Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/86C8EBA2B12A11EF985A2D32C4F9AE02.roa
File: 86C8EBA2B12A11EF985A2D32C4F9AE02.roa (raw, json)
Hash identifier: 7nV+jajMliwqjNqYG+S6G7SOAx0aeStohPloUPjdM80=
Subject key identifier: B9:83:2D:35:5E:50:41:88:02:77:CB:E9:7D:38:41:0C:9E:90:D4:7D
Certificate issuer: /CN=A91262CA/serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Certificate serial: 03F9
Authority key identifier: D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/86C8EBA2B12A11EF985A2D32C4F9AE02.roa
Signing time: Tue 03 Dec 2024 03:56:08 +0000
ROA not before: Tue 03 Dec 2024 03:56:08 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 4750
IP address blocks: 147.50.0.0/22 maxlen: 22
147.50.4.0/22 maxlen: 22
147.50.8.0/22 maxlen: 22
147.50.12.0/22 maxlen: 22
147.50.16.0/22 maxlen: 22
147.50.20.0/22 maxlen: 22
147.50.24.0/22 maxlen: 22
147.50.28.0/22 maxlen: 22
147.50.34.0/24 maxlen: 24
147.50.35.0/24 maxlen: 24
147.50.36.0/22 maxlen: 22
147.50.41.0/24 maxlen: 24
147.50.42.0/24 maxlen: 24
147.50.43.0/24 maxlen: 24
147.50.44.0/24 maxlen: 24
147.50.45.0/24 maxlen: 24
147.50.46.0/24 maxlen: 24
147.50.47.0/24 maxlen: 24
147.50.48.0/24 maxlen: 24
147.50.49.0/24 maxlen: 24
147.50.50.0/24 maxlen: 24
147.50.51.0/24 maxlen: 24
147.50.52.0/24 maxlen: 24
147.50.53.0/24 maxlen: 24
147.50.54.0/24 maxlen: 24
147.50.55.0/24 maxlen: 24
147.50.56.0/24 maxlen: 24
147.50.57.0/24 maxlen: 24
147.50.58.0/24 maxlen: 24
147.50.59.0/24 maxlen: 24
147.50.60.0/24 maxlen: 24
147.50.61.0/24 maxlen: 24
147.50.64.0/22 maxlen: 22
147.50.68.0/22 maxlen: 22
147.50.73.0/24 maxlen: 24
147.50.75.0/24 maxlen: 24
147.50.76.0/24 maxlen: 24
147.50.77.0/24 maxlen: 24
147.50.78.0/24 maxlen: 24
147.50.128.0/19 maxlen: 19
147.50.128.0/22 maxlen: 22
147.50.128.0/24 maxlen: 24
147.50.132.0/22 maxlen: 22
147.50.144.0/22 maxlen: 22
147.50.148.0/22 maxlen: 22
147.50.156.0/22 maxlen: 22
147.50.160.0/20 maxlen: 20
147.50.162.0/23 maxlen: 23
147.50.164.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.crl
rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 00:27:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1017 (0x3f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91262CA, serialNumber=D63DE82A759F9657F8F073B251251AAE67BA4BA6
Validity
Not Before: Dec 3 03:56:08 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=674e8158-2024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:15:3e:98:33:de:8c:1e:ff:32:fa:9b:27:ec:
6c:7e:ac:99:cd:f0:59:12:9a:8a:da:66:fd:37:11:
c3:72:d8:aa:80:a8:3c:be:99:7b:11:18:37:61:96:
c7:a3:bb:30:2b:b8:a7:50:7e:eb:71:88:e7:7b:e3:
82:9f:7a:fb:b7:ea:ba:af:7c:c5:9e:b0:f0:c0:b7:
02:8c:9c:2a:a4:3a:30:2e:46:66:d7:12:2d:ef:66:
c3:f0:94:77:24:f0:19:52:64:af:32:5b:58:1e:06:
15:59:fd:6d:a0:23:55:3c:74:a5:c4:2c:9f:ca:ff:
0d:69:18:3e:57:5b:10:76:ff:72:89:8e:56:08:9f:
eb:e6:84:26:2f:b0:44:74:cd:aa:3a:65:fb:11:87:
1a:be:05:b5:d4:38:3c:68:75:06:a5:c2:63:cc:dd:
27:54:9d:cc:6f:76:1e:26:55:70:1b:85:78:e0:34:
73:b0:51:a3:cc:cf:84:84:32:10:82:bd:4c:b6:33:
44:6b:50:08:6e:8d:3a:a8:b3:fb:bc:74:91:19:14:
b9:d1:fe:03:11:9c:f7:25:aa:b7:b6:59:76:c7:f3:
ff:df:54:bb:ba:8b:f8:0c:4c:dc:93:af:34:cb:03:
f0:dc:50:e0:15:40:b9:53:9e:ae:1f:d1:43:50:7f:
ee:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:83:2D:35:5E:50:41:88:02:77:CB:E9:7D:38:41:0C:9E:90:D4:7D
X509v3 Authority Key Identifier:
keyid:D6:3D:E8:2A:75:9F:96:57:F8:F0:73:B2:51:25:1A:AE:67:BA:4B:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/1j3oKnWfllf48HOyUSUarme6S6Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1j3oKnWfllf48HOyUSUarme6S6Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91262CA/EC1EE6528A5711EC96EBC014C4F9AE02/86C8EBA2B12A11EF985A2D32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
147.50.0.0/19
147.50.34.0-147.50.39.255
147.50.41.0-147.50.61.255
147.50.64.0/21
147.50.73.0/24
147.50.75.0-147.50.78.255
147.50.128.0-147.50.175.255
Signature Algorithm: sha256WithRSAEncryption
a8:20:4c:af:e8:41:8d:21:aa:d0:b0:fc:aa:f5:62:3e:d9:04:
5c:82:47:3c:3e:ba:d7:61:52:eb:ea:0e:ea:e5:b1:07:ca:08:
5d:8e:79:ed:41:5c:e5:66:be:2a:3f:21:a1:46:28:b2:79:5d:
2b:ee:57:47:7a:a3:57:d3:0b:6b:70:c8:d8:e2:b5:ff:5b:68:
cc:90:62:66:82:51:90:31:48:de:c7:cc:94:54:38:22:c7:b4:
d2:35:8d:3a:8c:95:a7:d4:19:2a:c7:87:e8:65:bd:1a:b9:d5:
4e:33:a8:e2:c3:75:5e:79:c9:16:7a:a7:09:08:b2:7e:cc:57:
43:df:0f:35:83:3f:f8:a4:2d:fd:99:a2:b0:68:b3:c7:12:11:
ed:e6:df:95:87:ea:a4:2e:87:cf:f0:20:59:3e:2a:d6:5f:e7:
44:03:c5:9c:55:1c:05:94:70:7b:9e:5e:b8:65:d0:b8:a1:4f:
5a:aa:28:bf:81:fe:f0:68:61:ae:f0:6e:5f:1d:e6:98:84:8b:
28:81:a2:ac:5f:d0:6d:6e:21:44:e1:ca:f7:0c:28:94:0d:d9:
a2:69:6d:58:34:26:b1:54:b7:12:8d:0c:9b:d1:c0:67:e7:d7:
e6:71:b0:05:6f:89:e2:63:87:5b:6c:e9:35:41:68:71:8e:89:
70:8e:e8:2d
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgICA/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjYyQ0ExMTAvBgNVBAUTKEQ2M0RFODJBNzU5Rjk2NTdGOEYwNzNCMjUxMjUxQUFF
NjdCQTRCQTYwHhcNMjQxMjAzMDM1NjA4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlODE1OC0yMDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3BU+mDPejB7/MvqbJ+xsfqyZzfBZEpqK2mb9NxHDctiqgKg8vpl7ERg3YZbH
o7swK7inUH7rcYjne+OCn3r7t+q6r3zFnrDwwLcCjJwqpDowLkZm1xIt72bD8JR3
JPAZUmSvMltYHgYVWf1toCNVPHSlxCyfyv8NaRg+V1sQdv9yiY5WCJ/r5oQmL7BE
dM2qOmX7EYcavgW11Dg8aHUGpcJjzN0nVJ3Mb3YeJlVwG4V44DRzsFGjzM+EhDIQ
gr1MtjNEa1AIbo06qLP7vHSRGRS50f4DEZz3Jaq3tll2x/P/31S7uov4DEzck680
ywPw3FDgFUC5U56uH9FDUH/uoQIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFLmDLTVe
UEGIAnfL6X04QQyekNR9MB8GA1UdIwQYMBaAFNY96Cp1n5ZX+PBzslElGq5nukum
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNjJDQS9FQzFFRTY1MjhB
NTcxMUVDOTZFQkMwMTRDNEY5QUUwMi8xajNvS25XZmxsZjQ4SE95VVNVYXJtZTZT
NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzFqM29LbldmbGxmNDhIT3lVU1Vhcm1lNlM2WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjYyQ0EvRUMxRUU2NTI4QTU3MTFFQzk2RUJDMDE0QzRGOUFFMDIvODZDOEVCQTJC
MTJBMTFFRjk4NUEyRDMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYwYIKwYBBQUHAQcBAf8E
VDBSMFAEAgABMEoDBAWTMgAwDAMEAZMyIgMEA5MyIDAMAwQAkzIpAwQBkzI8AwQD
kzJAAwQAkzJJMAwDBACTMksDBACTMk4wDAMEB5MygAMEBJMyoDANBgkqhkiG9w0B
AQsFAAOCAQEAqCBMr+hBjSGq0LD8qvViPtkEXIJHPD6612FS6+oO6uWxB8oIXY55
7UFc5Wa+Kj8hoUYosnldK+5XR3qjV9MLa3DI2OK1/1tozJBiZoJRkDFI3sfMlFQ4
Ise00jWNOoyVp9QZKseH6GW9GrnVTjOo4sN1XnnJFnqnCQiyfsxXQ98PNYM/+KQt
/ZmisGizxxIR7ebflYfqpC6Hz/AgWT4q1l/nRAPFnFUcBZRwe55euGXQuKFPWqoo
v4H+8GhhrvBuXx3mmISLKIGirF/QbW4hROHK9wwolA3ZomltWDQmsVS3Eo0Mm9HA
Z+fX5nGwBW+J4mOHW2zpNUFocY6JcI7oLQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:06:29 2025 by rpki-client