Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/082742FCD23B11EB8E7BA35DC4F9AE02.roa
File: 082742FCD23B11EB8E7BA35DC4F9AE02.roa (raw, json)
Hash identifier: lpOmpTSPywGCuwJbtcbPpb+g5bAej18u+xB1ckkmSRE=
Subject key identifier: 2B:F3:F5:2C:E3:7A:87:9F:B4:F2:A2:AD:C6:5E:A0:63:FF:C1:FF:FF
Certificate issuer: /CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Certificate serial: 0B8B
Authority key identifier: 34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/082742FCD23B11EB8E7BA35DC4F9AE02.roa
Signing time: Thu 04 Apr 2024 20:28:51 +0000
ROA not before: Thu 04 Apr 2024 20:28:51 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 19324
IP address blocks: 101.99.64.0/24 maxlen: 24
101.99.65.0/24 maxlen: 24
101.99.66.0/24 maxlen: 24
101.99.67.0/24 maxlen: 24
101.99.68.0/24 maxlen: 24
101.99.69.0/24 maxlen: 24
101.99.70.0/24 maxlen: 24
101.99.71.0/24 maxlen: 24
101.99.72.0/24 maxlen: 24
101.99.73.0/24 maxlen: 24
101.99.74.0/24 maxlen: 24
101.99.75.0/24 maxlen: 24
101.99.77.0/24 maxlen: 24
101.99.78.0/24 maxlen: 24
101.99.79.0/24 maxlen: 24
101.99.80.0/24 maxlen: 24
101.99.81.0/24 maxlen: 24
101.99.82.0/24 maxlen: 24
101.99.83.0/24 maxlen: 24
101.99.84.0/24 maxlen: 24
101.99.85.0/24 maxlen: 24
101.99.86.0/24 maxlen: 24
101.99.87.0/24 maxlen: 24
101.99.88.0/24 maxlen: 24
101.99.89.0/24 maxlen: 24
101.99.90.0/24 maxlen: 24
101.99.91.0/24 maxlen: 24
101.99.92.0/24 maxlen: 24
111.90.128.0/24 maxlen: 24
111.90.129.0/24 maxlen: 24
111.90.130.0/24 maxlen: 24
111.90.131.0/24 maxlen: 24
111.90.132.0/24 maxlen: 24
111.90.133.0/24 maxlen: 24
111.90.134.0/24 maxlen: 24
111.90.135.0/24 maxlen: 24
111.90.136.0/24 maxlen: 24
111.90.137.0/24 maxlen: 24
111.90.138.0/24 maxlen: 24
111.90.139.0/24 maxlen: 24
111.90.140.0/24 maxlen: 24
111.90.141.0/24 maxlen: 24
111.90.142.0/24 maxlen: 24
111.90.143.0/24 maxlen: 24
111.90.144.0/24 maxlen: 24
111.90.145.0/24 maxlen: 24
111.90.146.0/24 maxlen: 24
111.90.147.0/24 maxlen: 24
111.90.148.0/24 maxlen: 24
111.90.149.0/24 maxlen: 24
111.90.150.0/24 maxlen: 24
111.90.151.0/24 maxlen: 24
111.90.152.0/24 maxlen: 24
111.90.153.0/24 maxlen: 24
111.90.154.0/24 maxlen: 24
111.90.155.0/24 maxlen: 24
111.90.158.0/24 maxlen: 24
111.90.159.0/24 maxlen: 24
124.217.224.0/24 maxlen: 24
124.217.225.0/24 maxlen: 24
124.217.226.0/24 maxlen: 24
124.217.227.0/24 maxlen: 24
124.217.228.0/24 maxlen: 24
124.217.229.0/24 maxlen: 24
124.217.230.0/24 maxlen: 24
124.217.231.0/24 maxlen: 24
124.217.232.0/24 maxlen: 24
124.217.233.0/24 maxlen: 24
124.217.234.0/24 maxlen: 24
124.217.235.0/24 maxlen: 24
124.217.236.0/24 maxlen: 24
124.217.237.0/24 maxlen: 24
124.217.238.0/24 maxlen: 24
124.217.239.0/24 maxlen: 24
124.217.240.0/24 maxlen: 24
124.217.241.0/24 maxlen: 24
124.217.242.0/24 maxlen: 24
124.217.243.0/24 maxlen: 24
124.217.244.0/24 maxlen: 24
124.217.245.0/24 maxlen: 24
124.217.246.0/24 maxlen: 24
124.217.247.0/24 maxlen: 24
124.217.248.0/24 maxlen: 24
124.217.249.0/24 maxlen: 24
124.217.250.0/24 maxlen: 24
124.217.251.0/24 maxlen: 24
124.217.252.0/24 maxlen: 24
124.217.253.0/24 maxlen: 24
124.217.254.0/24 maxlen: 24
124.217.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 20:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2955 (0xb8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Validity
Not Before: Apr 4 20:28:51 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=660f0d83-cec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e4:94:0b:6d:96:9d:e4:b9:17:a3:14:d3:02:
75:37:20:b4:1e:f4:ec:9b:58:6a:57:a8:90:ef:29:
16:ae:b9:f7:41:7b:9c:c8:de:17:4b:eb:77:e5:f0:
eb:97:ff:53:40:9a:fb:de:93:2f:3c:26:16:63:45:
bc:7d:77:21:64:68:be:1f:58:37:15:6a:73:fc:f6:
68:4d:66:04:61:34:60:8e:89:48:42:34:8b:c0:ef:
f0:bc:4d:bc:8b:18:b4:66:9b:17:b2:d4:1c:3d:f4:
c3:12:6b:80:76:14:24:51:d5:ad:37:5e:c2:46:16:
a4:07:a6:6d:de:4b:8b:71:36:5f:d1:04:1e:8f:c4:
f1:33:e6:cf:be:54:44:ce:d9:fb:27:a9:9d:f7:de:
bd:75:82:92:87:df:fb:1f:d5:ea:04:3a:e4:e1:07:
7e:0c:20:65:5b:98:2b:93:fc:5f:a7:4a:3d:34:c9:
01:f3:30:10:0d:b7:6e:64:db:28:a7:e4:a1:6a:8d:
4d:a5:88:b6:a8:cd:81:30:25:8e:eb:12:be:89:d9:
9a:cc:b9:19:ab:67:66:7a:e0:0e:8f:07:d0:04:d9:
7d:f9:a4:ab:1e:7e:26:5a:cf:06:7f:6d:a8:05:79:
f6:ec:99:99:6f:12:cb:82:58:1c:17:82:4b:ef:7e:
c5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F3:F5:2C:E3:7A:87:9F:B4:F2:A2:AD:C6:5E:A0:63:FF:C1:FF:FF
X509v3 Authority Key Identifier:
keyid:34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/082742FCD23B11EB8E7BA35DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.99.64.0-101.99.75.255
101.99.77.0-101.99.92.255
111.90.128.0-111.90.155.255
111.90.158.0/23
124.217.224.0/19
Signature Algorithm: sha256WithRSAEncryption
8c:78:2f:cb:ca:66:25:89:e8:ca:5f:ca:28:7b:e3:4a:19:6d:
b4:87:92:52:52:bb:b6:0e:d0:a9:fe:96:82:37:96:e5:94:95:
5b:3f:bb:c7:07:af:a0:b3:2f:10:b1:6e:0a:21:2b:22:05:27:
b3:8d:1e:68:7a:0d:39:6f:bf:2d:d6:03:40:f3:af:17:5f:75:
1b:9e:c4:12:b5:e8:aa:e8:87:50:86:90:f4:f5:24:4f:bb:72:
1d:0f:6b:5b:00:1a:8a:f1:1f:80:fa:c5:ea:fe:21:9f:85:9c:
d9:ea:05:f5:7a:83:b1:47:7c:f5:3e:ac:e1:31:ef:fa:78:f5:
cb:93:af:c5:51:16:94:d4:37:7f:54:8a:27:75:f0:c7:69:a5:
bc:6b:8b:64:61:6a:7e:b4:54:8e:5a:9c:1a:1a:3d:a3:1e:1a:
90:41:d9:4b:53:3b:f4:fe:e2:f3:81:7b:4a:77:8c:bc:e5:d6:
24:2f:44:95:27:46:99:73:6a:d7:9f:6b:d1:a2:ae:1b:84:6c:
66:42:c6:18:49:ba:15:87:09:b2:8a:fe:96:29:cb:96:98:ff:
8b:9e:ff:cb:23:50:a7:24:3e:21:6b:b8:2f:69:65:0f:ea:32:
7a:63:59:b8:fa:c4:2e:73:d4:05:4b:e6:f1:c8:27:4c:84:69:
41:4d:4d:9e
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICC4swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJEMDgxMTAvBgNVBAUTKDM0REMyMDEyOUVBRDZGNDFBN0NBMkQ5OUM5QkQzRTdF
NjAzM0NCODgwHhcNMjQwNDA0MjAyODUxWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBmMGQ4My1jZWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1eSUC22WneS5F6MU0wJ1NyC0HvTsm1hqV6iQ7ykWrrn3QXucyN4XS+t35fDr
l/9TQJr73pMvPCYWY0W8fXchZGi+H1g3FWpz/PZoTWYEYTRgjolIQjSLwO/wvE28
ixi0ZpsXstQcPfTDEmuAdhQkUdWtN17CRhakB6Zt3kuLcTZf0QQej8TxM+bPvlRE
ztn7J6md9969dYKSh9/7H9XqBDrk4Qd+DCBlW5grk/xfp0o9NMkB8zAQDbduZNso
p+Shao1NpYi2qM2BMCWO6xK+idmazLkZq2dmeuAOjwfQBNl9+aSrHn4mWs8Gf22o
BXn27JmZbxLLglgcF4JL737F5QIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFCvz9Szj
eoeftPKircZeoGP/wf//MB8GA1UdIwQYMBaAFDTcIBKerW9Bp8otmcm9Pn5gM8uI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkQwOC9GOUMzMzM5MjFE
ODcxMUVBQTlDNUIxNzBDNEY5QUUwMi9OTndnRXA2dGIwR255aTJaeWIwLWZtQXp5
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Od2dFcDZ0YjBHbnlpMlp5YjAtZm1Benk0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTJEMDgvRjlDMzMzOTIxRDg3MTFFQUE5QzVCMTcwQzRGOUFFMDIvMDgyNzQyRkNE
MjNCMTFFQjhFN0JBMzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MDwEAgABMDYwDAMEBmVjQAMEAmVjSDAMAwQAZWNNAwQAZWNcMAwDBAdvWoAD
BAJvWpgDBAFvWp4DBAV82eAwDQYJKoZIhvcNAQELBQADggEBAIx4L8vKZiWJ6Mpf
yih740oZbbSHklJSu7YO0Kn+loI3luWUlVs/u8cHr6CzLxCxbgohKyIFJ7ONHmh6
DTlvvy3WA0DzrxdfdRuexBK16Kroh1CGkPT1JE+7ch0Pa1sAGorxH4D6xer+IZ+F
nNnqBfV6g7FHfPU+rOEx7/p49cuTr8VRFpTUN39Uiid18Mdppbxri2Rhan60VI5a
nBoaPaMeGpBB2UtTO/T+4vOBe0p3jLzl1iQvRJUnRplzatefa9GirhuEbGZCxhhJ
uhWHCbKK/pYpy5aY/4ue/8sjUKckPiFruC9pZQ/qMnpjWbj6xC5z1AVL5vHIJ0yE
aUFNTZ4=
-----END CERTIFICATE-----
Generated at Thu May 16 22:34:45 2024 by rpki-client on console-ams.rpki-client.org