Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/4BDAE70EB7A911EF9D4E880CC4F9AE02.roa
File: 4BDAE70EB7A911EF9D4E880CC4F9AE02.roa (raw, json)
Hash identifier: LAARyCxmzy516MHC0uw5Kfkv56HjOBgenKPezXUQvg0=
Subject key identifier: DE:C1:F4:BE:51:99:B7:48:39:36:03:3E:17:92:A2:E0:9B:09:96:BD
Certificate issuer: /CN=A911ABDD/serialNumber=4287B3332176DB486A2CBC425402FA9C86B6DC48
Certificate serial: 1DD3
Authority key identifier: 42:87:B3:33:21:76:DB:48:6A:2C:BC:42:54:02:FA:9C:86:B6:DC:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QoezMyF220hqLLxCVAL6nIa23Eg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/4BDAE70EB7A911EF9D4E880CC4F9AE02.roa
Signing time: Wed 11 Dec 2024 10:58:02 +0000
ROA not before: Wed 11 Dec 2024 10:58:02 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 23932
IP address blocks: 180.128.0.0/24 maxlen: 24
180.128.1.0/24 maxlen: 24
180.128.2.0/24 maxlen: 24
180.128.3.0/24 maxlen: 24
180.128.4.0/24 maxlen: 24
180.128.5.0/24 maxlen: 24
180.128.6.0/24 maxlen: 24
180.128.7.0/24 maxlen: 24
180.128.8.0/24 maxlen: 24
180.128.9.0/24 maxlen: 24
180.128.10.0/24 maxlen: 24
180.128.11.0/24 maxlen: 24
180.128.12.0/24 maxlen: 24
180.128.13.0/24 maxlen: 24
180.128.14.0/24 maxlen: 24
180.128.15.0/24 maxlen: 24
180.128.16.0/24 maxlen: 24
180.128.17.0/24 maxlen: 24
180.128.18.0/24 maxlen: 24
180.128.19.0/24 maxlen: 24
180.128.20.0/24 maxlen: 24
180.128.21.0/24 maxlen: 24
180.128.22.0/24 maxlen: 24
180.128.23.0/24 maxlen: 24
180.128.24.0/24 maxlen: 24
180.128.25.0/24 maxlen: 24
180.128.26.0/24 maxlen: 24
180.128.27.0/24 maxlen: 24
180.128.28.0/24 maxlen: 24
180.128.29.0/24 maxlen: 24
180.128.30.0/24 maxlen: 24
180.128.31.0/24 maxlen: 24
180.128.240.0/24 maxlen: 24
180.128.241.0/24 maxlen: 24
180.128.242.0/24 maxlen: 24
180.128.243.0/24 maxlen: 24
180.128.244.0/24 maxlen: 24
180.128.245.0/24 maxlen: 24
180.128.246.0/24 maxlen: 24
180.128.247.0/24 maxlen: 24
202.44.52.0/24 maxlen: 24
202.44.53.0/24 maxlen: 24
202.44.54.0/24 maxlen: 24
202.44.55.0/24 maxlen: 24
202.52.4.0/24 maxlen: 24
202.52.5.0/24 maxlen: 24
202.52.6.0/24 maxlen: 24
202.52.7.0/24 maxlen: 24
203.145.112.0/24 maxlen: 24
203.145.113.0/24 maxlen: 24
203.145.114.0/24 maxlen: 24
203.145.115.0/24 maxlen: 24
203.145.116.0/24 maxlen: 24
203.145.117.0/24 maxlen: 24
203.145.118.0/24 maxlen: 24
203.145.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/QoezMyF220hqLLxCVAL6nIa23Eg.crl
rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/QoezMyF220hqLLxCVAL6nIa23Eg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QoezMyF220hqLLxCVAL6nIa23Eg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 11 Apr 2025 15:43:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7635 (0x1dd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911ABDD
Validity
Not Before: Dec 11 10:58:02 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6759703a-7cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8e:bd:7f:c8:54:94:95:e8:52:47:c7:e6:1e:
e9:8d:c7:a2:c8:22:b3:96:42:5b:7e:e9:95:ea:97:
38:37:e0:26:68:9e:a2:2f:9a:c8:4b:34:37:c3:e3:
75:6e:40:1b:c3:5b:1d:44:a0:89:94:e8:a2:42:ca:
21:ae:b7:8c:d6:f8:94:25:5d:0c:41:e8:a8:18:0d:
a9:62:b4:82:11:c2:4b:37:29:8e:c7:d8:2c:79:16:
5e:5d:fa:14:a4:93:68:b3:f5:33:8c:01:a8:57:76:
3d:8d:7a:27:a6:b7:ed:86:74:6f:2a:02:c1:28:c2:
ce:2e:ac:a5:c7:89:8c:50:ea:36:b7:64:0d:95:ac:
ff:a7:f6:6b:02:13:a8:82:e1:4f:4b:3c:75:0b:83:
68:fa:cb:d1:6a:10:0f:9d:8a:64:72:09:46:81:dd:
a7:11:7e:2f:15:f1:c8:d2:ae:8b:7e:b4:a0:62:bf:
bd:9a:bf:60:fa:bd:86:37:9d:73:a4:f6:c9:99:5f:
e3:3c:d2:75:77:9c:f5:fd:be:f9:e2:23:31:8c:5b:
30:70:49:68:10:9c:86:74:ec:e1:41:24:f9:6d:72:
aa:fe:63:2c:55:61:51:0f:29:9c:96:d1:55:18:3c:
99:be:a9:76:26:a2:31:25:18:c6:63:8f:1e:8c:ba:
78:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C1:F4:BE:51:99:B7:48:39:36:03:3E:17:92:A2:E0:9B:09:96:BD
X509v3 Authority Key Identifier:
keyid:42:87:B3:33:21:76:DB:48:6A:2C:BC:42:54:02:FA:9C:86:B6:DC:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/QoezMyF220hqLLxCVAL6nIa23Eg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QoezMyF220hqLLxCVAL6nIa23Eg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911ABDD/3AE004B4D77811E4B3778B72C4F9AE02/4BDAE70EB7A911EF9D4E880CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
180.128.0.0/19
180.128.240.0/21
202.44.52.0/22
202.52.4.0/22
203.145.112.0/21
Signature Algorithm: sha256WithRSAEncryption
de:2b:47:62:5e:9a:80:1f:fd:64:e9:8a:4b:5b:4e:c2:3d:46:
09:a5:57:43:ce:b1:bc:0a:99:7d:e9:af:e0:7d:be:69:86:86:
e9:26:58:05:26:74:5b:e2:69:f4:75:03:71:21:bb:ac:1d:a3:
6c:d9:09:7b:e8:27:5e:30:d4:0c:7b:23:66:a6:c5:74:4a:a1:
b0:3a:41:c9:b4:dd:f5:03:6a:d3:aa:72:42:0d:db:8e:9c:96:
2a:16:49:08:36:32:a1:a4:32:81:d2:34:c7:c4:65:dd:ca:cd:
eb:c2:fb:04:5a:bb:8e:c2:18:f8:ff:13:d4:1e:f6:15:a9:96:
7a:bc:e9:31:77:36:82:97:43:cb:a8:be:3f:e9:45:7e:24:22:
1b:1c:c9:d5:e8:7b:55:1c:08:0e:57:5e:12:89:74:ba:99:e0:
46:07:82:3e:63:f6:61:1a:66:7f:75:be:f7:31:1b:4f:55:92:
61:2b:ad:a7:d6:5a:31:d4:c4:e7:e3:5d:ab:83:3b:6f:a9:c6:
e0:f5:d5:13:54:16:b6:ea:69:82:22:cf:a8:af:bb:72:6f:ca:
80:35:33:02:8b:95:40:2c:d5:a4:8a:68:59:f1:d2:f7:b7:3b:
25:99:14:d4:08:95:10:0b:4b:9f:44:e3:0f:d4:9a:de:0a:20:
d0:f6:bb:84
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICHdMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUFCREQxMTAvBgNVBAUTKDQyODdCMzMzMjE3NkRCNDg2QTJDQkM0MjU0MDJGQTlD
ODZCNkRDNDgwHhcNMjQxMjExMTA1ODAyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU5NzAzYS03Y2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv469f8hUlJXoUkfH5h7pjceiyCKzlkJbfumV6pc4N+AmaJ6iL5rISzQ3w+N1
bkAbw1sdRKCJlOiiQsohrreM1viUJV0MQeioGA2pYrSCEcJLNymOx9gseRZeXfoU
pJNos/UzjAGoV3Y9jXonprfthnRvKgLBKMLOLqylx4mMUOo2t2QNlaz/p/ZrAhOo
guFPSzx1C4No+svRahAPnYpkcglGgd2nEX4vFfHI0q6LfrSgYr+9mr9g+r2GN51z
pPbJmV/jPNJ1d5z1/b754iMxjFswcEloEJyGdOzhQST5bXKq/mMsVWFRDymcltFV
GDyZvql2JqIxJRjGY48ejLp4lwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFN7B9L5R
mbdIOTYDPheSouCbCZa9MB8GA1UdIwQYMBaAFEKHszMhdttIaiy8QlQC+pyGttxI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQUJERC8zQUUwMDRCNEQ3
NzgxMUU0QjM3NzhCNzJDNEY5QUUwMi9Rb2V6TXlGMjIwaHFMTHhDVkFMNm5JYTIz
RWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FvZXpNeUYyMjBocUxMeENWQUw2bklhMjNFZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUFCREQvM0FFMDA0QjRENzc4MTFFNEIzNzc4QjcyQzRGOUFFMDIvNEJEQUU3MEVC
N0E5MTFFRjlENEU4ODBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAW0gAADBAO0gPADBALKLDQDBALKNAQDBAPLkXAwDQYJKoZI
hvcNAQELBQADggEBAN4rR2JemoAf/WTpiktbTsI9RgmlV0POsbwKmX3pr+B9vmmG
hukmWAUmdFviafR1A3Ehu6wdo2zZCXvoJ14w1Ax7I2amxXRKobA6Qcm03fUDatOq
ckIN246clioWSQg2MqGkMoHSNMfEZd3KzevC+wRau47CGPj/E9Qe9hWplnq86TF3
NoKXQ8uovj/pRX4kIhscydXoe1UcCA5XXhKJdLqZ4EYHgj5j9mEaZn91vvcxG09V
kmErrafWWjHUxOfjXauDO2+pxuD11RNUFrbqaYIiz6ivu3JvyoA1MwKLlUAs1aSK
aFnx0ve3OyWZFNQIlRALS59E4w/Umt4KIND2u4Q=
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:39:34 2025 by rpki-client