Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa
File: 89E1ED764CC111EE87453D77C4F9AE02.roa (raw, json)
Hash identifier: dyBuRF0L4k6t4ChH+kLE8IpmRvwCrRtPJ3LxkBtN1Dc=
Subject key identifier: DB:8E:59:9E:F0:D6:5F:D0:C3:C0:9E:8A:F4:6C:FA:B1:58:FA:C3:8D
Certificate issuer: /CN=A91304A9/serialNumber=580553B883DEC3DDB24F688E6C2D1BFA93C263AA
Certificate serial: 0B34
Authority key identifier: 58:05:53:B8:83:DE:C3:DD:B2:4F:68:8E:6C:2D:1B:FA:93:C2:63:AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa
Signing time: Thu 17 Apr 2025 11:34:21 +0000
ROA not before: Thu 17 Apr 2025 11:34:21 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 3491
IP address blocks: 14.192.160.0/19 maxlen: 24
103.17.28.0/22 maxlen: 22
116.66.208.0/20 maxlen: 20
116.66.210.0/23 maxlen: 24
116.66.212.0/22 maxlen: 22
116.66.216.0/22 maxlen: 22
116.66.217.0/24 maxlen: 24
116.66.220.0/22 maxlen: 22
2400:8800::/32 maxlen: 32
2400:8800::/35 maxlen: 35
2400:8800:1::/48 maxlen: 48
2400:8800:101::/48 maxlen: 48
2400:8800:102::/48 maxlen: 48
2400:8800:301::/48 maxlen: 48
2400:8800:1000::/37 maxlen: 37
2400:8800:2000::/35 maxlen: 35
2400:8800:4000::/35 maxlen: 35
2400:8800:4081::/48 maxlen: 48
2400:8800:4201::/48 maxlen: 48
2400:8800:6000::/35 maxlen: 35
2400:8800:8000::/35 maxlen: 35
2400:8800:a000::/35 maxlen: 35
2400:8800:c000::/35 maxlen: 35
2400:8800:e000::/35 maxlen: 35
2400:8800:f804::/48 maxlen: 48
2400:8800:f805::/48 maxlen: 48
2400:8800:f806::/48 maxlen: 48
2400:8800:f807::/48 maxlen: 48
2400:8800:f80a::/48 maxlen: 48
2400:8800:f80d::/48 maxlen: 48
2400:8800:f80e::/48 maxlen: 48
2400:8800:f80f::/48 maxlen: 48
2400:8800:f810::/48 maxlen: 48
2400:8800:f811::/48 maxlen: 48
2400:8800:f81f::/48 maxlen: 48
2400:8800:f822::/48 maxlen: 48
2400:8800:fc00::/48 maxlen: 48
2400:8800:fc02::/48 maxlen: 48
2400:8800:fc03::/48 maxlen: 48
2400:8800:fc05::/48 maxlen: 48
2400:8800:fc06::/48 maxlen: 48
2400:8800:fc07::/48 maxlen: 48
2400:8800:fc0a::/48 maxlen: 48
2400:8800:fc0b::/48 maxlen: 48
2400:8800:fc0e::/48 maxlen: 48
2400:8800:fc0f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.crl
rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 19:17:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2868 (0xb34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91304A9, serialNumber=580553B883DEC3DDB24F688E6C2D1BFA93C263AA
Validity
Not Before: Apr 17 11:34:21 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6800e73d-f337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:bc:aa:fe:be:9a:99:25:3d:76:ef:d3:f9:ad:
16:8e:8f:d4:41:ad:bf:bb:93:4c:b0:55:ee:99:0f:
c3:2d:96:d1:fb:4d:35:e6:42:3f:d4:0b:34:db:4d:
16:b6:59:ef:b7:e2:cb:04:e7:b0:96:a1:e4:08:d6:
86:23:c7:c0:ba:d2:54:9f:19:de:fb:e8:18:55:40:
a0:c1:ac:91:c2:ea:9e:1a:a5:0e:9f:d6:56:60:ed:
01:8e:09:0a:eb:e5:15:6c:ac:a1:5a:b5:02:5b:ca:
47:63:d6:76:be:e4:01:af:a7:c6:02:02:5d:de:0a:
ad:ca:7d:40:65:a4:e3:b3:5d:d1:21:a8:67:38:6a:
8d:cf:ca:ae:be:a4:8b:ce:cc:b9:67:86:fc:4b:f4:
ac:5e:fa:e5:6c:5c:e9:ab:e8:2e:82:87:7e:1a:fe:
8a:e1:3b:e0:3b:ac:5f:09:a0:45:6a:a8:32:4c:fb:
93:18:7c:18:bf:d7:7d:3e:6f:54:13:48:46:a3:59:
07:eb:53:5b:51:4c:b2:f9:7e:81:08:bc:8e:74:7e:
9c:3d:b6:ff:a7:0b:ee:8e:fc:b5:07:cb:5c:00:30:
1d:54:dc:03:66:77:00:c3:fd:bf:44:da:6e:ed:76:
ea:1c:12:40:05:6e:00:89:11:2e:ab:3e:6a:af:7f:
27:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:8E:59:9E:F0:D6:5F:D0:C3:C0:9E:8A:F4:6C:FA:B1:58:FA:C3:8D
X509v3 Authority Key Identifier:
keyid:58:05:53:B8:83:DE:C3:DD:B2:4F:68:8E:6C:2D:1B:FA:93:C2:63:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/WAVTuIPew92yT2iObC0b-pPCY6o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WAVTuIPew92yT2iObC0b-pPCY6o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91304A9/A374A1B6467111EA81ABB25FC4F9AE02/89E1ED764CC111EE87453D77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.160.0/19
103.17.28.0/22
116.66.208.0/20
IPv6:
2400:8800::/32
Signature Algorithm: sha256WithRSAEncryption
7c:c8:74:0f:95:55:a6:71:93:4f:28:4c:71:74:1e:17:5b:2c:
80:c2:e4:d5:f3:5c:32:a5:b5:83:27:cd:14:a2:9c:c5:81:69:
2e:68:00:99:85:1b:57:af:cf:8c:63:56:18:4f:ec:5b:5c:f1:
15:21:e2:ac:0b:9d:16:24:ba:e0:5a:48:b8:e1:6d:4e:52:9c:
04:a5:3f:bc:57:2f:5c:91:f6:d3:92:78:4c:03:ea:18:15:a7:
dc:af:0d:d5:93:bd:f3:db:bc:af:39:a6:0e:72:1b:ba:58:eb:
bb:a2:56:2a:76:5c:e4:54:03:84:bc:26:10:88:41:12:5f:e9:
62:5e:09:a1:7a:e8:52:15:64:bf:ff:c0:8d:47:48:72:af:34:
ef:3c:c7:f2:58:53:4c:81:ca:9c:32:8f:4d:c0:d5:b0:5a:a8:
ba:ed:9e:f1:2d:f1:96:e1:33:e3:61:ac:3b:76:2a:a0:f0:fa:
76:d6:2b:ad:53:9e:a2:e1:3a:8e:1e:fc:5b:2d:87:b8:51:76:
e1:81:61:fc:98:bd:08:ab:ff:c2:a3:e0:e7:57:70:ec:d4:62:
35:e1:45:b0:c3:78:17:a0:bf:96:e1:82:8b:e8:af:86:18:a1:
a3:bf:72:ac:a9:fe:ef:3b:12:1d:33:68:4c:09:a5:35:1d:5e:
a5:81:d4:c1
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICCzQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzA0QTkxMTAvBgNVBAUTKDU4MDU1M0I4ODNERUMzRERCMjRGNjg4RTZDMkQxQkZB
OTNDMjYzQUEwHhcNMjUwNDE3MTEzNDIxWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODAwZTczZC1mMzM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3Lyq/r6amSU9du/T+a0Wjo/UQa2/u5NMsFXumQ/DLZbR+0015kI/1As0200W
tlnvt+LLBOewlqHkCNaGI8fAutJUnxne++gYVUCgwayRwuqeGqUOn9ZWYO0BjgkK
6+UVbKyhWrUCW8pHY9Z2vuQBr6fGAgJd3gqtyn1AZaTjs13RIahnOGqNz8quvqSL
zsy5Z4b8S/SsXvrlbFzpq+gugod+Gv6K4TvgO6xfCaBFaqgyTPuTGHwYv9d9Pm9U
E0hGo1kH61NbUUyy+X6BCLyOdH6cPbb/pwvujvy1B8tcADAdVNwDZncAw/2/RNpu
7XbqHBJABW4AiREuqz5qr38n/QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFNuOWZ7w
1l/Qw8CeivRs+rFY+sONMB8GA1UdIwQYMBaAFFgFU7iD3sPdsk9ojmwtG/qTwmOq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDRBOS9BMzc0QTFCNjQ2
NzExMUVBODFBQkIyNUZDNEY5QUUwMi9XQVZUdUlQZXc5MnlUMmlPYkMwYi1wUENZ
Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dBVlR1SVBldzkyeVQyaU9iQzBiLXBQQ1k2by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzA0QTkvQTM3NEExQjY0NjcxMTFFQTgxQUJCMjVGQzRGOUFFMDIvODlFMUVENzY0
Q0MxMTFFRTg3NDUzRDc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAUOwKADBAJnERwDBAR0QtAwDQQCAAIwBwMFACQAiAAwDQYJ
KoZIhvcNAQELBQADggEBAHzIdA+VVaZxk08oTHF0HhdbLIDC5NXzXDKltYMnzRSi
nMWBaS5oAJmFG1evz4xjVhhP7Ftc8RUh4qwLnRYkuuBaSLjhbU5SnASlP7xXL1yR
9tOSeEwD6hgVp9yvDdWTvfPbvK85pg5yG7pY67uiVip2XORUA4S8JhCIQRJf6WJe
CaF66FIVZL//wI1HSHKvNO88x/JYU0yBypwyj03A1bBaqLrtnvEt8ZbhM+NhrDt2
KqDw+nbWK61TnqLhOo4e/Fsth7hRduGBYfyYvQir/8Kj4OdXcOzUYjXhRbDDeBeg
v5bhgovor4YYoaO/cqyp/u87Eh0zaEwJpTUdXqWB1ME=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:05:27 2025 by rpki-client