Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/E19826A0EAA511EBA4C1F32CC4F9AE02.roa
File: E19826A0EAA511EBA4C1F32CC4F9AE02.roa (raw, json)
Hash identifier: 8D5ksmfc3aXF/CCypLFYWvFyrGXF0UBfGXqLK0BT+9c=
Subject key identifier: 58:AF:96:B9:2B:EC:D2:F1:9C:A1:47:71:67:82:4B:6A:70:E3:E4:7B
Certificate issuer: /CN=A9146207/serialNumber=897E02CCD8EB4039A783D02379C55FEE9F0CEE59
Certificate serial: 0776
Authority key identifier: 89:7E:02:CC:D8:EB:40:39:A7:83:D0:23:79:C5:5F:EE:9F:0C:EE:59
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/E19826A0EAA511EBA4C1F32CC4F9AE02.roa
Signing time: Mon 19 Aug 2024 05:11:28 +0000
ROA not before: Mon 19 Aug 2024 05:11:28 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 132199
IP address blocks: 64.224.96.0/21 maxlen: 21
64.224.104.0/22 maxlen: 22
64.224.108.0/22 maxlen: 22
64.224.112.0/21 maxlen: 21
64.224.120.0/21 maxlen: 21
64.224.128.0/22 maxlen: 22
64.224.132.0/22 maxlen: 22
64.224.136.0/21 maxlen: 21
138.84.80.0/22 maxlen: 22
138.84.84.0/22 maxlen: 22
138.84.88.0/23 maxlen: 23
138.84.90.0/23 maxlen: 23
138.84.92.0/22 maxlen: 22
138.84.96.0/22 maxlen: 22
138.84.100.0/22 maxlen: 22
138.84.104.0/22 maxlen: 22
138.84.108.0/23 maxlen: 23
138.84.116.0/22 maxlen: 22
138.84.120.0/22 maxlen: 22
138.84.124.0/23 maxlen: 23
158.62.0.0/21 maxlen: 21
158.62.0.0/22 maxlen: 22
158.62.4.0/23 maxlen: 23
158.62.6.0/23 maxlen: 23
158.62.8.0/22 maxlen: 22
158.62.16.0/21 maxlen: 21
158.62.16.0/22 maxlen: 22
158.62.20.0/23 maxlen: 23
158.62.22.0/23 maxlen: 23
158.62.24.0/22 maxlen: 22
158.62.32.0/21 maxlen: 21
158.62.32.0/22 maxlen: 22
158.62.36.0/23 maxlen: 23
158.62.38.0/23 maxlen: 23
158.62.40.0/22 maxlen: 22
158.62.48.0/21 maxlen: 21
158.62.56.0/23 maxlen: 23
158.62.62.0/23 maxlen: 23
158.62.64.0/22 maxlen: 22
158.62.68.0/23 maxlen: 23
158.62.70.0/23 maxlen: 23
158.62.72.0/23 maxlen: 23
158.62.74.0/23 maxlen: 23
158.62.76.0/22 maxlen: 22
158.62.80.0/23 maxlen: 23
158.62.82.0/23 maxlen: 23
158.62.84.0/24 maxlen: 24
158.62.86.0/23 maxlen: 23
158.62.88.0/22 maxlen: 22
158.62.92.0/22 maxlen: 22
158.62.96.0/22 maxlen: 22
158.62.100.0/23 maxlen: 23
158.62.108.0/22 maxlen: 22
158.62.112.0/22 maxlen: 22
158.62.116.0/23 maxlen: 23
158.62.118.0/24 maxlen: 24
158.62.119.0/24 maxlen: 24
158.62.120.0/22 maxlen: 22
158.62.124.0/22 maxlen: 22
216.247.0.0/22 maxlen: 22
216.247.4.0/23 maxlen: 23
216.247.6.0/23 maxlen: 23
216.247.8.0/22 maxlen: 22
216.247.12.0/23 maxlen: 23
216.247.14.0/23 maxlen: 23
216.247.16.0/22 maxlen: 22
216.247.20.0/22 maxlen: 22
216.247.24.0/22 maxlen: 22
216.247.28.0/23 maxlen: 23
216.247.30.0/23 maxlen: 23
216.247.32.0/22 maxlen: 22
216.247.36.0/22 maxlen: 22
216.247.40.0/23 maxlen: 23
216.247.42.0/23 maxlen: 23
216.247.44.0/22 maxlen: 22
216.247.48.0/22 maxlen: 22
216.247.52.0/23 maxlen: 23
216.247.54.0/23 maxlen: 23
216.247.56.0/22 maxlen: 22
216.247.60.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.crl
rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 15:22:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1910 (0x776)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146207/serialNumber=897E02CCD8EB4039A783D02379C55FEE9F0CEE59
Validity
Not Before: Aug 19 05:11:28 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66c2d400-e955
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:92:ed:56:5d:ff:71:45:35:5b:c2:ee:80:22:
44:47:f9:e1:6e:20:39:f2:ac:aa:40:09:1d:ec:2d:
e1:1d:46:8f:a2:e3:58:9f:dc:b2:96:c3:c1:95:5a:
b4:34:7f:65:85:99:ac:c0:76:ff:3a:61:91:85:8f:
36:3d:76:ae:cb:45:dc:c6:4e:83:ad:b2:cb:e0:d4:
96:8d:81:64:48:dc:b8:c5:d0:66:3a:9f:9b:88:09:
06:c9:6c:d7:0e:1d:78:76:8b:0b:c3:50:f5:89:33:
df:1f:a1:4d:ba:6a:91:ff:33:56:9d:81:79:1c:c6:
65:fe:e0:a2:d1:65:db:55:18:16:73:93:07:65:63:
07:14:58:c2:18:3c:42:d9:dc:32:46:a0:51:c4:e5:
f7:27:6e:a8:ad:d8:8e:4c:a5:83:be:59:a8:d5:7e:
38:28:4d:c6:4a:b1:4d:a2:bf:48:d2:a7:d7:1f:6c:
1c:cb:a5:1f:2f:57:48:9f:85:fb:b0:0f:3a:47:46:
e5:ba:fe:11:58:6f:c8:15:4f:e2:86:99:40:d5:d0:
ad:6c:91:20:28:fa:34:d2:95:fd:3e:d9:97:77:f2:
ef:c6:22:e0:61:ef:05:47:2e:c5:d9:b8:30:9d:f6:
0a:d2:a9:cb:42:b5:3f:0d:55:3e:d4:1d:d3:59:68:
9c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:AF:96:B9:2B:EC:D2:F1:9C:A1:47:71:67:82:4B:6A:70:E3:E4:7B
X509v3 Authority Key Identifier:
keyid:89:7E:02:CC:D8:EB:40:39:A7:83:D0:23:79:C5:5F:EE:9F:0C:EE:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/iX4CzNjrQDmng9AjecVf7p8M7lk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iX4CzNjrQDmng9AjecVf7p8M7lk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146207/8C68B9A2098111EB9D461B30C4F9AE02/E19826A0EAA511EBA4C1F32CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
64.224.96.0-64.224.143.255
138.84.80.0-138.84.109.255
138.84.116.0-138.84.125.255
158.62.0.0-158.62.11.255
158.62.16.0-158.62.27.255
158.62.32.0-158.62.43.255
158.62.48.0-158.62.57.255
158.62.62.0-158.62.84.255
158.62.86.0-158.62.101.255
158.62.108.0-158.62.127.255
216.247.0.0/18
Signature Algorithm: sha256WithRSAEncryption
34:89:d6:6b:02:07:d4:a0:0a:b7:d6:68:cf:d5:26:a6:5c:3c:
97:a4:5a:6d:d7:24:1f:8f:15:fc:06:23:58:d0:f6:fd:93:fd:
38:7f:55:56:71:ee:24:e7:35:28:51:69:c5:1c:3e:19:eb:04:
33:13:af:33:ad:1d:75:72:4f:bc:cd:a8:52:55:36:64:78:66:
f2:d8:cd:83:7e:2c:e3:dd:3a:48:d2:ec:7e:e4:3d:77:df:61:
01:e9:26:ea:38:9b:c1:c9:b6:62:69:f2:89:b2:45:9b:7a:26:
01:06:d1:65:39:f0:93:2f:df:0c:82:d0:ab:57:e1:6c:9f:3e:
6e:b4:21:27:f8:1b:cc:20:4e:a6:9d:bd:31:cf:94:b4:ab:7b:
b7:e9:34:06:d5:23:bd:da:6a:9e:7b:a2:b1:c3:10:c6:a8:6f:
a1:2f:e7:f0:fa:81:73:3c:84:bb:21:fd:d1:2d:8b:6f:ee:b0:
3e:6b:e7:f9:ba:a7:98:43:a8:02:c9:1a:3c:90:2d:ec:2f:e3:
e5:34:36:02:8f:7e:b7:20:fd:87:d1:49:ce:a0:02:80:82:fc:
72:ee:d5:92:b9:5d:fc:e9:b6:36:4a:24:69:5b:18:0a:13:94:
31:f1:5a:31:a6:3f:f8:d8:46:fb:2d:5b:3f:d8:32:cc:83:75:
4e:f6:31:06
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgICB3YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDYyMDcxMTAvBgNVBAUTKDg5N0UwMkNDRDhFQjQwMzlBNzgzRDAyMzc5QzU1RkVF
OUYwQ0VFNTkwHhcNMjQwODE5MDUxMTI4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmMyZDQwMC1lOTU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3ZLtVl3/cUU1W8LugCJER/nhbiA58qyqQAkd7C3hHUaPouNYn9yylsPBlVq0
NH9lhZmswHb/OmGRhY82PXauy0Xcxk6DrbLL4NSWjYFkSNy4xdBmOp+biAkGyWzX
Dh14dosLw1D1iTPfH6FNumqR/zNWnYF5HMZl/uCi0WXbVRgWc5MHZWMHFFjCGDxC
2dwyRqBRxOX3J26ordiOTKWDvlmo1X44KE3GSrFNor9I0qfXH2wcy6UfL1dIn4X7
sA86R0bluv4RWG/IFU/ihplA1dCtbJEgKPo00pX9PtmXd/LvxiLgYe8FRy7F2bgw
nfYK0qnLQrU/DVU+1B3TWWic/QIDAQABo4IDJTCCAyEwHQYDVR0OBBYEFFivlrkr
7NLxnKFHcWeCS2pw4+R7MB8GA1UdIwQYMBaAFIl+AszY60A5p4PQI3nFX+6fDO5Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NjIwNy84QzY4QjlBMjA5
ODExMUVCOUQ0NjFCMzBDNEY5QUUwMi9pWDRDek5qclFEbW5nOUFqZWNWZjdwOE03
bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lYNEN6TmpyUURtbmc5QWplY1ZmN3A4TTdsay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDYyMDcvOEM2OEI5QTIwOTgxMTFFQjlENDYxQjMwQzRGOUFFMDIvRTE5ODI2QTBF
QUE1MTFFQkE0QzFGMzJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwga4GCCsGAQUFBwEHAQH/
BIGeMIGbMIGYBAIAATCBkTAMAwQFQOBgAwQEQOCAMAwDBASKVFADBAGKVGwwDAME
AopUdAMEAYpUfDALAwMBnj4DBAKePggwDAMEBJ4+EAMEAp4+GDAMAwQFnj4gAwQC
nj4oMAwDBASePjADBAGePjgwDAMEAZ4+PgMEAJ4+VDAMAwQBnj5WAwQBnj5kMAwD
BAKePmwDBAeePgADBAbY9wAwDQYJKoZIhvcNAQELBQADggEBADSJ1msCB9SgCrfW
aM/VJqZcPJekWm3XJB+PFfwGI1jQ9v2T/Th/VVZx7iTnNShRacUcPhnrBDMTrzOt
HXVyT7zNqFJVNmR4ZvLYzYN+LOPdOkjS7H7kPXffYQHpJuo4m8HJtmJp8omyRZt6
JgEG0WU58JMv3wyC0KtX4WyfPm60ISf4G8wgTqadvTHPlLSre7fpNAbVI73aap57
orHDEMaob6Ev5/D6gXM8hLsh/dEti2/usD5r5/m6p5hDqALJGjyQLewv4+U0NgKP
frcg/YfRSc6gAoCC/HLu1ZK5XfzptjZKJGlbGAoTlDHxWjGmP/jYRvstWz/YMsyD
dU72MQY=
-----END CERTIFICATE-----
Generated at Wed Nov 20 19:05:16 2024 by rpki-client on console-ams.rpki-client.org