Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/0592D90E02E111F0BFF53A15C4F9AE02.roa
File: 0592D90E02E111F0BFF53A15C4F9AE02.roa (raw, json)
Hash identifier: JKDdsewbmTds8DX8z5n44dixpiguXnj1mkHopckNnnI=
Subject key identifier: 17:24:77:7A:4F:56:30:38:C0:16:4A:26:52:0E:41:8B:F3:2D:09:07
Certificate issuer: /CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Certificate serial: 0C55
Authority key identifier: 34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/0592D90E02E111F0BFF53A15C4F9AE02.roa
Signing time: Mon 17 Mar 2025 03:36:34 +0000
ROA not before: Mon 17 Mar 2025 03:36:34 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 19324
IP address blocks: 101.99.64.0/24 maxlen: 24
101.99.65.0/24 maxlen: 24
101.99.66.0/24 maxlen: 24
101.99.67.0/24 maxlen: 24
101.99.68.0/24 maxlen: 24
101.99.69.0/24 maxlen: 24
101.99.70.0/24 maxlen: 24
101.99.71.0/24 maxlen: 24
101.99.72.0/24 maxlen: 24
101.99.73.0/24 maxlen: 24
101.99.74.0/24 maxlen: 24
101.99.77.0/24 maxlen: 24
101.99.78.0/24 maxlen: 24
101.99.79.0/24 maxlen: 24
101.99.80.0/24 maxlen: 24
101.99.81.0/24 maxlen: 24
101.99.82.0/24 maxlen: 24
101.99.83.0/24 maxlen: 24
101.99.84.0/24 maxlen: 24
101.99.85.0/24 maxlen: 24
101.99.86.0/24 maxlen: 24
101.99.87.0/24 maxlen: 24
101.99.88.0/24 maxlen: 24
101.99.89.0/24 maxlen: 24
101.99.90.0/24 maxlen: 24
101.99.91.0/24 maxlen: 24
111.90.128.0/24 maxlen: 24
111.90.129.0/24 maxlen: 24
111.90.130.0/24 maxlen: 24
111.90.131.0/24 maxlen: 24
111.90.132.0/24 maxlen: 24
111.90.133.0/24 maxlen: 24
111.90.134.0/24 maxlen: 24
111.90.135.0/24 maxlen: 24
111.90.136.0/24 maxlen: 24
111.90.137.0/24 maxlen: 24
111.90.138.0/24 maxlen: 24
111.90.139.0/24 maxlen: 24
111.90.140.0/24 maxlen: 24
111.90.141.0/24 maxlen: 24
111.90.142.0/24 maxlen: 24
111.90.143.0/24 maxlen: 24
111.90.144.0/24 maxlen: 24
111.90.145.0/24 maxlen: 24
111.90.146.0/24 maxlen: 24
111.90.147.0/24 maxlen: 24
111.90.148.0/24 maxlen: 24
111.90.149.0/24 maxlen: 24
111.90.150.0/24 maxlen: 24
111.90.151.0/24 maxlen: 24
111.90.152.0/24 maxlen: 24
111.90.153.0/24 maxlen: 24
111.90.154.0/24 maxlen: 24
111.90.155.0/24 maxlen: 24
111.90.158.0/24 maxlen: 24
111.90.159.0/24 maxlen: 24
124.217.224.0/24 maxlen: 24
124.217.225.0/24 maxlen: 24
124.217.226.0/24 maxlen: 24
124.217.227.0/24 maxlen: 24
124.217.228.0/24 maxlen: 24
124.217.229.0/24 maxlen: 24
124.217.230.0/24 maxlen: 24
124.217.231.0/24 maxlen: 24
124.217.232.0/24 maxlen: 24
124.217.233.0/24 maxlen: 24
124.217.234.0/24 maxlen: 24
124.217.235.0/24 maxlen: 24
124.217.236.0/24 maxlen: 24
124.217.237.0/24 maxlen: 24
124.217.238.0/24 maxlen: 24
124.217.239.0/24 maxlen: 24
124.217.240.0/24 maxlen: 24
124.217.241.0/24 maxlen: 24
124.217.242.0/24 maxlen: 24
124.217.243.0/24 maxlen: 24
124.217.244.0/24 maxlen: 24
124.217.245.0/24 maxlen: 24
124.217.246.0/24 maxlen: 24
124.217.247.0/24 maxlen: 24
124.217.248.0/24 maxlen: 24
124.217.249.0/24 maxlen: 24
124.217.250.0/24 maxlen: 24
124.217.251.0/24 maxlen: 24
124.217.252.0/24 maxlen: 24
124.217.253.0/24 maxlen: 24
124.217.254.0/24 maxlen: 24
124.217.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 23 Apr 2025 18:47:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3157 (0xc55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9152D08, serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Validity
Not Before: Mar 17 03:36:34 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67d798c1-26f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:39:f5:50:ab:26:12:9b:02:b8:76:ce:a0:87:
84:e1:9a:a0:b7:4f:de:4e:63:b8:94:b8:63:b6:27:
c7:39:a7:7b:a0:f3:c2:ec:65:4d:90:13:c0:32:06:
c9:8f:7e:35:0b:1d:83:4a:cf:9c:21:6d:c1:e4:db:
85:db:c4:c7:bd:25:9e:a5:b5:4a:4f:0c:d4:45:fe:
34:b9:eb:bd:b3:f3:ab:48:a6:df:93:16:50:50:64:
05:dc:a1:fd:f2:4c:55:9c:d6:3e:44:94:7d:b0:4f:
c3:03:3f:d8:85:7d:94:23:de:14:ce:37:a0:59:5a:
c1:9d:33:69:c0:82:22:5e:8b:90:99:9d:6d:78:12:
b9:65:5d:99:9a:44:12:8f:6e:f8:37:bf:65:bc:3d:
e7:7d:3e:da:0e:14:5e:7b:65:37:45:5a:0b:0d:d6:
82:32:f9:b1:23:6a:72:d3:7c:cd:a6:70:c6:c2:75:
83:ee:f4:50:a7:ae:b3:b3:30:5d:3e:2c:45:13:20:
82:5f:fb:3e:c9:34:b3:94:8d:c2:cf:3a:d4:78:f1:
ec:98:c6:26:ad:39:a3:32:65:e2:49:cc:4f:61:2c:
df:f6:72:15:de:d7:1d:4b:bb:1a:f7:1e:5a:93:2b:
43:a3:78:97:4e:ac:7a:76:24:20:35:89:cb:40:04:
ac:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:24:77:7A:4F:56:30:38:C0:16:4A:26:52:0E:41:8B:F3:2D:09:07
X509v3 Authority Key Identifier:
keyid:34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/0592D90E02E111F0BFF53A15C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.99.64.0-101.99.74.255
101.99.77.0-101.99.91.255
111.90.128.0-111.90.155.255
111.90.158.0/23
124.217.224.0/19
Signature Algorithm: sha256WithRSAEncryption
53:92:a3:a2:4a:b8:c2:0e:1b:f3:67:ec:2d:05:9a:36:c1:b4:
57:e9:f9:0a:2b:59:00:cf:7b:1f:2d:bb:e8:1a:0e:16:9e:47:
35:81:0c:88:df:ed:e9:27:40:54:cc:62:58:94:24:a0:b4:05:
65:46:c4:82:59:25:10:58:6b:9f:17:29:95:70:8d:49:8c:45:
68:74:64:23:6f:ab:35:0c:16:1e:75:cc:18:46:24:70:fc:c9:
4a:e1:b1:ea:16:ba:1c:e2:34:84:9b:98:d0:fc:9b:83:df:8c:
2a:c0:17:9e:52:d9:35:2f:51:5e:63:c0:76:3a:a1:82:8d:a1:
4f:f5:e8:a4:2d:1d:a6:08:5a:ad:a7:a7:16:4d:a4:8f:a3:89:
c6:3d:6a:c6:b4:05:aa:f7:ec:55:d7:70:20:54:6f:71:a3:97:
59:c0:09:39:3f:59:31:23:22:db:79:a4:6f:39:8c:20:2f:fa:
bf:1a:e3:20:3a:e1:0e:4c:fa:78:d2:f2:dd:b2:57:1b:c9:c9:
7c:ac:21:31:cc:bc:f1:9f:7c:09:95:96:3e:88:4c:80:1e:2f:
b5:52:b9:d2:f1:e2:46:a5:91:a0:c1:77:ef:c1:ff:3d:46:84:
d9:f4:48:c4:81:21:28:3a:d5:ff:06:c1:7c:3d:5e:4e:00:84:
a2:bf:7c:52
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICDFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJEMDgxMTAvBgNVBAUTKDM0REMyMDEyOUVBRDZGNDFBN0NBMkQ5OUM5QkQzRTdF
NjAzM0NCODgwHhcNMjUwMzE3MDMzNjM0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q3OThjMS0yNmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsjn1UKsmEpsCuHbOoIeE4Zqgt0/eTmO4lLhjtifHOad7oPPC7GVNkBPAMgbJ
j341Cx2DSs+cIW3B5NuF28THvSWepbVKTwzURf40ueu9s/OrSKbfkxZQUGQF3KH9
8kxVnNY+RJR9sE/DAz/YhX2UI94UzjegWVrBnTNpwIIiXouQmZ1teBK5ZV2ZmkQS
j274N79lvD3nfT7aDhRee2U3RVoLDdaCMvmxI2py03zNpnDGwnWD7vRQp66zszBd
PixFEyCCX/s+yTSzlI3CzzrUePHsmMYmrTmjMmXiScxPYSzf9nIV3tcdS7sa9x5a
kytDo3iXTqx6diQgNYnLQASsAwIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFBckd3pP
VjA4wBZKJlIOQYvzLQkHMB8GA1UdIwQYMBaAFDTcIBKerW9Bp8otmcm9Pn5gM8uI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkQwOC9GOUMzMzM5MjFE
ODcxMUVBQTlDNUIxNzBDNEY5QUUwMi9OTndnRXA2dGIwR255aTJaeWIwLWZtQXp5
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Od2dFcDZ0YjBHbnlpMlp5YjAtZm1Benk0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTJEMDgvRjlDMzMzOTIxRDg3MTFFQUE5QzVCMTcwQzRGOUFFMDIvMDU5MkQ5MEUw
MkUxMTFGMEJGRjUzQTE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MDwEAgABMDYwDAMEBmVjQAMEAGVjSjAMAwQAZWNNAwQCZWNYMAwDBAdvWoAD
BAJvWpgDBAFvWp4DBAV82eAwDQYJKoZIhvcNAQELBQADggEBAFOSo6JKuMIOG/Nn
7C0FmjbBtFfp+QorWQDPex8tu+gaDhaeRzWBDIjf7eknQFTMYliUJKC0BWVGxIJZ
JRBYa58XKZVwjUmMRWh0ZCNvqzUMFh51zBhGJHD8yUrhseoWuhziNISbmND8m4Pf
jCrAF55S2TUvUV5jwHY6oYKNoU/16KQtHaYIWq2npxZNpI+jicY9asa0Bar37FXX
cCBUb3Gjl1nACTk/WTEjItt5pG85jCAv+r8a4yA64Q5M+njS8t2yVxvJyXysITHM
vPGffAmVlj6ITIAeL7VSudLx4kalkaDBd+/B/z1GhNn0SMSBISg61f8GwXw9Xk4A
hKK/fFI=
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:50:05 2025 by rpki-client