Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/9F883BFCB33811E981BB4E6FC4F9AE02.roa
File: 9F883BFCB33811E981BB4E6FC4F9AE02.roa (raw, json)
Hash identifier: 6WFoxJSX+AsPXl4iLxcXTCnP5O5xegAvjHGkQo6ULzs=
Subject key identifier: 17:DB:83:D6:1F:2F:41:05:93:A7:EE:FD:7F:8C:42:F1:A6:27:63:7B
Certificate issuer: /CN=A913E8F3/serialNumber=F9BB29B0ABE849E7FE180E339E4B1C282368C521
Certificate serial: 0FBF
Authority key identifier: F9:BB:29:B0:AB:E8:49:E7:FE:18:0E:33:9E:4B:1C:28:23:68:C5:21
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-bspsKvoSef-GA4znkscKCNoxSE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/9F883BFCB33811E981BB4E6FC4F9AE02.roa
Signing time: Thu 20 Feb 2025 18:25:57 +0000
ROA not before: Thu 20 Feb 2025 18:25:57 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 58521
IP address blocks: 143.92.112.0/21 maxlen: 21
143.92.112.0/22 maxlen: 22
143.92.112.0/23 maxlen: 23
143.92.112.0/24 maxlen: 24
143.92.113.0/24 maxlen: 24
143.92.114.0/24 maxlen: 24
143.92.115.0/24 maxlen: 24
143.92.116.0/24 maxlen: 24
143.92.117.0/24 maxlen: 24
143.92.118.0/24 maxlen: 24
143.92.119.0/24 maxlen: 24
143.92.120.0/22 maxlen: 22
143.92.120.0/24 maxlen: 24
143.92.121.0/24 maxlen: 24
143.92.122.0/24 maxlen: 24
143.92.123.0/24 maxlen: 24
143.92.124.0/22 maxlen: 24
148.222.64.0/19 maxlen: 19
148.222.64.0/22 maxlen: 22
148.222.64.0/24 maxlen: 24
148.222.65.0/24 maxlen: 24
148.222.66.0/23 maxlen: 23
148.222.66.0/24 maxlen: 24
148.222.67.0/24 maxlen: 24
148.222.68.0/22 maxlen: 22
148.222.68.0/24 maxlen: 24
148.222.69.0/24 maxlen: 24
148.222.70.0/24 maxlen: 24
148.222.71.0/24 maxlen: 24
148.222.72.0/22 maxlen: 22
148.222.72.0/24 maxlen: 24
148.222.73.0/24 maxlen: 24
148.222.74.0/24 maxlen: 24
148.222.75.0/24 maxlen: 24
148.222.76.0/22 maxlen: 22
148.222.76.0/24 maxlen: 24
148.222.77.0/24 maxlen: 24
148.222.78.0/24 maxlen: 24
148.222.79.0/24 maxlen: 24
148.222.80.0/22 maxlen: 22
148.222.80.0/24 maxlen: 24
148.222.81.0/24 maxlen: 24
148.222.82.0/24 maxlen: 24
148.222.83.0/24 maxlen: 24
148.222.84.0/22 maxlen: 22
148.222.84.0/24 maxlen: 24
148.222.85.0/24 maxlen: 24
148.222.86.0/24 maxlen: 24
148.222.87.0/24 maxlen: 24
148.222.88.0/22 maxlen: 22
148.222.88.0/24 maxlen: 24
148.222.89.0/24 maxlen: 24
148.222.90.0/24 maxlen: 24
148.222.91.0/24 maxlen: 24
148.222.92.0/22 maxlen: 22
148.222.92.0/24 maxlen: 24
148.222.93.0/24 maxlen: 24
148.222.94.0/24 maxlen: 24
148.222.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/-bspsKvoSef-GA4znkscKCNoxSE.crl
rsync://rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/-bspsKvoSef-GA4znkscKCNoxSE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-bspsKvoSef-GA4znkscKCNoxSE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 17:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4031 (0xfbf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913E8F3, serialNumber=F9BB29B0ABE849E7FE180E339E4B1C282368C521
Validity
Not Before: Feb 20 18:25:57 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b773b4-d8e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f0:c6:9a:4a:ca:88:a9:7c:b0:d6:bc:7c:13:
4f:9d:bd:87:3b:d6:88:76:01:96:f3:3a:1b:b1:2a:
13:07:34:76:71:80:93:83:f7:cd:80:27:00:cb:6b:
ee:fe:ac:05:92:8d:35:ce:31:a1:81:e4:6c:1d:21:
ce:f2:9b:41:3f:52:7c:4d:35:ae:42:de:dd:d9:bf:
a2:af:c3:ad:01:fa:3a:fd:a0:71:4a:11:95:7f:11:
a5:c7:d2:0c:cb:b8:90:d5:75:a2:91:4e:35:4b:c4:
dd:82:ad:68:46:23:e1:12:8b:df:b9:20:20:a1:43:
91:2f:c9:47:60:2f:00:c6:61:e6:c5:86:cd:d1:25:
ce:24:53:c4:73:91:3e:1a:8e:74:bb:d8:2c:b6:b1:
a6:45:d5:de:48:8b:3b:dd:50:ad:02:e7:2f:ba:38:
be:11:e8:94:6c:b0:7a:fc:4a:e9:a1:97:4e:84:ea:
0b:23:bc:d6:5b:86:72:c1:c9:39:23:ea:8c:36:79:
12:c7:a8:a3:95:ed:e5:71:b0:60:9b:b7:f8:a8:b0:
ac:dd:a4:c1:4c:dc:7f:55:7b:ae:e6:ec:08:da:72:
b7:d0:61:b4:af:4a:f9:2a:fb:e2:36:d9:e8:be:25:
b4:8a:98:e0:15:8e:2e:94:41:c2:a3:3d:fc:75:6a:
22:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:DB:83:D6:1F:2F:41:05:93:A7:EE:FD:7F:8C:42:F1:A6:27:63:7B
X509v3 Authority Key Identifier:
keyid:F9:BB:29:B0:AB:E8:49:E7:FE:18:0E:33:9E:4B:1C:28:23:68:C5:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/-bspsKvoSef-GA4znkscKCNoxSE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-bspsKvoSef-GA4znkscKCNoxSE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E8F3/0A04F4E2549411E9B597E571C4F9AE02/9F883BFCB33811E981BB4E6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
143.92.112.0/20
148.222.64.0/19
Signature Algorithm: sha256WithRSAEncryption
83:84:8d:4d:6e:66:f1:47:6a:e4:14:e1:ae:b7:fc:bb:83:4e:
c9:90:d5:cd:39:07:02:2e:c5:01:81:f1:d9:2d:70:d5:9c:f4:
e9:a1:92:e6:4e:5d:19:c8:3a:18:59:22:0e:3f:c4:0f:ba:ca:
cd:69:dc:c3:01:93:aa:80:35:66:4d:17:2d:e2:a0:19:cb:e4:
57:50:07:74:07:a7:26:c8:5a:88:bf:26:42:03:4f:2c:8a:9a:
6a:3f:47:b5:e0:dd:ae:df:15:d7:1b:83:b4:61:8f:3f:f7:12:
e0:03:58:62:1c:10:cd:b4:ea:da:a6:72:fd:0d:18:e4:e2:6b:
1c:18:a8:e7:ae:4a:8c:25:0e:23:27:01:be:6f:c6:b8:6c:3b:
21:1f:66:7c:ab:41:11:a8:7d:84:f0:a9:c3:4d:c6:f6:e9:b1:
36:11:53:34:4f:c3:50:1d:f7:64:06:f6:fd:95:5a:21:ab:a0:
e8:ee:8d:b8:60:4b:5a:d7:6e:79:92:c3:28:aa:75:e8:98:4e:
9a:db:00:f0:86:01:26:05:7c:bf:c4:c4:be:00:05:5c:e3:71:
ca:0b:46:8c:2a:c3:09:01:2f:51:bd:d0:7b:c8:d5:dd:a9:f8:
fd:9b:75:11:eb:19:95:65:bc:5c:65:e3:23:e1:db:45:4a:a4:
61:ca:be:a2
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICD78wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0U4RjMxMTAvBgNVBAUTKEY5QkIyOUIwQUJFODQ5RTdGRTE4MEUzMzlFNEIxQzI4
MjM2OEM1MjEwHhcNMjUwMjIwMTgyNTU3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3NzNiNC1kOGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzPDGmkrKiKl8sNa8fBNPnb2HO9aIdgGW8zobsSoTBzR2cYCTg/fNgCcAy2vu
/qwFko01zjGhgeRsHSHO8ptBP1J8TTWuQt7d2b+ir8OtAfo6/aBxShGVfxGlx9IM
y7iQ1XWikU41S8Tdgq1oRiPhEovfuSAgoUORL8lHYC8AxmHmxYbN0SXOJFPEc5E+
Go50u9gstrGmRdXeSIs73VCtAucvuji+EeiUbLB6/ErpoZdOhOoLI7zWW4Zywck5
I+qMNnkSx6ijle3lcbBgm7f4qLCs3aTBTNx/VXuu5uwI2nK30GG0r0r5KvviNtno
viW0ipjgFY4ulEHCoz38dWoiGQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBfbg9Yf
L0EFk6fu/X+MQvGmJ2N7MB8GA1UdIwQYMBaAFPm7KbCr6Enn/hgOM55LHCgjaMUh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRThGMy8wQTA0RjRFMjU0
OTQxMUU5QjU5N0U1NzFDNEY5QUUwMi8tYnNwc0t2b1NlZi1HQTR6bmtzY0tDTm94
U0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLy1ic3BzS3ZvU2VmLUdBNHpua3NjS0NOb3hTRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0U4RjMvMEEwNEY0RTI1NDk0MTFFOUI1OTdFNTcxQzRGOUFFMDIvOUY4ODNCRkNC
MzM4MTFFOTgxQkI0RTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBASPXHADBAWU3kAwDQYJKoZIhvcNAQELBQADggEBAIOEjU1u
ZvFHauQU4a63/LuDTsmQ1c05BwIuxQGB8dktcNWc9OmhkuZOXRnIOhhZIg4/xA+6
ys1p3MMBk6qANWZNFy3ioBnL5FdQB3QHpybIWoi/JkIDTyyKmmo/R7Xg3a7fFdcb
g7Rhjz/3EuADWGIcEM206tqmcv0NGOTiaxwYqOeuSowlDiMnAb5vxrhsOyEfZnyr
QRGofYTwqcNNxvbpsTYRUzRPw1Ad92QG9v2VWiGroOjujbhgS1rXbnmSwyiqdeiY
TprbAPCGASYFfL/ExL4ABVzjccoLRowqwwkBL1G90HvI1d2p+P2bdRHrGZVlvFxl
4yPh20VKpGHKvqI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:31:13 2025 by rpki-client