5:20:60:31:d7:a9:fa:a2:7a:ac:08:
a9:a8:ad:bc:80:8c:fb:70:42:aa:a7:c0:2c:87:96:f4:a2:c6:
4e:b1:35:f8:25:76:f3:a4:0b:61:3c:aa:2d:c0:f6:a8:c7:98:
66:e1:f9:fc:62:68:60:16:2a:03:4c:aa:19:f9:f4:5d:94:b5:
84:d7:ae:95:9f:df:ab:bf:94:5d:02:4f:57:b8:a0:a3:5b:42:
f5:2c:31:a8
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgICB44wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDYyMDcxMTAvBgNVBAUTKDg5N0UwMkNDRDhFQjQwMzlBNzgzRDAyMzc5QzU1RkVF
OUYwQ0VFNTkwHhcNMjQwOTI3MDYxNzM5WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY2NGUwMi0zMzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvd2DbAoMC53I6HOm5x4HbUcKpJ2Wk5h+XzZ+vjZbScR3yB6QRsn7irqntgM7
jmn3+xqg2/88MUuygBP1gWH8ltFVUlKBtxoeLywjwEjkjUw9olBRS3ekIYgUijiY
e5eADbIiYTiiaaXWzXxOTfEjqv2K7HtYj2TNNWwux0Py642rIaYu4fbf7tJj6JWa
Uskx+u+dOb+vdvMSUkGceh/k7spCRrvmfAXzxTn33vYWSqNkkct4i88jcFVZvlZf
HGs0HePDn+lLAXY7p88bceuv/FD7H8bdOFxyJTsbilSJuQgvEwjrvoVUHL5vwTIV
eDIAPPNAnPQVAEUkCYz3NLZsUwIDAQABo4IC4TCCAt0wHQYDVR0OBBYEFDP4zqdb
c97nm8chcMLSMmVL9P5AMB8GA1UdIwQYMBaAFIl+AszY60A5p4PQI3nFX+6fDO5Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NjIwNy84QzY4QjlBMjA5
ODExMUVCOUQ0NjFCMzBDNEY5QUUwMi9pWDRDek5qclFEbW5nOUFqZWNWZjdwOE03
bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lYNEN6TmpyUURtbmc5QWplY1ZmN3A4TTdsay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDYyMDcvOEM2OEI5QTIwOTgxMTFFQjlENDYxQjMwQzRGOUFFMDIvMENDMzhFRUM4
MEU3MTFFQkI4Q0ZGODI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwawYIKwYBBQUHAQcBAf8E
XDBaMFgEAgABMFIDBABA4BUwDAMEBUDgYAMEBEDggAMEA0DiODAMAwQGilRAAwQF
ilSAAwQDilTAAwQAk7mpAwQHnj4AAwQAwHDzAwQE0SOgAwQG2PcAAwQE2PdQMA0G
CSqGSIb3DQEBCwUAA4IBAQC0uk2x9asex+kovgbPbz7Q5/5qkJ/7lcN2i5eR3GDy
48DuTWhg7x6m9X6prAcrQithVtOmcVgXvVSMN7lfF2+mIqS5pHCYfkb2XjmAezyV
t7wQ5eNLOz0zkB7DLQs64N71dGpSgGLEdzzvJRLtC9gRAQOOCZSz6d3Z3IY/T/vb
3D9pT01HOBvqALc7rnBndYi65hTZBy5OUb4RoTmtV6lkJAKcFrrHN79r9SBgMdep
+qJ6rAipqK28gIz7cEKqp8Ash5b0osZOsTX4JXbzpAthPKotwPaox5hm4fn8Ymhg
FioDTKoZ+fRdlLWE166Vn9+rv5RdAk9XuKCjW0L1LDGo
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:05:16 2024 by rpki-client on console-ams.rpki-client.org