Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/7E099DB21C5611EBB91D2683C4F9AE02.roa
File: 7E099DB21C5611EBB91D2683C4F9AE02.roa (raw, json)
Hash identifier: 5GuYDpWjP0H4MJ3DxdkwBn6X7wj5+kTU7yH+e2yV0zQ=
Subject key identifier: F5:A0:DF:00:BF:0F:5D:8B:F9:E8:5D:B8:53:06:75:8D:0F:EE:34:29
Certificate issuer: /CN=A915465A/serialNumber=785E0BFF07B9037C60334B2DF3369281A4DC3F5A
Certificate serial: 0750
Authority key identifier: 78:5E:0B:FF:07:B9:03:7C:60:33:4B:2D:F3:36:92:81:A4:DC:3F:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eF4L_we5A3xgM0st8zaSgaTcP1o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/7E099DB21C5611EBB91D2683C4F9AE02.roa
Signing time: Tue 07 Jan 2025 09:29:57 +0000
ROA not before: Tue 07 Jan 2025 09:29:57 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 45785
IP address blocks: 116.193.157.0/24 maxlen: 24
183.78.168.0/24 maxlen: 24
183.78.169.0/24 maxlen: 24
183.78.170.0/24 maxlen: 24
183.78.171.0/24 maxlen: 24
202.43.100.0/24 maxlen: 24
202.43.101.0/24 maxlen: 24
202.43.102.0/24 maxlen: 24
202.43.103.0/24 maxlen: 24
210.1.224.0/24 maxlen: 24
210.1.225.0/24 maxlen: 24
210.1.226.0/24 maxlen: 24
210.1.227.0/24 maxlen: 24
210.1.228.0/24 maxlen: 24
210.1.229.0/24 maxlen: 24
210.1.230.0/24 maxlen: 24
210.1.231.0/24 maxlen: 24
2401:c400::/32 maxlen: 32
2401:c400:1000::/48 maxlen: 48
2401:c400:2000::/48 maxlen: 48
2401:c400:3000::/48 maxlen: 48
2401:c400:4000::/48 maxlen: 48
2401:c400:5000::/48 maxlen: 48
2401:c400:6000::/48 maxlen: 48
2401:c400:7000::/48 maxlen: 48
2401:c400:8000::/48 maxlen: 48
2401:c400:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/eF4L_we5A3xgM0st8zaSgaTcP1o.crl
rsync://rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/eF4L_we5A3xgM0st8zaSgaTcP1o.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eF4L_we5A3xgM0st8zaSgaTcP1o.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 21:25:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1872 (0x750)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915465A, serialNumber=785E0BFF07B9037C60334B2DF3369281A4DC3F5A
Validity
Not Before: Jan 7 09:29:57 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=677cf414-c0b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c7:01:86:b4:db:8e:7c:a7:e5:f0:5f:24:50:
a3:2a:cd:6f:c5:da:48:cc:26:b4:08:eb:40:43:c0:
11:35:22:2f:10:81:ed:35:98:59:66:f7:1f:7e:28:
a8:4f:09:47:19:9f:db:60:f4:11:30:2c:f7:1c:72:
29:88:fb:15:53:6d:6a:19:62:28:dd:f4:5a:cd:55:
e5:f6:74:f6:46:dc:fa:32:d1:05:47:8a:bd:c0:cf:
75:95:ab:85:a1:29:4e:d8:da:1e:2d:f0:8b:71:7d:
9f:9b:b0:3e:0c:7e:62:76:1a:70:73:79:55:07:00:
78:09:cf:8c:89:ee:d4:a8:90:5c:c1:d5:e6:5f:29:
31:39:d0:9e:56:02:65:aa:7f:05:17:e6:88:26:1d:
f9:7b:05:9b:62:a4:d1:a7:9c:e4:fe:ef:ec:00:e0:
24:00:10:78:d3:58:5c:82:86:93:71:a0:f8:7b:6a:
22:a2:19:34:aa:dc:31:12:af:b8:be:be:0f:2d:6e:
95:9f:f1:3c:08:e0:5b:20:20:79:75:f6:a5:25:f6:
ab:32:46:cd:f1:3c:6a:80:af:a1:62:c3:ee:06:11:
35:58:16:5c:17:cf:e5:58:2a:09:ff:92:d5:92:b2:
6d:30:8c:6b:c9:86:96:b4:88:b3:06:43:14:c8:d0:
46:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A0:DF:00:BF:0F:5D:8B:F9:E8:5D:B8:53:06:75:8D:0F:EE:34:29
X509v3 Authority Key Identifier:
keyid:78:5E:0B:FF:07:B9:03:7C:60:33:4B:2D:F3:36:92:81:A4:DC:3F:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/eF4L_we5A3xgM0st8zaSgaTcP1o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eF4L_we5A3xgM0st8zaSgaTcP1o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915465A/8894A70A1C5511EBAB88C182C4F9AE02/7E099DB21C5611EBB91D2683C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.193.157.0/24
183.78.168.0/22
202.43.100.0/22
210.1.224.0/21
IPv6:
2401:c400::/32
Signature Algorithm: sha256WithRSAEncryption
4f:e7:32:77:26:be:35:2c:9b:be:4c:df:78:b1:04:c5:af:b1:
17:5c:bc:f7:3a:b8:1e:94:a7:46:d6:82:52:cc:dd:b5:0c:1a:
4c:0e:b5:32:d1:35:6f:2d:49:d5:b7:84:65:8e:e4:f9:5d:de:
a0:e7:5b:2a:be:4c:af:17:06:e7:aa:1d:ec:d5:d1:55:3f:a0:
9a:6c:fe:e8:e9:87:5f:15:f7:6c:9d:aa:e2:12:3b:33:d1:ce:
09:42:7b:84:ec:39:96:18:8c:05:9c:5b:01:0d:f0:1d:98:e7:
e6:a2:39:c9:b0:28:48:b8:2c:5d:30:16:c9:25:5d:b1:04:90:
01:f5:6c:53:de:67:35:e6:af:89:d6:c1:02:b7:34:6e:0d:1c:
3e:25:0b:ef:51:2f:1d:3e:df:97:d0:71:fe:39:4d:34:59:47:
3b:5f:b1:52:29:6a:e0:2d:f1:1f:71:ab:80:47:d4:54:b9:f5:
2c:97:d1:44:c7:e9:5a:2e:6f:15:dc:3f:dd:d0:58:9b:1d:20:
12:8b:eb:77:f2:f3:f8:ca:a5:cc:1e:7a:81:99:73:43:0a:e0:
92:d1:60:90:03:87:f9:29:c1:29:78:a4:7d:83:b6:9d:69:6e:
69:3f:28:1b:a5:5b:ff:cd:56:b3:91:d4:a0:14:c5:bc:c6:ef:
5f:47:f6:5b
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICB1AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTQ2NUExMTAvBgNVBAUTKDc4NUUwQkZGMDdCOTAzN0M2MDMzNEIyREYzMzY5Mjgx
QTREQzNGNUEwHhcNMjUwMTA3MDkyOTU3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdjZjQxNC1jMGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwccBhrTbjnyn5fBfJFCjKs1vxdpIzCa0COtAQ8ARNSIvEIHtNZhZZvcffiio
TwlHGZ/bYPQRMCz3HHIpiPsVU21qGWIo3fRazVXl9nT2Rtz6MtEFR4q9wM91lauF
oSlO2NoeLfCLcX2fm7A+DH5idhpwc3lVBwB4Cc+Mie7UqJBcwdXmXykxOdCeVgJl
qn8FF+aIJh35ewWbYqTRp5zk/u/sAOAkABB401hcgoaTcaD4e2oiohk0qtwxEq+4
vr4PLW6Vn/E8COBbICB5dfalJfarMkbN8TxqgK+hYsPuBhE1WBZcF8/lWCoJ/5LV
krJtMIxryYaWtIizBkMUyNBGcQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFPWg3wC/
D12L+ehduFMGdY0P7jQpMB8GA1UdIwQYMBaAFHheC/8HuQN8YDNLLfM2koGk3D9a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDY1QS84ODk0QTcwQTFD
NTUxMUVCQUI4OEMxODJDNEY5QUUwMi9lRjRMX3dlNUEzeGdNMHN0OHphU2dhVGNQ
MW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VGNExfd2U1QTN4Z00wc3Q4emFTZ2FUY1Axby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTQ2NUEvODg5NEE3MEExQzU1MTFFQkFCODhDMTgyQzRGOUFFMDIvN0UwOTlEQjIx
QzU2MTFFQkI5MUQyNjgzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAB0wZ0DBAK3TqgDBALKK2QDBAPSAeAwDQQCAAIwBwMFACQB
xAAwDQYJKoZIhvcNAQELBQADggEBAE/nMncmvjUsm75M33ixBMWvsRdcvPc6uB6U
p0bWglLM3bUMGkwOtTLRNW8tSdW3hGWO5Pld3qDnWyq+TK8XBueqHezV0VU/oJps
/ujph18V92ydquISOzPRzglCe4TsOZYYjAWcWwEN8B2Y5+aiOcmwKEi4LF0wFskl
XbEEkAH1bFPeZzXmr4nWwQK3NG4NHD4lC+9RLx0+35fQcf45TTRZRztfsVIpauAt
8R9xq4BH1FS59SyX0UTH6VoubxXcP93QWJsdIBKL63fy8/jKpcweeoGZc0MK4JLR
YJADh/kpwSl4pH2Dtp1pbmk/KBulW//NVrOR1KAUxbzG719H9ls=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:17:46 2025 by rpki-client