Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/2F3FBD86F3E511EA871E451AC4F9AE02.roa
File: 2F3FBD86F3E511EA871E451AC4F9AE02.roa (raw, json)
Hash identifier: Da7Oq+gy8JjH2/2kLIZfGFO2TVEISlU4H2fgWS1x8V4=
Subject key identifier: 20:95:2C:C5:DE:3D:2B:2A:20:1D:59:1C:EC:25:D1:34:FA:2A:E8:A4
Certificate issuer: /CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Certificate serial: 0B8E
Authority key identifier: 34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/2F3FBD86F3E511EA871E451AC4F9AE02.roa
Signing time: Thu 04 Apr 2024 20:28:54 +0000
ROA not before: Thu 04 Apr 2024 20:28:54 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 45839
IP address blocks: 101.99.64.0/21 maxlen: 21
101.99.64.0/24 maxlen: 24
101.99.65.0/24 maxlen: 24
101.99.66.0/24 maxlen: 24
101.99.67.0/24 maxlen: 24
101.99.68.0/24 maxlen: 24
101.99.69.0/24 maxlen: 24
101.99.70.0/24 maxlen: 24
101.99.71.0/24 maxlen: 24
101.99.72.0/23 maxlen: 23
101.99.72.0/24 maxlen: 24
101.99.73.0/24 maxlen: 24
101.99.74.0/24 maxlen: 24
101.99.75.0/24 maxlen: 24
101.99.76.0/24 maxlen: 24
101.99.77.0/24 maxlen: 24
101.99.78.0/24 maxlen: 24
101.99.79.0/24 maxlen: 24
101.99.80.0/21 maxlen: 21
101.99.80.0/24 maxlen: 24
101.99.81.0/24 maxlen: 24
101.99.82.0/24 maxlen: 24
101.99.83.0/24 maxlen: 24
101.99.84.0/24 maxlen: 24
101.99.85.0/24 maxlen: 24
101.99.86.0/24 maxlen: 24
101.99.87.0/24 maxlen: 24
101.99.88.0/23 maxlen: 23
101.99.88.0/24 maxlen: 24
101.99.89.0/24 maxlen: 24
101.99.90.0/23 maxlen: 23
101.99.90.0/24 maxlen: 24
101.99.91.0/24 maxlen: 24
101.99.92.0/24 maxlen: 24
101.99.93.0/24 maxlen: 24
101.99.94.0/24 maxlen: 24
101.99.95.0/24 maxlen: 24
103.155.92.0/24 maxlen: 24
103.155.93.0/24 maxlen: 24
111.90.128.0/21 maxlen: 21
111.90.128.0/24 maxlen: 24
111.90.129.0/24 maxlen: 24
111.90.130.0/24 maxlen: 24
111.90.131.0/24 maxlen: 24
111.90.132.0/24 maxlen: 24
111.90.133.0/24 maxlen: 24
111.90.134.0/24 maxlen: 24
111.90.135.0/24 maxlen: 24
111.90.136.0/23 maxlen: 23
111.90.136.0/24 maxlen: 24
111.90.137.0/24 maxlen: 24
111.90.138.0/23 maxlen: 23
111.90.138.0/24 maxlen: 24
111.90.139.0/24 maxlen: 24
111.90.140.0/23 maxlen: 23
111.90.140.0/24 maxlen: 24
111.90.141.0/24 maxlen: 24
111.90.142.0/23 maxlen: 23
111.90.142.0/24 maxlen: 24
111.90.143.0/24 maxlen: 24
111.90.144.0/21 maxlen: 21
111.90.144.0/24 maxlen: 24
111.90.145.0/24 maxlen: 24
111.90.146.0/24 maxlen: 24
111.90.147.0/24 maxlen: 24
111.90.148.0/24 maxlen: 24
111.90.149.0/24 maxlen: 24
111.90.150.0/24 maxlen: 24
111.90.151.0/24 maxlen: 24
111.90.152.0/22 maxlen: 22
111.90.152.0/24 maxlen: 24
111.90.153.0/24 maxlen: 24
111.90.154.0/24 maxlen: 24
111.90.155.0/24 maxlen: 24
111.90.156.0/24 maxlen: 24
111.90.158.0/23 maxlen: 23
111.90.158.0/24 maxlen: 24
111.90.159.0/24 maxlen: 24
124.217.224.0/21 maxlen: 21
124.217.224.0/24 maxlen: 24
124.217.225.0/24 maxlen: 24
124.217.226.0/24 maxlen: 24
124.217.227.0/24 maxlen: 24
124.217.228.0/24 maxlen: 24
124.217.229.0/24 maxlen: 24
124.217.230.0/24 maxlen: 24
124.217.231.0/24 maxlen: 24
124.217.232.0/24 maxlen: 24
124.217.233.0/24 maxlen: 24
124.217.234.0/24 maxlen: 24
124.217.235.0/24 maxlen: 24
124.217.236.0/23 maxlen: 23
124.217.236.0/24 maxlen: 24
124.217.237.0/24 maxlen: 24
124.217.238.0/24 maxlen: 24
124.217.239.0/24 maxlen: 24
124.217.240.0/20 maxlen: 20
124.217.240.0/24 maxlen: 24
124.217.241.0/24 maxlen: 24
124.217.242.0/24 maxlen: 24
124.217.243.0/24 maxlen: 24
124.217.244.0/24 maxlen: 24
124.217.245.0/24 maxlen: 24
124.217.246.0/24 maxlen: 24
124.217.247.0/24 maxlen: 24
124.217.248.0/24 maxlen: 24
124.217.249.0/24 maxlen: 24
124.217.250.0/24 maxlen: 24
124.217.251.0/24 maxlen: 24
124.217.252.0/24 maxlen: 24
124.217.253.0/24 maxlen: 24
124.217.254.0/24 maxlen: 24
124.217.255.0/24 maxlen: 24
2407:6c00:18::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 23 May 2024 20:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2958 (0xb8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Validity
Not Before: Apr 4 20:28:54 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=660f0d86-3083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a4:96:55:05:5a:a3:2f:fa:50:36:87:9e:5a:
c9:af:8a:bd:2b:4a:c0:e7:29:d1:70:32:10:10:c3:
b6:57:70:a8:89:7f:70:63:1c:35:cf:ab:3e:f6:c6:
fa:3e:d5:dc:32:09:27:15:50:95:b9:24:d9:97:8b:
c2:04:2f:61:53:c4:18:9e:76:d7:2b:10:2e:f5:9f:
2b:d6:ae:1f:c1:72:4c:70:4d:32:ba:31:98:de:48:
5c:1b:5e:a4:d4:ba:1e:1e:64:4e:40:b6:f6:05:a9:
31:94:ce:c6:f7:79:ed:2e:30:d6:ff:2c:b3:20:5a:
99:51:54:ef:91:6c:3a:de:ae:c4:18:2b:fc:af:7a:
09:2f:4d:37:bd:a2:65:0a:4e:95:e8:d2:fb:5f:18:
2d:c1:88:4a:2e:62:eb:a8:89:2f:3e:c6:bf:c5:52:
91:3b:ba:81:3f:12:c5:92:40:33:2f:f1:93:01:9e:
8b:49:52:ab:95:1e:85:9f:71:69:0c:95:1b:36:c7:
53:ca:a6:04:3e:71:b8:d0:69:1d:bb:d6:f2:7b:24:
e3:9d:cd:fc:a1:0e:1b:c7:81:75:da:ab:76:7c:7f:
92:28:0a:82:d8:dc:e5:25:a4:e4:2d:2b:cf:8b:2a:
6c:1d:e9:98:0a:37:e6:33:74:79:6f:8c:cb:6e:90:
75:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:95:2C:C5:DE:3D:2B:2A:20:1D:59:1C:EC:25:D1:34:FA:2A:E8:A4
X509v3 Authority Key Identifier:
keyid:34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/2F3FBD86F3E511EA871E451AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.99.64.0/19
103.155.92.0/23
111.90.128.0-111.90.156.255
111.90.158.0/23
124.217.224.0/19
IPv6:
2407:6c00:18::/48
Signature Algorithm: sha256WithRSAEncryption
0d:fa:bd:58:ac:f1:22:18:a3:b1:5e:3e:b7:48:e8:06:13:42:
f6:23:26:9e:c8:a2:a3:87:3f:8a:88:8a:00:79:c7:6a:dc:82:
50:f9:db:d5:9f:84:34:ee:ed:44:54:1d:6f:ee:55:e1:f7:b9:
6b:45:ce:b3:fd:33:f0:eb:35:2f:92:84:eb:20:8d:49:8a:3e:
de:45:82:22:3e:b7:8c:ce:ea:20:72:b4:d0:98:ec:33:88:36:
97:ae:19:e1:45:be:b8:be:f2:49:e2:3d:8b:89:d4:2d:6a:ae:
2f:55:00:55:58:9f:49:9f:64:44:21:47:f6:78:9e:79:9a:b7:
4e:d2:29:df:74:0d:9b:59:e3:2d:e3:6d:ac:7c:1a:7c:ae:f1:
a7:97:34:40:25:ab:9a:38:67:dd:dc:4f:58:c3:bd:88:a6:64:
40:58:e2:8e:20:17:58:5c:49:59:82:76:a6:ae:04:39:5b:16:
f6:62:89:06:9a:8d:22:4e:4f:20:15:4f:c9:7d:75:0e:8b:2b:
41:70:89:38:4a:14:76:38:01:ac:a6:8a:53:a9:a2:38:77:61:
9c:9e:96:16:0e:1d:ef:f4:5b:56:99:6f:bb:22:f1:24:e1:4c:
da:2b:bf:89:29:80:8f:05:9f:8c:14:46:64:bd:19:5c:d6:c2:
92:6f:47:38
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgICC44wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJEMDgxMTAvBgNVBAUTKDM0REMyMDEyOUVBRDZGNDFBN0NBMkQ5OUM5QkQzRTdF
NjAzM0NCODgwHhcNMjQwNDA0MjAyODU0WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjBmMGQ4Ni0zMDgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA16SWVQVaoy/6UDaHnlrJr4q9K0rA5ynRcDIQEMO2V3CoiX9wYxw1z6s+9sb6
PtXcMgknFVCVuSTZl4vCBC9hU8QYnnbXKxAu9Z8r1q4fwXJMcE0yujGY3khcG16k
1LoeHmROQLb2BakxlM7G93ntLjDW/yyzIFqZUVTvkWw63q7EGCv8r3oJL003vaJl
Ck6V6NL7XxgtwYhKLmLrqIkvPsa/xVKRO7qBPxLFkkAzL/GTAZ6LSVKrlR6Fn3Fp
DJUbNsdTyqYEPnG40Gkdu9byeyTjnc38oQ4bx4F12qt2fH+SKAqC2NzlJaTkLSvP
iypsHemYCjfmM3R5b4zLbpB1vwIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFCCVLMXe
PSsqIB1ZHOwl0TT6KuikMB8GA1UdIwQYMBaAFDTcIBKerW9Bp8otmcm9Pn5gM8uI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkQwOC9GOUMzMzM5MjFE
ODcxMUVBQTlDNUIxNzBDNEY5QUUwMi9OTndnRXA2dGIwR255aTJaeWIwLWZtQXp5
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Od2dFcDZ0YjBHbnlpMlp5YjAtZm1Benk0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTJEMDgvRjlDMzMzOTIxRDg3MTFFQUE5QzVCMTcwQzRGOUFFMDIvMkYzRkJEODZG
M0U1MTFFQTg3MUU0NTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUAYIKwYBBQUHAQcBAf8E
QTA/MCwEAgABMCYDBAVlY0ADBAFnm1wwDAMEB29agAMEAG9anAMEAW9angMEBXzZ
4DAPBAIAAjAJAwcAJAdsAAAYMA0GCSqGSIb3DQEBCwUAA4IBAQAN+r1YrPEiGKOx
Xj63SOgGE0L2IyaeyKKjhz+KiIoAecdq3IJQ+dvVn4Q07u1EVB1v7lXh97lrRc6z
/TPw6zUvkoTrII1Jij7eRYIiPreMzuogcrTQmOwziDaXrhnhRb64vvJJ4j2LidQt
aq4vVQBVWJ9Jn2REIUf2eJ55mrdO0infdA2bWeMt422sfBp8rvGnlzRAJauaOGfd
3E9Yw72IpmRAWOKOIBdYXElZgnamrgQ5Wxb2YokGmo0iTk8gFU/JfXUOiytBcIk4
ShR2OAGspopTqaI4d2GcnpYWDh3v9FtWmW+7IvEk4UzaK7+JKYCPBZ+MFEZkvRlc
1sKSb0c4
-----END CERTIFICATE-----
Generated at Thu May 16 21:45:27 2024 by rpki-client on console-fra.rpki-client.org