Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/D9750E78F01111EFB1720645C4F9AE02.roa
File: D9750E78F01111EFB1720645C4F9AE02.roa (raw, json)
Hash identifier: N5u2+srCZYEKTDhtP+lxLTAjcpl++wd0KdnyCpSI0Uo=
Subject key identifier: C6:BF:FF:B9:DD:3A:EE:90:B2:E5:B4:AB:A9:F9:6D:D5:CA:2B:CE:5F
Certificate issuer: /CN=A91F33A5/serialNumber=4FF52847215C4A22E9F1149E6CBFEDF74D61CE8B
Certificate serial: 0321
Authority key identifier: 4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/D9750E78F01111EFB1720645C4F9AE02.roa
Signing time: Fri 21 Feb 2025 05:08:13 +0000
ROA not before: Fri 21 Feb 2025 05:08:13 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 6262
IP address blocks: 130.116.0.0/16 maxlen: 24
130.155.0.0/16 maxlen: 24
138.194.0.0/16 maxlen: 24
140.79.0.0/16 maxlen: 24
140.253.0.0/16 maxlen: 24
144.110.0.0/16 maxlen: 24
146.118.0.0/16 maxlen: 24
152.83.0.0/16 maxlen: 24
192.16.180.0/24 maxlen: 24
192.41.146.0/24 maxlen: 24
192.42.60.0/23 maxlen: 24
192.42.62.0/24 maxlen: 24
192.54.105.0/24 maxlen: 24
192.54.106.0/24 maxlen: 24
192.55.219.0/24 maxlen: 24
192.55.232.0/24 maxlen: 24
192.65.130.0/24 maxlen: 24
192.67.12.0/24 maxlen: 24
192.67.171.0/24 maxlen: 24
192.68.132.0/24 maxlen: 24
192.82.140.0/24 maxlen: 24
192.83.238.0/24 maxlen: 24
192.84.237.0/24 maxlen: 24
192.84.238.0/24 maxlen: 24
192.94.62.0/23 maxlen: 24
192.94.64.0/24 maxlen: 24
192.94.209.0/24 maxlen: 24
192.102.250.0/23 maxlen: 24
192.107.9.0/24 maxlen: 24
192.111.32.0/24 maxlen: 24
192.122.176.0/24 maxlen: 24
192.124.117.0/24 maxlen: 24
192.124.152.0/24 maxlen: 24
192.138.100.0/24 maxlen: 24
192.149.36.0/24 maxlen: 24
192.150.202.0/24 maxlen: 24
192.160.16.0/24 maxlen: 24
192.188.115.0/24 maxlen: 24
192.188.186.0/24 maxlen: 24
192.207.156.0/23 maxlen: 24
192.207.158.0/24 maxlen: 24
192.207.197.0/24 maxlen: 24
192.207.198.0/24 maxlen: 24
192.245.210.0/23 maxlen: 24
192.245.212.0/22 maxlen: 24
192.245.216.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.crl
rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 02 May 2025 01:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 801 (0x321)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F33A5, serialNumber=4FF52847215C4A22E9F1149E6CBFEDF74D61CE8B
Validity
Not Before: Feb 21 05:08:13 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67b80a3c-b67f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:11:e7:6e:71:ec:fb:55:81:9a:ed:72:e1:7a:
4a:ea:87:40:8e:0e:c6:ab:bb:66:b8:ae:b4:bb:34:
55:6f:a4:2e:9b:61:db:80:de:fd:3f:c2:c0:d5:2a:
ab:8c:35:29:41:09:05:e8:11:5f:b6:30:09:e9:96:
ed:c6:55:3b:0d:fb:2c:f6:fc:ec:08:b7:d4:e7:8e:
6f:ee:18:3e:3c:b8:08:38:f7:d7:d3:e4:1c:62:db:
89:d3:12:77:91:89:16:c4:d3:5a:f8:dc:65:fe:6e:
9c:70:5b:8f:71:5f:3d:5e:05:ef:30:cb:61:bd:74:
a6:8a:1c:e5:5d:cb:af:5d:56:f2:d1:7b:16:8d:39:
3e:eb:a7:e5:bd:19:64:d3:90:39:a4:31:10:83:49:
eb:50:de:a3:b4:6d:74:1e:5d:dd:af:15:bf:50:e4:
62:22:60:d1:03:ba:e9:f6:c0:83:8b:4c:e5:4b:b0:
7f:de:23:05:b9:ce:5c:02:60:3f:c5:07:e0:ed:a5:
d3:f0:c4:34:ea:0a:88:18:5a:2c:b1:94:9a:5c:b6:
6c:56:9a:70:96:fc:de:b2:88:ff:71:f6:60:5d:98:
a1:7c:4e:7e:7c:3e:64:8b:e4:e8:74:8e:d9:60:fd:
b9:47:7d:ae:5c:ad:12:fa:52:32:ab:72:ff:73:0f:
a1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:BF:FF:B9:DD:3A:EE:90:B2:E5:B4:AB:A9:F9:6D:D5:CA:2B:CE:5F
X509v3 Authority Key Identifier:
keyid:4F:F5:28:47:21:5C:4A:22:E9:F1:14:9E:6C:BF:ED:F7:4D:61:CE:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/T_UoRyFcSiLp8RSebL_t901hzos.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/T_UoRyFcSiLp8RSebL_t901hzos.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F33A5/11870972D4D811ECA4245F10C4F9AE02/D9750E78F01111EFB1720645C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
130.116.0.0/16
130.155.0.0/16
138.194.0.0/16
140.79.0.0/16
140.253.0.0/16
144.110.0.0/16
146.118.0.0/16
152.83.0.0/16
192.16.180.0/24
192.41.146.0/24
192.42.60.0-192.42.62.255
192.54.105.0-192.54.106.255
192.55.219.0/24
192.55.232.0/24
192.65.130.0/24
192.67.12.0/24
192.67.171.0/24
192.68.132.0/24
192.82.140.0/24
192.83.238.0/24
192.84.237.0-192.84.238.255
192.94.62.0-192.94.64.255
192.94.209.0/24
192.102.250.0/23
192.107.9.0/24
192.111.32.0/24
192.122.176.0/24
192.124.117.0/24
192.124.152.0/24
192.138.100.0/24
192.149.36.0/24
192.150.202.0/24
192.160.16.0/24
192.188.115.0/24
192.188.186.0/24
192.207.156.0-192.207.158.255
192.207.197.0-192.207.198.255
192.245.210.0-192.245.217.255
Signature Algorithm: sha256WithRSAEncryption
12:32:b4:a5:cd:f1:35:05:e0:b1:3a:5c:0f:c5:6f:28:2d:a7:
5c:c2:63:e4:00:a7:53:0b:af:7f:ea:7f:89:13:61:42:d7:c0:
6e:80:e0:7c:9b:f4:58:d1:90:38:34:70:51:11:a0:2f:80:4a:
7b:b7:07:25:c2:b8:23:cb:b6:9b:70:94:e8:47:cc:80:6e:62:
fc:ab:46:82:26:5e:32:ed:61:00:50:38:54:8b:15:98:9c:c5:
2a:49:d1:4d:a6:3b:06:e8:a3:95:1c:80:c0:06:47:ab:14:66:
5d:c8:81:66:61:70:ff:27:09:0a:4b:af:6a:03:16:d0:c3:6b:
73:33:67:ee:a7:28:9c:34:4c:11:19:8c:f2:7b:c3:97:eb:f4:
ad:59:4d:da:29:e2:8f:1e:4e:17:04:bc:cc:da:1b:f9:56:a1:
81:93:39:2e:9a:85:b5:2b:76:f0:0a:92:01:f5:c5:e3:a5:90:
ac:2e:d9:6a:82:42:14:2e:04:eb:3b:a3:1f:4e:7b:3c:a7:fd:
c7:de:48:99:7d:69:f5:f4:03:14:3f:21:01:9c:ec:b0:1e:03:
b1:d6:3e:eb:5d:b8:4b:32:f2:16:7f:eb:3e:9d:77:21:97:6d:
7f:85:63:b5:e8:17:50:51:04:10:ef:e5:d7:53:8a:e8:11:9e:
96:d6:49:77
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgICAyEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjMzQTUxMTAvBgNVBAUTKDRGRjUyODQ3MjE1QzRBMjJFOUYxMTQ5RTZDQkZFREY3
NEQ2MUNFOEIwHhcNMjUwMjIxMDUwODEzWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I4MGEzYy1iNjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuRHnbnHs+1WBmu1y4XpK6odAjg7Gq7tmuK60uzRVb6Qum2HbgN79P8LA1Sqr
jDUpQQkF6BFftjAJ6ZbtxlU7Dfss9vzsCLfU545v7hg+PLgIOPfX0+QcYtuJ0xJ3
kYkWxNNa+Nxl/m6ccFuPcV89XgXvMMthvXSmihzlXcuvXVby0XsWjTk+66flvRlk
05A5pDEQg0nrUN6jtG10Hl3drxW/UORiImDRA7rp9sCDi0zlS7B/3iMFuc5cAmA/
xQfg7aXT8MQ06gqIGFossZSaXLZsVppwlvzesoj/cfZgXZihfE5+fD5ki+TodI7Z
YP25R32uXK0S+lIyq3L/cw+hBwIDAQABo4IDrTCCA6kwHQYDVR0OBBYEFMa//7nd
Ou6QsuW0q6n5bdXKK85fMB8GA1UdIwQYMBaAFE/1KEchXEoi6fEUnmy/7fdNYc6L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMzNBNS8xMTg3MDk3MkQ0
RDgxMUVDQTQyNDVGMTBDNEY5QUUwMi9UX1VvUnlGY1NpTHA4UlNlYkxfdDkwMWh6
b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL1RfVW9SeUZjU2lMcDhSU2ViTF90OTAxaHpvcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjMzQTUvMTE4NzA5NzJENEQ4MTFFQ0E0MjQ1RjEwQzRGOUFFMDIvRDk3NTBFNzhG
MDExMTFFRkIxNzIwNjQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggE1BggrBgEFBQcBBwEB
/wSCASQwggEgMIIBHAQCAAEwggEUAwMAgnQDAwCCmwMDAIrCAwMAjE8DAwCM/QMD
AJBuAwMAknYDAwCYUwMEAMAQtAMEAMApkjAMAwQCwCo8AwQAwCo+MAwDBADANmkD
BADANmoDBADAN9sDBADAN+gDBADAQYIDBADAQwwDBADAQ6sDBADARIQDBADAUowD
BADAU+4wDAMEAMBU7QMEAMBU7jAMAwQBwF4+AwQAwF5AAwQAwF7RAwQBwGb6AwQA
wGsJAwQAwG8gAwQAwHqwAwQAwHx1AwQAwHyYAwQAwIpkAwQAwJUkAwQAwJbKAwQA
wKAQAwQAwLxzAwQAwLy6MAwDBALAz5wDBADAz54wDAMEAMDPxQMEAMDPxjAMAwQB
wPXSAwQBwPXYMA0GCSqGSIb3DQEBCwUAA4IBAQASMrSlzfE1BeCxOlwPxW8oLadc
wmPkAKdTC69/6n+JE2FC18BugOB8m/RY0ZA4NHBREaAvgEp7twclwrgjy7abcJTo
R8yAbmL8q0aCJl4y7WEAUDhUixWYnMUqSdFNpjsG6KOVHIDABkerFGZdyIFmYXD/
JwkKS69qAxbQw2tzM2fupyicNEwRGYzye8OX6/StWU3aKeKPHk4XBLzM2hv5VqGB
kzkumoW1K3bwCpIB9cXjpZCsLtlqgkIULgTrO6MfTns8p/3H3kiZfWn19AMUPyEB
nOywHgOx1j7rXbhLMvIWf+s+nXchl21/hWO16BdQUQQQ7+XXU4roEZ6W1kl3
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:18:28 2025 by rpki-client