Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/3B84FE56A8DD11EF95A59966C4F9AE02.roa
File: 3B84FE56A8DD11EF95A59966C4F9AE02.roa (raw, json)
Hash identifier: VKmfv5i+eSAJE895I7T6V3irZF1QAbmZmndIgWhdzpE=
Subject key identifier: 14:27:75:D8:D7:13:EF:75:A9:6B:AE:FA:62:A3:B2:AB:C8:76:6F:81
Certificate issuer: /CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Certificate serial: 0C10
Authority key identifier: 34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/3B84FE56A8DD11EF95A59966C4F9AE02.roa
Signing time: Fri 22 Nov 2024 14:22:41 +0000
ROA not before: Fri 22 Nov 2024 14:22:41 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 19324
IP address blocks: 101.99.64.0/24 maxlen: 24
101.99.65.0/24 maxlen: 24
101.99.66.0/24 maxlen: 24
101.99.67.0/24 maxlen: 24
101.99.68.0/24 maxlen: 24
101.99.69.0/24 maxlen: 24
101.99.70.0/24 maxlen: 24
101.99.71.0/24 maxlen: 24
101.99.72.0/24 maxlen: 24
101.99.73.0/24 maxlen: 24
101.99.74.0/24 maxlen: 24
101.99.75.0/24 maxlen: 24
101.99.77.0/24 maxlen: 24
101.99.78.0/24 maxlen: 24
101.99.79.0/24 maxlen: 24
101.99.80.0/24 maxlen: 24
101.99.81.0/24 maxlen: 24
101.99.82.0/24 maxlen: 24
101.99.83.0/24 maxlen: 24
101.99.84.0/24 maxlen: 24
101.99.85.0/24 maxlen: 24
101.99.86.0/24 maxlen: 24
101.99.87.0/24 maxlen: 24
101.99.88.0/24 maxlen: 24
101.99.89.0/24 maxlen: 24
101.99.90.0/24 maxlen: 24
101.99.91.0/24 maxlen: 24
111.90.128.0/24 maxlen: 24
111.90.129.0/24 maxlen: 24
111.90.130.0/24 maxlen: 24
111.90.131.0/24 maxlen: 24
111.90.132.0/24 maxlen: 24
111.90.133.0/24 maxlen: 24
111.90.134.0/24 maxlen: 24
111.90.135.0/24 maxlen: 24
111.90.136.0/24 maxlen: 24
111.90.137.0/24 maxlen: 24
111.90.138.0/24 maxlen: 24
111.90.139.0/24 maxlen: 24
111.90.140.0/24 maxlen: 24
111.90.141.0/24 maxlen: 24
111.90.142.0/24 maxlen: 24
111.90.143.0/24 maxlen: 24
111.90.144.0/24 maxlen: 24
111.90.145.0/24 maxlen: 24
111.90.146.0/24 maxlen: 24
111.90.147.0/24 maxlen: 24
111.90.148.0/24 maxlen: 24
111.90.149.0/24 maxlen: 24
111.90.150.0/24 maxlen: 24
111.90.151.0/24 maxlen: 24
111.90.152.0/24 maxlen: 24
111.90.153.0/24 maxlen: 24
111.90.154.0/24 maxlen: 24
111.90.155.0/24 maxlen: 24
111.90.158.0/24 maxlen: 24
111.90.159.0/24 maxlen: 24
124.217.224.0/24 maxlen: 24
124.217.225.0/24 maxlen: 24
124.217.226.0/24 maxlen: 24
124.217.227.0/24 maxlen: 24
124.217.228.0/24 maxlen: 24
124.217.229.0/24 maxlen: 24
124.217.230.0/24 maxlen: 24
124.217.231.0/24 maxlen: 24
124.217.232.0/24 maxlen: 24
124.217.233.0/24 maxlen: 24
124.217.234.0/24 maxlen: 24
124.217.235.0/24 maxlen: 24
124.217.236.0/24 maxlen: 24
124.217.237.0/24 maxlen: 24
124.217.238.0/24 maxlen: 24
124.217.239.0/24 maxlen: 24
124.217.240.0/24 maxlen: 24
124.217.241.0/24 maxlen: 24
124.217.242.0/24 maxlen: 24
124.217.243.0/24 maxlen: 24
124.217.244.0/24 maxlen: 24
124.217.245.0/24 maxlen: 24
124.217.246.0/24 maxlen: 24
124.217.247.0/24 maxlen: 24
124.217.248.0/24 maxlen: 24
124.217.249.0/24 maxlen: 24
124.217.250.0/24 maxlen: 24
124.217.251.0/24 maxlen: 24
124.217.252.0/24 maxlen: 24
124.217.253.0/24 maxlen: 24
124.217.254.0/24 maxlen: 24
124.217.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 18:52:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3088 (0xc10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9152D08/serialNumber=34DC20129EAD6F41A7CA2D99C9BD3E7E6033CB88
Validity
Not Before: Nov 22 14:22:41 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=674093b1-9826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e6:bd:45:8e:47:26:e6:e6:30:0a:b5:d7:95:
9c:b1:3a:66:d9:a0:e0:78:db:ea:bd:07:de:31:85:
e2:a8:21:3a:ce:4a:d7:5b:ee:c7:06:c2:71:23:4c:
b7:ce:5c:e1:95:32:06:f3:83:fb:74:fd:7b:0e:1e:
7d:f0:9c:f8:9a:18:16:5c:4b:2c:3e:66:1e:c6:2c:
98:36:51:9d:33:ad:f7:83:97:ee:0a:22:bc:e4:cc:
a1:47:50:c6:5a:e6:9d:42:5b:70:95:99:b0:6a:a8:
2c:52:27:91:59:d3:09:02:f1:fd:74:b0:c7:b2:79:
5f:9c:cd:f9:9c:f5:5f:6a:22:2e:9e:8f:85:c8:8b:
ff:21:c6:f2:d7:37:a1:84:08:d7:c0:bd:a5:53:ad:
9f:91:d6:19:15:73:c2:2d:67:41:32:9e:99:43:14:
6f:77:c1:4d:0c:78:54:81:c6:f7:b4:29:ab:af:35:
02:ad:bf:62:19:b6:7e:7b:be:86:7d:41:5a:ef:ca:
6b:22:18:48:10:be:90:9b:58:72:d7:1c:7c:d8:95:
42:ee:bc:11:2c:53:a2:df:bf:6f:1d:bd:30:d1:a6:
f9:17:7e:b9:ac:1d:55:cb:9d:b6:58:1e:33:18:ce:
85:4b:7b:cd:09:d7:36:b2:e7:a2:71:1f:00:d7:e6:
e2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:27:75:D8:D7:13:EF:75:A9:6B:AE:FA:62:A3:B2:AB:C8:76:6F:81
X509v3 Authority Key Identifier:
keyid:34:DC:20:12:9E:AD:6F:41:A7:CA:2D:99:C9:BD:3E:7E:60:33:CB:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNwgEp6tb0Gnyi2Zyb0-fmAzy4g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152D08/F9C333921D8711EAA9C5B170C4F9AE02/3B84FE56A8DD11EF95A59966C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.99.64.0-101.99.75.255
101.99.77.0-101.99.91.255
111.90.128.0-111.90.155.255
111.90.158.0/23
124.217.224.0/19
Signature Algorithm: sha256WithRSAEncryption
76:33:2e:41:96:d9:d4:78:a0:53:34:f4:8b:05:e6:19:2d:c0:
cb:89:3f:7d:28:a8:3b:36:69:35:36:ff:13:ac:81:0a:c1:14:
80:66:ed:81:5d:ca:db:27:f5:d1:1d:c2:d2:05:ee:9f:29:a7:
63:6f:f1:71:63:dd:23:50:c5:86:92:c3:5c:7c:f7:6d:39:fb:
e6:e9:5b:04:0a:55:02:af:dc:df:74:61:d8:bf:4f:8d:f0:07:
44:f2:70:c7:fe:46:57:1f:bc:8d:46:8f:4d:fe:29:a5:55:14:
1b:e1:47:7e:6f:8c:c0:fa:79:47:03:c3:7b:00:93:14:d5:b1:
49:78:cf:7b:7b:f0:c7:4b:ea:58:5a:37:d7:92:40:a2:36:10:
e7:12:64:22:46:bf:2b:6b:be:4c:a9:a2:ec:73:8f:01:83:86:
ac:3b:fb:d5:cd:06:96:18:15:f2:e8:b7:4a:e7:1d:10:e3:e5:
04:b1:f3:10:18:98:fd:4d:8c:39:67:87:45:1e:40:e1:30:84:
2f:5b:b6:c4:dd:7c:52:5c:95:9c:60:e7:f9:f4:94:23:e5:05:
72:18:f8:fe:e4:46:1d:47:24:a7:2b:03:66:25:70:20:2f:b2:
d0:57:13:7b:5a:28:56:b4:39:96:5f:f5:e5:35:8f:49:74:15:
a4:3c:4b:f0
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgICDBAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTJEMDgxMTAvBgNVBAUTKDM0REMyMDEyOUVBRDZGNDFBN0NBMkQ5OUM5QkQzRTdF
NjAzM0NCODgwHhcNMjQxMTIyMTQyMjQxWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQwOTNiMS05ODI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsOa9RY5HJubmMAq115WcsTpm2aDgeNvqvQfeMYXiqCE6zkrXW+7HBsJxI0y3
zlzhlTIG84P7dP17Dh598Jz4mhgWXEssPmYexiyYNlGdM633g5fuCiK85MyhR1DG
WuadQltwlZmwaqgsUieRWdMJAvH9dLDHsnlfnM35nPVfaiIuno+FyIv/Icby1zeh
hAjXwL2lU62fkdYZFXPCLWdBMp6ZQxRvd8FNDHhUgcb3tCmrrzUCrb9iGbZ+e76G
fUFa78prIhhIEL6Qm1hy1xx82JVC7rwRLFOi379vHb0w0ab5F365rB1Vy522WB4z
GM6FS3vNCdc2sueicR8A1+bivQIDAQABo4ICxTCCAsEwHQYDVR0OBBYEFBQnddjX
E+91qWuu+mKjsqvIdm+BMB8GA1UdIwQYMBaAFDTcIBKerW9Bp8otmcm9Pn5gM8uI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MkQwOC9GOUMzMzM5MjFE
ODcxMUVBQTlDNUIxNzBDNEY5QUUwMi9OTndnRXA2dGIwR255aTJaeWIwLWZtQXp5
NGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Od2dFcDZ0YjBHbnlpMlp5YjAtZm1Benk0Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTJEMDgvRjlDMzMzOTIxRDg3MTFFQUE5QzVCMTcwQzRGOUFFMDIvM0I4NEZFNTZB
OEREMTFFRjk1QTU5OTY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTwYIKwYBBQUHAQcBAf8E
QDA+MDwEAgABMDYwDAMEBmVjQAMEAmVjSDAMAwQAZWNNAwQCZWNYMAwDBAdvWoAD
BAJvWpgDBAFvWp4DBAV82eAwDQYJKoZIhvcNAQELBQADggEBAHYzLkGW2dR4oFM0
9IsF5hktwMuJP30oqDs2aTU2/xOsgQrBFIBm7YFdytsn9dEdwtIF7p8pp2Nv8XFj
3SNQxYaSw1x89205++bpWwQKVQKv3N90Ydi/T43wB0TycMf+RlcfvI1Gj03+KaVV
FBvhR35vjMD6eUcDw3sAkxTVsUl4z3t78MdL6lhaN9eSQKI2EOcSZCJGvytrvkyp
ouxzjwGDhqw7+9XNBpYYFfLot0rnHRDj5QSx8xAYmP1NjDlnh0UeQOEwhC9btsTd
fFJclZxg5/n0lCPlBXIY+P7kRh1HJKcrA2YlcCAvstBXE3taKFa0OZZf9eU1j0l0
FaQ8S/A=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:27 2024 by rpki-client on console-ams.rpki-client.org