Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9163998/30CC084A08DC11EDBEDE612BC4F9AE02/9BA94A4A0D8911ED999D4F3BC4F9AE02.roa
File: 9BA94A4A0D8911ED999D4F3BC4F9AE02.roa (raw, json)
Hash identifier: qYAeIlvj9bRkbcFce14qUvj/bMlBnb/p9HqbAUwEkeU=
Subject key identifier: 20:27:0E:34:DD:BC:60:17:94:E6:EE:47:54:E9:7E:E3:A2:33:3D:37
Certificate issuer: /CN=A9163998/serialNumber=7425AAE16DDB464A3E2B479C7A40C99023836BA0
Certificate serial: 0206
Authority key identifier: 74:25:AA:E1:6D:DB:46:4A:3E:2B:47:9C:7A:40:C9:90:23:83:6B:A0
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dCWq4W3bRko-K0ecekDJkCODa6A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9163998/30CC084A08DC11EDBEDE612BC4F9AE02/9BA94A4A0D8911ED999D4F3BC4F9AE02.roa
Signing time: Thu 11 Jul 2024 03:35:09 +0000
ROA not before: Thu 11 Jul 2024 03:35:09 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 138341
IP address blocks: 134.65.64.0/18 maxlen: 18
143.92.64.0/19 maxlen: 19
143.92.64.0/24 maxlen: 24
143.92.65.0/24 maxlen: 24
143.92.66.0/24 maxlen: 24
143.92.67.0/24 maxlen: 24
143.92.68.0/24 maxlen: 24
143.92.69.0/24 maxlen: 24
143.92.70.0/24 maxlen: 24
143.92.72.0/24 maxlen: 24
143.92.73.0/24 maxlen: 24
143.92.74.0/23 maxlen: 23
143.92.74.0/24 maxlen: 24
143.92.75.0/24 maxlen: 24
143.92.76.0/24 maxlen: 24
143.92.77.0/24 maxlen: 24
143.92.78.0/24 maxlen: 24
143.92.79.0/24 maxlen: 24
143.92.80.0/24 maxlen: 24
143.92.81.0/24 maxlen: 24
143.92.82.0/23 maxlen: 23
143.92.82.0/24 maxlen: 24
143.92.83.0/24 maxlen: 24
143.92.84.0/23 maxlen: 23
143.92.84.0/24 maxlen: 24
143.92.85.0/24 maxlen: 24
143.92.86.0/24 maxlen: 24
143.92.87.0/24 maxlen: 24
143.92.88.0/24 maxlen: 24
143.92.89.0/24 maxlen: 24
143.92.90.0/24 maxlen: 24
143.92.91.0/24 maxlen: 24
143.92.92.0/23 maxlen: 23
143.92.92.0/24 maxlen: 24
143.92.93.0/24 maxlen: 24
143.92.94.0/23 maxlen: 23
143.92.94.0/24 maxlen: 24
143.92.95.0/24 maxlen: 24
143.92.96.0/22 maxlen: 22
143.92.97.0/24 maxlen: 24
143.92.98.0/24 maxlen: 24
143.92.99.0/24 maxlen: 24
143.92.100.0/23 maxlen: 23
143.92.100.0/24 maxlen: 24
143.92.101.0/24 maxlen: 24
143.92.108.0/23 maxlen: 23
143.92.109.0/24 maxlen: 24
147.136.128.0/22 maxlen: 22
147.136.128.0/23 maxlen: 23
147.136.128.0/24 maxlen: 24
147.136.129.0/24 maxlen: 24
147.136.130.0/23 maxlen: 23
147.136.130.0/24 maxlen: 24
147.136.131.0/24 maxlen: 24
147.136.132.0/22 maxlen: 22
147.136.132.0/23 maxlen: 23
147.136.132.0/24 maxlen: 24
147.136.133.0/24 maxlen: 24
147.136.134.0/23 maxlen: 23
147.136.134.0/24 maxlen: 24
147.136.135.0/24 maxlen: 24
147.136.136.0/22 maxlen: 22
147.136.136.0/23 maxlen: 23
147.136.136.0/24 maxlen: 24
147.136.137.0/24 maxlen: 24
147.136.138.0/23 maxlen: 23
147.136.138.0/24 maxlen: 24
147.136.139.0/24 maxlen: 24
147.136.140.0/22 maxlen: 22
147.136.140.0/23 maxlen: 23
147.136.140.0/24 maxlen: 24
147.136.141.0/24 maxlen: 24
147.136.142.0/23 maxlen: 23
147.136.142.0/24 maxlen: 24
147.136.143.0/24 maxlen: 24
147.136.144.0/22 maxlen: 22
147.136.144.0/23 maxlen: 23
147.136.144.0/24 maxlen: 24
147.136.145.0/24 maxlen: 24
147.136.146.0/23 maxlen: 23
147.136.146.0/24 maxlen: 24
147.136.147.0/24 maxlen: 24
147.136.148.0/22 maxlen: 22
147.136.148.0/23 maxlen: 23
147.136.148.0/24 maxlen: 24
147.136.149.0/24 maxlen: 24
147.136.150.0/23 maxlen: 23
147.136.150.0/24 maxlen: 24
147.136.151.0/24 maxlen: 24
147.136.152.0/22 maxlen: 22
147.136.152.0/23 maxlen: 23
147.136.152.0/24 maxlen: 24
147.136.153.0/24 maxlen: 24
147.136.154.0/23 maxlen: 23
147.136.154.0/24 maxlen: 24
147.136.155.0/24 maxlen: 24
147.136.156.0/22 maxlen: 22
147.136.156.0/23 maxlen: 23
147.136.156.0/24 maxlen: 24
147.136.157.0/24 maxlen: 24
147.136.158.0/23 maxlen: 23
147.136.158.0/24 maxlen: 24
147.136.159.0/24 maxlen: 24
147.136.160.0/22 maxlen: 22
147.136.160.0/23 maxlen: 23
147.136.160.0/24 maxlen: 24
147.136.161.0/24 maxlen: 24
147.136.162.0/23 maxlen: 23
147.136.162.0/24 maxlen: 24
147.136.163.0/24 maxlen: 24
147.136.164.0/22 maxlen: 22
147.136.164.0/23 maxlen: 23
147.136.164.0/24 maxlen: 24
147.136.165.0/24 maxlen: 24
147.136.166.0/23 maxlen: 23
147.136.166.0/24 maxlen: 24
147.136.167.0/24 maxlen: 24
147.136.168.0/22 maxlen: 22
147.136.168.0/23 maxlen: 23
147.136.168.0/24 maxlen: 24
147.136.169.0/24 maxlen: 24
147.136.170.0/23 maxlen: 23
147.136.170.0/24 maxlen: 24
147.136.171.0/24 maxlen: 24
147.136.172.0/22 maxlen: 22
147.136.172.0/23 maxlen: 23
147.136.172.0/24 maxlen: 24
147.136.173.0/24 maxlen: 24
147.136.174.0/23 maxlen: 23
147.136.174.0/24 maxlen: 24
147.136.175.0/24 maxlen: 24
147.136.176.0/22 maxlen: 22
147.136.176.0/23 maxlen: 23
147.136.176.0/24 maxlen: 24
147.136.177.0/24 maxlen: 24
147.136.178.0/23 maxlen: 23
147.136.178.0/24 maxlen: 24
147.136.179.0/24 maxlen: 24
147.136.180.0/22 maxlen: 22
147.136.180.0/23 maxlen: 23
147.136.180.0/24 maxlen: 24
147.136.181.0/24 maxlen: 24
147.136.182.0/23 maxlen: 23
147.136.182.0/24 maxlen: 24
147.136.183.0/24 maxlen: 24
147.136.184.0/22 maxlen: 22
147.136.184.0/23 maxlen: 23
147.136.184.0/24 maxlen: 24
147.136.185.0/24 maxlen: 24
147.136.186.0/23 maxlen: 23
147.136.186.0/24 maxlen: 24
147.136.187.0/24 maxlen: 24
147.136.188.0/22 maxlen: 22
147.136.188.0/23 maxlen: 23
147.136.188.0/24 maxlen: 24
147.136.189.0/24 maxlen: 24
147.136.190.0/23 maxlen: 23
147.136.190.0/24 maxlen: 24
147.136.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9163998/30CC084A08DC11EDBEDE612BC4F9AE02/dCWq4W3bRko-K0ecekDJkCODa6A.crl
rsync://rpki.apnic.net/member_repository/A9163998/30CC084A08DC11EDBEDE612BC4F9AE02/dCWq4W3bRko-K0ecekDJkCODa6A.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dCWq4W3bRko-K0ecekDJkCODa6A.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Wed 27 Nov 2024 19:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 518 (0x206)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9163998/serialNumber=7425AAE16DDB464A3E2B479C7A40C99023836BA0
Validity
Not Before: Jul 11 03:35:09 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=668f52ed-000c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:45:88:a7:6c:8a:a2:54:2f:6f:8c:1b:7f:41:
e5:0d:b4:00:40:d4:37:50:92:5f:a9:2f:81:e1:b0:
73:37:28:5b:c8:8d:02:cc:1f:30:d1:b8:70:7d:24:
53:8b:1a:24:9c:5b:81:f8:ac:b8:93:7f:23:b7:c0:
18:46:b9:7e:0a:68:96:f7:69:58:f5:d2:37:c6:d5:
d3:d4:98:10:0a:27:e5:88:06:2c:cc:f7:37:ab:6b:
83:55:bb:71:b8:ba:8e:74:7d:41:98:80:55:f3:cb:
fa:e0:7f:3d:2c:b2:1d:ad:07:a1:c5:de:fe:f6:6a:
b1:9b:24:7f:d9:64:00:65:97:86:36:d0:6a:63:14:
d1:22:80:5d:b3:b1:dc:53:51:ab:1e:ce:f8:93:c2:
5e:4d:51:17:62:b5:cc:ed:d6:0a:c3:f5:15:a7:90:
f4:57:18:2d:d4:2a:63:1b:ad:b4:6c:3c:cb:1f:8e:
73:58:ff:ed:9c:98:5e:be:7d:a0:34:08:28:3e:49:
94:b3:23:28:3c:82:de:75:ef:c4:7d:87:18:b8:09:
e7:58:31:56:c5:0a:ca:bc:72:a1:95:ed:f6:01:e5:
29:c9:ac:92:53:f9:22:17:0e:c3:b8:07:14:44:c3:
4e:ac:20:46:0d:ea:96:b6:13:30:9d:d6:8d:e7:7d:
a1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:27:0E:34:DD:BC:60:17:94:E6:EE:47:54:E9:7E:E3:A2:33:3D:37
X509v3 Authority Key Identifier:
keyid:74:25:AA:E1:6D:DB:46:4A:3E:2B:47:9C:7A:40:C9:90:23:83:6B:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9163998/30CC084A08DC11EDBEDE612BC4F9AE02/dCWq4W3bRko-K0ecekDJkCODa6A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dCWq4W3bRko-K0ecekDJkCODa6A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9163998/30CC084A08DC11EDBEDE612BC4F9AE02/9BA94A4A0D8911ED999D4F3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
134.65.64.0/18
143.92.64.0-143.92.101.255
143.92.108.0/23
147.136.128.0/18
Signature Algorithm: sha256WithRSAEncryption
63:d5:1a:be:af:3e:67:99:96:5b:95:2d:1d:59:26:6f:2a:cc:
71:c0:56:e8:ff:96:f0:f7:8a:f5:b7:8f:71:b6:75:26:75:8a:
be:d3:bd:2e:7a:ca:35:4d:ad:b8:2e:e9:7c:f0:16:13:33:6d:
36:66:7f:78:c1:b8:f4:e0:c5:76:0a:91:c8:cd:11:0c:48:ac:
c6:02:d0:62:60:6e:e8:6f:4f:66:9e:5b:43:93:9f:45:70:b2:
d3:a8:1c:45:c6:51:18:c1:b5:54:94:f9:02:2f:72:d0:98:16:
b1:9f:0e:bf:d2:6b:33:30:91:b3:a9:80:cf:31:8d:16:8f:9b:
bc:ab:f2:af:56:3c:91:b6:a3:04:a9:a1:43:a7:f1:59:fe:bc:
d8:30:05:d8:7b:f6:c9:2a:bf:3b:26:14:54:f1:a7:9a:29:22:
74:05:66:ed:b6:3c:1a:0d:d2:aa:4d:17:5f:90:a8:72:07:03:
da:8d:39:76:73:1e:7a:49:69:18:6f:08:30:dd:09:9c:bd:80:
79:1f:9a:fe:d3:ba:f2:72:7d:06:88:83:f2:b5:e3:d4:30:87:
08:c2:4a:1d:7e:8d:23:2b:f8:57:24:28:cb:c9:c0:20:54:5c:
4f:70:2a:9f:f9:80:d1:90:f1:85:31:6d:9b:f4:6a:97:98:14:
a4:da:15:53
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICAgYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjM5OTgxMTAvBgNVBAUTKDc0MjVBQUUxNkREQjQ2NEEzRTJCNDc5QzdBNDBDOTkw
MjM4MzZCQTAwHhcNMjQwNzExMDMzNTA5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjhmNTJlZC0wMDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyEWIp2yKolQvb4wbf0HlDbQAQNQ3UJJfqS+B4bBzNyhbyI0CzB8w0bhwfSRT
ixoknFuB+Ky4k38jt8AYRrl+CmiW92lY9dI3xtXT1JgQCifliAYszPc3q2uDVbtx
uLqOdH1BmIBV88v64H89LLIdrQehxd7+9mqxmyR/2WQAZZeGNtBqYxTRIoBds7Hc
U1GrHs74k8JeTVEXYrXM7dYKw/UVp5D0Vxgt1CpjG620bDzLH45zWP/tnJhevn2g
NAgoPkmUsyMoPILede/EfYcYuAnnWDFWxQrKvHKhle32AeUpyaySU/kiFw7DuAcU
RMNOrCBGDeqWthMwndaN532h+wIDAQABo4ICrzCCAqswHQYDVR0OBBYEFCAnDjTd
vGAXlObuR1TpfuOiMz03MB8GA1UdIwQYMBaAFHQlquFt20ZKPitHnHpAyZAjg2ug
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Mzk5OC8zMENDMDg0QTA4
REMxMUVEQkVERTYxMkJDNEY5QUUwMi9kQ1dxNFczYlJrby1LMGVjZWtESmtDT0Rh
NkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2RDV3E0VzNiUmtvLUswZWNla0RKa0NPRGE2QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjM5OTgvMzBDQzA4NEEwOERDMTFFREJFREU2MTJCQzRGOUFFMDIvOUJBOTRBNEEw
RDg5MTFFRDk5OUQ0RjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAaGQUAwDAMEBo9cQAMEAY9cZAMEAY9cbAMEBpOIgDANBgkq
hkiG9w0BAQsFAAOCAQEAY9Uavq8+Z5mWW5UtHVkmbyrMccBW6P+W8PeK9bePcbZ1
JnWKvtO9LnrKNU2tuC7pfPAWEzNtNmZ/eMG49ODFdgqRyM0RDEisxgLQYmBu6G9P
Zp5bQ5OfRXCy06gcRcZRGMG1VJT5Ai9y0JgWsZ8Ov9JrMzCRs6mAzzGNFo+bvKvy
r1Y8kbajBKmhQ6fxWf682DAF2Hv2ySq/OyYUVPGnmikidAVm7bY8Gg3Sqk0XX5Co
cgcD2o05dnMeeklpGG8IMN0JnL2AeR+a/tO68nJ9BoiD8rXj1DCHCMJKHX6NIyv4
VyQoy8nAIFRcT3Aqn/mA0ZDxhTFtm/Rql5gUpNoVUw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:11:57 2024 by rpki-client on console-fra.rpki-client.org