Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/6D837614007411F08E85EE81C4F9AE02.roa
File: 6D837614007411F08E85EE81C4F9AE02.roa (raw, json)
Hash identifier: kFXr8e5pcdp/i+j6e7pj9hF5FfLGoTzFnroKR0rI+y8=
Subject key identifier: 11:35:32:E3:5F:21:3B:C9:21:19:00:0A:95:AC:B6:42:60:8B:62:34
Certificate issuer: /CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Certificate serial: 0A1F
Authority key identifier: F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/6D837614007411F08E85EE81C4F9AE02.roa
Signing time: Wed 26 Mar 2025 20:30:40 +0000
ROA not before: Wed 26 Mar 2025 20:30:40 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 9908
IP address blocks: 61.10.0.0/16 maxlen: 16
61.10.0.0/17 maxlen: 17
61.10.0.0/18 maxlen: 20
61.10.64.0/18 maxlen: 18
61.10.64.0/19 maxlen: 20
61.10.96.0/19 maxlen: 20
61.10.128.0/17 maxlen: 20
61.15.0.0/16 maxlen: 16
61.15.0.0/17 maxlen: 20
61.15.128.0/17 maxlen: 20
61.18.0.0/16 maxlen: 20
125.59.0.0/16 maxlen: 20
203.83.64.0/18 maxlen: 18
203.168.222.0/23 maxlen: 24
218.252.0.0/16 maxlen: 16
218.252.0.0/17 maxlen: 20
218.252.128.0/17 maxlen: 20
218.253.0.0/18 maxlen: 20
222.166.0.0/16 maxlen: 20
222.167.0.0/18 maxlen: 20
222.167.64.0/19 maxlen: 20
222.167.128.0/17 maxlen: 20
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl
rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 20:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2591 (0xa1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9134172, serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Validity
Not Before: Mar 26 20:30:40 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e463f0-f454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7b:2c:d6:c8:2b:11:e3:94:22:a8:0c:91:d1:
90:af:9d:19:8d:f9:88:b6:ca:cb:85:b3:ed:b1:74:
6e:fd:08:d1:89:e8:21:83:37:6f:62:4a:1d:94:03:
2a:db:6d:08:44:d1:7a:38:e3:97:d6:77:c6:f4:1d:
62:33:8a:02:7b:ee:75:e7:29:3e:0e:ff:ce:26:d4:
eb:c4:b9:7f:8d:49:6b:42:00:19:81:32:d7:87:c1:
f8:09:31:ee:9c:84:4f:ca:b6:6a:ce:11:ff:9b:a5:
4d:87:c1:5b:9a:9d:cc:ed:5b:f2:94:b4:cd:b2:06:
85:06:b2:5d:c8:8d:4c:25:a5:10:7b:0d:25:81:82:
e8:42:95:72:6e:31:c0:6a:64:30:86:f3:47:5d:f6:
9b:02:b9:73:10:0d:98:74:85:74:4e:cf:85:39:bf:
bc:32:1a:ae:7a:51:68:84:84:fb:43:c1:a6:ee:55:
cf:b4:c7:f5:23:f8:57:0f:95:88:fc:b8:f3:8d:7b:
69:3d:b9:f0:80:e2:8b:5e:12:3f:ec:dc:ef:4b:98:
bc:5e:39:69:d5:13:22:d6:a9:0f:ce:f2:5e:bc:f8:
af:26:36:c0:b0:07:8f:e5:c5:80:26:fa:b9:13:04:
92:74:57:e2:28:f6:af:4a:ca:6f:8d:1a:7f:9f:1a:
a3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:35:32:E3:5F:21:3B:C9:21:19:00:0A:95:AC:B6:42:60:8B:62:34
X509v3 Authority Key Identifier:
keyid:F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/6D837614007411F08E85EE81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.10.0.0/16
61.15.0.0/16
61.18.0.0/16
125.59.0.0/16
203.83.64.0/18
203.168.222.0/23
218.252.0.0-218.253.63.255
222.166.0.0-222.167.95.255
222.167.128.0/17
Signature Algorithm: sha256WithRSAEncryption
9f:9c:10:e6:6f:df:89:80:4e:c5:52:40:43:bb:5f:5b:7b:98:
b4:3c:06:9d:55:ad:a3:ed:32:c8:fd:d1:11:ce:7a:6d:e2:c0:
3c:d0:63:2d:cf:f5:d2:ae:05:7e:df:c3:19:52:8f:03:ea:d6:
ca:31:48:8f:5e:fb:c5:f8:d0:6a:7d:e5:68:e4:c7:11:1b:87:
b5:01:7d:ab:f1:34:1a:97:d4:d8:fa:4c:65:68:3f:7f:59:ff:
12:69:6a:34:6b:18:74:cc:64:da:07:a8:fb:ad:61:72:79:99:
18:72:28:c3:14:c2:a1:09:32:25:36:5f:ab:52:a2:6e:fe:4a:
b8:cd:3f:c5:5e:01:20:7c:a8:19:03:57:04:00:76:61:68:5b:
85:a2:ae:be:c7:09:de:ba:d2:6b:50:4a:9e:26:c5:c0:ce:85:
86:bc:cc:48:2f:b6:98:4f:05:ab:5c:9a:f6:97:ab:a2:dd:df:
92:70:18:1b:9d:c9:ac:98:05:6e:12:be:74:b8:bb:a6:55:eb:
53:49:b3:13:21:76:32:e3:78:0c:41:5b:1d:c5:c6:53:31:b3:
23:12:07:c9:0f:1c:52:e8:f7:54:14:3f:5b:1b:23:60:f0:98:
fc:b4:d7:eb:69:65:73:d4:4b:76:7b:4e:43:f0:75:68:eb:8a:
0f:7b:d5:e8
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICCh8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQxNzIxMTAvBgNVBAUTKEY0NUMwRjRGNDY3Q0UxNTc2RTVFRTlFNDFFNTU3NkYw
MzQ4QzQ2QTcwHhcNMjUwMzI2MjAzMDQwWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U0NjNmMC1mNDU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu3ss1sgrEeOUIqgMkdGQr50ZjfmItsrLhbPtsXRu/QjRieghgzdvYkodlAMq
220IRNF6OOOX1nfG9B1iM4oCe+515yk+Dv/OJtTrxLl/jUlrQgAZgTLXh8H4CTHu
nIRPyrZqzhH/m6VNh8Fbmp3M7VvylLTNsgaFBrJdyI1MJaUQew0lgYLoQpVybjHA
amQwhvNHXfabArlzEA2YdIV0Ts+FOb+8MhquelFohIT7Q8Gm7lXPtMf1I/hXD5WI
/LjzjXtpPbnwgOKLXhI/7NzvS5i8Xjlp1RMi1qkPzvJevPivJjbAsAeP5cWAJvq5
EwSSdFfiKPavSspvjRp/nxqjAQIDAQABo4ICzzCCAsswHQYDVR0OBBYEFBE1MuNf
ITvJIRkACpWstkJgi2I0MB8GA1UdIwQYMBaAFPRcD09GfOFXbl7p5B5VdvA0jEan
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDE3Mi81OTc2MTI2NDlF
NEQxMUVBOUMyM0FGMUZDNEY5QUUwMi85RndQVDBaODRWZHVYdW5rSGxWMjhEU01S
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlGd1BUMFo4NFZkdVh1bmtIbFYyOERTTVJxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQxNzIvNTk3NjEyNjQ5RTREMTFFQTlDMjNBRjFGQzRGOUFFMDIvNkQ4Mzc2MTQw
MDc0MTFGMDhFODVFRTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEADAwA9CgMDAD0PAwMAPRIDAwB9OwMEBstTQAMEAcuo3jALAwMC
2vwDBAba/QAwCwMDAd6mAwQF3qdAAwQH3qeAMA0GCSqGSIb3DQEBCwUAA4IBAQCf
nBDmb9+JgE7FUkBDu19be5i0PAadVa2j7TLI/dERznpt4sA80GMtz/XSrgV+38MZ
Uo8D6tbKMUiPXvvF+NBqfeVo5McRG4e1AX2r8TQal9TY+kxlaD9/Wf8SaWo0axh0
zGTaB6j7rWFyeZkYcijDFMKhCTIlNl+rUqJu/kq4zT/FXgEgfKgZA1cEAHZhaFuF
oq6+xwneutJrUEqeJsXAzoWGvMxIL7aYTwWrXJr2l6ui3d+ScBgbncmsmAVuEr50
uLumVetTSbMTIXYy43gMQVsdxcZTMbMjEgfJDxxS6PdUFD9bGyNg8Jj8tNfraWVz
1Et2e05D8HVo64oPe9Xo
-----END CERTIFICATE-----
Generated at Mon Apr 14 00:38:56 2025 by rpki-client