Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/54040CE414F111F08814732CC4F9AE02.roa
File: 54040CE414F111F08814732CC4F9AE02.roa (raw, json)
Hash identifier: uhWwpX7EH4SHxyPNQgHJ8g+4j0iOnCO5ph2jjf0SUwo=
Subject key identifier: AD:FE:78:90:4C:FF:98:97:AF:F6:41:A0:6D:48:42:A9:06:6B:C7:DA
Certificate issuer: /CN=A91F916A/serialNumber=CF7AC6E7853E4958287006430076584657E0C950
Certificate serial: 2489
Authority key identifier: CF:7A:C6:E7:85:3E:49:58:28:70:06:43:00:76:58:46:57:E0:C9:50
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/54040CE414F111F08814732CC4F9AE02.roa
Signing time: Wed 09 Apr 2025 03:18:38 +0000
ROA not before: Wed 09 Apr 2025 03:18:38 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 19905
IP address blocks: 202.176.192.0/24 maxlen: 24
202.176.197.0/24 maxlen: 24
202.176.198.0/24 maxlen: 24
202.176.200.0/24 maxlen: 24
202.176.202.0/24 maxlen: 24
202.176.215.0/24 maxlen: 24
202.176.221.0/24 maxlen: 24
203.208.224.0/24 maxlen: 24
203.208.228.0/24 maxlen: 24
203.208.231.0/24 maxlen: 24
203.208.232.0/24 maxlen: 24
203.208.233.0/24 maxlen: 24
203.208.237.0/24 maxlen: 24
203.208.239.0/24 maxlen: 24
203.208.240.0/24 maxlen: 24
203.208.248.0/24 maxlen: 24
203.208.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.crl
rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 01 May 2025 15:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9353 (0x2489)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F916A, serialNumber=CF7AC6E7853E4958287006430076584657E0C950
Validity
Not Before: Apr 9 03:18:38 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67f5e70e-de44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bb:61:35:51:68:43:7d:db:36:d2:43:ed:ab:
33:41:27:22:5c:f3:47:db:6d:a5:57:d4:66:4e:a9:
4f:4b:08:70:3b:2f:bf:92:d1:a4:78:ee:78:80:b1:
76:64:1a:42:01:3a:71:5c:f4:7b:97:5a:e4:74:51:
34:2f:11:21:4a:1b:fa:b8:68:a4:71:06:f1:75:04:
d4:5e:a3:62:59:6c:5a:d7:70:06:00:b6:5f:0a:fc:
08:da:d3:37:52:d5:86:88:af:54:a4:35:3f:79:5b:
6a:87:f3:da:98:c0:f7:5a:da:c1:af:a1:9a:4a:cb:
f5:07:29:2d:93:7f:d3:91:dd:6e:bc:ea:a6:65:1f:
be:9c:23:8b:99:17:43:fd:45:c3:d4:25:14:b0:20:
fc:17:f5:c8:6c:21:16:ee:12:2a:f1:4d:aa:46:19:
a7:1d:79:77:5c:64:c7:1a:9e:dd:3d:7f:c4:16:bc:
16:61:61:ba:52:21:d6:b0:ab:45:dd:f2:8e:d3:40:
e1:07:bd:dc:84:02:7f:70:f5:b4:fe:b1:9a:65:fd:
3d:19:99:e2:29:b5:49:20:32:c7:e9:f0:fa:57:7d:
93:cb:4d:c9:8b:54:8d:2e:68:c2:78:78:1b:a0:94:
0a:fe:7c:79:70:f2:58:36:8e:2c:b5:97:96:30:b1:
17:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:FE:78:90:4C:FF:98:97:AF:F6:41:A0:6D:48:42:A9:06:6B:C7:DA
X509v3 Authority Key Identifier:
keyid:CF:7A:C6:E7:85:3E:49:58:28:70:06:43:00:76:58:46:57:E0:C9:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/54040CE414F111F08814732CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.176.192.0/24
202.176.197.0-202.176.198.255
202.176.200.0/24
202.176.202.0/24
202.176.215.0/24
202.176.221.0/24
203.208.224.0/24
203.208.228.0/24
203.208.231.0-203.208.233.255
203.208.237.0/24
203.208.239.0-203.208.240.255
203.208.248.0/24
203.208.255.0/24
Signature Algorithm: sha256WithRSAEncryption
07:e0:85:e2:39:3f:91:8d:ec:8e:e3:b8:81:47:92:43:82:97:
33:be:9d:22:4c:27:59:11:5a:ba:ea:e8:54:7a:78:7b:2a:2f:
4a:d8:47:79:06:f5:90:8c:5d:72:94:ec:7f:d4:61:cf:45:96:
da:95:d1:f4:2b:13:13:9e:60:86:15:bb:6b:cc:d6:7b:a2:77:
48:36:d4:2c:75:1d:34:1e:20:6a:27:2c:d6:d6:e3:dd:1a:e9:
c6:5a:5a:47:d7:77:f6:38:0e:ee:ae:af:4f:33:95:df:68:03:
bd:c9:ef:84:b3:64:c6:08:d7:5f:15:58:70:2f:be:28:70:00:
f8:d0:e6:25:2d:fc:eb:7c:2d:1d:88:93:bc:e4:3f:19:47:85:
7d:43:e1:04:ca:7b:3b:ef:f3:a7:d8:58:16:e9:b4:c9:93:b5:
a5:86:71:14:dc:40:86:9f:dc:9e:3b:cc:be:b1:07:fd:e5:a4:
44:70:42:e3:a5:8b:b4:0d:cf:36:39:f2:98:e0:bc:8f:62:93:
af:12:e2:75:e0:08:41:80:6b:a4:0b:c4:09:74:d2:cc:6c:f0:
3a:00:20:9a:02:89:86:98:10:c7:5d:de:75:fe:cd:56:62:5c:
b0:81:ae:ba:4f:6b:78:21:11:71:87:7d:16:e1:f0:57:d6:eb:
64:d1:16:3e
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgICJIkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjkxNkExMTAvBgNVBAUTKENGN0FDNkU3ODUzRTQ5NTgyODcwMDY0MzAwNzY1ODQ2
NTdFMEM5NTAwHhcNMjUwNDA5MDMxODM4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y1ZTcwZS1kZTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqbthNVFoQ33bNtJD7aszQSciXPNH222lV9RmTqlPSwhwOy+/ktGkeO54gLF2
ZBpCATpxXPR7l1rkdFE0LxEhShv6uGikcQbxdQTUXqNiWWxa13AGALZfCvwI2tM3
UtWGiK9UpDU/eVtqh/PamMD3WtrBr6GaSsv1Byktk3/Tkd1uvOqmZR++nCOLmRdD
/UXD1CUUsCD8F/XIbCEW7hIq8U2qRhmnHXl3XGTHGp7dPX/EFrwWYWG6UiHWsKtF
3fKO00DhB73chAJ/cPW0/rGaZf09GZniKbVJIDLH6fD6V32Ty03Ji1SNLmjCeHgb
oJQK/nx5cPJYNo4stZeWMLEXdQIDAQABo4IC9TCCAvEwHQYDVR0OBBYEFK3+eJBM
/5iXr/ZBoG1IQqkGa8faMB8GA1UdIwQYMBaAFM96xueFPklYKHAGQwB2WEZX4MlQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTE2QS8xRDdBRDBCQTQ1
OEQxMUU1QjM5NTdBNzlDNEY5QUUwMi96M3JHNTRVLVNWZ29jQVpEQUhaWVJsZmd5
VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ozckc1NFUtU1Znb2NBWkRBSFpZUmxmZ3lWQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjkxNkEvMUQ3QUQwQkE0NThEMTFFNUIzOTU3QTc5QzRGOUFFMDIvNTQwNDBDRTQx
NEYxMTFGMDg4MTQ3MzJDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwfwYIKwYBBQUHAQcBAf8E
cDBuMGwEAgABMGYDBADKsMAwDAMEAMqwxQMEAMqwxgMEAMqwyAMEAMqwygMEAMqw
1wMEAMqw3QMEAMvQ4AMEAMvQ5DAMAwQAy9DnAwQBy9DoAwQAy9DtMAwDBADL0O8D
BADL0PADBADL0PgDBADL0P8wDQYJKoZIhvcNAQELBQADggEBAAfgheI5P5GN7I7j
uIFHkkOClzO+nSJMJ1kRWrrq6FR6eHsqL0rYR3kG9ZCMXXKU7H/UYc9FltqV0fQr
ExOeYIYVu2vM1nuid0g21Cx1HTQeIGonLNbW490a6cZaWkfXd/Y4Du6ur08zld9o
A73J74SzZMYI118VWHAvvihwAPjQ5iUt/Ot8LR2Ik7zkPxlHhX1D4QTKezvv86fY
WBbptMmTtaWGcRTcQIaf3J47zL6xB/3lpERwQuOli7QNzzY58pjgvI9ik68S4nXg
CEGAa6QLxAl00sxs8DoAIJoCiYaYEMdd3nX+zVZiXLCBrrpPa3ghEXGHfRbh8FfW
62TRFj4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:12:38 2025 by rpki-client