Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/5E26899A1B2211F093230420C4F9AE02.roa
File: 5E26899A1B2211F093230420C4F9AE02.roa (raw, json)
Hash identifier: zE8hcTYNfmMkBUxWlaCkDNF/PasBwsyXryHfs3QbRWs=
Subject key identifier: 67:58:82:BD:EF:D2:3C:11:0B:07:CD:8C:86:53:77:E0:97:1F:65:7F
Certificate issuer: /CN=A9170304/serialNumber=AD270FDE99B1F1069DAB8EF7A576AA2C2AF2C6F0
Certificate serial: 34A4
Authority key identifier: AD:27:0F:DE:99:B1:F1:06:9D:AB:8E:F7:A5:76:AA:2C:2A:F2:C6:F0
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rScP3pmx8Qadq473pXaqLCryxvA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/5E26899A1B2211F093230420C4F9AE02.roa
Signing time: Thu 17 Apr 2025 00:24:47 +0000
ROA not before: Thu 17 Apr 2025 00:24:47 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 198949
IP address blocks: 147.41.0.0/17 maxlen: 17
147.41.0.0/20 maxlen: 20
147.41.16.0/20 maxlen: 20
147.41.32.0/19 maxlen: 19
147.41.64.0/18 maxlen: 18
147.41.128.0/17 maxlen: 17
147.41.128.0/18 maxlen: 18
147.41.192.0/19 maxlen: 19
147.41.224.0/20 maxlen: 20
147.41.240.0/20 maxlen: 20
147.109.0.0/16 maxlen: 16
147.109.0.0/22 maxlen: 22
147.109.4.0/22 maxlen: 22
147.109.8.0/21 maxlen: 21
147.109.16.0/20 maxlen: 20
147.109.32.0/20 maxlen: 20
147.109.48.0/20 maxlen: 20
147.109.64.0/20 maxlen: 20
147.109.80.0/20 maxlen: 20
147.109.96.0/20 maxlen: 20
147.109.112.0/21 maxlen: 21
147.109.120.0/22 maxlen: 22
147.109.124.0/23 maxlen: 23
147.109.124.0/24 maxlen: 24
147.109.126.0/23 maxlen: 23
147.109.128.0/20 maxlen: 20
147.109.144.0/20 maxlen: 20
147.109.160.0/19 maxlen: 19
147.109.192.0/20 maxlen: 20
147.109.192.0/21 maxlen: 21
147.109.208.0/20 maxlen: 21
147.109.224.0/20 maxlen: 20
147.109.240.0/21 maxlen: 21
147.109.248.0/21 maxlen: 21
192.26.232.0/24 maxlen: 24
192.107.101.0/24 maxlen: 24
192.190.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/rScP3pmx8Qadq473pXaqLCryxvA.crl
rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/rScP3pmx8Qadq473pXaqLCryxvA.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rScP3pmx8Qadq473pXaqLCryxvA.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 14:38:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13476 (0x34a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170304, serialNumber=AD270FDE99B1F1069DAB8EF7A576AA2C2AF2C6F0
Validity
Not Before: Apr 17 00:24:47 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68004a4f-0cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8a:be:8f:a8:d6:09:5d:41:25:23:db:49:d4:
06:71:53:6a:2b:fd:83:74:23:f9:75:e1:37:aa:03:
2c:b5:18:b1:23:f7:eb:d2:43:e4:c0:58:24:22:ff:
92:fe:a5:77:05:be:44:e6:f8:f3:75:7d:29:4f:3c:
cf:25:59:85:18:82:4d:e0:71:84:7d:f7:af:cf:d2:
e0:12:ab:dd:99:c0:01:76:69:92:56:de:86:96:b8:
43:f3:6f:e0:52:fb:b4:c3:22:ef:cb:c5:1d:df:4f:
27:1a:fc:e2:ad:c3:c8:21:6b:34:0a:db:a1:91:be:
c1:5b:39:f3:0d:61:78:c2:f3:b4:70:49:06:26:00:
27:6c:38:11:63:5f:b3:8d:aa:c4:61:ab:21:a8:ba:
ec:6e:0a:af:32:f7:00:18:cc:c1:f6:eb:2e:31:40:
30:a1:a8:dc:f1:b5:48:28:87:8b:fb:10:8c:4d:33:
2a:28:d8:a9:54:9d:b7:65:08:e5:4b:ae:ec:5d:d9:
7c:e9:b3:96:e1:25:8b:9b:2e:cd:94:3e:86:9f:f8:
c9:a6:49:d9:b9:ad:bf:6b:35:81:e2:fa:be:1e:b5:
ee:36:db:14:16:bf:a8:1b:80:d4:2d:ab:78:4c:bd:
ef:c4:c7:f1:3f:7b:a3:66:c1:8c:18:b6:95:32:69:
32:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:58:82:BD:EF:D2:3C:11:0B:07:CD:8C:86:53:77:E0:97:1F:65:7F
X509v3 Authority Key Identifier:
keyid:AD:27:0F:DE:99:B1:F1:06:9D:AB:8E:F7:A5:76:AA:2C:2A:F2:C6:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/rScP3pmx8Qadq473pXaqLCryxvA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rScP3pmx8Qadq473pXaqLCryxvA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/5E26899A1B2211F093230420C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
147.41.0.0/16
147.109.0.0/16
192.26.232.0/24
192.107.101.0/24
192.190.61.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:74:39:91:84:4e:24:36:a7:98:8f:32:84:3e:66:fa:37:3d:
c3:89:37:ab:c7:d4:14:95:3f:62:9b:1a:72:e8:eb:89:a2:2b:
a3:6c:ee:5a:f0:a0:61:89:db:3a:0a:fb:8b:39:33:9b:a9:70:
71:c2:64:b8:ff:39:60:6f:a2:41:2d:56:3c:e9:4c:63:9b:56:
bc:93:c4:b0:71:1f:9f:71:cb:95:72:a8:b7:a9:cc:77:9b:33:
53:82:4d:8d:cd:0b:d0:73:60:93:31:22:f6:33:ef:56:1e:76:
9a:8d:3b:8e:f1:57:5a:1e:7c:83:cb:62:3b:e0:63:69:9b:3a:
ea:27:16:12:91:b3:a1:ea:2b:58:7a:33:ed:ff:cb:25:bb:e5:
eb:b7:88:fa:f9:cc:36:bd:10:b4:e8:6b:38:25:4b:1c:73:5f:
74:0e:8d:59:37:be:45:1e:58:e9:62:d1:46:a4:8b:11:fa:b7:
39:c9:24:e1:ba:f2:00:40:a5:98:da:06:3e:d3:f5:96:3d:a5:
2c:54:d4:e3:db:e4:60:56:be:ae:10:51:33:92:e3:62:88:13:
85:86:03:01:ca:d3:54:8b:d8:37:8d:4c:dd:30:45:bf:ec:66:
a9:19:e6:67:b1:47:8b:23:42:56:a2:6b:19:05:f5:b6:7b:62:
b9:ee:ee:07
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICNKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzAzMDQxMTAvBgNVBAUTKEFEMjcwRkRFOTlCMUYxMDY5REFCOEVGN0E1NzZBQTJD
MkFGMkM2RjAwHhcNMjUwNDE3MDAyNDQ3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODAwNGE0Zi0wY2JkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAloq+j6jWCV1BJSPbSdQGcVNqK/2DdCP5deE3qgMstRixI/fr0kPkwFgkIv+S
/qV3Bb5E5vjzdX0pTzzPJVmFGIJN4HGEffevz9LgEqvdmcABdmmSVt6GlrhD82/g
Uvu0wyLvy8Ud308nGvzircPIIWs0Ctuhkb7BWznzDWF4wvO0cEkGJgAnbDgRY1+z
jarEYashqLrsbgqvMvcAGMzB9usuMUAwoajc8bVIKIeL+xCMTTMqKNipVJ23ZQjl
S67sXdl86bOW4SWLmy7NlD6Gn/jJpknZua2/azWB4vq+HrXuNtsUFr+oG4DULat4
TL3vxMfxP3ujZsGMGLaVMmkyEQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFGdYgr3v
0jwRCwfNjIZTd+CXH2V/MB8GA1UdIwQYMBaAFK0nD96ZsfEGnauO96V2qiwq8sbw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDMwNC85RUY0MTEzMDFE
OEUxMUUyQjE4MjI2RUQwOEIwMkNEMi9yU2NQM3BteDhRYWRxNDczcFhhcUxDcnl4
dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3JTY1AzcG14OFFhZHE0NzNwWGFxTENyeXh2QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzAzMDQvOUVGNDExMzAxRDhFMTFFMkIxODIyNkVEMDhCMDJDRDIvNUUyNjg5OUEx
QjIyMTFGMDkzMjMwNDIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwDAwCTKQMDAJNtAwQAwBroAwQAwGtlAwQAwL49MA0GCSqGSIb3
DQEBCwUAA4IBAQCddDmRhE4kNqeYjzKEPmb6Nz3DiTerx9QUlT9imxpy6OuJoiuj
bO5a8KBhids6CvuLOTObqXBxwmS4/zlgb6JBLVY86Uxjm1a8k8SwcR+fccuVcqi3
qcx3mzNTgk2NzQvQc2CTMSL2M+9WHnaajTuO8VdaHnyDy2I74GNpmzrqJxYSkbOh
6itYejPt/8slu+Xrt4j6+cw2vRC06Gs4JUscc190Do1ZN75FHljpYtFGpIsR+rc5
ySThuvIAQKWY2gY+0/WWPaUsVNTj2+RgVr6uEFEzkuNiiBOFhgMBytNUi9g3jUzd
MEW/7GapGeZnsUeLI0JWomsZBfW2e2K57u4H
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:11:43 2025 by rpki-client