Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/D90112843F4F11E59512E04CC4F9AE02/6CD99EF455C911E78F401587C4F9AE02.roa
File: 6CD99EF455C911E78F401587C4F9AE02.roa (raw, json)
Hash identifier: W5BOpPvdDaVJRiPCvQRJeUEXAu9OuHFa28A+g1a29VM=
Subject key identifier: A6:1D:7D:BC:50:EC:98:82:DB:23:12:85:2A:EC:D3:8A:10:1E:8E:75
Certificate issuer: /CN=A911BD54/serialNumber=2F59CEDA614815F4632F39D5A31C2A5148C6B4FA
Certificate serial: 24F7
Authority key identifier: 2F:59:CE:DA:61:48:15:F4:63:2F:39:D5:A3:1C:2A:51:48:C6:B4:FA
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L1nO2mFIFfRjLznVoxwqUUjGtPo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/D90112843F4F11E59512E04CC4F9AE02/6CD99EF455C911E78F401587C4F9AE02.roa
Signing time: Tue 31 Dec 2024 15:53:35 +0000
ROA not before: Tue 31 Dec 2024 15:53:35 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 133481
IP address blocks: 184.22.0.0/16 maxlen: 24
184.82.0.0/17 maxlen: 24
184.82.136.0/21 maxlen: 24
184.82.144.0/20 maxlen: 24
184.82.160.0/19 maxlen: 24
184.82.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911BD54/D90112843F4F11E59512E04CC4F9AE02/L1nO2mFIFfRjLznVoxwqUUjGtPo.crl
rsync://rpki.apnic.net/member_repository/A911BD54/D90112843F4F11E59512E04CC4F9AE02/L1nO2mFIFfRjLznVoxwqUUjGtPo.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L1nO2mFIFfRjLznVoxwqUUjGtPo.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 15:40:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9463 (0x24f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54, serialNumber=2F59CEDA614815F4632F39D5A31C2A5148C6B4FA
Validity
Not Before: Dec 31 15:53:35 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6774137e-54a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2a:ce:90:d9:02:f0:5c:d4:2f:a4:78:fd:db:
64:92:4e:a9:fb:0f:0e:5a:20:aa:cd:6a:a9:bb:30:
5a:6c:fe:db:7d:25:f3:1e:31:12:99:ee:49:b2:95:
67:db:60:63:d3:af:e0:dd:ce:94:de:c4:02:fd:09:
ac:73:4d:21:81:b0:53:21:a5:5f:9f:83:08:b7:a3:
93:d5:a7:6d:99:31:50:25:b9:33:2f:18:c9:95:a5:
47:13:f9:d5:51:0e:31:fb:80:ef:31:0a:8d:5e:4e:
e0:a1:09:c6:cc:2c:85:0b:69:55:1f:aa:61:38:09:
12:cd:60:f6:47:8c:dd:ac:3e:07:9f:b3:e5:f0:4b:
60:0f:27:bf:1f:85:83:dc:99:51:50:21:98:06:ba:
54:99:07:db:5f:5a:78:3a:a5:b1:a6:23:08:e2:fc:
b7:72:fc:cb:42:2e:f9:66:0e:24:17:06:6a:6f:c5:
eb:e3:bf:b1:8a:a9:50:b9:1b:8c:e4:f9:94:0e:2a:
1d:9b:34:45:82:cc:44:0b:62:13:bf:76:92:9d:a6:
7f:79:d5:e1:34:6e:55:ff:88:93:43:9a:0f:4e:c5:
07:c4:3a:5c:d1:75:6a:ce:b9:c7:9e:5e:4a:fa:84:
11:16:d9:0e:46:37:46:58:dd:4b:e8:ba:1d:f1:06:
26:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:1D:7D:BC:50:EC:98:82:DB:23:12:85:2A:EC:D3:8A:10:1E:8E:75
X509v3 Authority Key Identifier:
keyid:2F:59:CE:DA:61:48:15:F4:63:2F:39:D5:A3:1C:2A:51:48:C6:B4:FA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/D90112843F4F11E59512E04CC4F9AE02/L1nO2mFIFfRjLznVoxwqUUjGtPo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L1nO2mFIFfRjLznVoxwqUUjGtPo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/D90112843F4F11E59512E04CC4F9AE02/6CD99EF455C911E78F401587C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
184.22.0.0/16
184.82.0.0/17
184.82.136.0-184.82.255.255
Signature Algorithm: sha256WithRSAEncryption
8f:d6:7f:78:29:20:31:db:4d:ed:d9:a1:b4:c8:77:87:8d:f5:
f8:cb:6a:8d:ef:99:be:9b:a8:00:cb:b0:63:6b:23:7b:2e:26:
56:62:75:33:24:5f:5e:27:62:a6:8d:00:dd:37:6d:88:8d:7e:
b0:b6:b0:15:42:49:7c:38:5c:e0:79:71:66:f6:1e:98:e9:a5:
3d:d7:5b:82:d6:22:3c:cd:b3:2a:08:93:dc:32:0a:f4:32:85:
c3:44:0b:a1:b3:65:d1:58:8e:90:f7:ac:8d:09:94:06:53:5f:
1c:8d:cc:5e:52:9b:81:64:d2:64:34:c0:3e:e8:bc:1e:5a:e9:
24:3f:ee:1c:68:98:52:c1:c1:5d:23:62:6e:85:c3:0e:cc:42:
b8:94:a4:a0:a1:c5:8f:27:c8:87:1c:9c:24:79:71:a1:93:22:
ab:0a:52:75:89:97:c8:a7:e9:7b:4b:b2:0c:dd:48:12:6a:a4:
72:48:5b:4f:21:26:65:08:29:97:ce:32:6d:32:56:d2:c0:a2:
82:04:3d:61:3d:c7:5f:d0:30:af:c3:36:2e:c2:5c:53:2a:39:
63:0b:d9:16:19:2c:22:76:d0:4d:a2:7f:e8:76:fa:4b:87:58:
7c:58:1c:92:e3:1e:2a:3f:4c:9e:82:b4:b7:0e:a9:d1:45:65:
ee:2a:0e:10
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICJPcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKDJGNTlDRURBNjE0ODE1RjQ2MzJGMzlENUEzMUMyQTUx
NDhDNkI0RkEwHhcNMjQxMjMxMTU1MzM1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0MTM3ZS01NGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxCrOkNkC8FzUL6R4/dtkkk6p+w8OWiCqzWqpuzBabP7bfSXzHjESme5JspVn
22Bj06/g3c6U3sQC/Qmsc00hgbBTIaVfn4MIt6OT1adtmTFQJbkzLxjJlaVHE/nV
UQ4x+4DvMQqNXk7goQnGzCyFC2lVH6phOAkSzWD2R4zdrD4Hn7Pl8EtgDye/H4WD
3JlRUCGYBrpUmQfbX1p4OqWxpiMI4vy3cvzLQi75Zg4kFwZqb8Xr47+xiqlQuRuM
5PmUDiodmzRFgsxEC2ITv3aSnaZ/edXhNG5V/4iTQ5oPTsUHxDpc0XVqzrnHnl5K
+oQRFtkORjdGWN1L6Lod8QYm8QIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFKYdfbxQ
7JiC2yMShSrs04oQHo51MB8GA1UdIwQYMBaAFC9ZztphSBX0Yy851aMcKlFIxrT6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC9EOTAxMTI4NDNG
NEYxMUU1OTUxMkUwNENDNEY5QUUwMi9MMW5PMm1GSUZmUmpMem5Wb3h3cVVVakd0
UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0wxbk8ybUZJRmZSakx6blZveHdxVVVqR3RQby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvRDkwMTEyODQzRjRGMTFFNTk1MTJFMDRDQzRGOUFFMDIvNkNEOTlFRjQ1
NUM5MTFFNzhGNDAxNTg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDAwC4FgMEB7hSADALAwQDuFKIAwMAuFIwDQYJKoZIhvcNAQEL
BQADggEBAI/Wf3gpIDHbTe3ZobTId4eN9fjLao3vmb6bqADLsGNrI3suJlZidTMk
X14nYqaNAN03bYiNfrC2sBVCSXw4XOB5cWb2HpjppT3XW4LWIjzNsyoIk9wyCvQy
hcNEC6GzZdFYjpD3rI0JlAZTXxyNzF5Sm4Fk0mQ0wD7ovB5a6SQ/7hxomFLBwV0j
Ym6Fww7MQriUpKChxY8nyIccnCR5caGTIqsKUnWJl8in6XtLsgzdSBJqpHJIW08h
JmUIKZfOMm0yVtLAooIEPWE9x1/QMK/DNi7CXFMqOWML2RYZLCJ20E2if+h2+kuH
WHxYHJLjHio/TJ6CtLcOqdFFZe4qDhA=
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:29:12 2025 by rpki-client