Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/8C9959CE060A11F08CBBE511C4F9AE02.roa
File: 8C9959CE060A11F08CBBE511C4F9AE02.roa (raw, json)
Hash identifier: Y12eqR4kENble50Bxruc9jwO/MdOCmjFkivTDaJk12E=
Subject key identifier: C4:8C:E5:AE:7A:A7:97:9E:C4:7F:06:68:ED:59:56:74:DC:A5:28:FF
Certificate issuer: /CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A
Certificate serial: 34BF
Authority key identifier: 7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/8C9959CE060A11F08CBBE511C4F9AE02.roa
Signing time: Fri 21 Mar 2025 11:06:56 +0000
ROA not before: Fri 21 Mar 2025 11:06:56 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 23884
IP address blocks: 210.246.200.0/24 maxlen: 24
210.246.201.0/24 maxlen: 24
210.246.202.0/24 maxlen: 24
210.246.206.0/24 maxlen: 24
210.246.207.0/24 maxlen: 24
210.246.208.0/24 maxlen: 24
210.246.209.0/24 maxlen: 24
210.246.210.0/24 maxlen: 24
210.246.211.0/24 maxlen: 24
210.246.212.0/24 maxlen: 24
210.246.213.0/24 maxlen: 24
210.246.214.0/24 maxlen: 24
210.246.215.0/24 maxlen: 24
210.246.216.0/24 maxlen: 24
210.246.217.0/24 maxlen: 24
210.246.218.0/24 maxlen: 24
210.246.219.0/24 maxlen: 24
210.246.230.0/24 maxlen: 24
210.246.231.0/24 maxlen: 24
210.246.236.0/22 maxlen: 22
210.246.236.0/24 maxlen: 24
210.246.237.0/24 maxlen: 24
210.246.239.0/24 maxlen: 24
210.246.240.0/24 maxlen: 24
210.246.241.0/24 maxlen: 24
210.246.242.0/24 maxlen: 24
210.246.243.0/24 maxlen: 24
210.246.244.0/24 maxlen: 24
210.246.245.0/24 maxlen: 24
210.246.246.0/24 maxlen: 24
210.246.247.0/24 maxlen: 24
210.246.248.0/24 maxlen: 24
210.246.249.0/24 maxlen: 24
210.246.250.0/24 maxlen: 24
210.246.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl
rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 14:22:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13503 (0x34bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C5B0, serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A
Validity
Not Before: Mar 21 11:06:56 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67dd4850-d8e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:39:b4:4c:7c:fd:0a:9d:cd:53:b4:17:30:ee:
31:25:80:56:99:a3:1e:e9:50:69:3c:41:8a:1a:07:
22:83:ae:ad:3d:c5:29:92:40:ef:db:54:1d:94:bd:
2b:b6:e8:cd:98:db:60:8f:9a:9b:25:41:20:34:76:
d1:f7:1e:0a:8b:78:46:aa:9a:06:cb:cf:d4:cd:06:
89:f8:75:3b:b9:6e:ed:72:d5:30:bc:6d:fb:e0:dc:
a1:fb:90:24:56:0b:5d:f9:d1:2c:24:3f:d8:0f:93:
37:39:d4:25:d9:7a:bd:e2:95:ea:bc:38:3d:0c:b5:
72:1c:cc:72:13:55:ef:91:8c:e7:bb:2d:a5:6b:2b:
70:0f:fd:7e:ed:41:3e:6c:5a:54:d7:4c:e9:2c:b9:
b6:a2:77:af:2b:fe:c8:10:a1:3f:9c:e6:6a:1c:fa:
81:f3:8d:e8:79:34:25:c0:1d:53:d3:0a:3e:ef:63:
35:ef:b1:1d:6f:7f:ee:81:43:15:9b:ec:3f:88:c2:
78:cd:f0:36:de:e5:ad:ed:bd:a3:7e:d6:f1:6b:38:
ac:c6:b4:15:90:16:7a:1a:78:5b:f5:59:c5:3c:dd:
a7:9b:da:7c:99:d6:35:30:96:82:89:92:06:d3:a5:
81:7f:e3:a8:a3:0f:17:dc:d5:e0:0e:41:0a:00:c2:
d6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:8C:E5:AE:7A:A7:97:9E:C4:7F:06:68:ED:59:56:74:DC:A5:28:FF
X509v3 Authority Key Identifier:
keyid:7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/8C9959CE060A11F08CBBE511C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
210.246.200.0-210.246.202.255
210.246.206.0-210.246.219.255
210.246.230.0/23
210.246.236.0-210.246.251.255
Signature Algorithm: sha256WithRSAEncryption
5c:ff:af:c4:2a:73:56:51:50:40:5a:45:bc:80:1e:f1:a9:02:
1d:6c:2e:c1:9b:ba:15:8b:bf:0c:8e:a3:28:67:14:a3:36:ed:
da:67:c6:af:10:44:87:11:20:2f:17:ea:4b:68:95:c7:7c:dc:
92:a4:bf:79:d9:d5:11:19:2d:16:25:92:11:8d:de:cd:bb:d6:
d1:cc:1c:36:64:ba:aa:e7:63:11:3b:1f:a8:8a:8b:1c:62:72:
67:cd:c3:f0:d1:8e:9a:df:9e:06:1f:1e:85:55:02:d0:d0:1a:
61:c9:80:17:e2:13:9c:83:10:21:b2:81:1b:92:a9:ff:55:99:
62:5e:3a:b8:8a:59:4f:ac:76:b6:d1:3e:aa:10:1a:7f:ab:18:
26:16:d8:a2:12:c7:87:31:69:9f:16:9e:b4:d1:13:a9:63:f8:
d1:33:20:a1:0f:30:21:74:c6:35:cd:63:02:b0:a7:5a:2f:81:
79:9a:5f:8b:02:7b:cd:78:b4:99:46:9a:d5:35:06:ae:4f:be:
80:b8:35:47:e5:a8:c7:09:1f:43:2c:80:b5:30:62:b6:31:dd:
29:67:2a:f6:00:72:88:c4:53:5e:13:99:ed:2a:74:87:0c:82:
3b:e6:cc:ce:9e:70:98:48:ce:4d:8a:38:c5:41:25:97:6f:4d:
79:74:80:c3
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICNL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUM1QjAxMTAvBgNVBAUTKDdBOTYxNzY5NTQ5RTBBQUQwQTlCRjk5MjU2ODNCQUVG
NzMzQTJGMUEwHhcNMjUwMzIxMTEwNjU2WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RkNDg1MC1kOGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsDm0THz9Cp3NU7QXMO4xJYBWmaMe6VBpPEGKGgcig66tPcUpkkDv21QdlL0r
tujNmNtgj5qbJUEgNHbR9x4Ki3hGqpoGy8/UzQaJ+HU7uW7tctUwvG374Nyh+5Ak
Vgtd+dEsJD/YD5M3OdQl2Xq94pXqvDg9DLVyHMxyE1XvkYznuy2laytwD/1+7UE+
bFpU10zpLLm2onevK/7IEKE/nOZqHPqB843oeTQlwB1T0wo+72M177Edb3/ugUMV
m+w/iMJ4zfA23uWt7b2jftbxazisxrQVkBZ6Gnhb9VnFPN2nm9p8mdY1MJaCiZIG
06WBf+Ooow8X3NXgDkEKAMLWKQIDAQABo4ICvzCCArswHQYDVR0OBBYEFMSM5a56
p5eexH8GaO1ZVnTcpSj/MB8GA1UdIwQYMBaAFHqWF2lUngqtCpv5klaDuu9zOi8a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzVCMC80MEM4RDVBNjFE
ODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNxMEttX21TVm9PNjczTTZM
eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VwWVhhVlNlQ3EwS21fbVNWb082NzNNNkx4by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUM1QjAvNDBDOEQ1QTYxRDgzMTFFMjgyM0E1RkQ4MDhCMDJDRDIvOEM5OTU5Q0Uw
NjBBMTFGMDhDQkJFNTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDAwDAMEA9L2yAMEANL2yjAMAwQB0vbOAwQC0vbYAwQB0vbmMAwD
BALS9uwDBALS9vgwDQYJKoZIhvcNAQELBQADggEBAFz/r8Qqc1ZRUEBaRbyAHvGp
Ah1sLsGbuhWLvwyOoyhnFKM27dpnxq8QRIcRIC8X6ktolcd83JKkv3nZ1REZLRYl
khGN3s271tHMHDZkuqrnYxE7H6iKixxicmfNw/DRjprfngYfHoVVAtDQGmHJgBfi
E5yDECGygRuSqf9VmWJeOriKWU+sdrbRPqoQGn+rGCYW2KISx4cxaZ8WnrTRE6lj
+NEzIKEPMCF0xjXNYwKwp1ovgXmaX4sCe814tJlGmtU1Bq5PvoC4NUflqMcJH0Ms
gLUwYrYx3SlnKvYAcojEU14Tme0qdIcMgjvmzM6ecJhIzk2KOMVBJZdvTXl0gMM=
-----END CERTIFICATE-----
Generated at Sun Apr 13 00:07:10 2025 by rpki-client