Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/B38D932050EF11EC8583962BC4F9AE02.roa
File: B38D932050EF11EC8583962BC4F9AE02.roa (raw, json)
Hash identifier: vGjVKyfhGouNwPbyNw8ueo4siItyyWgs22PxyDfp4xs=
Subject key identifier: 6E:8E:A8:CC:AE:B4:44:02:1D:A5:2E:B6:13:65:BE:A5:E2:8B:22:02
Certificate issuer: /CN=A9178EB0/serialNumber=E1B910B9C7310C9F65594FC6E8989FC953B36E51
Certificate serial: 0410
Authority key identifier: E1:B9:10:B9:C7:31:0C:9F:65:59:4F:C6:E8:98:9F:C9:53:B3:6E:51
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4bkQuccxDJ9lWU_G6JifyVOzblE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/B38D932050EF11EC8583962BC4F9AE02.roa
Signing time: Tue 10 Dec 2024 21:20:14 +0000
ROA not before: Tue 10 Dec 2024 21:20:14 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 45753
IP address blocks: 52.128.224.0/19 maxlen: 19
52.128.224.0/24 maxlen: 24
52.128.225.0/24 maxlen: 24
52.128.226.0/24 maxlen: 24
52.128.227.0/24 maxlen: 24
52.128.228.0/24 maxlen: 24
52.128.229.0/24 maxlen: 24
52.128.230.0/24 maxlen: 24
52.128.231.0/24 maxlen: 24
52.128.232.0/24 maxlen: 24
52.128.233.0/24 maxlen: 24
52.128.234.0/24 maxlen: 24
52.128.235.0/24 maxlen: 24
52.128.236.0/24 maxlen: 24
52.128.237.0/24 maxlen: 24
52.128.238.0/24 maxlen: 24
52.128.239.0/24 maxlen: 24
52.128.240.0/24 maxlen: 24
52.128.241.0/24 maxlen: 24
52.128.242.0/24 maxlen: 24
52.128.243.0/24 maxlen: 24
52.128.244.0/24 maxlen: 24
52.128.245.0/24 maxlen: 24
52.128.246.0/24 maxlen: 24
52.128.247.0/24 maxlen: 24
52.128.248.0/24 maxlen: 24
52.128.249.0/24 maxlen: 24
52.128.250.0/24 maxlen: 24
52.128.251.0/24 maxlen: 24
52.128.252.0/24 maxlen: 24
52.128.253.0/24 maxlen: 24
52.128.254.0/24 maxlen: 24
52.128.255.0/24 maxlen: 24
148.66.0.0/19 maxlen: 19
148.66.0.0/24 maxlen: 24
148.66.1.0/24 maxlen: 24
148.66.2.0/24 maxlen: 24
148.66.3.0/24 maxlen: 24
148.66.4.0/24 maxlen: 24
148.66.5.0/24 maxlen: 24
148.66.6.0/24 maxlen: 24
148.66.7.0/24 maxlen: 24
148.66.8.0/24 maxlen: 24
148.66.9.0/24 maxlen: 24
148.66.10.0/24 maxlen: 24
148.66.11.0/24 maxlen: 24
148.66.12.0/24 maxlen: 24
148.66.13.0/24 maxlen: 24
148.66.14.0/24 maxlen: 24
148.66.15.0/24 maxlen: 24
148.66.16.0/24 maxlen: 24
148.66.17.0/24 maxlen: 24
148.66.18.0/24 maxlen: 24
148.66.19.0/24 maxlen: 24
148.66.20.0/24 maxlen: 24
148.66.21.0/24 maxlen: 24
148.66.22.0/24 maxlen: 24
148.66.23.0/24 maxlen: 24
148.66.24.0/24 maxlen: 24
148.66.25.0/24 maxlen: 24
148.66.26.0/24 maxlen: 24
148.66.27.0/24 maxlen: 24
148.66.28.0/24 maxlen: 24
148.66.29.0/24 maxlen: 24
148.66.30.0/24 maxlen: 24
148.66.31.0/24 maxlen: 24
216.118.224.0/19 maxlen: 19
216.118.224.0/24 maxlen: 24
216.118.225.0/24 maxlen: 24
216.118.226.0/24 maxlen: 24
216.118.227.0/24 maxlen: 24
216.118.228.0/24 maxlen: 24
216.118.229.0/24 maxlen: 24
216.118.230.0/24 maxlen: 24
216.118.231.0/24 maxlen: 24
216.118.232.0/24 maxlen: 24
216.118.233.0/24 maxlen: 24
216.118.234.0/24 maxlen: 24
216.118.235.0/24 maxlen: 24
216.118.236.0/24 maxlen: 24
216.118.237.0/24 maxlen: 24
216.118.238.0/24 maxlen: 24
216.118.239.0/24 maxlen: 24
216.118.240.0/24 maxlen: 24
216.118.241.0/24 maxlen: 24
216.118.242.0/24 maxlen: 24
216.118.243.0/24 maxlen: 24
216.118.244.0/24 maxlen: 24
216.118.245.0/24 maxlen: 24
216.118.246.0/24 maxlen: 24
216.118.247.0/24 maxlen: 24
216.118.248.0/24 maxlen: 24
216.118.249.0/24 maxlen: 24
216.118.250.0/24 maxlen: 24
216.118.251.0/24 maxlen: 24
216.118.252.0/24 maxlen: 24
216.118.253.0/24 maxlen: 24
216.118.254.0/24 maxlen: 24
216.118.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/4bkQuccxDJ9lWU_G6JifyVOzblE.crl
rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/4bkQuccxDJ9lWU_G6JifyVOzblE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4bkQuccxDJ9lWU_G6JifyVOzblE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 20:44:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1040 (0x410)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178EB0, serialNumber=E1B910B9C7310C9F65594FC6E8989FC953B36E51
Validity
Not Before: Dec 10 21:20:14 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6758b08e-3065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:22:f4:01:f6:53:a6:e7:53:0b:8d:ff:0c:1b:
4f:b7:32:07:40:60:4d:27:a8:d8:81:d1:eb:03:c3:
1c:ad:9d:7d:5c:51:76:85:01:77:eb:00:3c:71:f7:
6b:1e:15:f7:40:ba:76:5c:5c:06:cd:f4:fa:48:d4:
f7:d3:b9:bb:37:34:c1:61:5d:fe:af:bc:08:50:d5:
89:71:56:3a:da:01:ac:d0:e9:b3:54:48:88:d8:ef:
3f:fa:2e:bb:69:3e:0b:76:a5:41:f4:f8:ff:10:dc:
46:2d:32:0f:90:43:bb:f2:ab:c3:24:0d:fc:19:cf:
b3:d9:55:02:02:1a:f8:34:62:5c:73:c2:2a:78:01:
45:0d:51:73:02:18:de:71:aa:5c:85:da:f3:8a:b2:
08:45:a9:9f:3d:c6:b5:2c:a7:89:78:85:39:7c:3c:
18:c9:a1:e0:ef:a2:6b:77:ee:c5:83:7f:3d:90:bc:
9d:fd:b5:56:b9:93:f2:af:a3:b8:d9:ea:bc:d3:f4:
05:c3:fd:b1:ee:50:37:76:2a:d3:54:86:97:ec:22:
b6:9f:86:23:30:e6:c2:06:b0:d1:75:2b:2b:9d:03:
1e:3b:ad:49:4e:cc:ce:0c:39:1a:ae:80:f7:be:d9:
76:77:56:ad:30:b5:8e:c3:a2:10:e0:4e:cf:f6:18:
8e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:8E:A8:CC:AE:B4:44:02:1D:A5:2E:B6:13:65:BE:A5:E2:8B:22:02
X509v3 Authority Key Identifier:
keyid:E1:B9:10:B9:C7:31:0C:9F:65:59:4F:C6:E8:98:9F:C9:53:B3:6E:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/4bkQuccxDJ9lWU_G6JifyVOzblE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4bkQuccxDJ9lWU_G6JifyVOzblE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/B38D932050EF11EC8583962BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
52.128.224.0/19
148.66.0.0/19
216.118.224.0/19
Signature Algorithm: sha256WithRSAEncryption
58:d6:44:4c:7a:44:ff:05:a4:5f:f0:83:53:cd:de:52:3c:83:
c3:8a:14:22:52:da:38:d6:1a:b1:b3:5e:9e:dc:ad:dc:0e:d7:
c1:a7:f5:02:d3:fd:00:c8:3c:71:9c:3c:fa:ea:7c:73:42:06:
cb:7e:21:1e:bf:ad:9c:73:6e:a9:3a:3f:5d:56:c3:9e:4b:f2:
05:46:9b:4b:67:f8:a2:62:89:20:af:6f:8b:4e:a5:68:0a:cb:
50:e5:27:c0:61:e0:24:35:cb:5f:33:58:23:d3:fa:86:95:ae:
70:80:1a:81:99:63:6e:28:2b:fe:28:d1:59:bf:1d:a1:c2:78:
05:3b:6f:ab:ff:7e:4e:52:50:c4:e2:72:0e:0e:42:db:f4:dd:
74:53:8c:4a:d6:19:c4:af:6a:f2:d0:5e:4d:6a:11:db:44:7a:
29:cd:c9:10:81:41:07:d0:e9:9e:d6:b7:05:a4:fa:87:ad:ee:
de:12:78:47:2e:b0:c4:44:2a:d6:13:5a:2e:13:9b:c1:5a:57:
6d:a4:fb:1d:d9:3f:d2:52:cf:79:51:85:eb:ea:f1:e8:d6:48:
ae:da:07:42:f4:23:94:ce:37:52:5a:d4:4f:f4:72:9a:38:ea:
5e:b5:00:c6:16:bd:a2:51:73:ec:83:dc:a1:8c:33:46:cc:ab:
2b:98:64:4f
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBBAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzhFQjAxMTAvBgNVBAUTKEUxQjkxMEI5QzczMTBDOUY2NTU5NEZDNkU4OTg5RkM5
NTNCMzZFNTEwHhcNMjQxMjEwMjEyMDE0WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4YjA4ZS0zMDY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsiL0AfZTpudTC43/DBtPtzIHQGBNJ6jYgdHrA8McrZ19XFF2hQF36wA8cfdr
HhX3QLp2XFwGzfT6SNT307m7NzTBYV3+r7wIUNWJcVY62gGs0OmzVEiI2O8/+i67
aT4LdqVB9Pj/ENxGLTIPkEO78qvDJA38Gc+z2VUCAhr4NGJcc8IqeAFFDVFzAhje
capchdrzirIIRamfPca1LKeJeIU5fDwYyaHg76Jrd+7Fg389kLyd/bVWuZPyr6O4
2eq80/QFw/2x7lA3dirTVIaX7CK2n4YjMObCBrDRdSsrnQMeO61JTszODDkaroD3
vtl2d1atMLWOw6IQ4E7P9hiOewIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFG6OqMyu
tEQCHaUuthNlvqXiiyICMB8GA1UdIwQYMBaAFOG5ELnHMQyfZVlPxuiYn8lTs25R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OEVCMC9FMzJDODdDQzUw
RDUxMUVDQjNGOEQ1MjlDNEY5QUUwMi80YmtRdWNjeERKOWxXVV9HNkppZnlWT3pi
bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLzRia1F1Y2N4REo5bFdVX0c2SmlmeVZPemJsRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhFQjAvRTMyQzg3Q0M1MEQ1MTFFQ0IzRjhENTI5QzRGOUFFMDIvQjM4RDkzMjA1
MEVGMTFFQzg1ODM5NjJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAU0gOADBAWUQgADBAXYduAwDQYJKoZIhvcNAQELBQADggEB
AFjWREx6RP8FpF/wg1PN3lI8g8OKFCJS2jjWGrGzXp7crdwO18Gn9QLT/QDIPHGc
PPrqfHNCBst+IR6/rZxzbqk6P11Ww55L8gVGm0tn+KJiiSCvb4tOpWgKy1DlJ8Bh
4CQ1y18zWCPT+oaVrnCAGoGZY24oK/4o0Vm/HaHCeAU7b6v/fk5SUMTicg4OQtv0
3XRTjErWGcSvavLQXk1qEdtEeinNyRCBQQfQ6Z7WtwWk+oet7t4SeEcusMREKtYT
Wi4Tm8FaV22k+x3ZP9JSz3lRhevq8ejWSK7aB0L0I5TON1Ja1E/0cpo46l61AMYW
vaJRc+yD3KGMM0bMqyuYZE8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:36:34 2025 by rpki-client